Multiple WebSocket connections at once in reverse proxy

What I’m trying to do: Allow multiple WebSocket connections at once

Where I’m stuck: Only one WebSocket connection can exist, any other connection fails

What I’ve already tried: Disabling SSL session reuse

Here is my conf:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 80;
    listen [::]:80;
    server_name ${DOMAIN_NAME};

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }

    location /cached-images/ {
        alias /var/www/cache/images/;
        expires 7d;
        add_header Cache-Control "public";
        log_not_found off;
        access_log off;
    }

    location /api/ {
        proxy_pass http://spotlight_api:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
    }

    location /lanyard-api/ {
        proxy_pass https://api.lanyard.rest/;
        proxy_ssl_server_name on;
        proxy_set_header Host api.lanyard.rest;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
        proxy_http_version 1.1;
        proxy_redirect off;
        rewrite ^/lanyard-api/(.*)$ /$1 break;
    }

    location /lanyard-ws/ {
        proxy_pass https://api.lanyard.rest/socket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host api.lanyard.rest;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
        proxy_read_timeout 86400s;
        proxy_send_timeout 86400s;
        proxy_redirect off;
        rewrite ^/lanyard-ws/?(.*)$ /socket$1 break;
    }

    location / {
        proxy_pass http://content_server:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
    }

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;
}

server {
    listen 443 ssl;
    http2 on;
    listen [::]:443 ssl http2;
    server_name ${DOMAIN_NAME};

    ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
    include /etc/nginx/options-ssl-nginx.conf;
    ssl_dhparam /etc/nginx/ssl/ssl-dhparams.pem;

    location /cached-images/ {
        alias /var/www/cache/images/;
        expires 7d;
        add_header Cache-Control "public";
        log_not_found off;
        access_log off;
    }

    location /api/ {
        proxy_pass http://spotlight_api:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

     location /lanyard-api/ {
        proxy_pass https://api.lanyard.rest/;
        proxy_ssl_server_name on;
        proxy_set_header Host api.lanyard.rest;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_http_version 1.1;
        proxy_redirect off;
        rewrite ^/lanyard-api/(.*)$ /$1 break;
    }

    location /lanyard-ws/ {
        proxy_pass https://api.lanyard.rest/socket;
        proxy_ssl_server_name on;
        proxy_ssl_session_reuse off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host api.lanyard.rest;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 86400s;
        proxy_send_timeout 86400s;
        proxy_redirect off;
        rewrite ^/lanyard-ws/?(.*)$ /socket$1 break;
    }

    location / {
        proxy_pass http://content_server:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location /assets/images/ {
        proxy_pass http://content_server:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    access_log /var/log/nginx/ssl_access.log;
    error_log /var/log/nginx/ssl_error.log;
}
1 Like

Try Increasing max connections per worker in location blocks:

proxy_max_temp_file_size 0;

Also, check your worker_connections setting in the main Nginx configuration. It should be high enough to handle multiple WebSocket connections:

events {
    worker_connections 1024;  # Increase this if needed
    multi_accept on;
}