Nginx Configuration for Socket.io Realtime

The admin domain (admin.huph.val.id) needs a /socket.io/ location block that proxies to the API server on 127.0.0.1:3101. This is same-origin so the browser sends NextAuth cookies automatically and there's no CORS preflight.

Required nginx block

location /socket.io/ {
  proxy_pass http://127.0.0.1:3101;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_buffering off;
  proxy_read_timeout 86400s;
  proxy_send_timeout 86400s;
}

This block lives BEFORE the catch-all location / (which proxies to the Next.js admin on port 47293).

NEXT_PUBLIC_API_URL configuration

Because Socket.io is reached at the same origin as the admin app, the client connects to a relative path:

• Production (apps/admin/.env.production.local): NEXT_PUBLIC_API_URL= (empty — relative)
• Local dev (apps/admin/.env.local): NEXT_PUBLIC_API_URL=http://localhost:3101 (no nginx in dev)

Next.js bakes NEXT_PUBLIC_* vars into the client bundle at build time, so npm run build must run AFTER the env var is set.

Verification

sudo nginx -t
sudo systemctl reload nginx
curl -i 'https://admin.huph.val.id/socket.io/?EIO=4&transport=polling'

Expected: HTTP 200 with body starting 0{"sid":"...","upgrades":["websocket"],...}

A 502 means the API server is not running on port 3101 — start the huph-api docker container or run npm run dev -w apps/api.