aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/jitsi/config/nginx.conf79
1 files changed, 67 insertions, 12 deletions
diff --git a/app/jitsi/config/nginx.conf b/app/jitsi/config/nginx.conf
index 12cca4a..b1e201f 100644
--- a/app/jitsi/config/nginx.conf
+++ b/app/jitsi/config/nginx.conf
@@ -7,31 +7,53 @@ http {
access_log /dev/stdout;
server_names_hash_bucket_size 64;
+ # inspired by https://raw.githubusercontent.com/jitsi/docker-jitsi-meet/master/web/rootfs/defaults/meet.conf
server {
listen 0.0.0.0:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server;
listen [::]:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server;
+ client_max_body_size 0;
server_name _;
+
+ # ssi on with javascript for multidomain variables in config.js
+ ssi on;
+ ssi_types application/x-javascript application/javascript;
+
ssl_certificate /etc/nginx/jitsi.crt;
ssl_certificate_key /etc/nginx/jitsi.key;
root /srv/jitsi-meet;
index index.html;
+ error_page 404 /static/404.html;
+
+ location = /config.js {
+ alias /srv/jitsi-meet/config.js;
+ }
- # lot of work would be needed to improve location rules
- # - in order to allow - and _ in the URL, even space
- # - while not shadowing other files (.js and following locations)
- # - passed some times twice on the problem, not as easy as it seems
- location ~ ^/([a-zA-Z0-9=\?]+)$ {
- rewrite ^/(.*)$ / break;
+ location = /interface_config.js {
+ alias /srv/jitsi-meet/interface_config.js;
}
- location / {
- ssi on;
+
+ location = /external_api.js {
+ alias /srv/jitsi-meet/libs/external_api.min.js;
}
- location /external_api.js {
- alias /srv/jitsi-meet/libs/external_api.min.js;
+ # ensure all static content can always be found first
+ location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
+ {
+ add_header 'Access-Control-Allow-Origin' '*';
+ alias /srv/jitsi-meet/$1/$2;
}
- location /http-bind {
+ # not used yet VVV
+ # colibri (JVB) websockets
+ #location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) {
+ # proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args;
+ # proxy_http_version 1.1;
+ # proxy_set_header Upgrade $http_upgrade;
+ # proxy_set_header Connection "upgrade";
+ # tcp_nodelay on;
+ #}
+
+ location = /http-bind {
# We add CORS to use a different frontend which is useful for load testing as we do not want to advertise too much our URL
add_header 'Access-Control-Allow-Headers' 'content-type';
add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS';
@@ -41,6 +63,39 @@ http {
proxy_set_header Host \$http_host;
}
-
+ # not used yet VVV
+ # xmpp websockets
+ #location = /xmpp-websocket {
+ # proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/xmpp-websocket;
+ # proxy_http_version 1.1;
+ # proxy_set_header Connection "upgrade";
+ # proxy_set_header Upgrade $http_upgrade;
+ # proxy_set_header Host {{ .Env.XMPP_DOMAIN }};
+ # proxy_set_header X-Forwarded-For $remote_addr;
+ # tcp_nodelay on;
+ #}
+
+ location ~ ^/([^/?&:'"]+)$ {
+ try_files $uri @root_path;
+ }
+
+ location @root_path {
+ rewrite ^/(.*)$ / break;
+ }
+
+ # Not used yet VVVV
+ # Etherpad-lite
+ # location /etherpad/ {
+ # proxy_http_version 1.1;
+ # proxy_set_header Upgrade $http_upgrade;
+ # proxy_set_header Connection 'upgrade';
+ # proxy_set_header Host $host;
+ # proxy_cache_bypass $http_upgrade;
+ # proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/;
+ # proxy_set_header X-Forwarded-For $remote_addr;
+ # proxy_buffering off;
+ # proxy_set_header Host {{ .Env.XMPP_DOMAIN }};
+ # }
+
}
}