diff options
author | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-08-24 15:42:47 +0200 |
commit | 2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch) | |
tree | 0ad148f75f7b54dfed2dbac8f43f6df9badc502a /cluster/prod/app/jitsi/integration/meet/nginx.conf | |
parent | 9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff) | |
download | nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip |
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'cluster/prod/app/jitsi/integration/meet/nginx.conf')
-rw-r--r-- | cluster/prod/app/jitsi/integration/meet/nginx.conf | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/cluster/prod/app/jitsi/integration/meet/nginx.conf b/cluster/prod/app/jitsi/integration/meet/nginx.conf new file mode 100644 index 0000000..16a63f9 --- /dev/null +++ b/cluster/prod/app/jitsi/integration/meet/nginx.conf @@ -0,0 +1,72 @@ +# some doc: https://www.nginx.com/resources/wiki/start/topics/examples/full/ +error_log /dev/stderr; + +events {} + +http { + ## + # Basic Settings + ## + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + + # mimetypes, required by jitsi! + include /etc/nginx/mime.types; + default_type application/octet-stream; + + types { + application/wasm wasm; + } + + ## + # SSL Settings + ## + + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE + ssl_prefer_server_ciphers on; + + ## + # Gzip Settings + ## + gzip on; + + access_log /dev/stdout; + server_names_hash_bucket_size 64; + + server { + listen 0.0.0.0:443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name _; + ssl_certificate /etc/nginx/jitsi.crt; + ssl_certificate_key /etc/nginx/jitsi.key; + root /srv/jitsi-meet; + index index.html; + + # lot of work would be needed to improve location rules + # - in order to allow - and _ in the URL, even space + # - while not shadowing other files (.js and following locations) + # - passed some times twice on the problem, not as easy as it seems + location ~ ^/([a-zA-Z0-9=\?]+)$ { + rewrite ^/(.*)$ / break; + } + location / { + ssi on; + } + + location /external_api.js { + alias /srv/jitsi-meet/libs/external_api.min.js; + } + + location /http-bind { + proxy_pass http://jitsi-xmpp:5280/http-bind; + proxy_set_header X-Forwarded-For \$remote_addr; + proxy_set_header Host \$http_host; + } + + + } +} |