You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
61 lines
1.5 KiB
61 lines
1.5 KiB
5 years ago
|
server {
|
||
|
listen 80;
|
||
|
listen 443 ssl http2;
|
||
|
server_name {{ jitsi_domain }};
|
||
|
|
||
|
ssl_certificate_key {{ jitsi_key_path }};
|
||
|
ssl_certificate {{ jitsi_cert_path }};
|
||
|
|
||
|
include /etc/nginx/ansible_conf.d/perf.inc;
|
||
|
include /etc/nginx/ansible_conf.d/force_ssl.inc;
|
||
|
include /etc/nginx/ansible_conf.d/acme.inc;
|
||
|
|
||
|
if ($request_method !~ ^(GET|POST|HEAD)$ ) {
|
||
|
return 405;
|
||
|
}
|
||
|
|
||
|
add_header Strict-Transport-Security "$hsts_header";
|
||
|
|
||
|
root {{ jitsi_root_dir }}/meet;
|
||
|
index index.html;
|
||
|
location ~ ^/([a-zA-Z0-9=\?]+)$ {
|
||
|
rewrite ^/(.*)$ / break;
|
||
|
}
|
||
|
location / {
|
||
|
ssi on;
|
||
|
}
|
||
|
|
||
|
# BOSH endpoint
|
||
|
location /http-bind {
|
||
|
proxy_socket_keepalive on;
|
||
|
proxy_pass http://localhost:5280/http-bind;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
proxy_set_header Host $http_host;
|
||
|
}
|
||
|
|
||
|
# Websocket endpoint
|
||
|
location /xmpp-websocket {
|
||
|
proxy_pass http://localhost:5280/xmpp-websocket?$args;
|
||
|
proxy_http_version 1.1;
|
||
|
proxy_set_header Upgrade $http_upgrade;
|
||
|
proxy_set_header Connection "upgrade";
|
||
|
proxy_set_header Host $http_host;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
tcp_nodelay on;
|
||
|
}
|
||
|
{% if jitsi_auth == 'sso' %}
|
||
|
|
||
|
# SSO endpoint
|
||
|
location /login {
|
||
|
proxy_pass http://127.0.0.1:8888;
|
||
|
proxy_set_header mail $http_mail;
|
||
|
proxy_set_header displayName $http_displayname;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
proxy_set_header Host $http_host;
|
||
|
|
||
|
# jicofo doesn't add the Content-Type for the redirection page
|
||
|
add_header Content-Type 'text/html';
|
||
|
}
|
||
|
{% endif %}
|
||
|
}
|