Proxying WS app

blackcaptain · June 16, 2025, 11:03am

I’m trying to proxy my ws app to run on the 1st app as /ws so firstapp.com/ws. Both are on Fly.io, so I’ve tried using Nginx and it just doesn’t respond, the main app does but /ws doesn’t, it just returns 404.

I am not sure if I am missing something, Nginx is clearly running too.

primary_region = 'otp'

[build]
release_command = "npx prisma db push --force-reset"

[deploy]

[http_service]
  internal_port = 3000
  force_https = true
  auto_stop_machines = 'stop'
  auto_start_machines = true
  min_machines_running = 0
  processes = ['app']

[[vm]]
  memory = '2gb'
  cpu_kind = 'shared'
  cpus = 1

events {
    worker_connections 1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    upstream ws_backend{
        server ws.internal:443;
    }

  server {
         listen 80;

         location /ws/ {
             proxy_pass http://ws_backend;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
             proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
         }

         location / {
             proxy_pass http://localhost:3000;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
             proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
         }
     }
}

I am really not sure what to do here, there’s not much info or even posts on this forum about people doing this.

halfer · June 16, 2025, 12:16pm

Shell into the machine doing the proxying and see if you can curl a response to the other machine, using the target address you’ve configured in your proxy. Also, don’t be afraid of using real internal addresses in this forum - they are private to your org’s network, and seeing them may help readers understand what you’re doing wrong.

blackcaptain · June 16, 2025, 12:31pm

Yeah I can’t do curl cause its not there on the system, I just get that its not a command, and then I try apt install curl cant be located.

halfer · June 16, 2025, 12:33pm

If you’re using a Debian derivative, do an apt update first, to refresh your local software catalogue.

Alternatively try wget, that is sometimes installed even when curl is not.

blackcaptain · June 16, 2025, 12:56pm

Okay so yeah the WS server is running and can be accessed from the main app’s machine, cant tell why it’s not connecting me when i do wss://mainapp.com/ws maybe Nginx

khuezy · June 16, 2025, 2:48pm

I think your nginx config is incorrect, eg your upstream has port 443 but your proxy pass is http

blackcaptain · June 16, 2025, 3:16pm

I removed 443 but no luck, I think the config’s definitely screwed up in some way though.

bglw · June 16, 2025, 8:47pm

Just reading the configs in this post, so let me know if I’m missing something.

The biggest issue here is that your Fly config has http_service.internal_port set to port 3000, which is the port for your app, not the port for nginx. Since you have nginx listening on port 80, this is what you’ll want to set your internal_port to as well so that traffic gets delivered.

Keep the :443 out of your upstream as well. The .internal addresses don’t go through the Fly proxy at all, so there’s nothing between to handle TLS for you.

I can’t guarantee there aren’t other issues in there, but changing the port at least will get your traffic hitting port 80 where you can debug further

blackcaptain · June 17, 2025, 12:15pm

Thanks, this fixes the problem. Now it runs properly.