Nginx SSL + Websocket example configuration
Hi,
I have try to configure ssl by follow your configure but it still not working so, could you share me how this configure will match with entry key on traccar configuration?
Best Regards,
Kimseng
What entry key configuration? With this configuration you run traccar as HTTP, then create HTTPS with nginx.
Hi here is my configuration on traccar and ssl
vi /opt/traccar/conf/traccar.xml
<entry key='database.driver'>com.mysql.cj.jdbc.Driver</entry>
<entry key='database.url'>jdbc:mysql://xxxxxxx/traccar2?serverTimezone=UTC&allowPublicKeyRetrieval=true&useSSL=false&allowMultiQueries=true&autoReconnect=true&useUnicode=yes&characterEncoding=UTF-8&sessionVariables=sql_mode=''</entry>
<entry key='database.user'>xxxxx</entry>
<entry key='database.password'>xxxxx</entry>
<!-- Reverse Geocoding -->
<entry key='geocoder.reuseDistance'>100</entry>
<entry key='geocoder.enable'>true</entry>
<entry key='geocoder.type'>nominatim</entry>
<entry key='geocoder.url'>https://nominatim.openstreetmap.org/reverse</entry>
<entry key='geocoder.format'>%r %u %t %d %s </entry>
<!-- Notification Type and Configuration -->
<entry key='notificator.types'>web,mail</entry>
<!-- Filter Out Lat = 0 and Lng = 0 -->
<entry key='filter.enable'>true</entry>
<entry key='filter.zero'>true</entry>
</properties>And I have follow your configure /etc/nginx/sites-available/myserver.com
server {
listen 80;
server_name myserver.com;
# Forward all traffic to SSL
return 301 https://myserver.com$request_uri;
}
server {
listen 443 ssl;
ssl on;
ssl_certificate /etc/nginx/ssl/myserver.crt;
ssl_certificate_key /etc/nginx/myserver.key;
server_name myserver.com;
client_max_body_size 10M;
client_body_buffer_size 128k;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect http://x.x.x.x:8082/ /;
proxy_redirect ws://x.x.x.x:8082/api/socket /api/socket;
proxy_pass http://x.x.x.x:8082/;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
allow all; # Any IP can perform any other requests
}
}My traccar location is /opt/traccar
Noted: According to both my configuration when i open via browser example myserver.com then it redirect to traccar path but can you guide me how to access by default port number of my traccar like https://myserver.com:8082?
I have try to change port from 443 to 8082 and try to access via web browser but can't access via https://myserver.com:8082
server {
listen 8082 ssl;Best Regards,
NaGa
You can just navigate to https://myserver.com, you don't need the port specified.
Or are you saying you want to navigate to https://myserver.com on a custom port?
server {
listen 80;
server_name myserver.com;
# Forward all traffic to SSL
return 301 https://myserver.com:8082$request_uri;
}Then change the bottom server block to
listen 8082 ssl;Hello,
I have try to change below. It still the same so when i access via ip i need to using port 8082 but via domain still not working with port mean it still redirect to traccar path.
server {
listen 80;
server_name myserver.com;
# Forward all traffic to SSL
return 301 https://myserver.com:8082$request_uri;
}
server {
listen 8082 ssl;
xxxx
xx
}One more just want to confirm with your that the IP address is replace by my server IP right?
proxy_redirect http://10.1.1.1:8082/ /;
proxy_redirect ws://10.1.1.1:8082/api/socket /api/socket;
proxy_pass http://10.1.1.1:8082/;I found the issue so when follow your configuration it show the error below
- Configuration
server {
listen 80;
server_name myserver.com;
# Forward all traffic to SSL
return 301 https://myserver.com:8082$request_uri;
}
server {
listen 8082 ssl;
xxxx
xx
} - problem with
listen 8082 ssl;
root@myserver:~# systemctl restart nginx
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
root@myserver:~# sudo systemctl reload nginx
nginx.service is not active, cannot reload.
root@myserver:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@myserver:~# journalctl -xeu nginx.service
Nov 10 03:32:19 ORP-GPS-API systemd[1]: Failed to start A high performance web server and a reverse proxy server.
â–‘â–‘ Subject: A start job for unit nginx.service has failed
â–‘â–‘ The job identifier is 513730 and the job result is failed.
Nov 10 03:32:30 myserver systemd[1]: nginx.service: Unit cannot be reloaded because it is inactive.
Nov 10 03:33:13 myserver systemd[1]: Starting A high performance web server and a reverse proxy server...
â–‘â–‘ Subject: A start job for unit nginx.service has begun execution
Nov 10 03:33:13 myserver nginx[288803]: nginx: [emerg] bind() to 0.0.0.0:8082 failed (98: Unknown error)
Nov 10 03:33:13 myserver nginx[288803]: nginx: [emerg] bind() to 0.0.0.0:8082 failed (98: Unknown error)
Nov 10 03:33:14 myserver nginx[288803]: nginx: [emerg] bind() to 0.0.0.0:8082 failed (98: Unknown error)
Nov 10 03:33:14 myserver nginx[288803]: nginx: [emerg] bind() to 0.0.0.0:8082 failed (98: Unknown error)
Nov 10 03:33:15 myserver nginx[288803]: nginx: [emerg] bind() to 0.0.0.0:8082 failed (98: Unknown error)
Nov 10 03:33:15 myserver nginx[288803]: nginx: [emerg] still could not bind()
Nov 10 03:33:15 myserver systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
â–‘â–‘ The process' exit code is 'exited' and its exit status is 1.
Nov 10 03:33:15 myserver systemd[1]: nginx.service: Failed with result 'exit-code'.
â–‘â–‘ The unit nginx.service has entered the 'failed' state with result 'exit-code'.
Nov 10 03:33:15 myserver systemd[1]: Failed to start A high performance web server and a reverse proxy server.Question: are you saying you want to navigate to https://myserver.com on a custom port?
Answer: i need to access with customer port https://myserver.com:8082
You can't have both nginx and Traccar using the same ports, of course. If you want HTTPS to be on port 8082, then you need to change Traccar port.
Hi,
Oh currently my traccar using port 8082 and my nginx using port 80. What i want when i open web browser i want to access to my traccar https://myserver.com:8082.
Noted: current access via IP is correct https://1.1.1.1:8082 but via domain not working
I found an old thread with a few different configurations, if it helps anyone, here is a working SSL configuration for nginx + traccar + websockets:
Replace 10.1.1.1:8082 with the location of your traccar server and replace the paths to the SSL files.
This setup will listen on port 80 and forward all non SSL traffic, to the SSL interface.