New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Header redirect/lobby variable port number #9940
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,5 @@ | ||
Install dropwizard http server and lobby application | ||
# Lobby Server | ||
|
||
Installs the lobby server. We run lobby versions parallel to one another on different port numbers. | ||
This allows us to run multiple lobbies on the same host. Further, we have magic config in nginx | ||
to redirect to the correct server instance based on the `triplea-version` header value. |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,7 +6,7 @@ server { | |
|
||
# warning: be sure that we can run certbot role and then re-run the nginx | ||
# role without this file changing. If this file is changed (white-space included) | ||
# then nginx will be restarting, disconnecting all active connections. | ||
# then nginx will be restarted, disconnecting all active connections. | ||
|
||
server { | ||
listen 443 ssl http2; | ||
|
@@ -15,7 +15,6 @@ server { | |
ssl_certificate {{ cert }} | ||
ssl_certificate_key {{ cert_key }} | ||
|
||
ssl on; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This 'ssl on' directive is deprecated. This line |
||
ssl_protocols TLSv1.2 TLSv1.3; | ||
ssl_ciphers EECDH+AESGCM:EDH+AESGCM; | ||
ssl_prefer_server_ciphers on; | ||
|
@@ -34,23 +33,17 @@ server { | |
add_header X-XSS-Protection "1; mode=block"; | ||
|
||
location / { | ||
|
||
{{ lobby_proxy_pass }} | ||
proxy_set_header Host $host; | ||
proxy_set_header X-Real-IP $remote_addr; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_set_header X-Forwarded-Proto $scheme; | ||
|
||
# Fix the “It appears that your reverse proxy set up is broken" error. | ||
proxy_pass http://localhost:8080; | ||
proxy_read_timeout 90; | ||
|
||
proxy_redirect https://localhost:443 https://localhost:8080; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This 'proxy_redirect' line is seemingly unneeded. While testing, this line did not seem to matter. |
||
} | ||
|
||
location /game-connection/ws { | ||
proxy_pass http://localhost:8080; | ||
{{ lobby_proxy_pass }} | ||
proxy_http_version 1.1; | ||
|
||
proxy_set_header Host $host; | ||
proxy_set_header X-Real-IP $remote_addr; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
|
@@ -61,9 +54,8 @@ server { | |
} | ||
|
||
location /player-connection/ws { | ||
proxy_pass http://localhost:8080; | ||
{{ lobby_proxy_pass }} | ||
proxy_http_version 1.1; | ||
|
||
proxy_set_header Host $host; | ||
proxy_set_header X-Real-IP $remote_addr; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'if' is evil in NGINX apparently: https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
I tried a solution that used
map
to createa$lobbby_server
variable - though that did not work at all for the websocketproxy_pass
configurations.