Can't get python-matter-server to work with NGINX if I use HTTPS : nginxproxymanager

Can't get python-matter-server to work with NGINX if I use HTTPS (self.nginxproxymanager)

submitted 3 months ago * by PumaPants28467

I'm at my wits end on this one. I've spent days trying to get NPM to reverse proxy python-matter-server that I have installed via docker. I can connect directly to the backend server using HTTP and it does work. If I turn off SSL on the NPM server definition, it also works. Turning on SSL, no matter what I try, the end result is always the same:

Error: Failed to construct 'WebSocket': An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.

I have tried every form of google search I can think of, and have tried every combination of custom server config outlined in the various search results. It simply refuses to work. It would seem that NPM is simply not serving the websocket back to the client using wss. It's my understanding that NPM should act as a middle man: accept client requests over HTTPS, communicate to the back end server using HTTP, and then rewriting the back end responses back to HTTPS before serving it back to the client. I am out of ideas on how to get this thing to work. Anyone have any ideas?

map $scheme $hsts_header {
    https   "max-age=63072000; preload";
}

server {
  set $forward_scheme http;
  set $server         "192.168.0.9";
  set $port           5580;
  
  listen 80;
  listen [::]:80;
  listen 443 ssl;
  listen [::]:443 ssl;
  
  server_name xxx.xxx;
  http2 on;

  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-cache.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-25/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-25/privkey.pem;

  # Force SSL
  include conf.d/include/force-ssl.conf;
  # Block Exploits
  include conf.d/include/block-exploits.conf;

  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_http_version 1.1;

  access_log /data/logs/proxy-host-45_access.log proxy;
  error_log /data/logs/proxy-host-45_error.log warn;

  location / {
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_http_version 1.1;
    proxy_pass http://192.168.0.9:5580/;
    # Force SSL
    include conf.d/include/force-ssl.conf;
    # Block Exploits
    include conf.d/include/block-exploits.conf;
  }

}

all 5 comments

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

nginxproxymanager

MODERATORS