By default NGINX disconnects after one or two minutes (check the default values of these parameters) when there is no activity. As it is not guaranteed that you will receive or send a LoRaWAN frame each minute, you need to set this to a high value.
I switched to NGINX quickly and applied you config. But it seems like I still have an issue with the websocket. It is still disconnected even though the browser is now answering the request via the proxy of NGINX.
Is it possible I configured something wrong with the websockets?
Hi Brocaar,
I made it. I had to play around a bit but I finally got it working with apache. I had two issues, first thing I had to do is to upgrade my apache because it is still a 2.22 so I had to follow these two threads:
- Apache 2.2 Websocket Proxying on Ubuntu with mod_proxy_wstunnel
- Backporting Apache support for websockets reverse proxy (aka getting GateOne to work behind Apache) ā Voyageur's corner
After that I had to try a little and got it running with the final setting for the apache proxy as following:
#############
### Proxy ###
#############ProxyRequests off
ProxyPreserveHost onProxyPassMatch ^/api/(gateways|devices)/(\w+)/(frames|events)$ wss://localhost:8080/api/$1/$2/$3
ProxyPass / https://localhost:8080/
ProxyPassReverse / https://localhost:8080/<Proxy *>
Order allow,deny
Allow from all
</Proxy>
So, now the journey can countinue.
Best regards,
Lu Wi
1 Like
Hi, I have loraserver v0.26.3 and lora-app-server v0.21.1, Iāve already registered my gateway and devices, I also have created a JWT with the API and it works just fine, I even added it into my loraserver.toml and lora-app-server.toml and still have problems to get my āLive Frame Logs / Live Eventā connected. This is a Raspberry pi3 installation with a Lora RisingHF Hat. Am I missing something?
LORA-APP-SERVER LOG:
May 30 21:58:45 raspberrypi lora-app-server[1254]: time=ā2018-05-30T21:58:45Zā level=info msg=āfinished streaming call with code Unauthenticatedā error=ārpc error: code = Unauthenticated desc = authentication failed: get token from context error: no authorization-data in metadataā grpc.code=Unauthenticated grpc.method=StreamFrameLogs grpc.service=api.Device grpc.start_time=ā2018-05-30T21:58:45Zā grpc.time_ms=0.406 peer.address="[::1]:39460" span.kind=server system=grpc
LORASERVER LOG:
May 30 21:39:56 raspberrypi loraserver[1397]: time=ā2018-05-30T21:39:56Zā level=info msg=āfinished streaming call with code OKā grpc.code=OK grpc.method=StreamFrameLogsForDevice grpc.service=ns.NetworkServer grpc.start_time=ā2018-05-30T21:38:56Zā grpc.time_ms=59968.34 peer.address="[::1]:60344" span.kind=server system=grpc
Iāve moved your post as there was already a topic covering this issue. See the above mentioned solutions.
Hello, I also face the above issue after fresh install of lora-app-server v1.0.0 / v1.0.1/ v1.0.2 in two pcs. One of them runs an ubuntu vm in my laptop so I donāt have any proxy/load balancer.
After staying for some seconds at the live events log tab or at the live lorawan frame logs tab of a node, the āError rpc error: code = OutOfRange desc = EOF (code: 11)ā error appears again and again.
(my current setup contains the latest loraserver, lora-app-server, lora-gateway-bridge versions, installed following the detailed instructions successfully)
Follow up 1
Every time I see the connected->disconnected->connected hop, this appears at the loraserverās log:
time=ā2018-07-09T16:58:19+03:00ā level=error msg=āget frame-log for device errorā error=āERR wrong number of arguments for āpingā commandā
time=ā2018-07-09T16:58:19+03:00ā level=info msg=āfinished streaming call with code OKā grpc.code=OK grpc.method=StreamFrameLogsForDevice grpc.service=ns.NetworkServer grpc.start_time=ā2018-07-09T16:57:49+03:00ā grpc.time_ms=30001.236 peer.address=ā127.0.0.1:52498ā span.kind=server system=grpc
Follow up 2
The docker version seems to operate perfectly, without any connected->disconnected issues and any errors appearing.
Follow up 3
I just tried using loraserver 1.0.0 , lora-app-server 1.0.0 and lora-gateway-bridge 2.4.1 debs along with the configuration files that come with the docker repo ( after changing the docker names to localhost and putting the right postgres credentials). The same issue persists.
Follow up 4
Seems to operate nicely on latest ubuntu 18 while previously I was on ubuntu 14.04ā¦
Is there an issue or do you have any suggestions for my setup?
Thank you
1 Like
Saw exactly the same, also on ubuntu 14.04, not yet found the cause. Probably will move to a newer instance.
I dont have this field inside the file loraserver.toml.There ir no fied to inser jwt secret. It is presente only inside lora-app-server.toml file.
IĀ“m having this exaclty same problem:
Aug 21 16:34:23 lorawan-ns-3 lora-app-server: time=ā2018-08-21T16:34:23Zā level=info msg=āfinished unary call with code Unauthenticatedā error=ārpc error: code = Unauthenticated desc = authentication failed: get token from context error: no authorization-data in metadataā grpc.code=Unauthenticated grpc.method=List grpc.service=api.OrganizationService grpc.start_time=ā2018-08-21T16:34:23Zā grpc.time_ms=0.039 peer.address="[::1]:42960" span.kind=server system=grpc
we are using Ubuntu 14.04.5 LTS
when we can setting proxy server setting in Ubuntu?
Please help me
Thanks
Iām having this exactly same problem:
(my current setup contains the latest loraserver, lora-app-server, lora-gateway-bridge versions, installed following the detailed instructions successfully)
time=ā2018-09-27T11:13:28+05:30ā level=error msg=āget frame-log for gateway errorā error="ERR wrong number of arguments for āpingā command"
time=ā2018-09-27T11:13:28+05:30ā level=info msg=āfinished streaming call with code OKā grpc.code=OK grpc.method=StreamFrameLogsForGateway grpc.service=ns.NetworkServerService grpc.start_time=ā2018-09-27T11:12:58+05:30ā grpc.time_ms=30000.86 peer.address=ā192.168.0.162:52028ā span.kind=server system=grpc
Please help meā¦
I know it is an old thread, but here is a working WS tunneled proxy config fĆ¼r a current Apacheā¦
ProxyPreserveHost On
ProxyRequests off
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:8080/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://127.0.0.1:8080/$1 [P,L]
ProxyPass / http://127.0.0.1:8080/ Keepalive=On timeout=1600
ProxyPassReverse / http://127.0.0.1:8080/
2 Likes
Just waking this thread up (sorry) in case anyone else lands here trying to debug a related issue.
If you run Redis 4 (requires 5) with the latest app server (3.16) then it will look like a websocket issue. Itās not, itās because the websocket EOFs at the point where it canāt use streams with redis.
Donāt go down the rabbit hole like I did, you just need to update Redis!
1 Like
Hello I am also having this issue (Websocket error) with a docker installation :
- chirpstack-application-server 3.16
- redis 6.2.5
- Firefox 91.0.1
For simulation I use the chirpstack-simulator for creating gateways and devices.
I use a Nginx proxy and HAProxy Load balancer with the following operation : Client_ws <->Haproxy_ws_proxy <-> Nginx_ws_proxy <-> Chirpstack_ws_server. Here are my configuration files :
##haproxy.cfg :
defaults
mode tcp
log global
option httplog
option dontlognull
option http-server-close
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 10m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen stats
bind *:7777
mode http
stats enable
stats hide-version
stats realm HAproxy-Statistics
stats uri /
timeout client 25s
timeout connect 5s
timeout server 25s
# timeout tunnel available in ALOHA 5.5 or HAProxy 1.5-dev10 and higher
timeout tunnel 3600s
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend Web_80
bind *:80
mode http
default_backend www
http-request redirect scheme https unless { ssl_fc }
#Redirect to Nginx proxy
frontend WebSSL_443
bind *:443 ssl crt ********
rspadd Strict-Transport-Security:\ max-age=15768000
# mode http
# routing based on websocket protocol header
acl hdr_connection_upgrade hdr(Connection) -i upgrade
acl hdr_upgrade_websocket hdr(Upgrade) -i websocket
use_backend nginx0001_ws if hdr_connection_upgrade hdr_upgrade_websocket
default_backend nginx0001
backend nginx0001
mode http
option forwardfor
balance roundrobin
server nginx0001 127.X.X.X:8080 check
timeout connect 5s
timeout server 25s
# timeout tunnel available in ALOHA 5.5 or HAProxy 1.5-dev10 and higher
timeout tunnel 3600s
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
http-request set-header X-Client-IP %[src]
backend nginx0001_ws
balance roundrobin
server nginx0001 127.X.X.X:8080 check
timeout connect 10s
timeout server 25s
# timeout tunnel available in ALOHA 5.5 or HAProxy 1.5-dev10 and higher
timeout tunnel 3600s
option forwardfor
Configuration according to the official documentation.
## nginx.conf
upstream chirpstack{
server 172.X.X.X:8080;
}
server {
listen 8080;
server_name chirpstack.example.org;
location ~ ^/api/(gateways|devices)/(\w+)/(frames|events)$ {
proxy_pass http://chirpstack/api/$1/$2/$3;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log /var/log/nginx/lns_ws.access.log;
error_log /var/log/nginx/lns_ws.error.log;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection āupgradeā;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
location / {
proxy_pass http://chirpstack;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log /var/log/nginx/lns.access.log;
error_log /var/log/nginx/lns.error.log;
}
}
Configuration according to the official documentation.
Iām still getting the error :
time="2021-08-23T08:50:34.144276849Z" level=info msg="finished streaming call with code Unauthenticated" error="rpc error: code = Unauthenticated desc = authentication failed: get token from context error: no authorization-data in metadata" grpc.code=Unauthenticated grpc.method=StreamFrameLogs grpc.service=api.GatewayService grpc.start_time="2021-08-23T08:50:34Z" grpc.time_ms=0.102 peer.address="127.0.0.1:57363" span.kind=server system=grpc
Could you help me please ?
Updated for https
ProxyPreserveHost On
ProxyRequests off
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) wss://127.0.0.1:8080/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) https://127.0.0.1:8080/$1 [P,L]
ProxyPass / https://127.0.0.1:8080/ Keepalive=On timeout=1600
ProxyPassReverse / https://127.0.0.1:8080/
There is a mismatch in this configuration file. As is, the websocket connection works when connected to a local network but when working throught an exposed domain you will get the āNot connected to websocket apiā error. (Tested in two working setups exposed to public domains, secured with LetsEncrypt certificates).
This is due this line you wrote above and in the official documentation:
proxy_set_header Connection "Upgrade";
It must be written as:
proxy_set_header Connection "upgrade";
with āupgradeā in lower case.
Written so, it works like a charm.