RocketChat: Reverse proxy on other host

Florian.B · November 18, 2019, 9:07pm

Description

I would like to host RocketChat on one server and my apache proxy on another (same local network). How to make the websocket work?
I tried to modify the apache configuration but it doesn’t work. Is there an option to allow the websocket other than 127.0.0.1?
Here is my configuration that I tried:

<VirtualHost *:80>
        Servername example

        RewriteEngine On
        RewriteCond %{HTTP:Upgrade} =websocket [NC]
        RewriteRule /(.*)           ws://192.168.1.XX:3000/$1 [P,L]
        RewriteCond %{HTTP:Upgrade} !=websocket [NC]
        RewriteRule /(.*)           http://192.168.1.XX:3000/$1 [P,L]

        ProxyPreserveHost       On
        # exclude /.well-known/acme-challenge/ for let's encrypt renew
        ProxyPass /.well-known/acme-challenge/ !
        ProxyPass               /       http://192.168.1.XX:3000/
        ProxyPassReverse        /       http://192.168.1.XX:3000/

        ErrorLog        /var/log/apache2/error.log
        CustomLog       /var/log/apache2/access.log combined

</VirtualHost>

Server Setup Information

Version of Rocket.Chat Server: 2.1.1 stable
Operating System: Ubuntu 18.04.3 LTS"
Deployment Method: snap
Proxy: apache

Any additional Information

firefox_5DNpkSSOyK

Translate: “Firefox cannot establish a connection with the server at the address wss://website/websocket”

I also tried to do a double reverse proxy:
main reverse proxy -> reverse apache proxy (on the same server as the snap version) -> to the local RocketChat server

reetp · November 20, 2019, 12:56pm

I think it is because you are trying to run this via http/80 but it really all want to be on https/443

Hence “wss”.

Apache should redirect all 80 -> 443 and then reverse 443 -> rocket:3000

See this:
https://rocket.chat/docs/installation/manual-installation/configuring-ssl-reverse-proxy/

Florian.B · January 9, 2020, 6:36pm

I just tried to switch to https but I got the same result.

Isn’t there a setting in RocketChat to allow the websocket on a specific ip?

I think RocketChat only allows 127.0.0.1 to connect but I’m not sure.

Servername example

    SSLEngine on
    SSLCertificateFile               /usr/local/etc/tls/example/fullchain.pem
    SSLCertificateKeyFile            /usr/local/etc/tls/example/privkey.pem

    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule /(.*)           ws://192.168.1.173:3000/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket [NC]
    RewriteRule /(.*)           http://192.168.1.173:3000/$1 [P,L]

    ProxyPreserveHost       On
    # exclude /.well-known/acme-challenge/ for let's encrypt renew
    ProxyPass /.well-known/acme-challenge/ !
    ProxyPass               /       http://192.168.1.173:3000/
    ProxyPassReverse        /       http://192.168.1.173:3000/

    ErrorLog        /var/log/apache2/example-https-error.log
    CustomLog       /var/log/apache2/example-https-access.log combined

Florian.B · January 10, 2020, 2:14pm

I forgot to enable apache module “proxy_wstunnel”, problem is solve.

Topic		Replies	Views
[Fixed] Problems deploying in a virtual machine behind Apache reverse proxy Community Support	1	3608	May 23, 2018
Ubuntu Apache Subdomain ProxyReverse Error Community Support	0	680	April 5, 2021
Reverse proxy apache websocket Mobile Apps mobile	0	687	February 12, 2023
Problems with reverse proxy Community Support	6	827	July 16, 2020
Apache Reverse Proxy with Subdirectory Community Support	0	1369	February 9, 2019

[Rocket.Chat v7.0: Join the webinar] Roadmap Reveal: on-prem AI, VoIP, and more! Save your seat ->

RocketChat: Reverse proxy on other host

Description

Server Setup Information

Any additional Information

Related Topics