NGINX + RabbitMQ + Websocket

Fazendo proxy reverso websocket com nginx, sem TLS

  server {    listen 3000;    server_name ws.ubivis.io;    location / {      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;      proxy_set_header Host $host;      proxy_pass http://ws-backend;      proxy_http_version 1.1;      proxy_set_header Upgrade $http_upgrade;      proxy_set_header Connection "upgrade";    }  }  upstream ws-backend {    # enable sticky session based on IP    ip_hash;    server localhost:15675;  }

Adicionando TLS ao NGINX

The server certificate must appear before the chained certificates in the combined file http://nginx.org/en/docs/http/configuring_https_servers.html:

CRTINTERM CA CRTCA CRT

Com TLS

  server {    listen 3000 ssl;    server_name ws.ubivis.io;    ssl_certificate /home/tiago/Keys/*.ubivis.io_orig/nginx/ubivis.io.crt;    ssl_certificate_key /home/tiago/Keys/*.ubivis.io_orig/nginx/ubivis.io.key;    location / {      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;      proxy_set_header Host $host;      proxy_pass http://ws-backend;      proxy_http_version 1.1;      proxy_set_header Upgrade $http_upgrade;      proxy_set_header Connection "upgrade";    }  }  upstream ws-backend {    # enable sticky session based on IP    ip_hash;    server localhost:15675;  }

Referências

Linode
https://www.linode.com/docs/web-servers/nginx/enable-tls-on-nginx-for-https-connections/

You should also read: