Reverse Proxy Examples

Contents

Reverse Proxy Examples

Crafty Controller makes use of WSS. As such you may experience issues using reverse proxies without the proper configurations. These examples make clear what needs to be done for your reverse proxy to support WSS.

Nginx

Config based on https://gitlab.com/lewishill211/crafty-controller-https
Edits for 4.0 compatibility by pretzelDewey - https://gitlab.com/amcmanu3
upstream crafty {
    server "<DOMAIN>";
}

server {
    listen 80;
    server_name <DOMAIN>;
    if ($host !~* ^<SUBDOMAIN>\.<EXAMPLE>\.com$ ) {
        return 444;
    }
    rewrite ^(.*) https://$host$1 permanent;
}

server {
    listen 443 ssl;
    server_name <DOMAIN>;
    if ($host !~* ^<SUBDOMAIN>\.<EXAMPLE>\.com$ ) {
        return 444;
    }
    ssl_certificate <CERIFICATE_LOCATION>;
    ssl_certificate_key <KEYFILE_LOCATION>;
    location / {
        #This is important for websockets
        proxy_http_version 1.1;
        proxy_redirect off;

        #These are important for websockets. They are required for crafty to function properly.
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        #End important websocket parts

        proxy_pass https://localhost:8443;
       
        proxy_buffering off;
        client_max_body_size 0;
        proxy_connect_timeout  3600s;
        proxy_read_timeout  3600s;
        proxy_send_timeout  3600s;
        send_timeout  3600s;
    }
}

Apache2

Base config made by Justman10000 and Zedifus (https://gitlab.com/Zedifus)
Adapted for WSS by pretzelDewey https://gitlab.com/amcmanu3
For this config you need to add the following mods:
 mod_ssl
 mod_rewrite
 mod_http_upgrade
 mod_wss
<VirtualHost _default_:80>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost _default_:443>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    ProxyPreserveHost On
    SSLProxyEngine On
	    SSLProxyVerify none 
	    SSLProxyCheckPeerCN off
	    SSLProxyCheckPeerName off
	    SSLProxyCheckPeerExpire off

#This is important for web sockets which are required by crafty to run!

    RewriteEngine on
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} upgrade [NC]
    RewriteRule .* "wss://127.0.0.1:8443%{REQUEST_URI}" [P]

#End important for WSS

    SSLCertificateFile /var/opt/minecraft/crafty4/app/config/web/certs/commander.cert.pem

    SSLCertificateKeyFile /var/opt/minecraft/crafty4/app/config/web/certs/commander.key.pem

    ProxyPass / https://127.0.0.1:8443/
    ProxyPassReverse / https://127.0.0.1:8443/
    ProxyRequests off
</VirtualHost>

Nginx Proxy Manager (NPM)


/File/en/Notice.png
Make sure to turn on 'Websocket Support' or Crafty will not run properly.

Trouble with WSS Still?

/File/en/Content.png
Warning - Some AD blockers will block WSS connections. Try whitelisting the domain or disabling your ad blocker and see if that resolves the problem.