How to set up: php7 website with https + nginx webserver + nodejs (socket.io)?

R

Roman Basharin2017-01-15 16:10:49

PHP

Roman Basharin, 2017-01-15 16:10:49

Greetings colleagues, I recently switched the site to https and the socket.io connection stopped working: WebSocket connection to ' wss://site.ru:9999/socket.io/?EIO=3&transport=websocket ' failed: Error in connection establishment: net ::ERR_CONNECTION_CLOSED

Does anyone have a config? The problem is that the paths to SSL certificates and keys on the working and development machines are stored in different places and it’s not a good idea to manually connect them in the node file, besides, it’s not right to scatter certificates on different machines and give them to all developers. In nginx, the keys are already connected and php uses them safely, but what to write in the config so that they are used for websocket is not clear. Those manuals that I googled for settings are suitable if we have a site completely on a node, and in our case, all sites are completely on php and websockets are used only to sometimes receive urgent notifications from the server.

At the moment the config is something like this:

server {
  listen 80;
  server_name is.site.ru;
  return 302 https://is.site.ru$request_uri;
}

server {
  root /var/www/folder/is;
  server_name is.site.ru;
  index index.php;

  listen 443;
  ssl on;
  ssl_certificate /etc/letsencrypt/live/site.ru/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/keys/key.pem;
  ssl_dhparam /opt/letsencrypt/dh.pem;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
  ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:ECDH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:5m;
  ssl_session_timeout 10m;
  ssl_stapling on;
  resolver 8.8.8.8;
  add_header Strict-Transport-Security 'max-age=23328000';

  location / {
    try_files $uri $uri/ /index.php?q=$uri&$args;
  }

  location ~ .php$ {
    if (!-e $request_filename) { rewrite / /index.php last; }
    fastcgi_index	index.php;
    fastcgi_pass	127.0.0.1:9006;
    include			fastcgi_params;
    fastcgi_param	SCRIPT_FILENAME    $document_root$fastcgi_script_name;
    fastcgi_param	SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  HTTPS on; # Для php-fpm
  }
}

Socket.io server:

// Подключаем либы для создания веб-сервера
var app = require('express')(),
   http = require('http').Server(app),
   io = require('socket.io')(http),
   cookie = require('cookie'),
   port = 9999,
   fs = require('fs'),
   path = require("path"),
   parser = require('groan');

// Что делаем при подключении
io.on('connection', function(socket){
  // Работем с socket
});

// Слушаем запросы приходящие на порт
http.listen(port, function(){
  console.log('listening on *:' + port);
});

socket.io client:

(function($) {
$(document).ready(function(){
  // Открываем соединение, при открытии страницы
  var socket = io.connect(
    location.origin + ':9999',
    {
      transports: ['websocket', 'flashsocket', 'xhr-polling'],
      reconnection: false
    }
  );

  // Получаем уведомление от сервера
  socket.on('server notice', function(json) {
    console.log(json);
  });
});
})(jQuery);

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexander Filippenko, 2019-01-08
@Hellek

Nodejs + Socket.io + https?
for https in a node, a separate listen is needed.