渠道Websocket immedialty与ssl

时间:2018-03-12 18:25:36

标签: django ssl nginx django-channels daphne

我尝试使用ssl从我的生产服务器上的频道docs运行教程。 几个小时后,我设法得到一个连接,但它立即断开连接:

None - - [12/Mar/2018:17:42:22] "WSCONNECTING /ws/chat/bibou/" - -
None - - [12/Mar/2018:17:42:22] "WSCONNECT /ws/chat/bibou/" - -
None - - [12/Mar/2018:17:42:23] "WSDISCONNECT /ws/chat/bibou/" - -

我的筹码是

ubuntu 16.04
nginx 1.10.3
channels==2.0.2
daphne==2.1.0
channels-redis==2.1.0
Twisted==17.9.0

我有教程中代码的精确复制粘贴,但room.html中的这部分除外

var chatSocket = new WebSocket(
    'wss://' + window.location.host +
    ':8443/ws/chat/' + roomName + '/');

这是我的nginx conf

server {
    #http
    listen 80;
    server_name domain.com;
    root /usr/share/nginx/html;
    include /etc/nginx/default.d/*.conf;

    location / {
        return 301 https://$server_name$request_uri;
    }
}

server {
    #https
    listen 443 ssl;
    listen 8443 ssl;
    server_name domain.com;
    root /usr/share/nginx/html;

    ssl_certificate "/etc/letsencrypt/live/domain.com/fullchain.pem";
    ssl_certificate_key "/etc/letsencrypt/live/domain.com/privkey.pem";
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    add_header Strict-Transport-Security "max-age=31536000";

    include /etc/nginx/default.d/*.conf;

    location /static/ {
    root /home/ubuntu;
    }

    location /media/ {
        root /home/ubuntu;
    }

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_pass http://unix:/home/ubuntu/tlebrize/Project.sock;
    }

    location /ws/ {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

        proxy_pass http://unix:/home/ubuntu/tlebrize/Daphne.sock;
    }
}

我用daphne -u Daphne.sock Project.asgi:application -v 3

运行daphne

我也试过绕过nginx并使用sudo daphne -e ssl:8443:privateKey=/etc/letsencrypt/live/domain.co/privkey.pem:certKey=/etc/letsencrypt/live/domain.co/fullchain.pem Project.settings:CHANNEL_LAYERS 但我的结果相同。

消息聊天套接字意外关闭前面的错误代码1011 (Internal Error)并且没有理由。

2 个答案:

答案 0 :(得分:1)

我设法让它工作,这是nginx的问题和/或使用ReconnectingWebSocket。这是我的全部工作: nginx的

server {
#http
listen 80;
server_name domain.co;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;

location / {
    return 301 https://$server_name$request_uri;
}
}

server {
#https
listen 443 ssl;
server_name domain.com;
root /usr/share/nginx/html;

ssl_certificate "/etc/letsencrypt/live/domain.com/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/domain.com/privkey.pem";
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

add_header Strict-Transport-Security "max-age=31536000";

include /etc/nginx/default.d/*.conf;

location /static/ {
root /home/ubuntu;
}

location /media/ {
    root /home/ubuntu;
}

location /ws/ {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    proxy_pass http://127.0.0.1:8443;
}

location / {...}
}

sudo /home/ubuntu/venv/bin/daphne -e ssl:8443:privateKey=/etc/letsencrypt/live/domain.com/privkey.pem:certKey=/etc/letsencrypt/live/domain.com/fullchain.pem Project.asgi:application -v 3

JS

var chatSocket = new ReconnectingWebSocket(
    'wss://' + window.location.host +
    ':8443/ws/chat/' + roomName + '/');

答案 1 :(得分:0)

我遇到了这个问题,因为我忘记在CHANNEL_LAYERS中加入settings.py

服务器甚至能够在断开连接之前发送1-2条消息。

这导致在通过nginx连接时出现错误1011,而在没有https / wss的情况下直接连接时导致1006。我尝试了uvicorn和daphne。