NGINX 返回 301-未遵循 WebSocket 重定向

NGINX 返回 301-未遵循 WebSocket 重定向

我一直在调试我的新服务器,这是对现有服务器的升级。在此过程中,我从 Apache2 迁移到 Ubuntu 20.04 上的 NGINX,该服务器与 Postgres 15 数据库交互。

当我启动 NGINX 时,我可以访问并登录我的网页,但是我无法加载任何数据(界面不断尝试加载数据)。查看 NGINX 日志文件时,我发现301在尝试检索设备数据时不断打印错误:

123.45.0.67 - - [13/Jun/2023:02:09:41 +0000] "GET /api/ws/plugins/telemetry?token=USER_TOKEN
HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 
(KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"

在网上看到一些其他类似的问题后,我确信问题的根源在于我的 websocket 重定向配置。我的 NGINX 配置如下:

nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;
}

http {
        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

}

站点可用/website.conf

server {
    if ($host = website.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


       listen 80;

       server_name website.com;

       root /var/www/html;
       index index.html;

       #passenger_enabled on;

       location / {
                rewrite ^(.*)$ https://$http_host:8080$request_uri redirect;
                try_files $uri $uri/ =404;
        }

        location !/\.ht {
                deny all;
        }

        location ~ \.php$ {
#               include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        }
}

网站-ssl.conf

server {
    include                    /etc/letsencrypt/options-ssl-nginx.conf;
    listen                      443 ssl;
    server_name                 website.com;
    ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem; # managed by Certbot

    root                        /var/www/html ;


    location / {
        proxy_pass                      http://website.com:8080/ ;
        proxy_set_header Host           $host;
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_cookie_domain http://website.com:8080/ $host;
        #proxy_cookie_path / /;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    location /api/ws {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass http://website.com/api/ws ;
        proxy_set_header Host $host;
        proxy_set_header CLIENT_IP $remote_addr;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_read_timeout 86400;
    }


    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    # Other directives specific to your configuration
    # ...

}

站点可用/网站-ssl2.conf

server {
    listen 443 ssl;
    server_name website.com;

    ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem;
    #include /etc/nginx/snippets/ssl-params.conf;

    location / {
        proxy_pass http://localhost:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location /api/ws {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass https://localhost:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;
}

相关内容