"Fossies" - the Fresh Open Source Software Archive 
Member "jitsi-meet-7564/doc/debian/jitsi-meet/jitsi-meet.example" (3 Oct 2023, 5906 Bytes) of package /linux/misc/jitsi-meet-7564.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
1 server_names_hash_bucket_size 64;
2
3 types {
4 # nginx's default mime.types doesn't include a mapping for wasm or wav.
5 application/wasm wasm;
6 audio/wav wav;
7 }
8 upstream prosody {
9 zone upstreams 64K;
10 server 127.0.0.1:5280;
11 keepalive 2;
12 }
13 upstream jvb1 {
14 zone upstreams 64K;
15 server 127.0.0.1:9090;
16 keepalive 2;
17 }
18 map $arg_vnode $prosody_node {
19 default prosody;
20 v1 v1;
21 v2 v2;
22 v3 v3;
23 v4 v4;
24 v5 v5;
25 v6 v6;
26 v7 v7;
27 v8 v8;
28 }
29 server {
30 listen 80;
31 listen [::]:80;
32 server_name jitsi-meet.example.com;
33
34 location ^~ /.well-known/acme-challenge/ {
35 default_type "text/plain";
36 root /usr/share/jitsi-meet;
37 }
38 location = /.well-known/acme-challenge/ {
39 return 404;
40 }
41 location / {
42 return 301 https://$host$request_uri;
43 }
44 }
45 server {
46 listen 443 ssl;
47 listen [::]:443 ssl;
48 server_name jitsi-meet.example.com;
49
50 # Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
51 ssl_protocols TLSv1.2 TLSv1.3;
52 ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
53 ssl_prefer_server_ciphers off;
54
55 ssl_session_timeout 1d;
56 ssl_session_cache shared:SSL:10m; # about 40000 sessions
57 ssl_session_tickets off;
58
59 add_header Strict-Transport-Security "max-age=63072000" always;
60 set $prefix "";
61 set $custom_index "";
62 set $config_js_location /etc/jitsi/meet/jitsi-meet.example.com-config.js;
63
64 ssl_certificate /etc/jitsi/meet/jitsi-meet.example.com.crt;
65 ssl_certificate_key /etc/jitsi/meet/jitsi-meet.example.com.key;
66
67 root /usr/share/jitsi-meet;
68
69 # ssi on with javascript for multidomain variables in config.js
70 ssi on;
71 ssi_types application/x-javascript application/javascript;
72
73 index index.html index.htm;
74 error_page 404 /static/404.html;
75
76 gzip on;
77 gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm;
78 gzip_vary on;
79 gzip_proxied no-cache no-store private expired auth;
80 gzip_min_length 512;
81
82 include /etc/jitsi/meet/jaas/*.conf;
83
84 location = /config.js {
85 alias $config_js_location;
86 }
87
88 location = /external_api.js {
89 alias /usr/share/jitsi-meet/libs/external_api.min.js;
90 }
91
92 location = /_api/room-info {
93 proxy_pass http://prosody/room-info?prefix=$prefix&$args;
94 proxy_http_version 1.1;
95 proxy_set_header X-Forwarded-For $remote_addr;
96 proxy_set_header Host $http_host;
97 }
98
99 location ~ ^/_api/public/(.*)$ {
100 autoindex off;
101 alias /etc/jitsi/meet/public/$1;
102 }
103
104 # ensure all static content can always be found first
105 location ~ ^/(libs|css|static|images|fonts|lang|sounds|.well-known)/(.*)$
106 {
107 add_header 'Access-Control-Allow-Origin' '*';
108 alias /usr/share/jitsi-meet/$1/$2;
109
110 # cache all versioned files
111 if ($arg_v) {
112 expires 1y;
113 }
114 }
115
116 # BOSH
117 location = /http-bind {
118 proxy_pass http://$prosody_node/http-bind?prefix=$prefix&$args;
119 proxy_http_version 1.1;
120 proxy_set_header X-Forwarded-For $remote_addr;
121 proxy_set_header Host $http_host;
122 proxy_set_header Connection "";
123 }
124
125 # xmpp websockets
126 location = /xmpp-websocket {
127 proxy_pass http://$prosody_node/xmpp-websocket?prefix=$prefix&$args;
128 proxy_http_version 1.1;
129 proxy_set_header Upgrade $http_upgrade;
130 proxy_set_header Connection "upgrade";
131 proxy_set_header Host $http_host;
132 tcp_nodelay on;
133 }
134
135 # colibri (JVB) websockets for jvb1
136 location ~ ^/colibri-ws/default-id/(.*) {
137 proxy_pass http://jvb1/colibri-ws/default-id/$1$is_args$args;
138 proxy_http_version 1.1;
139 proxy_set_header Upgrade $http_upgrade;
140 proxy_set_header Connection "upgrade";
141 tcp_nodelay on;
142 }
143
144 # load test minimal client, uncomment when used
145 #location ~ ^/_load-test/([^/?&:'"]+)$ {
146 # rewrite ^/_load-test/(.*)$ /load-test/index.html break;
147 #}
148 #location ~ ^/_load-test/libs/(.*)$ {
149 # add_header 'Access-Control-Allow-Origin' '*';
150 # alias /usr/share/jitsi-meet/load-test/libs/$1;
151 #}
152
153 location ~ ^/([^/?&:'"]+)$ {
154 set $roomname "$1";
155 try_files $uri @root_path;
156 }
157
158 location @root_path {
159 rewrite ^/(.*)$ /$custom_index break;
160 }
161
162 location ~ ^/([^/?&:'"]+)/config.js$
163 {
164 set $subdomain "$1.";
165 set $subdir "$1/";
166
167 alias $config_js_location;
168 }
169
170 # Matches /(TENANT)/pwa-worker.js or /(TENANT)/manifest.json to rewrite to / and look for file
171 location ~ ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ {
172 set $subdomain "$1.";
173 set $subdir "$1/";
174 rewrite ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ /$2;
175 }
176
177 # BOSH for subdomains
178 location ~ ^/([^/?&:'"]+)/http-bind {
179 set $subdomain "$1.";
180 set $subdir "$1/";
181 set $prefix "$1";
182
183 rewrite ^/(.*)$ /http-bind;
184 }
185
186 # websockets for subdomains
187 location ~ ^/([^/?&:'"]+)/xmpp-websocket {
188 set $subdomain "$1.";
189 set $subdir "$1/";
190 set $prefix "$1";
191
192 rewrite ^/(.*)$ /xmpp-websocket;
193 }
194
195 location ~ ^/([^/?&:'"]+)/_api/room-info {
196 set $subdomain "$1.";
197 set $subdir "$1/";
198 set $prefix "$1";
199
200 rewrite ^/(.*)$ /_api/room-info;
201 }
202
203 # Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
204 location ~ ^/([^/?&:'"]+)/(.*)$ {
205 set $subdomain "$1.";
206 set $subdir "$1/";
207 rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
208 }
209 }