Closed dsriseah closed 1 month ago
npm ci
cd _ur
ur net start
https://do-server/location
(e.g. ursys.sri.xyz/app)...note this is httpsCLIENT TEST UR_001 resolved with []
. First window will return empty array, second window will return with {uaddr}
, and third window will return with [ {uaddr}, {uaddr} ]
Described in Guide: Securing URSYS.
server {
root /var/www/ursys_dsri_xyz/html;
index index.html index.htm index.nginx-debian.html;
server_name ursys.dsri.xyz ;
location /app/ {
proxy_pass http://127.0.0.1:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $server_name;
proxy_read_timeout 7200; # 2 hours
}
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/dsri.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/dsri.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host ~ ^[^.]+\.dsri\.xyz$) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = ursys.dsri.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name ursys.dsri.xyz ;
return 404; # managed by Certbot
}
The usual instructions apply:
npm ci && cd _ur
ur net start
http://127.0.0.1:8080
As I look into supporting https on remote servers like Digital Ocean, I think the architecture looks like this:
node
app can continue to just work as a localhost development environment for both websockets and appserving viaexpress
nginx
can be configured to handle both https redirection of an http connection and secure websocket connection upgradingnginx
wildcardlocation
definitions, though this creates some complexity in renewing our Lets Encrypt certificates. See wiki entry [[Proof of Concept Steps
Tests Passed
ur net start
(set to just run http) and just browse to localhost:8080 and see if the console shows messages workingur net start
after nginx proxying is set up...worksBugs Fixed
beforeunload
window event handler to callEP.disconnectAsClient()
and also extend theNetSocket
wrapper to accept aclose()
function.netCall
andnetSend
calls would reflect message invocation to itself, when this should only happen fornetPing
andnetSignal
.Enhancements
nginx
proxylocation
declarations to help the server show a list available locations.