aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app/jitsi/integration/meet/nginx.conf
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
committerAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
commit2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch)
tree0ad148f75f7b54dfed2dbac8f43f6df9badc502a /cluster/prod/app/jitsi/integration/meet/nginx.conf
parent9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff)
downloadnixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz
nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'cluster/prod/app/jitsi/integration/meet/nginx.conf')
-rw-r--r--cluster/prod/app/jitsi/integration/meet/nginx.conf72
1 files changed, 72 insertions, 0 deletions
diff --git a/cluster/prod/app/jitsi/integration/meet/nginx.conf b/cluster/prod/app/jitsi/integration/meet/nginx.conf
new file mode 100644
index 0000000..16a63f9
--- /dev/null
+++ b/cluster/prod/app/jitsi/integration/meet/nginx.conf
@@ -0,0 +1,72 @@
+# some doc: https://www.nginx.com/resources/wiki/start/topics/examples/full/
+error_log /dev/stderr;
+
+events {}
+
+http {
+ ##
+ # Basic Settings
+ ##
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+
+
+ # mimetypes, required by jitsi!
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ types {
+ application/wasm wasm;
+ }
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Gzip Settings
+ ##
+ gzip on;
+
+ access_log /dev/stdout;
+ server_names_hash_bucket_size 64;
+
+ server {
+ listen 0.0.0.0:443 ssl http2 default_server;
+ listen [::]:443 ssl http2 default_server;
+ server_name _;
+ ssl_certificate /etc/nginx/jitsi.crt;
+ ssl_certificate_key /etc/nginx/jitsi.key;
+ root /srv/jitsi-meet;
+ index index.html;
+
+ # lot of work would be needed to improve location rules
+ # - in order to allow - and _ in the URL, even space
+ # - while not shadowing other files (.js and following locations)
+ # - passed some times twice on the problem, not as easy as it seems
+ location ~ ^/([a-zA-Z0-9=\?]+)$ {
+ rewrite ^/(.*)$ / break;
+ }
+ location / {
+ ssi on;
+ }
+
+ location /external_api.js {
+ alias /srv/jitsi-meet/libs/external_api.min.js;
+ }
+
+ location /http-bind {
+ proxy_pass http://jitsi-xmpp:5280/http-bind;
+ proxy_set_header X-Forwarded-For \$remote_addr;
+ proxy_set_header Host \$http_host;
+ }
+
+
+ }
+}