Meteor and proxying, question for devs

Hello. I’m really curious about this, this is not really meteor related question, but since i use meteor as my project i might ask here anyways.

The situation is as following:

I have a meteor web application running in tor network. It can be accessed via tor browser, everything works fine, i can see, that websockets are connected etc.

Now i tried to do this, make my own tor 2 web.

So i registered a domain, and setup nginx + privoxy on it, with a config like this:

upstream onion {

server {
        listen 443 ssl;

        ssl_certificate /etc/letsencrypt/live/;
        ssl_certificate_key /etc/letsencrypt/live/;
        ssl_trusted_certificate /etc/letsencrypt/live/;
        include /etc/nginx/snippets/ssl.conf;

	location / {
        	proxy_pass http://onion;
        	proxy_set_header Host mydomain.onion;  
		proxy_http_version 1.1;
    		proxy_set_header Upgrade $http_upgrade;
    		proxy_set_header Connection "upgrade";   	

The server; is a privoxy running on local host, to route the traffic into tor network, with a config like this:

user-manual /usr/share/doc/privoxy/user-manual
confdir /etc/privoxy
logdir /var/log/privoxy
actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.
actionsfile default.action   # Main actions file
actionsfile user.action      # User customizations
filterfile default.filter
filterfile user.filter      # User customizations
logfile logfile
toggle  1
enable-remote-toggle  0
enable-remote-http-toggle  0
enable-edit-actions 0
enforce-blocks 0
buffer-limit 4096
enable-proxy-authentication-forwarding 0
forward-socks5   /     .
forwarded-connect-retries  0
accept-intercepted-requests 1
allow-cgi-request-crunching 0
split-large-forms 0
keep-alive-timeout 5
tolerate-pipelining 1
socket-timeout 300

So the redirect goes: clearnet host -> privoxy -> tor

The traffic redirection works like this, but i’m encountering the problems with websocket, when i visit my clearnet site:

Firefox can’t establish a connection to the server at wss://
The connection to wss:// was interrupted while the page was loading.

Page takes ages to load, because it tries to connect to websocket i assume. Of course i loose any reactivity etc.

so my question:

Can this be even done? Are there any specific settings or proxying servers i can use that support websockets for routing traffing? Nginx should support it, but i assume that something is going wrong inside privoxy

My config (which works) looks a bit different:

server {

        location / {
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


But since there aren’t many differences I dare say that the issue lies with privoxy.