1. Use Nginx proxy ws
server {
listen 8086; # 监听8086端口
server_name 192.168.1.123; #也可以是域名
add_header Access-Control-Allow-Origin *;
location / {
#添加wensocket代理的目标服务器
proxy_pass http://192.168.1.3:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 1800s;
proxy_send_timeout 1800s;
proxy_read_timeout 1800s;
}
}
2. Use Nginx proxy wss
Note: If it is used in an intranet environment, you can manually create a certificate for use. If it is used in a public network environment, it must be a public network domain name certificate or IP certificate. To use the domain name, you can go to Alibaba to create a free certificate and download it.
server {
listen 9006 ssl; # 监听9006 端口
server_name 自己的域名.com ;
ssl_certificate /etc/nginx/xxx.com.pem;
ssl_certificate_key /etc/nginx/xxx.com.key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
ssl_verify_client off;
add_header Access-Control-Allow-Origin *;
location / {
#添加wensocket代理
proxy_pass http://192.168.1.3:8888; # websocket服务器。不用管 ws://
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 1800s;
proxy_send_timeout 1800s;
proxy_read_timeout 1800s;
}
}