I have a Janus Gateway which exposes a REST api on port 8088. The web socket transport is also enabled on my janus server on port 8188. I have an Nginx reverse proxy set up for https traffic to reach my Janus server. How do I add wss support to my Nginx reverse proxy? Here is my config file "janusserver5.example.com" in nginx/sites-available:
server {
server_name janusserver5.example.com;
location / {
proxy_pass http://10.10.30.27:8088;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/janusserver5.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/janusserver5.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = janusserver5.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name video518.doctogether.com;
listen 80;
return 404; # managed by Certbot
}
By default, the Janus REST api is at the /janus endpoint. To allow Nginx to proxy for the web socket and REST interfaces, create a location entry for /janus that passes to http://yourip:8088/janus and a second one for / that passes to http://yourip:8188.
server {
server_name janusserver5.example.com;
location /janus {
proxy_pass http://10.10.30.20:8088/janus;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://10.10.30.20:8188;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket support
proxy_set_header Connection "upgrade";
proxy_read_timeout 90;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/janusserver5.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/janusserver5.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = janusserver5.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name janusserver5.example.com;
listen 80;
return 404; # managed by Certbot
}
With this configuration I can now connect to https://janusserver5.example.com/janus/info, and wss://janusserver5.example.com with protocol "janus-protocol"