Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When reverse proxying (nginx) from a separate machine from neko, how should I handle UDP ports? #477

Open
IdyllicHappiness opened this issue Feb 28, 2025 · 0 comments
Open

When reverse proxying (nginx) from a separate machine from neko, how should I handle UDP ports? #477

IdyllicHappiness opened this issue Feb 28, 2025 · 0 comments

Comments

@IdyllicHappiness
Copy link

I have a working neko setup, reverse proxied as per this example configuration (albeit with two lines added for ssl_certificate and ssl_certificate_key).

https://neko.m1k1o.net/#/getting-started/reverse-proxy?id=nginx

The nginx service runs on 192.168.0.10, and neko runs on a VM I have for my Docker containers at 192.168.0.20.

However, I realised that despite there being no extra listening/forwarding rules for the UDP ports specified, neko still works seemingly fine.

As a test, I created a neko.stream file so that nginx would handle these ports. Whether I enable this or not, both nginx and neko again seem to work, with no difference (as far as I can tell).

Should I be forwarding these ports for a better experience?

And if I should be, are there any extra stream{} options I should be including? (e.g. ssl_certificate)

As an aside, love this piece of software! Thanks to all the contributors for their great work 🙂

neko.site (file sourced from the http{} section's include /etc/nginx/sites-enabled/*.site; line, in nginx.conf

server {
    listen 443 ssl;
    server_name subdomain.domain.com;

    location / {
        proxy_pass http://192.168.0.20:8082;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-Protocol $scheme;
    }

    ssl_certificate /mnt/certificates/_.domain.com.crt;
    ssl_certificate_key /mnt/certificates/_.domain.com.key;
}

docker-compose.yml

version: "3.4"
services:
  neko:
    image: "m1k1o/neko:firefox"
    restart: "unless-stopped"
    shm_size: "4gb"
    ports:
      - "8082:8082"
      - "53000-53100:53000-53100/udp"
    environment:
      NEKO_SCREEN: 1280x720@30
      NEKO_PASSWORD: foo
      NEKO_PASSWORD_ADMIN: bar
      NEKO_EPR: 53000-53100
      NEKO_BIND: 0.0.0.0:8082
      NEKO_PROXY: true
      NEKO_CORS: subdomain.domain.com
      NEKO_NAT1TO1: 192.168.0.10

neko.stream (file sourced from the stream{} section's include /etc/nginx/sites-enabled/*.stream; line, in nginx.conf

server {
    listen 53000-53100 udp;
    proxy_pass 192.168.0.20:$server_port;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@IdyllicHappiness