diff --git a/debug-websocket-headers.sh b/debug-websocket-headers.sh new file mode 100755 index 0000000..9373d64 --- /dev/null +++ b/debug-websocket-headers.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +echo "=== WebSocket-Header Debug ===" +echo "" +echo "Prüfe Apache-Logs für WebSocket-Upgrade-Header..." +echo "" + +# Prüfe die letzten 50 Zeilen des Access-Logs für /ws/ oder /socket.io/ +echo "Access-Log Einträge für /ws/ und /socket.io/:" +sudo tail -50 /var/log/apache2/yourpart.access.log | grep -E "(/ws/|/socket.io/)" | tail -10 + +echo "" +echo "Prüfe Error-Log für WebSocket-Fehler:" +sudo tail -50 /var/log/apache2/yourpart.error.log | grep -iE "(websocket|upgrade|proxy)" | tail -10 + +echo "" +echo "=== Test mit curl ===" +echo "" +echo "Teste WebSocket-Upgrade für /ws/:" +curl -i -N \ + -H "Connection: Upgrade" \ + -H "Upgrade: websocket" \ + -H "Sec-WebSocket-Version: 13" \ + -H "Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==" \ + https://www.your-part.de/ws/ 2>&1 | head -20 + +echo "" +echo "=== Prüfe Apache-Konfiguration ===" +echo "" +echo "Aktive Rewrite-Regeln für WebSocket:" +sudo apache2ctl -S 2>/dev/null | grep -A 5 "your-part.de:443" || echo "VirtualHost nicht gefunden" + +echo "" +echo "Prüfe, ob mod_proxy_wstunnel aktiviert ist:" +apache2ctl -M 2>/dev/null | grep proxy_wstunnel || echo "mod_proxy_wstunnel NICHT aktiviert!" diff --git a/yourpart-https.conf b/yourpart-https.conf index db5a741..a3426ec 100644 --- a/yourpart-https.conf +++ b/yourpart-https.conf @@ -18,32 +18,39 @@ FallbackResource /index.html + # www Redirect (muss zuerst kommen, damit WebSocket-Regeln nicht beeinflusst werden) + RewriteEngine on + RewriteCond %{SERVER_NAME} =your-part.de + RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] + # Proxy-Einstellungen ProxyPreserveHost On ProxyRequests Off RequestHeader set X-Forwarded-Proto "https" AllowEncodedSlashes NoDecode + # WebSocket-Upgrade mit RewriteRule (muss VOR ProxyPass stehen!) + # WebSocket-Upgrade für Socket.io + RewriteCond %{HTTP:Upgrade} websocket [NC] + RewriteCond %{HTTP:Connection} upgrade [NC] + RewriteRule ^/socket.io/(.*)$ "ws://localhost:2020/socket.io/$1" [P,L] + + # WebSocket-Upgrade für Daemon + RewriteCond %{HTTP:Upgrade} websocket [NC] + RewriteCond %{HTTP:Connection} upgrade [NC] + RewriteRule ^/ws/(.*)$ "ws://localhost:4551/$1" [P,L] + # API-Requests an Backend weiterleiten ProxyPass "/api/" "http://localhost:2020/api/" ProxyPassReverse "/api/" "http://localhost:2020/api/" - # WebSocket-Upgrade mit RewriteRule (muss VOR ProxyPass stehen!) - RewriteEngine on - - # WebSocket-Upgrade für Socket.io - RewriteCond %{HTTP:Upgrade} =websocket [NC] - RewriteCond %{HTTP:Connection} =upgrade [NC] - RewriteRule ^/socket.io/(.*)$ "ws://localhost:2020/socket.io/$1" [P,L] - - # WebSocket-Upgrade für Daemon - RewriteCond %{HTTP:Upgrade} =websocket [NC] - RewriteCond %{HTTP:Connection} =upgrade [NC] - RewriteRule ^/ws/(.*)$ "ws://localhost:4551/$1" [P,L] - # HTTP-Proxy für Socket.io (Fallback für Polling) ProxyPass "/socket.io/" "http://localhost:2020/socket.io/" ProxyPassReverse "/socket.io/" "http://localhost:2020/socket.io/" + + # HTTP-Proxy für Daemon (Fallback, sollte eigentlich nicht benötigt werden) + ProxyPass "/ws/" "http://localhost:4551/" + ProxyPassReverse "/ws/" "http://localhost:4551/" ErrorLog /var/log/apache2/yourpart.error.log CustomLog /var/log/apache2/yourpart.access.log combined @@ -56,9 +63,5 @@ Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/www.your-part.de/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.your-part.de/privkey.pem - - # www Redirect - RewriteCond %{SERVER_NAME} =your-part.de - RewriteRule ^ https://www.%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]