Nginx template for proxy management?

[satoshinotdead]

I wonder if someone can share their template to upstream Keila without exposing totally and only at localhost.

There are specific configurations that could fits well with Keila itself and not with another apps.

Kudos for great development! 🙏

[wmnnd]

There is no special configuration needed for serving user content. It’s just plain files which can be served with any web server, including Nginx. Just point the server to the directory you’ve configured in USER_CONTENT_DIR and set USER_CONTENT_BASE_URL to point to the address where your server will be available.

[satoshinotdead]

Thanks, I'm on Keila again and it seems to be super improved!

Tried to use Nginx with docker-compose and it run but when I try to compose a new campaign:

Can’t establish a connection to the server at wss://mail.cooldomain.co/live/websocket?_csrf_token=

Please, can you suggest how to enable this connection within the proxy? I tried to proxy the path to keila localhost exposed container but it didn't work.

[wmnnd]

Hey @satoshinotdead, you can find more details about setting up Nginx as a websocket proxy on the Nginx blog: https://www.nginx.com/blog/websocket-nginx/

The important bit is this bit in the location config which allows the browser to request an upgrade from a normal request to a Websocket:

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

[satoshinotdead]

Hi there! I tried this config before posting but it don't work:

        location / {
                proxy_pass http://127.0.0.1:4000;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }

And tried to proxy the /live/websocket location but it seems that's not the way to configure it and of course, didn't work too.

Do you know what I'm missing here? Thanks for your following up :)

[wmnnd]

Are you seeing anything in the nginx or in the Keila logs? Did you make sure to restart/reload nginx after updating your settings?

[satoshinotdead]

I only see 403 forbidden console errors and this messages on logs:

Nginx reverse proxy (hosted on server)

connect() failed (111: Connection refused) while connecting to upstream

Keila Docker container

[error] Could not check origin for Phoenix.Socket transport.

I pruned containers and volumes, restarted and force-recreated but the issue persists. I suspect we need to tweak a little bit the Nginx template.

I will look into this and update if I find a solution.

[wmnnd]

Did you maybe not set the URL_HOST to the actual domain you’re using?

[wmnnd]

... or maybe you are missing the proxy_set_header Host $http_host; line in your nginx config.

[satoshinotdead]

Did you maybe not set the URL_HOST to the actual domain you’re using?

Tried localhost (127.0.0.1) and the https proxied and that was the same.

... or maybe you are missing the proxy_set_header Host $http_host; line in your nginx config.

Tried changing proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; for proxy_set_header Host $http_host; too, same result.

[wmnnd]

So you are trying to access Keila on localhost? If you are using a domain such as keila.example.com, you need to set URL_HOST=keila.example.com.

[satoshinotdead]

Well, I'm using reverse proxy from Nginx so URL_HOST can be localhost (routed by Nginx from external internet, using the port locally exposed).

BTW I tried with our host (mail.domain.com) too but the wss socket issue persists.

[wmnnd]

No, it can’t be localhost, it needs to match your actual domain.

[satoshinotdead]

Fair enough, checked (3 times). It's not working with URL_HOST pointing at my domain and just tested that variable on localhost.

I will update if I found something.

[wmnnd]

I hope you find a solution for your setup! Please keep up updated here in this issue in case someone else ends up having the same issue :blush: