To handle the increase of web traffic associated with websockets, we have added a second webserver in release v20.09.00. The Apache webserver will continue to handle the regular webpage requests. The newly added NGINX webserver will handle the websocket traffic.

Follow these steps to successfully install and configure this new version of Submitty.

  1. Install NGINX:

    sudo apt-get install -qqy nginx-full
    

    NOTE: Alternatively, this will be happen when you get the new Submitty source code and run INSTALL_SYSTEM.sh.

  2. Remove the default nginx site, /etc/nginx/sites-available/default, if desired.

  3. Copy our sample nginx submitty.conf file from:

    https://github.com/Submitty/Submitty/blob/master/.setup/nginx/submitty.conf

    to:

    /etc/nginx/sites-available

  4. If desired, update this file to use ssl.

    To combine the existing cert chain in to a pem that nginx can use:

    cp submitty.cer submitty.pem
    cat chain.cer >> submitty.pem 
    

    And update the NGINX submitty.conf:

    server {
        # SSL configuration
        listen 8443 ssl default_server;
        listen [::]:8443 ssl default_server;
    
        #dont show OS or version identity
        server_tokens off; 
    
        ssl on;
        ssl_certificate /etc/apache2/ssl/submitty-demo.pem;
        ssl_certificate_key /etc/apache2/ssl/submitty-demo.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:RC4-SHA;
        ssl_session_cache shared:SSL:10m;
    
        server_name _;
    
        location / {
            return 404;
        }
    
        location /ws {
            proxy_pass http://127.0.0.1:41983/; #Yes, http is proper here for nginx web socket
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_set_header Host $host;
        }
    }
    
  5. Create a symlink for NGINX submitty.conf from sites-available to sites-enabled:

    ln -s /etc/nginx/sites-available/submitty.conf /etc/nginx/sites-enabled/submitty.conf
    
  6. Remove any other files/symlinks from the /etc/nginx/sites-enabled/ directory (unless required for some other purpose on your server).

  7. Remove the existing websocket proxying from Apache installed with version v20.06.00.

    Edit /etc/apache2/sites-available/submitty.conf to remove this line:

    ProxyPass "/ws" "ws://127.0.0.1:41983/"
    
  8. Websockets are served over port 8443. It may be necessary to create a firewall exception.

  9. Restart nginx and submitty_websocket_server:

    sudo systemctl restart nginx
    sudo systemctl restart submitty_websocket_server
    

    Confirm the status:

    sudo systemctl status nginx
    sudo systemctl status submitty_websocket_server
    
  10. Download and install the new Submitty source code