Failed to connecto pusher, nginx reverse proxy and SSL

[andrxscs]

Hello,

I have been trying to correct for the library to connect via nginx reverse proxy. But after making some changes, I can't get requests of any kind from being received with the command.

I leave below with the configuration that I have:

config/broadcasting.php

        'pusher' => [
            'driver' => 'pusher',
            'key' => env('PUSHER_APP_KEY'),
            'secret' => env('PUSHER_APP_SECRET'),
            'app_id' => env('PUSHER_APP_ID'),
            'options' => [
                'cluster' => env('PUSHER_APP_CLUSTER'),
                'encrypted' => true,
                'useTLS' => true,
                'host' => '127.0.0.1',
                'port' => 443,
                'scheme' => 'https',
                'curl_options' => [
                    CURLOPT_SSL_VERIFYHOST => 0,
                    CURLOPT_SSL_VERIFYPEER => 0,
                ],
            ],
        ],

config/websockets.php

'apps' => [
      [
          'id' => env('PUSHER_APP_ID'),
          'name' => env('APP_NAME'),
          'key' => env('PUSHER_APP_KEY'),
          'secret' => env('PUSHER_APP_SECRET'),
          'path' => env('PUSHER_APP_PATH'),
          'capacity' => null,
          'enable_client_messages' => true,
          'enable_statistics' => true,
          'encrypted' => false,
      ],  
],

'ssl' => [
        'local_cert' => '/etc/letsencrypt/live/domain.com/cert.pem',
        'local_pk' => '/etc/letsencrypt/live/domain.com/privkey.pem',
        'passphrase' => env('LARAVEL_WEBSOCKETS_SSL_PASSPHRASE', null),
        'verify_peer' => false,
        'allow_self_signed' => true,
 ],

My nginx reverse proxy configuration:

server {
  listen [::]:443 http2 ssl;
  listen      443 http2 ssl;

  server_name ws-beta.domain.com;

  ssl_certificate     /etc/letsencrypt/live/domain.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

  location / {
    proxy_pass http://127.0.0.1:6001;
    proxy_read_timeout     60;
    proxy_connect_timeout  60;
    proxy_redirect         off;

    # Allow the use of websockets
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
  }
}

I'm using react, this files are in frontend directory.

laravel-echo.js

const WSHOST_ENV = process.env.REACT_APP_WS_BASE;

export const echo = new Echo({
    broadcaster: 'pusher',
    wsHost: WSHOST_ENV,
    wsPort: 443,
    wssHost: WSHOST_ENV,
    wssPort: 443,
    key: 'some_key',
    disableStats: true,
    enabledTransports: ['ws', 'wss'],
    encrypted: true,
    scheme: 'https',
    forceTLS: true,
    authEndpoint: "https://api-beta.domain.com/broadcasting/auth",
    auth: {
        headers: {
            Authorization: "Bearer " + localStorage.getItem('token'),
            Accept: "application/json",
        }
    },
    logToConsole: true
});

.env

REACT_APP_WS_BASE=ws-beta.domain.com

I'm starting using this command php artisan websockets:serve --port=6001 but stuck in this legend: Starting the WebSocket server on port 6001... and doesnt' connect with my client.

Thanks.

[pk-informatics]

Hi @andreesc

It looks like as you've configured the websockets package to serve directly ssl encrypted (websockets.php), but configured nginx to pass the data via http (proxy_pass http://127.0.0.1:6001;).

Either allow self signed certs within nginx and update to https (proxy_pass) - or change your websockets.php config to http

If nginx and the websocket server are on the same server its normally acceptable to have http communication via localhost on the same server without https between nginx and websocket server

[andrxscs]

Hi @andreesc

It looks like as you've configured the websockets package to serve directly ssl encrypted (websockets.php), but configured nginx to pass the data via http (proxy_pass http://127.0.0.1:6001;).

Either allow self signed certs within nginx and update to https (proxy_pass) - or change your websockets.php config to http

If nginx and the websocket server are on the same server its normally acceptable to have http communication via localhost on the same server without https between nginx and websocket server

Hi @pk-informatics

If i understand you, the change in websockets.php is the following?

      ...
          'useTLS' => false,
            'host' => '127.0.0.1',
            'port' => 6001,
            'scheme' => 'http',
    ...

[pk-informatics]

the required change is here https://github.com/beyondcode/laravel-websockets/blob/master/config/websockets.php#L240-L252 within websockets.php

The code snippet you've pasted is from the broadcasting.php file, ssl there is fine because broadcasting.php defines the communication settings for the websocket consumer

[andrxscs]

the required change is here https://github.com/beyondcode/laravel-websockets/blob/master/config/websockets.php#L240-L252 within websockets.php

The code snippet you've pasted is from the broadcasting.php file, ssl there is fine because broadcasting.php defines the communication settings for the websocket consumer

Thank, the connection already received but, when a post action to dispatch event return 500 error, with this message

 "message": "Pusher error: <html>\r\n<head><title>404 Not Found</title></head>\r\n<body>\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n.",
    "exception": "Illuminate\\Broadcasting\\BroadcastException",
    "file": "/opt/beta/backend/vendor/laravel/framework/src/Illuminate/Broadcasting/Broadcasters/PusherBroadcaster.php",
    "line": 136,