Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F13963981
D11293.id.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D11293.id.diff
View Options
diff --git a/src/docs/user/configuration/notifications.diviner b/src/docs/user/configuration/notifications.diviner
--- a/src/docs/user/configuration/notifications.diviner
+++ b/src/docs/user/configuration/notifications.diviner
@@ -108,3 +108,63 @@
The server also generates a log, by default in `/var/log/aphlict.log`. You can
change this location by changing `notification.log` in your configuration. The
log may contain information useful in resolving issues.
+
+
+Advanced Usage
+==============
+
+It is possible to route the WebSockets traffic for Aphlict through a reverse
+proxy such as `nginx` (see @{article:Configuration Guide} for instructions on
+configuring `nginx`). In order to do this with `nginx`, you will require at
+least version 1.3. You can read some more information about using `nginx` with
+WebSockets at http://nginx.com/blog/websocket-nginx/.
+
+There are a few benefits of this approach:
+
+ - SSL is terminated at the `nginx` layer and consequently there is no need to
+ configure `notificaton.ssl-cert` and `notification.ssl-key` (in fact, with
+ this approach you should //not// configure these options because otherwise
+ the Aphlict server will not accept HTTP traffic).
+ - You don't have to open up a separate port on the server.
+ - Clients don't need to be able to connect to Aphlict over a non-standard
+ port which may be blocked by a firewall or anti-virus software.
+
+The following files show an example `nginx` configuration. Note that this is an
+example only and you may need to adjust this to suit your own setup.
+
+```lang=nginx, name=/etc/nginx/conf.d/connection_upgrade.conf
+map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+}
+```
+
+```lang=nginx, name=/etc/nginx/conf.d/websocket_pool.conf
+upstream websocket_pool {
+ ip_hash;
+ server 127.0.0.1:22280;
+}
+```
+
+```lang=nginx, name=/etc/nginx/sites-enabled/phabricator.example.com.conf
+server {
+ server_name phabricator.example.com;
+ root /path/to/phabricator/webroot;
+
+ // ...
+
+ location = /ws/ {
+ proxy_pass http://websocket_pool;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_read_timeout 999999999;
+ }
+}
+```
+
+With this approach, you should set `notification.client-uri` to
+`http://localhost/ws/`. Additionally, there is no need for the Aphlict server
+to bind to `0.0.0.0` anymore (which is the default behavior), so you could
+start the Aphlict server with `./bin/aphlict start --client-host=localhost`
+instead.
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, Oct 16, 7:04 PM (3 w, 6 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6713039
Default Alt Text
D11293.id.diff (2 KB)
Attached To
Mode
D11293: Add documentation for routing WebSockets through a reverse proxy
Attached
Detach File
Event Timeline
Log In to Comment