ich habe aktuell testweise einen BosMon Server hinter einem Nginx Reverse Proxy, hierbei kommt aber ein großes Problem auf, nach ca. 60 Sekunden verliert der Webbrowser (Client) die Verbindung zum Telegramm Fenster. Dieser Fehler tritt immer wieder aufs Neue auf und der Client lädt alle Telegramme neu. Hat evtl. jemand eine Idee, warum das so schief gehen könnte? Anbei findet ihr sowohl die Nginx.conf als auch die passende Site.
#### nginx.conf
Code: Alles auswählen
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 1200;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
ssl_dhparam /opt/dhparams.pem;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM:!AES128;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
# resolver $DNS-IP-1 $DNS-IP-2 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport_security "includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#### Dazugehörige site (bm)
Code: Alles auswählen
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
server {
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl on;
listen 443 ssl;
access_log /opt/log/access.log;
error_log /opt/log/error.log;
server_name sub.domain.tld;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
add_header X-Frame_options sameorigin;
add_header Strict-Transport_security "max-age=31536000 includeSubDomains; preload;" always;
proxy_pass http://sub.domain.tld:80/;
}
}
Sollte jemand den Fehler finden gebt mir bitte Bescheid, ich bin hier schon seit mehreren Tagen am Gucken was da schief laufen könnte, bin aber leider bisher nicht fündig geworden.
Gruß,
Jan.