Upgrade jitsi nginx conf to make ADRN happy!

app/jitsi/config/nginx.conf

@@ -7,31 +7,53 @@ http {
   access_log /dev/stdout;
   server_names_hash_bucket_size 64;
 
+  # inspired by https://raw.githubusercontent.com/jitsi/docker-jitsi-meet/master/web/rootfs/defaults/meet.conf
   server {
     listen 0.0.0.0:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server;
     listen [::]:{{ env "NOMAD_PORT_https_port" }} ssl http2 default_server;
+    client_max_body_size 0;
     server_name _;
+
+    # ssi on with javascript for multidomain variables in config.js
+    ssi on;
+    ssi_types application/x-javascript application/javascript;
+
     ssl_certificate /etc/nginx/jitsi.crt;
     ssl_certificate_key /etc/nginx/jitsi.key;
     root /srv/jitsi-meet;
     index index.html;
+    error_page 404 /static/404.html;
 
-    # lot of work would be needed to improve location rules
-    #  - in order to allow - and _ in the URL, even space
-    #  - while not shadowing other files (.js and following locations)
-    #  - passed some times twice on the problem, not as easy as it seems
-    location ~ ^/([a-zA-Z0-9=\?]+)$ {
-        rewrite ^/(.*)$ / break;
-    }
-    location / {
-        ssi on;
+    location = /config.js {
+      alias /srv/jitsi-meet/config.js;
     }
 
-    location /external_api.js {
-        alias /srv/jitsi-meet/libs/external_api.min.js;
+    location = /interface_config.js {
+      alias /srv/jitsi-meet/interface_config.js;
     }
 
-    location /http-bind {
+    location = /external_api.js {
+      alias /srv/jitsi-meet/libs/external_api.min.js;
+    }
+
+    # ensure all static content can always be found first
+    location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
+    {
+      add_header 'Access-Control-Allow-Origin' '*';
+      alias /srv/jitsi-meet/$1/$2;
+    }
+
+    # not used yet VVV
+    # colibri (JVB) websockets
+    #location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) {
+    #  proxy_pass http://$1:9090/colibri-ws/$1/$2$is_args$args;
+    #  proxy_http_version 1.1;
+    #  proxy_set_header Upgrade $http_upgrade;
+    #  proxy_set_header Connection "upgrade";
+    #  tcp_nodelay on;
+    #}
+
+    location = /http-bind {
         # We add CORS to use a different frontend which is useful for load testing as we do not want to advertise too much our URL
         add_header 'Access-Control-Allow-Headers' 'content-type';
         add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS';
@@ -41,6 +63,39 @@ http {
         proxy_set_header Host \$http_host;
     }
 
-    
+    # not used yet VVV
+    # xmpp websockets
+    #location = /xmpp-websocket {
+    #    proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/xmpp-websocket;
+    #    proxy_http_version 1.1;
+    #    proxy_set_header Connection "upgrade";
+    #    proxy_set_header Upgrade $http_upgrade;
+    #    proxy_set_header Host {{ .Env.XMPP_DOMAIN }};
+    #    proxy_set_header X-Forwarded-For $remote_addr;
+    #    tcp_nodelay on;
+    #}
+
+    location ~ ^/([^/?&:'"]+)$ {
+      try_files $uri @root_path;
+    }
+
+    location @root_path {
+      rewrite ^/(.*)$ / break;
+    }
+
+  # Not used yet VVVV
+  # Etherpad-lite
+  # location /etherpad/ {
+  #    proxy_http_version 1.1;
+  #    proxy_set_header Upgrade $http_upgrade;
+  #    proxy_set_header Connection 'upgrade';
+  #    proxy_set_header Host $host;
+  #    proxy_cache_bypass $http_upgrade;
+  #    proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/;
+  #    proxy_set_header X-Forwarded-For $remote_addr;
+  #    proxy_buffering off;
+  #    proxy_set_header Host {{ .Env.XMPP_DOMAIN }};
+  #  }
+
   }
 }