I hosted a clickhouse server on azure VM (I'm able to run clickhouse-client inside the VM) with a nginx proxy, below is the nginx setting
server {
listen 5000;
server_name myhost.cloudapp.azure.com;
location / {
proxy_pass http://localhost:8123;
}
server {
listen 6000;
server_name myhost.cloudapp.azure.com;
location / {
proxy_pass http://localhost:9000;
}
I'm able to curl both endpoint with proper response, e.g.
curl http://myhost.cloudapp.azure.com:6000
Port 9000 is for clickhouse-client program.
You must use port 8123 for HTTP.
curl http://myhost.cloudapp.azure.com:5000
Ok.
However, when i try to do clickhouse-client -h myhost.cloudapp.azure.com --port 6000, I get the following.
clickhouse-client -h myhost.cloudapp.azure.com --port 6000
ClickHouse client version 21.1.2.15 (official build).
Connecting to myhost.cloudapp.azure.com:6000 as user default.
Code: 102. DB::NetException: Unexpected packet from server bs-
clickhouse.westeurope.cloudapp.azure.com:6000 (expected Hello or Exception, got Unknown packet)
The connection setting for clickhouse-server is as following:
<listen_host>::</listen_host>
I don't know what I'm doing wrong, any hints are appreciated.
9000 -- tcp protocol not HTTP. You need to configure nginx as TCP reverse proxy
NGINX transparent TCP proxy
stream {
upstream syslog {
server sapvmlogstash01.sa.projectplace.com:514;
server sapvmlogstash02.sa.projectplace.com:514;
}
server {
listen 514;
proxy_pass syslog;
}
}
Related
In Ubuntu 18.04.4 Desktop I'm trying to make websocket connection working.
I started the discovery-swarm-webrtc :
(base) marco#pc01:~/webMatters/vueMatters/GGC/node_modules/hyperswarm-web/node_modules/.bin$ ./discovery-signal-
webrtc
discovery-signal-webrtc running on 4000
I modified in the Hyperswarmweb.vue file the wsProxy as :
this.swarm = hyperswarm({
// If you omit this, it'll try to connect to 'wss://hyperswarm.mauve.moe'
// It will also attempt to connect to a local proxy on `ws://localhost:4977`
//wsProxy: 'ws://yourproxy.com',
wsProxy: 'ws://ggc.world:4000',
simplePeer:{
config:{
}
}
})
// look for peers listed under this topic
const topic = crypto.createHash('sha256')
.update('my-hyperswarm-topic')
.digest()
this.swarm.join(topic)
I get this error :
"
Websocket connection to 'ws://localhost:4977/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
Mixed Content: The page at 'https://ggc.world/signup' was loaded over HTTPS, but attempted to connect to the insecure
WebSocket endpoint 'ws://ggc.world:4000'. This request has been blocked; this endpoint will be available over WSS.
Uncaught DOMException: Failed to construct 'WebSocket': an insecure WebSocket connection may not be initiated from a page
loaded
"
This is the part of the nginx webserver configuration related to websocket:
upstream websocket {
#server ggc.world:4977;
#server ggc.world:1234;
server ggc.world:4000;
}
server {
listen 8443 ssl;
server_name ggc.world;
ssl_certificate /etc/letsencrypt/live/ggc.world-0002/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ggc.world-0002/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/ggc.world-0002/chain.pem;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location /p2p {
proxy_pass http://websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade "Websocket";
proxy_set_header Connection "Upgrade";
proxy_set_header Host ggc.world;
}
}
As far as I understand reading here: WebSocket with SSL , we cannot use websockets with HTTPS but we can se websockets over TLS.
And in order to use websockets over TLS, we have to use wss:// : Mixed Content error when accessing WebSocket server hosted in a different port
I modified in the Hyperswarmweb.vue file the wsProxy:
//wsProxy: 'ws://yourproxy.com',
wsProxy: 'wss://ggc.world:4000',
and now get this error:
"
WebSocket connection to 'ws://localhost:4977' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
"
If I modify the Proxy in Hyperswarmweb.vue :
//wsProxy: 'ws://yourproxy.com',
//wsProxy: 'wss://ggc.world:4000'
wssProxy: 'wss://ggc.world:4000',
I get this error:
"
WebSocket connection to 'ws://localhost:4977' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
"
I tried also to follow these indications: https://www.nginx.com/blog/websocket-nginx/
and modified the nginx configuration's part related to websocket as follows:
upstream websocket {
server ggc.world:4000;
}
server {
listen 8443 ssl;
server_name ggc.world;
ssl_certificate /etc/letsencrypt/live/ggc.world-0002/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ggc.world-0002/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/ggc.world-0002/chain.pem;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://websocket;
proxy_http_version 1.1;
#proxy_set_header Upgrade "Websocket";
proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection "Upgrade";
proxy_set_header Connection $connection_upgrade;
#proxy_set_header Host ggc.world;
proxy_set_header Host $host;
}
}
But I get the same error :
"
WebSocket connection to 'wss://ggc.world:4000/' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR
"
I read here: Using ws:// while on https:// (mixed content)
"If you can serve the page via https somewhere on your server there are certificate and chain files, use these to serve a wss"
I already put them in the NGINX configuration, in the part related to the websocket.
Where else should I put certificate and chain files paths? in wsProxy in Hyperswarmweb.vue?
Environment Info:
System:
OS: Linux 5.3 Ubuntu 18.04.4 LTS (Bionic Beaver)
CPU: (8) x64 Intel(R) Core(TM) i7-4790K CPU # 4.00GHz
Binaries:
Node: 14.3.0 - ~/.nvm/versions/node/v14.3.0/bin/node
Yarn: 1.22.4 - /usr/bin/yarn
npm: 6.14.5 - ~/.nvm/versions/node/v14.3.0/bin/npm
Browsers:
Chrome: 83.0.4103.116
Firefox: 77.0.1
npmGlobalPackages:
#vue/cli: 4.4.4
How to make the Websocket connection working?
Looking forward to your kind help.
Marco
WebSocket connection to 'ws://localhost:4977' failed:
Is simply because you are not running a local hyperswarm proxy server on your machine. Start one up and your app will connect to it locally.
I have a DNS server in my local network running on 192.168.1.1 where I've defined the following entry:
something.home 192.168.1.10
and I'd like to make caddy running (in a container) on the host with address 192.168.1.10 to be able to use that DNS server when resolving local addresses.
For now I have the following in my Caddyfile
something.home:80 {
proxy / 192.168.1.10:9999 {
transparent
}
errors stderr
tls off
}
I'd like to have:
something.home:80 {
proxy / something:9999 {
transparent
}
errors stderr
tls off
}
to redirect to server actually listening on 192.168.1.10:9999 inside a container named something.
Can I do that or is there a different approach?
I am trying to make Filbeat sending logs to Logstash using docker containers.
The problem is that I have an nginx proxy in between and Filbeat-Logstash communication is not based on HTTPS.
What is the solutions to make it working?
I was trying to make nginx able to process tcp streams configuring it in this way:
stream {
upstream logs {
server logstash:5044;
}
server {
listen 5088;
proxy_pass logs;
}
}
And this is my filebeat output config:
output.logstash:
hosts: ["IP_OF_NGINX:5088"]
ssl.verification_mode: none
But it seems not to work.
Filebeat shows me this error in its logs:
pipeline/output.go:100 Failed to connect to backoff(async(tcp://IP_OF_NGINX:5088)): dial tcp IP_OF_NGINX:5088: connect: connection refused
Any help?
I am working on a web-socket project and i want web-socket cowboy server to listen to 8080 port but to forward messages to another port . Can I do that ?
any help is appreciated
what do you mean by forward messages to another port? cowboy's handler is handling the messages that arrive on your websocket. You can take those an redirect them anywhere you like. However I think what you are really after is a proxy that fronts your cowboy. If that is the case you should consider nginx as a front. Once you installed it you can provide this config:
http {
...
server {
listen 443
...
location ~ ^/myws/
{
proxy_pass http://127.0.0.1:8080 ;
proxy_http_version 1.1 ;
proxy_set_header Upgrade $http_upgrade ;
proxy_set_header Connection "upgrade" ;
proxy_connect_timeout 60 ;
proxy_read_timeout 86400 ;
proxy_send_timeout 86400 ;
proxy_ignore_client_abort off ;
proxy_redirect off ;
}
...
}
....
}
this will enable you to run cowboy listening on any port you like (8080 in your example) while letting nginx take care of you SSL needs while forwarding websocket requests to cowboy. The client can connect #
wss://{your server}/myws
If you do not need SSL address will be
ws://{your server}/myws
and listen port in the config above needs to change to 80.
I have some webs that are served by nginx with SSL (443) without problems.
Now, I have the web mail serving SSL on port 444, but I want nginx to proxy from 80 to 444 when webmail.mydomain.com reaches.
I've tried some config but no one of them worked. This is the last one ...
thanks,
m.
server {
listen 80;
server_name webmail.mydomain.com;
root /etc/nginx/sites-available/webmail/;
access_log /etc/nginx/sites-available/nginx.log;
client_max_body_size 50M;
location / {
proxy_pass http://192.168.1.2:444/;
proxy_redirect https://192.168.1.2:444;
}
}
I'm doing something similar. What worked for me was to define an upstream server on the same box
upstream some_name {
server 127.0.0.1:4000;
}
and then doing
proxy pass http://some_name;
Obviously my ports are different