Skip to content

Instantly share code, notes, and snippets.

@moaalaa

moaalaa/Socekti with cpanel let's encrypt ssl and apache proxy.md

Last active May 22, 2025 18:38
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save moaalaa/f361052d0a08332356f8d7dde2655ba5 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save moaalaa/f361052d0a08332356f8d7dde2655ba5 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Socekti with cpanel let's encrypt ssl and apache proxy.md

Laravel + Soketi with SSL (cPanel and Apache)

This guide explains how to integrate Laravel with Soketi using secure WebSocket (WSS) over SSL via Apache. The key is to proxy wss:// connections through Apache with SSL termination, while Soketi itself runs unencrypted on localhost.

βœ… Pre-requisites

  • Apache with mod_proxy, mod_proxy_http, mod_proxy_wstunnel, and mod_rewrite enabled.

  • Soketi server running and listening on port 6001.

  • Valid SSL certificate configured in Apache.

  • Soketi apps configured properly and Laravel broadcasting configured accordingly.

πŸ”§ 1. Install & Run Soketi

Make sure Soketi is installed:

npm install -g @soketi/soketi

Run Soketi:

soketi start --config ./soketi.json

Ensure it's listening on http://127.0.0.1:6001:

curl http://127.0.0.1:6001
# should return "OK"

🧠 2. Laravel Echo Config (resources/js/bootstrap.js or similar)

import Echo from 'laravel-echo';
import Pusher from 'pusher-js';

window.Pusher = Pusher;

window.Echo = new Echo({
    broadcaster: 'pusher',
    key: import.meta.env.VITE_PUSHER_APP_KEY,
    wsHost: import.meta.env.VITE_PUSHER_HOST,
    wsPort: import.meta.env.VITE_PUSHER_PORT,
    wssPort: import.meta.env.VITE_PUSHER_PORT,
    cluster: import.meta.env.VITE_PUSHER_APP_CLUSTER,
    forceTLS: true,
    encrypted: true,
    disableStats: true,
    enabledTransports: ['ws', 'wss'],
});

πŸ›  3. .env File

PUSHER_HOST=app.test
PUSHER_PORT=443
PUSHER_SCHEME=https
PUSHER_APP_ID="app-id"
PUSHER_APP_KEY="app-key"
PUSHER_APP_SECRET="app-secret"
PUSHER_APP_CLUSTER=eu

VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
VITE_PUSHER_HOST="${PUSHER_HOST}"
VITE_PUSHER_PORT="${PUSHER_PORT}"
VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"

🧩 4. Apache Configuration

Add websocket.conf configuration file for Apache:

# Subdomain Also Supported
vi /etc/apache2/conf.d/userdata/ssl/2_4/username/domain.tld/websockets.conf

# Subdomain Also Supported
vi /etc/apache2/conf.d/userdata/ssl/2_4/username/subdomain.domain.tld/websockets.conf
# Enable WebSocket proxying to Soketi on port 6001
ProxyPass "/app" "http://127.0.0.1:6001/app/"
ProxyPassReverse "/app" "http://127.0.0.1:6001/app/"

# Enable Events proxying to Soketi on port 6001
ProxyPass "/apps" "http://127.0.0.1:6001/apps/"
ProxyPassReverse "/apps" "http://127.0.0.1:6001/apps/"

#RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule ^/app/(.*) ws://127.0.0.1:6001/app/$1 [P,L]
RewriteRule ^/apps/(.*) ws://127.0.0.1:6001/apps/$1 [P,L]

RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule ^/app/(.*) http://127.0.0.1:6001/app/$1 [P,L]
RewriteRule ^/apps/(.*) http://127.0.0.1:6001/apps/$1 [P,L]

Restart Httpd/ Apache service ImportantπŸ”΄πŸ”΄πŸ”΄πŸ”΄

/scripts/rebuildhttpdconf && /scripts/restartsrv_httpd

πŸ” 5. Trust the SSL Certificate

Ensure your browser trusts the local SSL certificate:

  • Visit https://app.test
  • If it shows "secure" (padlock icon), it's trusted
  • If not, manually install the cert

πŸš€ 6. Test WebSocket

Visit the site in browser and check DevTools Console/Network for:

wss://app.test/app/<key>?protocol=7&client=js&version=8.4.0

You can also test via:

npm install -g wscat
wscat --no-check -c "wss://app.test/app/YOUR_KEY"

βœ… Done!

You now have secure WebSocket connections to Soketi over SSL using Apache as the reverse proxy. Laravel Echo should now work perfectly with real-time features.

πŸ§ͺ Debugging Tips

  • Always inspect DevTools > Network > WS tab
  • Use curl, wscat, and netstat -an | find "6001" to confirm sockets
  • Double-check ProxyPass path: it must end with /app if you use wsPath: '/app'
Raw
Socekti with herd ssl and ngnix proxy.md

Laravel + Soketi with SSL (Valet Herd on Windows)

This guide explains how to integrate Laravel with Soketi using secure WebSocket (WSS) over SSL via Nginx (Herd). The key is to proxy wss:// connections through Nginx with SSL termination, while Soketi itself runs unencrypted on localhost.

βœ… Requirements

  • Laravel project
  • Soketi installed locally
  • Laravel Herd (uses Nginx)
  • Web browser with trusted local SSL certs (via Herd)

πŸ”§ 1. Install & Run Soketi

Make sure Soketi is installed:

npm install -g @soketi/soketi

Run Soketi:

soketi start --config ./soketi.json

Ensure it's listening on http://127.0.0.1:6001:

curl http://127.0.0.1:6001
# should return "OK"

🧠 2. Laravel Echo Config (resources/js/bootstrap.js or similar)

import Echo from 'laravel-echo';
import Pusher from 'pusher-js';

window.Pusher = Pusher;

window.Echo = new Echo({
    broadcaster: 'pusher',
    key: import.meta.env.VITE_PUSHER_APP_KEY,
    wsHost: import.meta.env.VITE_PUSHER_HOST,
    wsPort: import.meta.env.VITE_PUSHER_PORT,
    wssPort: import.meta.env.VITE_PUSHER_PORT,
    cluster: import.meta.env.VITE_PUSHER_APP_CLUSTER,
    forceTLS: true,
    encrypted: true,
    disableStats: true,
    enabledTransports: ['ws', 'wss'],
});

πŸ›  3. .env File

PUSHER_HOST=app.test
PUSHER_PORT=443
PUSHER_SCHEME=https
PUSHER_APP_ID="app-id"
PUSHER_APP_KEY="app-key"
PUSHER_APP_SECRET="app-secret"
PUSHER_APP_CLUSTER=eu

VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
VITE_PUSHER_HOST="${PUSHER_HOST}"
VITE_PUSHER_PORT="${PUSHER_PORT}"
VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"

🧩 4. Nginx (Herd) Configuration

Edit Herd's Nginx config file for your site (usually located at: ~/.config/herd/Nginx/app.test) and add the WebSocket proxy:

server {
    listen 127.0.0.1:443 ssl;
    server_name app.test;
        
    ...

    # WebSocket Proxy
    location /app {
        proxy_pass http://127.0.0.1:6001/app;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_read_timeout 60;
        proxy_redirect off;
    }

    # Laravel site config ...
    location / {
        ...
    }

    ...
}

Make sure to use /app in both location and proxy_pass!

πŸ” 5. Trust the SSL Certificate

Ensure your browser trusts the local SSL certificate:

  • Visit https://app.test
  • If it shows "secure" (padlock icon), it's trusted
  • If not, manually install the cert

πŸš€ 6. Test WebSocket

Visit the site in browser and check DevTools Console/Network for:

wss://app.test/app/<key>?protocol=7&client=js&version=8.4.0

You can also test via:

npm install -g wscat
wscat --no-check -c "wss://app.test/app/YOUR_KEY"

βœ… Done!

You now have secure WebSocket connections to Soketi over SSL using Nginx as the reverse proxy. Laravel Echo should now work perfectly with real-time features.

πŸ§ͺ Debugging Tips

  • Always inspect DevTools > Network > WS tab
  • Check nginx-error.log and nginx-access.log under Herd
  • Use curl, wscat, and netstat -an | find "6001" to confirm sockets
  • Double-check proxy_pass path: it must end with /app if you use wsPath: '/app'
Raw
soketi.json
{
"debug": true,
"port": 6001,
"appManager.array.apps": [
{
"id": "app-id",
"key": "app-key",
"secret": "app-secret",
"webhooks": []
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment