Nginx Server Blocks and Socket.io CORS Issues

nginxnode.jssocket.io

I have been running apps with this server blocks structure for sometime and it has never given me any problems.

geo $authentication {
  default "Authentication required";
  `Some ip number` "off";
}

server {
  listen         80 default_server;
  listen    [::]:80 default_server;
  server_name my.domain.com;
  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  ssl_certificate /etc/letsencrypt/live/my.domain.com/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/my.domain.com/privkey.pem; # managed by Certbot

  include /etc/letsencrypt/options-ssl-nginx.conf;
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

  server_name my.domain.com;
  client_max_body_size 200M;
  
  root /var/www/;
  index index.php index.html index.htm;

  location / {
    add_header Access-Control-Allow-Origin *;
    auth_basic $authentication;
    auth_basic_user_file /var/www/.htpasswd;
    try_files $uri $uri/ =404;
  }

  # Here is for example the app where I am running socket.io from
  location /myapp {
    auth_basic $authentication;
    auth_basic_user_file /var/www/.htpasswd;
    try_files $uri $uri/ =404;
  }

  # If this app has some sort of api route for express I do a proxy pass
  location /api/upload/ {
    proxy_pass http://localhost:5003/api/upload;
  }

However I am trying to use socket.io and I am having problems understanding if the subfolder is a problem as I keep getting CORS if I try to connect from the client as in

import { io } from 'socket.io-client'
const socket = io('http://localhost:5003')

On the server I got this

import express from 'express'
import { createServer } from 'http'
import { Server } from 'socket.io'

const app = express()
const prod = process.env.NODE_ENV === 'production'
const port = process.env.PORT || prod ? 5003 : 4000
const httpServer = createServer(app)

const io = new Server(httpServer, {
  cors: {
    origin: '*',
    methods: ['GET', 'POST']
  }
})

const connections = []

io.on('connection', (socket) => {
  connections.push(socket)
  console.log(`Socket id ${socket.id} connected`)

  socket.on('disconnect', () => {
    connections.splice(connections.indexOf(socket), 1)
  })
})

httpServer.listen(port, () => console.log(`App listening on port ${port}.`))

I can see that whereas on development it all works fine and it establishes a web socket connection:

On the server after the CORS of course it does not:

No matter what I try, I always end up getting this:

Best Answer

In your second picture, the socket.io lib is using polling. This may come because you didn't set the nginx config properly.

location /socket.io/ {
    proxy_pass http://localhost:5003/socket.io/;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;
}

Here is a good example.After changing this you should be able to reach your backend just using the following:

import { io } from 'socket.io-client'
const socket = io()

Notice that if all your request go through the Nginx, you don't need the CORS directives as all your request will be going to the same address and port.

Related Solutions

Nginx PHP files downloading instead of executing

Had the same issue!

Found the answer here, http://www.ceus-now.com/nginx-password-protect-directory-downloads-source-code/

Because we are adding ^~ we are leaving behind some other settings (not sure why we need to add this but it was the only way to get it to actually pull up the authentication :( )

include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/lib/php5-fpm/web11.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;

I tried various combinations to see what was/not needed and each line is needed. I wish I understood these things better.

UPDATE: July 27th 2016:

So I did some reading and finally understand why we have this issue.

In short when we install FastCGI and php-fpm it creates a directive in the nginx server files (which file depends on your server install).

So in mine I have the following...

        location ~ \.php$ {
            include snippets/fastcgi-php.conf;
    #
    #       # With php7.0-cgi alone:
    #       fastcgi_pass 127.0.0.1:9000;
    #       # With php7.0-fpm:
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;

As you will notice these directives are in location / and not in the global settings. Since we want to secure a particular folder these directives are not inherited. Therefore, we need to declare it again.

If we wanted to follow the DRY ("Don't Repeat Yourself") principle, then we would declare the PHP-fpm and FastCGI in the global settings. We can do this by moving it to below (example, but it just needs to be outside of location directive). Here is an example.

root /var/www/html;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;

Hope this helps. I realized the above by reading https://www.digitalocean.com/community/tutorials/understanding-and-implementing-fastcgi-proxying-in-nginx

Disclaimer: I am no pro so if you see mistakes be nice and just let me know and I will hopefully update.

Nginx – Socket.io with Sails.js/Node.js and NGINX on SSL: bad gateway

So the issue is a bad configuration on the NGINX sites-avalable conf file.

location /socket.io/ {
      proxy_pass http://sails/;
...
}

should be

location /socket.io/ {
      proxy_pass http://sails/socket.io/;
...
}

Pretty basic stuff: the "location" is not forwarded to the proxy_pass (why would it be, right?) -- So you need to make sure the socket requests are redirected to the exact socket endpoint.

Best Answer

Related Solutions

Nginx PHP files downloading instead of executing

Nginx – Socket.io with Sails.js/Node.js and NGINX on SSL: bad gateway

Related Topic