nginx has: ##
# Websocket
##
location @api_websocket {
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://backend;
}
location /socket.io {
try_files /dev/null @api_websocket;
}
location /tracker/socket {
# Peers send a message to the tracker every 15 minutes
# Don't close the websocket before then
proxy_read_timeout 15m; # default is 60s
try_files /dev/null @api_websocket;
}
# Plugin websocket routes
location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ {
try_files /dev/null @api_websocket;
}
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName peertube.domain.tld
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:9000/"
ProxyPassReverse "/" "http://127.0.0.1:9000/"
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /socket.io ws://127.0.0.1:9000/socket.io [P,L]
RewriteRule /tracker/socket ws://127.0.0.1:9000/tracker/socket [P,L]
RewriteRule ^/plugins/[^/]+(/[^/]+)?/ws/ ws://127.0.0.1:9000%{REQUEST_URI} [P,L]
RequestHeader set X-Forwarded-Host %{HTTP_HOST}s
RequestHeader set X-Real-IP %{REMOTE_ADDR}s
RequestHeader set X-Forwarded-For %{REMOTE_ADDR}s
RequestHeader set Upgrade %{HTTP:Upgrade}s
RequestHeader set Connection "upgrade"
ErrorLog /dev/null
CustomLog /dev/null common
SSLCertificateFile /etc/letsencrypt/live/peertube.domain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/peertube.domain.tld/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>