我有一个非常令人沮丧的问题,我的服务器由 nginx 反向代理和 django/channels/daphne websocket 主机组成,在本地 LAN 内运行,但从远程客户端来看,只有 websocket 连接无法维持。
我相信这是一个 Nginx 配置问题,但是经过几天的努力,我似乎无法解决它。
首先是我的 Nginx 配置:
server {
listen 80;
server_name app.server.domain;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/program;
}
# uWSGI
location / {
include uwsgi_params;
uwsgi_pass unix:/run/uwsgi/program.sock;
}
# Daphne
location /socket/ {
proxy_pass http://127.0.0.1:8001;
proxy_http_version 1.1;
proxy_set_header Upgrade 'websocket';
proxy_set_header Connection "Upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 3600s;
proxy_send_timeout 3600s;
proxy_read_timeout 3600s;
}
}
在 nginx error.log 上,我得到:
2018/04/20 17:12:30 [error] 15479#15479: *67 recv() failed (104: Connection reset by peer) while reading upstream, client: 172.16.0.1, server: scan.contac.cl, request: "GET /socket/ HTTP/1.1", upstream:
"http://127.0.0.1:8001/socket/", host: "app.server.domain"
如果你使用 ngrep 命令访问服务器,它会显示:
#####
T 172.16.0.1:36458 -> 172.16.2.116:80 [AP]
GET /socket/ HTTP/1.1..Host: app.server.domain..User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0..A
ccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..Accept-Encoding: gzip, deflate..
Sec-WebSocket-Version: 13..Origin: http://app.server.domain..Sec-WebSocket-Extensions: permessage-deflate..Sec-WebSocket-Key: ayyjtzvGPTiVuF
IZduaBTQ==..Pragma: no-cache..Cache-Control: no-cache..X-Forwarded-For: 191.XXX.XXX.201..X-Forwarded-Host: app.server.domain..X-Forwarded-Ser
ver: app.server.domain..Connection: Keep-Alive....
#####
T 172.16.0.1:36460 -> 172.16.2.116:80 [AP]
GET /socket/ HTTP/1.1..Host: app.server.domain..User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0..A
ccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..Accept-Encoding: gzip, deflate..
Sec-WebSocket-Version: 13..Origin: http://app.server.domain..Sec-WebSocket-Extensions: permessage-deflate..Sec-WebSocket-Key: PEV955vUzQd5Q0
/WY8wRrQ==..Pragma: no-cache..Cache-Control: no-cache..X-Forwarded-For: 191.XXX.XXX.201..X-Forwarded-Host: app.server.domain..X-Forwarded-Ser
ver: app.server.domain..Connection: Keep-Alive....
#####
T 172.16.0.1:36462 -> 172.16.2.116:80 [AP]
GET /socket/ HTTP/1.1..Host: app.server.domain..User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0..A
ccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..Accept-Encoding: gzip, deflate..
Sec-WebSocket-Version: 13..Origin: http://app.server.domain..Sec-WebSocket-Extensions: permessage-deflate..Sec-WebSocket-Key: 8BpG9osIwqftJf
H2zrW1-ig==..Pragma: no-cache..Cache-Control: no-cache..X-Forwarded- For: 191.XXX.XXX.201..X-Forwarded-Host: app.server.domain..X-Forwarded-Ser
ver: app.server.domain..Connection: Keep-Alive....
#####
T 172.16.2.116:80 -> 172.16.0.1:36500 [AP]
HTTP/1.1 101 Switching Protocols..Server: nginx/1.12.1 (Ubuntu)..Date: Fri, 20 Apr 2018 21:36:52 GMT..Connection: upgrade..Upgrade: WebSo
cket..Sec-WebSocket-Accept: eDUwiFKKbT4ojtR+gWSvzRGNV3k=....
########
ngrep 客户端显示:
T 186.XXX.XXX.XXX:80 -> 192.XXX.XXX.XXX:35010 [AP]
HTTP/1.1 502 Proxy Error..Date: Fri, 20 Apr 2018 20:11:40 GMT..Content-Length: 475..Connection: close..Content-Type: text/html; charset=i
so-8859-1....<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>502 Proxy Error</title>.</head><body>.<h1>Proxy Error
</h1>.<p>The proxy server received an invalid..response from an upstream server.<br />..The proxy server could not handle the request <em
><a href="/socket/">GET /socket/</a></em>.<p>.Reason: <strong>Error reading from remote server</strong></p></p>.<hr>.<address>Apac
he/2.2.15 (CentOS) Server at app.server.domain Port 80</address>.</body></html>.
任何能解决此问题的帮助都将不胜感激!!!!!! 我基本上遇到了障碍。
答案1
查看服务器的响应,似乎您可能在某处有一个额外的反向代理。它已打开Apache/2.2.15 (CentOS)
,您还需要重新配置它,而不仅仅是nginx/1.12.1 (Ubuntu)
。