SSL Websocket 可以使用nginx反向代理处理 建议不要将ws写死 可以通过反代进行代理或者什么都可以的

[xiaoyi510]

SSL Websocket 可以使用nginx反向代理处理 建议不要将ws写死 可以通过反代进行代理或者什么都可以的

这里判断当前是https就用wss 否则就用ws

[xiaoyi510]

21118 什么端口什么的 可以通过路径来转发? 比如 wss://xx/hbbs 转发到内部 127.0.0.1 21118 这样的端口 网页应该有操作空间

[kingmo888]

欢迎pr啊，我集成进来后没有细研究，主要是对js没能力

[xiaoyi510]

我也是懒人 哈哈哈

[kingmo888]

尝试修改了一下，可以试试

[kingmo888]

21118 什么端口什么的 可以通过路径来转发? 比如 wss://xx/hbbs 转发到内部 127.0.0.1 21118 这样的端口 网页应该有操作空间

这块没搞定。 现在状态是，如果wss链接，就会提示"无法连接注册服务器"了。

[xiaoyi510]

通过nginx 反向代理 websocket 实现

[xiaoyi510]

location /xxxxx {
    proxy_pass http://127.0.0.1:21118;
    proxy_set_header Host 127.0.0.1:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
    add_header X-Cache $upstream_cache_status;
    proxy_set_header X-Host $host:$server_port;
    proxy_set_header X-Scheme $scheme;
    proxy_connect_timeout 30s;
    proxy_read_timeout 86400s;
    proxy_send_timeout 30s;
    proxy_http_version 1.1;
    // 主要是下面两个是支持websocket的
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

[kingmo888]

location /xxxxx {
    proxy_pass http://127.0.0.1:21118;
    proxy_set_header Host 127.0.0.1:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
    add_header X-Cache $upstream_cache_status;
    proxy_set_header X-Host $host:$server_port;
    proxy_set_header X-Scheme $scheme;
    proxy_connect_timeout 30s;
    proxy_read_timeout 86400s;
    proxy_send_timeout 30s;
    proxy_http_version 1.1;
    // 主要是下面两个是支持websocket的
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

技术有限，基于宝塔反代，反复测试了几次，失败了。

能更详细介绍下么

[gkaigk]

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}
upstream websocket {
    server 127.0.0.1:21118; 
}
server
    {
        listen 80;
        listen 443;
        server_name XXXX.com;
        index index.html index.htm index.php default.html default.htm default.php;
		location ^~/ {
			add_header Access-Control-Allow-Origin *;
    		add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
    		add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
			if ($request_method = 'OPTIONS') {
        		return 204;
    		}
			proxy_pass http://websocket;
			proxy_set_header Host $host; 
			proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
			}
    }

[kingmo888]

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}
upstream websocket {
    server 127.0.0.1:21118; 
}
server
    {
        listen 80;
        listen 443;
        server_name XXXX.com;
        index index.html index.htm index.php default.html default.htm default.php;
		location ^~/ {
			add_header Access-Control-Allow-Origin *;
    		add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
    		add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
			if ($request_method = 'OPTIONS') {
        		return 204;
    		}
			proxy_pass http://websocket;
			proxy_set_header Host $host; 
			proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
			}
    }

当已经存在一个反代（21114）的情况下，这种配置会冲突或者无效。

[loveqianool]

https://rustdesk.com/docs/en/self-host/rustdesk-server-pro/faq/#set-up-https-for-web-console-manually The full configuration is

server {
    server_name <YOUR_DOMAIN>;
    location / {
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:21114/;
    }

    location /ws/id {
        proxy_pass http://localhost:21118;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location /ws/relay {
        proxy_pass http://localhost:21119;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/<YOUR_DOMAIN>/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/<YOUR_DOMAIN>/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = <YOUR_DOMAIN>) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name <YOUR_DOMAIN>;
    listen 80;
    return 404; # managed by Certbot
}

[NicksonYap]

@kingmo888 我找不到 WebUI 的 Javascript 源代码呢

想加 ENV 切换 wss:// 或 ws://

edit: 找到了 https://github.com/rustdesk/rustdesk/tree/master/flutter/web/v1/js

[NicksonYap]

@loveqianool /ws/id 和 /ws/relay 应该是跟 v2 的 Flutter Web Client 有关 不是 v1 的哦