"Fossies" - the Fresh Open Source Software Archive

Member "jitsi-meet-7564/doc/debian/jitsi-meet/jitsi-meet.example" (3 Oct 2023, 5906 Bytes) of package /linux/misc/jitsi-meet-7564.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 server_names_hash_bucket_size 64;
    2 
    3 types {
    4 # nginx's default mime.types doesn't include a mapping for wasm or wav.
    5     application/wasm     wasm;
    6     audio/wav            wav;
    7 }
    8 upstream prosody {
    9     zone upstreams 64K;
   10     server 127.0.0.1:5280;
   11     keepalive 2;
   12 }
   13 upstream jvb1 {
   14     zone upstreams 64K;
   15     server 127.0.0.1:9090;
   16     keepalive 2;
   17 }
   18 map $arg_vnode $prosody_node {
   19     default prosody;
   20     v1 v1;
   21     v2 v2;
   22     v3 v3;
   23     v4 v4;
   24     v5 v5;
   25     v6 v6;
   26     v7 v7;
   27     v8 v8;
   28 }
   29 server {
   30     listen 80;
   31     listen [::]:80;
   32     server_name jitsi-meet.example.com;
   33 
   34     location ^~ /.well-known/acme-challenge/ {
   35         default_type "text/plain";
   36         root         /usr/share/jitsi-meet;
   37     }
   38     location = /.well-known/acme-challenge/ {
   39         return 404;
   40     }
   41     location / {
   42         return 301 https://$host$request_uri;
   43     }
   44 }
   45 server {
   46     listen 443 ssl;
   47     listen [::]:443 ssl;
   48     server_name jitsi-meet.example.com;
   49 
   50     # Mozilla Guideline v5.4, nginx 1.17.7, OpenSSL 1.1.1d, intermediate configuration
   51     ssl_protocols TLSv1.2 TLSv1.3;
   52     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
   53     ssl_prefer_server_ciphers off;
   54 
   55     ssl_session_timeout 1d;
   56     ssl_session_cache shared:SSL:10m;  # about 40000 sessions
   57     ssl_session_tickets off;
   58 
   59     add_header Strict-Transport-Security "max-age=63072000" always;
   60     set $prefix "";
   61     set $custom_index "";
   62     set $config_js_location /etc/jitsi/meet/jitsi-meet.example.com-config.js;
   63 
   64     ssl_certificate /etc/jitsi/meet/jitsi-meet.example.com.crt;
   65     ssl_certificate_key /etc/jitsi/meet/jitsi-meet.example.com.key;
   66 
   67     root /usr/share/jitsi-meet;
   68 
   69     # ssi on with javascript for multidomain variables in config.js
   70     ssi on;
   71     ssi_types application/x-javascript application/javascript;
   72 
   73     index index.html index.htm;
   74     error_page 404 /static/404.html;
   75 
   76     gzip on;
   77     gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm;
   78     gzip_vary on;
   79     gzip_proxied no-cache no-store private expired auth;
   80     gzip_min_length 512;
   81 
   82     include /etc/jitsi/meet/jaas/*.conf;
   83 
   84     location = /config.js {
   85         alias $config_js_location;
   86     }
   87 
   88     location = /external_api.js {
   89         alias /usr/share/jitsi-meet/libs/external_api.min.js;
   90     }
   91 
   92     location = /_api/room-info {
   93         proxy_pass http://prosody/room-info?prefix=$prefix&$args;
   94         proxy_http_version 1.1;
   95         proxy_set_header X-Forwarded-For $remote_addr;
   96         proxy_set_header Host $http_host;
   97     }
   98 
   99     location ~ ^/_api/public/(.*)$ {
  100         autoindex off;
  101         alias /etc/jitsi/meet/public/$1;
  102     }
  103 
  104     # ensure all static content can always be found first
  105     location ~ ^/(libs|css|static|images|fonts|lang|sounds|.well-known)/(.*)$
  106     {
  107         add_header 'Access-Control-Allow-Origin' '*';
  108         alias /usr/share/jitsi-meet/$1/$2;
  109 
  110         # cache all versioned files
  111         if ($arg_v) {
  112             expires 1y;
  113         }
  114     }
  115 
  116     # BOSH
  117     location = /http-bind {
  118         proxy_pass http://$prosody_node/http-bind?prefix=$prefix&$args;
  119         proxy_http_version 1.1;
  120         proxy_set_header X-Forwarded-For $remote_addr;
  121         proxy_set_header Host $http_host;
  122         proxy_set_header Connection "";
  123     }
  124 
  125     # xmpp websockets
  126     location = /xmpp-websocket {
  127         proxy_pass http://$prosody_node/xmpp-websocket?prefix=$prefix&$args;
  128         proxy_http_version 1.1;
  129         proxy_set_header Upgrade $http_upgrade;
  130         proxy_set_header Connection "upgrade";
  131         proxy_set_header Host $http_host;
  132         tcp_nodelay on;
  133     }
  134 
  135     # colibri (JVB) websockets for jvb1
  136     location ~ ^/colibri-ws/default-id/(.*) {
  137         proxy_pass http://jvb1/colibri-ws/default-id/$1$is_args$args;
  138         proxy_http_version 1.1;
  139         proxy_set_header Upgrade $http_upgrade;
  140         proxy_set_header Connection "upgrade";
  141         tcp_nodelay on;
  142     }
  143 
  144     # load test minimal client, uncomment when used
  145     #location ~ ^/_load-test/([^/?&:'"]+)$ {
  146     #    rewrite ^/_load-test/(.*)$ /load-test/index.html break;
  147     #}
  148     #location ~ ^/_load-test/libs/(.*)$ {
  149     #    add_header 'Access-Control-Allow-Origin' '*';
  150     #    alias /usr/share/jitsi-meet/load-test/libs/$1;
  151     #}
  152 
  153     location ~ ^/([^/?&:'"]+)$ {
  154         set $roomname "$1";
  155         try_files $uri @root_path;
  156     }
  157 
  158     location @root_path {
  159         rewrite ^/(.*)$ /$custom_index break;
  160     }
  161 
  162     location ~ ^/([^/?&:'"]+)/config.js$
  163     {
  164         set $subdomain "$1.";
  165         set $subdir "$1/";
  166 
  167         alias $config_js_location;
  168     }
  169 
  170     # Matches /(TENANT)/pwa-worker.js or /(TENANT)/manifest.json to rewrite to / and look for file
  171     location ~ ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ {
  172         set $subdomain "$1.";
  173         set $subdir "$1/";
  174         rewrite ^/([^/?&:'"]+)/(pwa-worker.js|manifest.json)$ /$2;
  175     }
  176 
  177     # BOSH for subdomains
  178     location ~ ^/([^/?&:'"]+)/http-bind {
  179         set $subdomain "$1.";
  180         set $subdir "$1/";
  181         set $prefix "$1";
  182 
  183         rewrite ^/(.*)$ /http-bind;
  184     }
  185 
  186     # websockets for subdomains
  187     location ~ ^/([^/?&:'"]+)/xmpp-websocket {
  188         set $subdomain "$1.";
  189         set $subdir "$1/";
  190         set $prefix "$1";
  191 
  192         rewrite ^/(.*)$ /xmpp-websocket;
  193     }
  194 
  195     location ~ ^/([^/?&:'"]+)/_api/room-info {
  196         set $subdomain "$1.";
  197         set $subdir "$1/";
  198         set $prefix "$1";
  199 
  200         rewrite ^/(.*)$ /_api/room-info;
  201     }
  202 
  203     # Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
  204     location ~ ^/([^/?&:'"]+)/(.*)$ {
  205         set $subdomain "$1.";
  206         set $subdir "$1/";
  207         rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
  208     }
  209 }