search

devgianlu / PYX-Reloaded

A fork of the original Pretend You're Xyzzy, with a completely rewritten frontend and some major changes on the backend
Apache License 2.0
26 stars 13 forks source link

Nginx Reverse Proxy & SSL #104

Closed EpicnessTwo closed 6 years ago

EpicnessTwo commented 6 years ago

Is there a way to disable the check for when SSL is disabled but is enforced externally via an Nginx Reverse Proxy.

I have this running on a non-standard internal port that is then passed to Nginx via a reverse proxy. The console is throwing errors when I try and do anything which then results in me being kicked. Can there be an option to disable this check please?

12126 [XNIO-1 I/O-1] ERROR io.undertow.request  - UT005071: Undertow request failed HttpServerExchange{ GET /Events request {X-Real-IP=[xxx.xxx.xxx.xxx], Accept-Language=[en-US,en;q=0.9], Cache-Control=[no-cache], Sec-WebSocket-Version=[13], Accept-Encoding=[gzip, deflate, br], Sec-WebSocket-Key=[FqomGSaxomxMyAIifQmJzA==], DNT=[1], Pragma=[no-cache], Origin=[https://cah.lok.space], User-Agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36], Sec-WebSocket-Extensions=[permessage-deflate; client_max_window_bits], Connection=[close], X-Forwarded-Proto=[http], X-Forwarded-For=[xxx.xxx.xxx.xxx], Cookie=[PYX-Session=P1IHW4331Z0249485UWA870C], Host=[xxx.xxx]} response {}}
java.lang.IllegalStateException: UT000133: Request did not contain an Upgrade header, upgrade is not permitted
        at io.undertow.server.HttpServerExchange.upgradeChannel(HttpServerExchange.java:894)
        at io.undertow.websockets.WebSocketProtocolHandshakeHandler.handleRequest(WebSocketProtocolHandshakeHandler.java:193)
        at io.undertow.server.handlers.PathHandler.handleRequest(PathHandler.java:94)
        at io.undertow.server.RoutingHandler.handleNoMatch(RoutingHandler.java:112)
        at io.undertow.server.RoutingHandler.handleRequest(RoutingHandler.java:77)
        at io.undertow.server.protocol.http2.Http2UpgradeHandler.handleRequest(Http2UpgradeHandler.java:129)
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:332)
        at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:254)
        at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:136)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:151)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:92)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:51)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.nio.QueuedNioTcpServer$1.run(QueuedNioTcpServer.java:129)
        at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:582)
        at org.xnio.nio.WorkerThread.run(WorkerThread.java:466)
devgianlu commented 6 years ago

PYX-Reloaded uses WebSockets to communicate with the UI. Therefore you need to enable reverse proxy for them. This works as it is our current configuration on the server. Remember to use https for a secure connection.

 location /Events {
    proxy_pass http://localhost:6969/Events;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
  }
EpicnessTwo commented 6 years ago

Thanks, this worked :)