diff --git a/nginx/conf.d/django.conf.d/locations/root.conf b/nginx/conf.d/django.conf.d/locations/root.conf index 1f83986..27d611e 100644 --- a/nginx/conf.d/django.conf.d/locations/root.conf +++ b/nginx/conf.d/django.conf.d/locations/root.conf @@ -15,4 +15,9 @@ location / { # incorrectly/maliciously. proxy_set_header X-Forwarded-Protocol ""; proxy_set_header X-Forwarded-Ssl ""; + + # WebSocket support + proxy_http_version 1.1; + proxy_set_header Upgrade $upgrade; + proxy_set_header Connection $connection_upgrade; } diff --git a/nginx/conf.d/django.conf.d/maps/connection_upgrade.conf b/nginx/conf.d/django.conf.d/maps/connection_upgrade.conf new file mode 100644 index 0000000..b67ba18 --- /dev/null +++ b/nginx/conf.d/django.conf.d/maps/connection_upgrade.conf @@ -0,0 +1,17 @@ +# Ensure the necessary headers get passed through by Nginx when the connection +# is being upgraded to WebSockets. The 'Upgrade' and 'Connection' headers are +# considered 'hop-by-hop' headers (RFC 2068) and so are not forwarded by proxies +# by default. We *do* forward those headers *if* the 'Upgrade' header suggests +# that this connection is being upgraded to WebSockets. + +map $http_upgrade $upgrade { + # Maps do case-insensitive matching + websocket $http_upgrade; + default ""; +} + +map $http_upgrade $connection_upgrade { + websocket $http_connection; + # By default Nginx sends a 'Connection: close' header, we keep doing that + default close; +}