Skip to content

WebSocket connection to 'wss://bhhaihuan.com/socket.io/...' failed GUI Socket connect_error: socket auth failed #3264

Open
Open
WebSocket connection to 'wss://bhhaihuan.com/socket.io/...' failed GUI Socket connect_error: socket auth failed#3264
@weiwenying

Description

@weiwenying
weiwenying
opened on Jun 15, 2026

When uploading the file, the following exception is thrown:

bundle.min.js:2 WebSocket connection to 'wss://bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
value @ bundle.min.js:2
value @ bundle.min.js:2
value @ bundle.min.js:2
r @ bundle.min.js:2
value @ bundle.min.js:2
(anonymous) @ bundle.min.js:2
bundle.min.js:2 GUI Socket connect_error: a: websocket error
    at a.value (bundle.min.js:2:420743)
    at ws.onerror (bundle.min.js:2:428870)
(anonymous) @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
o @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
ws.onerror @ bundle.min.js:2
v2/:4 WebSocket connection to 'wss://api.bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
doOpen @ v2/:4
open @ v2/:4
open @ v2/:4
et @ v2/:4
open @ v2/:4
(anonymous) @ v2/:4
bundle.min.js:2 WebSocket connection to 'wss://bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
value @ bundle.min.js:2
value @ bundle.min.js:2
value @ bundle.min.js:2
r @ bundle.min.js:2
value @ bundle.min.js:2
(anonymous) @ bundle.min.js:2
bundle.min.js:2 GUI Socket connect_error: a: websocket error
    at a.value (bundle.min.js:2:420743)
    at ws.onerror (bundle.min.js:2:428870)
(anonymous) @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
o @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
ws.onerror @ bundle.min.js:2
v2/:4 WebSocket connection to 'wss://api.bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
doOpen @ v2/:4
open @ v2/:4
open @ v2/:4
et @ v2/:4
open @ v2/:4
(anonymous) @ v2/:4
bundle.min.js:2 WebSocket connection to 'wss://bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
value @ bundle.min.js:2
value @ bundle.min.js:2
value @ bundle.min.js:2
r @ bundle.min.js:2
value @ bundle.min.js:2
(anonymous) @ bundle.min.js:2
bundle.min.js:2 GUI Socket connect_error: a: websocket error
    at a.value (bundle.min.js:2:420743)
    at ws.onerror (bundle.min.js:2:428870)
(anonymous) @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
o @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
ws.onerror @ bundle.min.js:2
v2/:4 WebSocket connection to 'wss://api.bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
doOpen @ v2/:4
open @ v2/:4
open @ v2/:4
et @ v2/:4
open @ v2/:4
(anonymous) @ v2/:4
bundle.min.js:2 WebSocket connection to 'wss://bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
value @ bundle.min.js:2
value @ bundle.min.js:2
value @ bundle.min.js:2
r @ bundle.min.js:2
value @ bundle.min.js:2
(anonymous) @ bundle.min.js:2
bundle.min.js:2 GUI Socket connect_error: a: websocket error
    at a.value (bundle.min.js:2:420743)
    at ws.onerror (bundle.min.js:2:428870)
(anonymous) @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
o @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
ws.onerror @ bundle.min.js:2
v2/:4 WebSocket connection to 'wss://api.bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
doOpen @ v2/:4
open @ v2/:4
open @ v2/:4
et @ v2/:4
open @ v2/:4
(anonymous) @ v2/:4
bundle.min.js:2 WebSocket connection to 'wss://bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
value @ bundle.min.js:2
value @ bundle.min.js:2
value @ bundle.min.js:2
r @ bundle.min.js:2
value @ bundle.min.js:2
(anonymous) @ bundle.min.js:2
bundle.min.js:2 GUI Socket connect_error: a: websocket error
    at a.value (bundle.min.js:2:420743)
    at ws.onerror (bundle.min.js:2:428870)
(anonymous) @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
o @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
E.emit @ bundle.min.js:2
value @ bundle.min.js:2
ws.onerror @ bundle.min.js:2
v2/:4 WebSocket connection to 'wss://api.bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: 
doOpen @ v2/:4
open @ v2/:4
open @ v2/:4
et @ v2/:4
open @ v2/:4
(anonymous) @ v2/:4
v2/:4 WebSocket connection to 'wss://api.bhhaihuan.com/socket.io/?EIO=4&transport=websocket' failed: WebSocket is closed before the connection is established.
Image

The repair method is:

{
  s3-init:
    # One-shot container that creates the `puter-local` bucket on first
    # boot. Exits 0 once the bucket exists; stays exited 0 thereafter.
    image: amazon/aws-cli:latest
    container_name: puter-s3-init
    depends_on:
      s3:
        condition: service_healthy
    environment:
      AWS_ACCESS_KEY_ID: ${S3_ACCESS_KEY:-puter}
      AWS_SECRET_ACCESS_KEY: ${S3_SECRET_KEY:-puter-secret-change-me}
      AWS_DEFAULT_REGION: us-east-1
    entrypoint:
      - /bin/sh
      - -c
      - |
        set -e
        endpoint=http://s3:9000
        bucket=${S3_BUCKET:-puter-local}
        if aws --endpoint-url "$$endpoint" s3api head-bucket --bucket "$$bucket" 2>/dev/null; then
          echo "bucket $$bucket already exists"
        else
          echo "creating bucket $$bucket"
          aws --endpoint-url "$$endpoint" s3 mb "s3://$$bucket"
        fi

        cat > /tmp/cors.json <<EOF
        {
          "CORSRules": [
            {
              "AllowedOrigins": ["*"],
              "AllowedMethods": ["GET","HEAD","PUT","POST","DELETE"],
              "AllowedHeaders": ["*"],
              "ExposeHeaders": ["ETag","x-amz-request-id"],
              "MaxAgeSeconds": 3600
            }
          ]
        }
        EOF

        echo "applying bucket CORS"

        aws --endpoint-url "$$endpoint" s3api put-bucket-cors \
          --bucket "$$bucket" \
          --cors-configuration file:///tmp/cors.json

        echo "CORS applied"

    restart: "no"
}

My architecture:

Browser
    |
    | HTTPS
    v
Server B - External Nginx (port 443, TLS terminated)
    |
    | HTTP proxy to 10.1.2.3:80
    v
Server A - Internal Docker Nginx (listening on port 80 only)
    |
    v
Puter Container

Server B - External Nginx :

map $ssl_server_name $puter_ssl_cert {
    hostnames;

    site.bhhaihuan.com   /etc/nginx/ssl/bhhaihuan/site.crt;
    *.site.bhhaihuan.com /etc/nginx/ssl/bhhaihuan/site.crt;
    app.bhhaihuan.com    /etc/nginx/ssl/bhhaihuan/app.crt;
    *.app.bhhaihuan.com  /etc/nginx/ssl/bhhaihuan/app.crt;
    dev.bhhaihuan.com     /etc/nginx/ssl/bhhaihuan/dev.crt;
    *.dev.bhhaihuan.com  /etc/nginx/ssl/bhhaihuan/dev.crt;
    host.bhhaihuan.com    /etc/nginx/ssl/bhhaihuan/host.crt;
    *.host.bhhaihuan.com /etc/nginx/ssl/bhhaihuan/host.crt;

    default              /etc/nginx/ssl/bhhaihuan/bhhaihuan.crt;
}

map $ssl_server_name $puter_ssl_key {
    hostnames;

    site.bhhaihuan.com   /etc/nginx/ssl/bhhaihuan/site.key;
    *.site.bhhaihuan.com /etc/nginx/ssl/bhhaihuan/site.key;
    app.bhhaihuan.com    /etc/nginx/ssl/bhhaihuan/app.key;
    *.app.bhhaihuan.com  /etc/nginx/ssl/bhhaihuan/app.key;
    dev.bhhaihuan.com    /etc/nginx/ssl/bhhaihuan/dev.key;
    *.dev.bhhaihuan.com  /etc/nginx/ssl/bhhaihuan/dev.key;
    host.bhhaihuan.com    /etc/nginx/ssl/bhhaihuan/host.key;
    *.host.bhhaihuan.com /etc/nginx/ssl/bhhaihuan/host.key;

    default              /etc/nginx/ssl/bhhaihuan/bhhaihuan.key;
}

upstream puter_backend {
    server 10.1.2.3:80;
    keepalive 32;
}

server {
    listen 80;
    listen [::]:80;
    server_name ~^(.+\.)*bhhaihuan\.com$;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;
    server_name ~^(.+\.)*bhhaihuan\.com$;

    ssl_certificate     $puter_ssl_cert;
    ssl_certificate_key $puter_ssl_key;
    ssl_protocols       TLSv1.2 TLSv1.3;

    client_max_body_size 1024m;
    proxy_read_timeout   600s;
    proxy_send_timeout   600s;
    proxy_buffering      off;

    location / {
        proxy_pass http://puter_backend;
        proxy_http_version 1.1;
        proxy_set_header Host              $host;
        proxy_set_header X-Real-IP         $remote_addr;
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host  $host;
        proxy_set_header X-Forwarded-Port  $server_port;
        proxy_set_header Upgrade           $http_upgrade;
        proxy_set_header Connection        $connection_upgrade;
    }
}

Server A - Internal Docker Nginx(The built-in nginx configuration file of the puter, puter-selfhosted/nginx/nginx.conf ):

worker_processes auto;
events {
    worker_connections 4096;
}

http {
    # Required for Puter's WebSocket / socket.io upgrades.
    map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
    }

    map $http_x_forwarded_proto $forwarded_proto {
        default $http_x_forwarded_proto;
        ''      $scheme;
    }

    # Rough size cap that mirrors prod ALB defaults; tune for your
    # uploads. Puter chunks large uploads, so 1 GiB per request is plenty.
    client_max_body_size 1024m;
    proxy_read_timeout 600s;
    proxy_send_timeout 600s;
    proxy_buffering off;
    server_tokens off;

    upstream puter_backend {
        server puter:4100;
        keepalive 32;
    }

    upstream s3_backend {
        # RustFS — see `s3` service in docker-compose.full.yml. Browsers
        # PUT/GET here for presigned-URL uploads / downloads. Routed via
        # the `s3.<domain>` subdomain so signature verification works
        # (Host header preserved end-to-end) and so HTTPS stays clean
        # (no mixed-content from a port-9000 host publish).
        server s3:9000;
        keepalive 32;
    }

    # ── HTTP (port 80) ─────────────────────────────────────────────
    server {
        listen 80;
        listen [::]:80;
        server_name ~^s3\.;

        location / {
            proxy_pass http://s3_backend;
            proxy_http_version 1.1;
            # Critical: preserve the original Host so RustFS validates
            # the request against the same host the URL was signed for.
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $forwarded_proto;
        }
    }

    server {
        listen 80 default_server;
        listen [::]:80 default_server;
        server_name _;

        # Note: when you enable TLS, replace this block with a redirect:
        #   return 301 https://$host$request_uri;
        location / {
            proxy_pass http://puter_backend;
            proxy_http_version 1.1;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $forwarded_proto;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Port $server_port;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
        }
    }

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions