Want to subscribe to topics you're interested in?
Become a Member

Websocket Server?

Discussion in 'Other Web Apps usage' started by modder, Nov 14, 2023.

  1. modder

    modder Member

    117
    16
    18
    Dec 6, 2019
    Ratings:
    +27
    Local Time:
    4:41 PM
    I'm running the latest Xenforo with centminmod in CentOS 7.


    There's an add-on using real-time thing that requires Websocket server installed.

    So I followed its instruction for installing Websocket server in the same server as Xenforo.

    Instructions here: https://devsell.io/xenforo-websocke...t-server.html#install-soketi-on-a-same-server

    "Open your domain configuration file. Paste the following code to the bottom and save it
    "

    Code (Text):
    server {
        # Comment if using an ssl certificate.
        listen 2096 http2;
        listen [::]:2096 http2;
     
        # Uncomment if using an ssl certificate.
        # listen 2096 ssl http2;
        # listen [::]:2096 ssl http2;
     
        server_name your_domain.com;
        server_tokens off;
        root /path/to/your/forum;
        index index.php;
    
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Content-Type-Options "nosniff";
     
        # Uncomment if using an ssl certificate.
        # ssl         on;
        # ssl_certificate      /path/to/your/certificate.pem;
        # ssl_certificate_key  /path/to/your/certificate.key;
    
        charset utf-8;
    
        location / {
            proxy_pass             http://127.0.0.1:6001;
            proxy_read_timeout     60;
            proxy_connect_timeout  60;
            proxy_redirect         off;
    
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }
    }


    What should I edit here? The forum is https, but is this one SSL too?

    Code (Text):
    [root@beta]# ls /usr/local/nginx/conf/ssl/mysite.com/
    mysite.com.crt  mysite.com.csr  mysite.com.key  dhparam.pem
     
    Last edited: Nov 14, 2023
  2. eva2000

    eva2000 Administrator Staff Member

    53,149
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    6:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    From that example, you'd only want this part changing location context match of / to your application path
    Code (Text):
       location / {
           proxy_pass               http://127.0.0.1:6001;
           proxy_read_timeout       60;
           proxy_connect_timeout  60;
           proxy_redirect         off;
    
           proxy_http_version 1.1;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection 'upgrade';
           proxy_set_header Host $host;
           proxy_cache_bypass $http_upgrade;
       }
    

    provided you have a running backend websocker server running and listening on port 6001 already
     
  3. modder

    modder Member

    117
    16
    18
    Dec 6, 2019
    Ratings:
    +27
    Local Time:
    4:41 PM
    I've been following the instructions but couldn't get it done successfully.

    Is there a tutorial for installing Websockets server in CentOS 7 with centminmod?
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,149
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    6:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    The above is basically how Centmin Mod Nginx configures to use websockets but the actual websocket/server and how it is installed and configured to run on port 6001, is left to the instructions of the websocket web app developer documentation
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,149
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    6:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  6. modder

    modder Member

    117
    16
    18
    Dec 6, 2019
    Ratings:
    +27
    Local Time:
    4:41 PM
    Yes I got this added to nginx.conf.

    What about SSL? My web server is running on SSL. Do I need to change anything regarding SSL in the code above? If yes, what's the cert? the example refers to a pem file. But should I use the mysite.com.crt file instead? The following is the SSL files I got for my site:

    Code (Text):
    [root@beta]# ls /usr/local/nginx/conf/ssl/mysite.com/
    mysite.com.crt  mysite.com.csr  mysite.com.key  dhparam.pem


    Code (Text):
    
    * - changed
    
    server {
       # Comment if using an ssl certificate.
    *   # listen 2096 http2;         # commented out
    *   # listen [::]:2096 http2;  # commented out
    
       # Uncomment if using an ssl certificate.
    *   listen 2096 ssl http2;  # uncommented
    *   listen [::]:2096 ssl http2; # uncommented
    
    *   server_name mysite.com;  # changed to mysite.com
       server_tokens off;
    *   root /home/nginx/domains/mysite.com/public/;  #changed to my path
       index index.php;
    
       add_header X-Frame-Options "SAMEORIGIN";
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Content-Type-Options "nosniff";
    
       # Uncomment if using an ssl certificate.
    *  ssl         on;   # uncommented
    *  ssl_certificate     /usr/local/nginx/conf/ssl/mysite.com/mysite.com.crt;  # uncommented. changed to actually file path
    * ssl_certificate_key  /usr/local/nginx/conf/ssl/mysite.com/mysite.com.key; # uncommented. changed to actually file path
    
       charset utf-8;
    
    # Have no idea what I should do with the following part.
    
       location / {
           proxy_pass             http://127.0.0.1:6001;
           proxy_read_timeout     60;
           proxy_connect_timeout  60;
           proxy_redirect         off;
    
           proxy_http_version 1.1;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection 'upgrade';
           proxy_set_header Host $host;
           proxy_cache_bypass $http_upgrade;
       }
    }
    
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,149
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    6:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  8. modder

    modder Member

    117
    16
    18
    Dec 6, 2019
    Ratings:
    +27
    Local Time:
    4:41 PM
  9. eva2000

    eva2000 Administrator Staff Member

    53,149
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    6:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    If the Nginx to websocket server only internally uses 2096 port then you don't need to do anything. CSF Firewall only acts on external incoming connections to server not internal

    Edit oh I see your first post nginx vhost is on port 2096 so it isn't websocket server running on port 2096, but the Nginx site. In that case yes revert your existing nginx vhost to what it was before and do what the instructions state add a new nginx vhost to /usr/local/nginx/conf/conf.d/whatever.conf and copy and paste the entire server{} context listening on port 2096 and restart nginx. If publicly you need to connect to port 2096 then, you would need to whitelist port 2096 for TCP_IN and TCP6_IN on CSF Firewall https://centminmod.com/csf_firewall.html
     
    Last edited: Nov 18, 2023