diff --git a/Dockerfile b/Dockerfile
index bd3c8d9a..37e09bff 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,5 +14,9 @@ ENV BIGCHAINDB_CONFIG_PATH /data/.bigchaindb
ENV BIGCHAINDB_SERVER_BIND 0.0.0.0:9984
ENV BIGCHAINDB_WSSERVER_HOST 0.0.0.0
ENV BIGCHAINDB_WSSERVER_SCHEME ws
+
+ENV BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME ws
+ENV BIGCHAINDB_WSSERVER_ADVERTISED_HOST 0.0.0.0
+ENV BIGCHAINDB_WSSERVER_ADVERTISED_PORT 9985
ENTRYPOINT ["bigchaindb"]
CMD ["start"]
diff --git a/Dockerfile-dev b/Dockerfile-dev
index 8241346f..8e27c902 100644
--- a/Dockerfile-dev
+++ b/Dockerfile-dev
@@ -12,6 +12,9 @@ ENV BIGCHAINDB_SERVER_BIND 0.0.0.0:9984
ENV BIGCHAINDB_WSSERVER_HOST 0.0.0.0
ENV BIGCHAINDB_WSSERVER_SCHEME ws
+ENV BIGCHAINDB_WSSERVER_ADVERTISED_HOST 0.0.0.0
+ENV BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME ws
+
ARG backend
RUN mkdir -p /usr/src/app
diff --git a/bigchaindb/__init__.py b/bigchaindb/__init__.py
index 1bef9c17..4fa1df02 100644
--- a/bigchaindb/__init__.py
+++ b/bigchaindb/__init__.py
@@ -72,6 +72,9 @@ config = {
'scheme': os.environ.get('BIGCHAINDB_WSSERVER_SCHEME') or 'ws',
'host': os.environ.get('BIGCHAINDB_WSSERVER_HOST') or 'localhost',
'port': int(os.environ.get('BIGCHAINDB_WSSERVER_PORT', 9985)),
+ 'advertised_scheme': os.environ.get('BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME') or 'ws',
+ 'advertised_host': os.environ.get('BIGCHAINDB_WSSERVER_ADVERTISED_HOST') or 'localhost',
+ 'advertised_port': int(os.environ.get('BIGCHAINDB_WSSERVER_ADVERTISED_PORT', 9985)),
},
'database': _database_map[
os.environ.get('BIGCHAINDB_DATABASE_BACKEND', 'rethinkdb')
diff --git a/bigchaindb/web/views/base.py b/bigchaindb/web/views/base.py
index 107b025c..4e7cf8fc 100644
--- a/bigchaindb/web/views/base.py
+++ b/bigchaindb/web/views/base.py
@@ -27,8 +27,13 @@ def make_error(status_code, message=None):
def base_ws_uri():
- """Base websocket uri."""
- scheme = config['wsserver']['scheme']
- host = config['wsserver']['host']
- port = config['wsserver']['port']
+ """Base websocket URL that is advertised to external clients.
+
+ Useful when the websocket URL advertised to the clients needs to be
+ customized (typically when running behind NAT, firewall, etc.)
+ """
+
+ scheme = config['wsserver']['advertised_scheme']
+ host = config['wsserver']['advertised_host']
+ port = config['wsserver']['advertised_port']
return '{}://{}:{}'.format(scheme, host, port)
diff --git a/docs/server/source/server-reference/configuration.md b/docs/server/source/server-reference/configuration.md
index 943ff7bd..c4b3f0ef 100644
--- a/docs/server/source/server-reference/configuration.md
+++ b/docs/server/source/server-reference/configuration.md
@@ -24,6 +24,9 @@ For convenience, here's a list of all the relevant environment variables (docume
`BIGCHAINDB_WSSERVER_SCHEME`
`BIGCHAINDB_WSSERVER_HOST`
`BIGCHAINDB_WSSERVER_PORT`
+`BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME`
+`BIGCHAINDB_WSSERVER_ADVERTISED_HOST`
+`BIGCHAINDB_WSSERVER_ADVERTISED_PORT`
`BIGCHAINDB_CONFIG_PATH`
`BIGCHAINDB_BACKLOG_REASSIGN_DELAY`
`BIGCHAINDB_LOG`
@@ -248,6 +251,38 @@ export BIGCHAINDB_WSSERVER_PORT=9985
}
```
+## wsserver.advertised_scheme, wsserver.advertised_host and wsserver.advertised_port
+
+These settings are for the advertising the Websocket URL to external clients in
+the root API endpoint. These configurations might be useful if your deployment
+is hosted behind a firewall, NAT, etc. where the exposed public IP or domain is
+different from where BigchainDB is running.
+
+**Example using environment variables**
+```text
+export BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME=wss
+export BIGCHAINDB_WSSERVER_ADVERTISED_HOST=mybigchaindb.com
+export BIGCHAINDB_WSSERVER_ADVERTISED_PORT=443
+```
+
+**Example config file snippet**
+```js
+"wsserver": {
+ "advertised_scheme": "wss",
+ "advertised_host": "mybigchaindb.com",
+ "advertised_port": 443
+}
+```
+
+**Default values (from a config file)**
+```js
+"wsserver": {
+ "advertised_scheme": "ws",
+ "advertised_host": "localhost",
+ "advertised_port": 9985
+}
+```
+
## backlog_reassign_delay
Specifies how long, in seconds, transactions can remain in the backlog before being reassigned. Long-waiting transactions must be reassigned because the assigned node may no longer be responsive. The default duration is 120 seconds.
diff --git a/tests/conftest.py b/tests/conftest.py
index 2ea8d063..b930e4ec 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -490,17 +490,17 @@ def wsserver_config():
@pytest.fixture
def wsserver_scheme(wsserver_config):
- return wsserver_config['scheme']
+ return wsserver_config['advertised_scheme']
@pytest.fixture
def wsserver_host(wsserver_config):
- return wsserver_config['host']
+ return wsserver_config['advertised_host']
@pytest.fixture
def wsserver_port(wsserver_config):
- return wsserver_config['port']
+ return wsserver_config['advertised_port']
@pytest.fixture
diff --git a/tests/test_config_utils.py b/tests/test_config_utils.py
index 72f09039..a513a231 100644
--- a/tests/test_config_utils.py
+++ b/tests/test_config_utils.py
@@ -150,6 +150,9 @@ def test_autoconfigure_read_both_from_file_and_env(monkeypatch, request, certs_d
WSSERVER_SCHEME = 'ws'
WSSERVER_HOST = '1.2.3.4'
WSSERVER_PORT = 57
+ WSSERVER_ADVERTISED_SCHEME = 'wss'
+ WSSERVER_ADVERTISED_HOST = 'a.b.c.d'
+ WSSERVER_ADVERTISED_PORT = 89
KEYRING = 'pubkey_0:pubkey_1:pubkey_2'
LOG_FILE = '/somewhere/something.log'
@@ -173,6 +176,9 @@ def test_autoconfigure_read_both_from_file_and_env(monkeypatch, request, certs_d
'BIGCHAINDB_WSSERVER_SCHEME': WSSERVER_SCHEME,
'BIGCHAINDB_WSSERVER_HOST': WSSERVER_HOST,
'BIGCHAINDB_WSSERVER_PORT': WSSERVER_PORT,
+ 'BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME': WSSERVER_ADVERTISED_SCHEME,
+ 'BIGCHAINDB_WSSERVER_ADVERTISED_HOST': WSSERVER_ADVERTISED_HOST,
+ 'BIGCHAINDB_WSSERVER_ADVERTISED_PORT': WSSERVER_ADVERTISED_PORT,
'BIGCHAINDB_KEYRING': KEYRING,
'BIGCHAINDB_LOG_FILE': LOG_FILE,
'BIGCHAINDB_DATABASE_CA_CERT': certs_dir + '/ca.crt',
@@ -188,6 +194,9 @@ def test_autoconfigure_read_both_from_file_and_env(monkeypatch, request, certs_d
'BIGCHAINDB_WSSERVER_SCHEME': WSSERVER_SCHEME,
'BIGCHAINDB_WSSERVER_HOST': WSSERVER_HOST,
'BIGCHAINDB_WSSERVER_PORT': WSSERVER_PORT,
+ 'BIGCHAINDB_WSSERVER_ADVERTISED_SCHEME': WSSERVER_ADVERTISED_SCHEME,
+ 'BIGCHAINDB_WSSERVER_ADVERTISED_HOST': WSSERVER_ADVERTISED_HOST,
+ 'BIGCHAINDB_WSSERVER_ADVERTISED_PORT': WSSERVER_ADVERTISED_PORT,
'BIGCHAINDB_KEYRING': KEYRING,
'BIGCHAINDB_LOG_FILE': LOG_FILE})
@@ -261,6 +270,9 @@ def test_autoconfigure_read_both_from_file_and_env(monkeypatch, request, certs_d
'scheme': WSSERVER_SCHEME,
'host': WSSERVER_HOST,
'port': WSSERVER_PORT,
+ 'advertised_scheme': WSSERVER_ADVERTISED_SCHEME,
+ 'advertised_host': WSSERVER_ADVERTISED_HOST,
+ 'advertised_port': WSSERVER_ADVERTISED_PORT,
},
'database': database,
'keypair': {