search

QuiteAFancyEmerald / Holy-Unblocker

Holy Unblocker LTS is a web proxy service that helps you access websites that may be blocked by your network or policy extensions all within your browser with no download or setup. It does this securely and with additional privacy features. This repository is for Holy Unblocker LTS; specifically for the v6.x.x versions. (Star if you fork it!!)⚡
https://holyunblocker.org
GNU Affero General Public License v3.0
450 stars 2.71k forks source link

Nginx can not proxy HolyUnblocker #19

Closed R-Josef closed 3 years ago

R-Josef commented 3 years ago

I want to use nginx for proxy because I have other websites. I tried many configurations but none of them worked:

server {
    listen 80;
    server_name holyub.xxxxx.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate /root/.acme.sh/*.xxxxx.com/fullchain.cer;
    ssl_certificate_key /root/.acme.sh/*.xxxxx.com/*.xxxxx.com.key;
    server_name holyub.xxxxx.com;

    index index.html;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host  $http_host;
        proxy_set_header X-Nginx-Proxy true;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
    }
}
map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server {
    listen 80;
    server_name holyub.xxxxx.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate /root/.acme.sh/*.xxxxx.com/fullchain.cer;
    ssl_certificate_key /root/.acme.sh/*.xxxxx.com/*.xxxxx.com.key;
    server_name holyub.xxxxx.com;

    index index.html;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
    }
}

None of the above configurations work, what should I do?

QuiteAFancyEmerald commented 3 years ago

It should work lol

Remove this line: index index.html; and use proxy_set_header Connection 'upgrade';

So like (as an example):

server {
    listen 80;
    server_name holyub.xxxxx.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate /root/.acme.sh/*.xxxxx.com/fullchain.cer;
    ssl_certificate_key /root/.acme.sh/*.xxxxx.com/*.xxxxx.com.key;
    server_name holyub.xxxxx.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
                proxy_cache_bypass $http_upgrade;
    }
}
R-Josef commented 3 years ago

Thanks for your reply, after I tried the configuration you gave and it didn't work, I realized that the problem was not with nginx, after many tests, I finally found out where the problem was: our government has banned ips in some areas and hijacked the traffic of these ips. So when I enable ssl and visit this website, the browser will return ERR_CONNECTION_RESET, it can be seen how important this proxy program is to people like me, thank you for your work.
Now I changed my VPS and it is normal.

QuiteAFancyEmerald commented 3 years ago

Oh okay. Sorry about that though.