nginx配置ws wss 和http https和访问实例
网上有很多文章都写怎么配置,但是很多都是wss连不上的,经过摸索了很久才把wss调通,然后顺便把ws http https整合进来。
1.需要准备清单列表:websocket服务端一个,websocket客户端一个,node.js服务端一个,安装nginx。
2.配置文件分析
2.1.第一个server配置文件, http ,ws关键配置讲解
端口 listen 80;这里http和ws都用 用80端口,可以根据实际情况更改。
location / {#http 这个是http的配置信息,proxy_pass http://127.0.0.1:3000;#代理nodejs服务
location /ws{#ws 这个是ws的配置信息,proxy_pass http://你的域名;
server {#http
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {#http
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_pass http://127.0.0.1:3000;#代理nodejs服务
proxy_redirect default;
#root html;
#index index.html index.htm;
}
location /ws{#ws
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
client_max_body_size 10m;
proxy_pass http://你的域名;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
}2.2.第二个server配置文件, https ,wss关键配置讲解
端口443listen 443 ssl http2;#默认不要改。
ssl_certificate C:/certificate/xxxx.pem;#证书文件
ssl_certificate_key C:/certificate/xxx.key;#证书文件
location / {#https 这个是https的配置信息,proxy_pass http://127.0.0.1:3000;#代理nodejs服务
location /ws{#wss 这个是wss的配置信息,proxy_pass http://你的域名;
server {#wss https
listen 443 ssl http2;
server_name localhost;
ssl_certificate C:/certificate/xxx.pem;
ssl_certificate_key C:/certificate/xxx.key;
ssl_protocols TLSV1.1 TLSV1.2 SSLv2 SSLv3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
location ~ ^/(css/|fonts/|images/|js/){
root /root/project/***/public;
access_log off;
expires 10d;
}
location /ws{#wss
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
client_max_body_size 10m;
proxy_pass http://你的域名;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
location / {#https
proxy_pass http://127.0.0.1:3000;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}2.3ws wss负载均衡配置
这里配置了两个ws wss服务,端口为3001 3002,根据实际情况可以配置更多,加在下面即可,当3001端口连满,自动连到3002端口。
注意共出现3次“你的域名”,这三个地方域名一样。
upstream 你的域名 {
server 127.0.0.1:3001;
server 127.0.0.1:3002;
keepalive 3000;
}3.完整nginx.conf文件代码参考
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
server {#http
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_pass http://127.0.0.1:3000;
proxy_redirect default;
#root html;
#index index.html index.htm;
}
location /ws{#ws
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
client_max_body_size 10m;
proxy_pass http://nonghua.top;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
upstream nonghua.top {
server 127.0.0.1:3001;
server 127.0.0.1:3002;
keepalive 3000;
}
server {#wss https
listen 443 ssl http2;
server_name localhost;
ssl_certificate C:/certificate/nonghua.top.pem;
ssl_certificate_key C:/certificate/nonghua.top.key;
ssl_protocols TLSV1.1 TLSV1.2 SSLv2 SSLv3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
location ~ ^/(css/|fonts/|images/|js/){
root /root/project/***/public;
access_log off;
expires 10d;
}
location /ws{#wss
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
client_max_body_size 10m;
proxy_pass http://nonghua.top;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
location / {#https
proxy_pass http://127.0.0.1:3000;
proxy_set_header X-Real-IP $remote_addr;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
4.websocket服务端代码参考
var ws = require("nodejs-websocket")
var PORT=8001;
var clientCount=0;
// Scream server example: "hi" -> "HI!!!"
var server = ws.createServer(function (conn) {
console.log("New connection");
clientCount++;
conn.nickname='user'+clientCount;
//通知所有人,有人进入群聊
broadcast(conn.nickname+' come in');
conn.on("text", function (str) {
console.log("Received "+str)
broadcast(conn.nickname+' : '+str)
})
conn.on("close", function (code, reason) {
console.log("close");
broadcast(conn.nickname+"left")
})
conn.on("error",function (err) {
console.log("handle err");
console.log(err)
})
}).listen(PORT);
console.log('websocket server listening on port '+PORT)
function broadcast(str){
server.connections.forEach((connection)=>{
connection.sendText(str);
})
}5.websocket客户端代码参考
ws连接:'ws://nongua.top/ws'
wss连接:'wss://nongua.top/ws'
WebSocket
WebSocket 测试
参考文章https://blog.csdn.net/linshizhan/article/details/79581008