Versions Compared

Old Version 18

changes.mady.by.user John Sinclair

Saved on

compared with

New Version 19

changes.mady.by.user Louis Tissington-Weston

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
sudo systemctl restart httpd

Enable Realtime events for Ubuntu 20.04 and over with Nginx

This configuration is to ensure you can proxy websocket connections for ubuntu 20.04 and over for ubuntu distributions as they don't support the required apache2 version needed for opevents realtime gui.

We now support Nginx 1.18.0 and above and this can be used if you wish to switch to nginx over apache regardless of your linux distribution.

Code Block
sudo apt-get install nginx
sudo apt install fcgiwrap

In /etc/nginx/sites-available/, create the main configuration file:

Code Block
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 80;
    server_name your_server_name;

    location / {
        if ($host != localhost) {
            rewrite ^(.*)$ https://$host$request_uri permanent;
        }
    }

    location /nmis9 {
        alias /usr/local/nmis9/htdocs;
        index index.html;
    }

    location = /nmis9/ {
        rewrite ^ /cgi-nmis9/nmiscgi.pl permanent;
    }

    location /menu9/ {
        alias /usr/local/nmis9/menu/;
    }

    location /cgi-nmis9/ {
        alias /usr/local/nmis9/cgi-bin/;
        include fastcgi_params;
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
        fastcgi_param SCRIPT_FILENAME $request_filename;
    }
}

server {
    listen 443 ssl http2;
    server_name your_server_name;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Proto https;
    ssl_certificate /path/to/ssl_cert;
    ssl_certificate_key /path/to/ssl_key;

    include common_nmis_locations;

    location = / {
        return 301 $scheme://$host/omk;
    }

    location ~ ^/(en|es)/omk/opEvents/events/.* {
        include common_proxy_headers;
        proxy_pass http://localhost:8042;
    }

    location /en/omk/opCharts/events/log {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/en/omk/opCharts/events/log;
    }

    location /en/omk/opEvents/ws/test {
        include common_proxy_headers;
        proxy_pass http://localhost:8042;
    }

    location /en/omk/opEvents/ws/events {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/en/omk/opEvents/ws/events;
    }

    location /es/omk/opCharts/events/log {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/en/omk/opCharts/events/log;
    }

    location /es/omk/opEvents/ws/test {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/en/omk/opEvents/ws/test;
    }

    location /es/omk/opEvents/ws/events {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/en/omk/opEvents/ws/events;
    }

    location /omk {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/omk;
        error_page 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>';
    }

    location /omk.json {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/omk.json;
    }

    location /es {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/es;
        error_page 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>';
    }

    location /en {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/en;
        error_page 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>';
    }

    location /pt {
        include common_proxy_headers;
        proxy_pass http://localhost:8042/pt;
        error_page 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>';
    }
}

At the end of the first server block for port 80, please check fastcgi_pass unix:/var/run/fcgiwrap.socket;

and make sure that this is the correct path your fcgi.socket, when you install fcgiwrap the path to fcgiwrap.socket will differ depending on your distribution:

Ubuntu/Debian: /var/run/fcgiwrap.socket
CentOS/RHEL: /usr/lib/systemd/system/fcgiwrap.socket


Settings which you will need to modify from the example

NameValueExampleApache Docs
ServerNameFQDN of the server which users will refer to it bymonit-prod.opmantek.comhttps://httpd.apache.org/docs/2.4/vhosts/name-based.html
SSLCertificateKeyFileServer PEM-encoded private key file/etc/ssl/certs/example/privkey.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile
SSLCertificateChainFile(Before apache 2.4.8) File of PEM-encoded Server CA Certificates/etc/ssl/certs/example/fullchain.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile
fcgiwrap.socketallows you to set up a socket for communication between a web server and fcgiwrap to handle FastCGI requests /var/run/fcgiwrap.socket


Next create two configuration files in the main nginx directory: /etc/nginx. One of these configs will be called common_proxy-headers and will contain:

Code Block
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;

The other will be common_nmis_locations and will contain:

Code Block
    location /nmis9 {
        alias /usr/local/nmis9/htdocs;
        index index.html;
    }

    location = /nmis9/ {
        rewrite ^ /cgi-nmis9/nmiscgi.pl permanent;
    }

    location /menu9/ {
        alias /usr/local/nmis9/menu/;
    }

    location /cgi-nmis9/ {
        alias /usr/local/nmis9/cgi-bin/;
        include fastcgi_params;
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
        fastcgi_param SCRIPT_FILENAME $request_filename;
    }

*note, you do not need the common_nmis_locations and can include this block into the 443 server block if you wish, this ensures no duplicated entry's though and is a more santitized configuration. You MUST include the proxy directives as a seperate configuration file, as any incorrect order or misconfiguration of proxy derectives can easily break wss:// headers in nginx. 


Restart nginx 

Code Block
sudo systemctl restart nginx
or
sudo service nginx restart

And test realtime events connects and works

Image Added

Debugging Web Socket connections

...