We have a meteor app running in EC2 with a SSL-ed nginx reverse proxy running in front of it, and it’s sockets have been failing without any explication since a couple of days ago.
These are the errors in the web console:
GET https://mah-app.mah-domain.com/sockjs/info?cb=zt7alhum45 502
WebSocket connection to 'wss://mah-app.mah-domain.com/sockjs/646/u_qexomt/websocket' failed: Error during WebSocket handshake: Unexpected response code: 502
What is weird is that not all requests to /sockjs/*
fail. Some of them return a successful 200
.
We run the app using node, after it builds with meteor.
exec nodejs /home/mah-app/app/main.js >> /home/mah-app/mah-app.log
This is the nginx config:
server_tokens off;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
server_name mah-app.mah-domain.com;
location /robots.txt {
return 200 "User-agent: *\nDisallow: /";
}
location / {
rewrite ^ https://$server_name$request_uri? permanent;
}
}
server {
listen 443 ssl spdy;
server_name mah-app.mah-domain.com;
root html;
index index.html;
ssl_certificate /home/ubuntu/mah-app.crt;
ssl_certificate_key /home/ubuntu/mah-app.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'THIS:IS:A:HASH';
add_header Strict-Transport-Security "max-age=31536000;";
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
if ($uri != '/') {
expires 30d;
}
}
}
Any ideas?