From aa775fb8825c2623be1f55ba179cafbf5c3b6a5c Mon Sep 17 00:00:00 2001
From: Alexey Skobkin <skobkin-ru@ya.ru>
Date: Sat, 18 Apr 2020 15:44:33 +0300
Subject: [PATCH] OSP. Fixing Nginx config to fix OSP bug and also fix
 WebSockets.

---
 .../sites-available/osp.domain.tld.conf.dist  | 53 ++++++++++++++-----
 1 file changed, 39 insertions(+), 14 deletions(-)

diff --git a/open-streaming-platform/etc/nginx/sites-available/osp.domain.tld.conf.dist b/open-streaming-platform/etc/nginx/sites-available/osp.domain.tld.conf.dist
index e9de52b..01b2f85 100644
--- a/open-streaming-platform/etc/nginx/sites-available/osp.domain.tld.conf.dist
+++ b/open-streaming-platform/etc/nginx/sites-available/osp.domain.tld.conf.dist
@@ -1,24 +1,49 @@
 server {
-  listen 443 ssl http2;
-  server_name osp.server.tld;
+    listen 443 ssl http2;
+    server_name osp.server.tld;
 
-  #access_log /var/log/nginx/osp.server.tld.access.gz main buffer=16k gzip=9 flush=5m;
-  error_log /var/log/nginx/osp.server.tld.error;
+    #access_log /var/log/nginx/osp.server.tld.access.gz main buffer=16k gzip=9 flush=5m;
+    error_log /var/log/nginx/osp.server.tld.error;
 
-  charset utf-8;
+    charset utf-8;
 
-  auth_basic "Authentication needed";
-  auth_basic_user_file /var/www/osp.server.tld/.htpasswd;
+    location / {
+        proxy_pass http://127.0.0.1:8585;
+        // Workaround for OSP bug: https://gitlab.com/Deamos/flask-nginx-rtmp-manager/-/issues/176
+        proxy_set_header   Host                 $server_name;
+        proxy_set_header   X-Real-IP            $remote_addr;
+        proxy_set_header   X-Forwarded-For      $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Proto    $scheme;
 
-  location / {
-    proxy_pass http://127.0.0.1:8585;
-  }
+    }
 
-  #include config/gzip.conf;
+    location /socket.io {
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $host;
 
-  # Wildcard certificate config
-  #include ssl/server.tld.conf;
-  #include config/ssl.conf;
+        proxy_set_header X-NginX-Proxy true;
+
+        # prevents 502 bad gateway error
+        proxy_buffers 8 32k;
+        proxy_buffer_size 64k;
+
+        proxy_redirect off;
+
+        # enables WS support
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+
+        proxy_pass http://127.0.0.1:8585/socket.io;
+    }
+
+
+    #include config/gzip.conf;
+
+    # Certificate config
+    #include ssl/server.tld.conf;
+    #include config/ssl.conf;
 }
 
 server {