After a sleepless night, I finally got it working with nginx (works
flawlessly with websockets). Turns out only ws-server port and hostname is
relevant for the setup. Below nginx config works with the default Bob
settings and adds LetsEncrypt certs obtained from certbot. I have also
added basic authentication support which are secure only over SSL. Partial
demo at notes.mefyi.com.
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
auth_basic "Private Area";
auth_basic_user_file /etc/apache2/.htpasswd;
proxy_pass http://0.0.0.0:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
try_files $uri $uri/ =404;
}
}
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name notes.mefyi.com; # managed by Certbot
location / {
auth_basic "Private Area";
auth_basic_user_file /etc/apache2/.htpasswd;
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/notes.mefyi.com/fullchain.pem; #
managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/notes.mefyi.com/privkey.pem;
# managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = notes.mefyi.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name notes.mefyi.com;
return 404; # managed by Certbot
}
On Saturday, September 5, 2020 at 10:01:38 PM UTC+5:30 Tejasvi S Tomar
wrote:
> Hi Enrico,
> Did you manage to figure it out? I am facing the exact same issue while
> trying to setup Bob on VPS. There seems to be issue with the reverse
> connection whie saving the changes. There are three things to configure in
> settings.json: ws-server, saver, and serverInfo, and then the Apache needs
> to be configured corresponding to the specified ports/hostname/ip in
> settings.json. I have tried a few permutation and combinations with no
> luck. Hopefully if someone has managed to make Bob + VPS work would chime
> in.
> On Monday, December 23, 2019 at 7:24:26 PM UTC+5:30 Enrico wrote:
>
>> Hi,
>> I am trying to setup a Bob server on my VPS. I have googled for resources
>> but what I could dig up (mainly this example apache configuration
>> <https://github.com/OokTech/TW5-Bob/blob/09de6a2569fbdb95b17ca183bc2a9c824bcac3d8/Documentation/ApacheServer.tid>)
>>
>> does not seem to be working, and I'm having a hard time figuring out what's
>> wrong.
>> Any suggestion is highly appreciated. I'm so stuck that I'm considering
>> writing my own multi-wiki tiddlywiki server :)
>>
>> Cheers,
>> Enrico
>>
>> *What I'm trying to do*
>> I would like to access a Bob-powered tiddlywiki as `multiwiki.my.domain`.
>> Next step: access Bob-managed sub-wikis as `multiwiki.my.domain/subwiki`,
>> to get around node's insane RAM usage
>> <https://groups.google.com/d/msg/tiddlywiki/e2CHBYZV4GQ/WpSs7SaVBAAJ>.
>>
>> *Problems*
>> When I try to access `multiwiki.my.domain`, I get Bob's starting page but
>> at the bottom there is a red banner stating "*WARNING: The connection to
>> server hasn't been established yet."*
>> Checking Firefox's console log, the only message present says "Firefox
>> can’t establish a connection to the server at wss://multiwiki.my.domain/."
>>
>> *My setup*
>>
>> $ git clone --depth=1 https://github.com/OokTech/TW5-Bob.git
>> /usr/lib/node_modules/tiddlywiki/plugins/OokTech/Bob
>> $ cp -r
>> /usr/lib/node_modules/tiddlywiki/plugins/OokTech/Bob/MultiUserWiki MultiWiki
>>
>> *# MultiWiki/settings/settings.json*
>> {
>> "serverName": "multiwiki.my.domain",
>> "scripts": {
>> "NewWiki": "tiddlywiki #wikiName --init #editionName"
>> },
>> "wikis": {
>>
>> },
>> "ws-server": {
>> "port": 8086,
>> "host": "127.0.0.1",
>> "autoIncrementPort": false
>> },
>> "heartbeat": {
>> "interval": 1000
>> },
>> "wikisPath": "./Wikis",
>> "pluginsPath": "./Plugins",
>> "themesPath": "./Themes",
>> "servingFiles": {}
>> }
>>
>> *# apache_confs/multiwiki-ssl.conf*
>> <IfModule mod_ssl.c>
>> <VirtualHost *:443>
>> ServerName multiwiki.my.domain
>>
>> ProxyRequests Off
>> ProxyPreserveHost on
>>
>> ###### Adding WebSockets ######
>> RewriteEngine On
>> RewriteCond %{HTTP:Connection} Upgrade [NC]
>> RewriteCond %{HTTP:Upgrade} websocket [NC]
>> RewriteRule /(.*) ws://127.0.0.1:8086/$1 [P,L]
>> ###### Finished WebSockets #######
>>
>> Include /etc/letsencrypt/options-ssl-apache.conf
>> SSLCertificateFile ...
>> SSLCertificateKeyFile ...
>>
>> ProxyPass "/" "http://127.0.0.1:8086/";
>> ProxyPassReverse "/" "http://127.0.0.1:8086/";
>>
>> AllowEncodedSlashes On
>> SSLEngine On
>> SSLProxyEngine On
>> </VirtualHost>
>> </IfModule>
>>
>>
--
You received this message because you are subscribed to the Google Groups
"TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/tiddlywiki/c524be52-36eb-45f0-bbe4-52edce416212n%40googlegroups.com.
