Add websocket paths including relay to nginx template (#4573)

[client] fix Windows NRPT Policy Path

client/internal/dns/host_windows.go

@@ -240,15 +240,17 @@ func (r *registryConfigurator) addDNSMatchPolicy(domains []string, ip netip.Addr
 	// if the gpo key is present, we need to put our DNS settings there, otherwise our config might be ignored
 	// see https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gpnrpt/8cc31cb9-20cb-4140-9e85-3e08703b4745
 	for i, domain := range domains {
+		localPath := fmt.Sprintf("%s-%d", dnsPolicyConfigMatchPath, i)
+		gpoPath := fmt.Sprintf("%s-%d", gpoDnsPolicyConfigMatchPath, i)
 
 		singleDomain := []string{domain}
 
-		if err := r.configureDNSPolicy(dnsPolicyConfigMatchPath, singleDomain, ip); err != nil {
+		if err := r.configureDNSPolicy(localPath, singleDomain, ip); err != nil {
 			return i, fmt.Errorf("configure DNS Local policy for domain %s: %w", domain, err)
 		}
 
 		if r.gpo {
-			if err := r.configureDNSPolicy(gpoDnsPolicyConfigMatchPath, singleDomain, ip); err != nil {
+			if err := r.configureDNSPolicy(gpoPath, singleDomain, ip); err != nil {
 				return i, fmt.Errorf("configure gpo DNS policy: %w", err)
 			}
 		}

infrastructure_files/nginx.tmpl.conf

@@ -20,6 +20,10 @@ upstream management {
     # insert the grpc+http port of your management container here
     server 127.0.0.1:8012;
 }
+upstream relay {
+    # insert the port of your relay container here
+    server 127.0.0.1:33080;
+}
 
 server {
     # HTTP server config
@@ -55,6 +59,10 @@ server {
     # Proxy Signal wsproxy endpoint
     location /ws-proxy/signal {
         proxy_pass http://signal;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
     }
     # Proxy Signal
     location /signalexchange.SignalExchange/ {
@@ -71,6 +79,10 @@ server {
     # Proxy Management wsproxy endpoint
     location /ws-proxy/management {
         proxy_pass http://management;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
     }
     # Proxy Management grpc endpoint
     location /management.ManagementService/ {
@@ -80,6 +92,14 @@ server {
         grpc_send_timeout 1d;
         grpc_socket_keepalive on;
     }
+    # Proxy Relay
+    location /relay {
+        proxy_pass http://relay;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+    }
 
     ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
     ssl_certificate_key /etc/ssl/certs/ssl-cert-snakeoil.pem;