# some doc: https://www.nginx.com/resources/wiki/start/topics/examples/full/ error_log /dev/stderr; events {} http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # mimetypes, required by jitsi! include /etc/nginx/mime.types; default_type application/octet-stream; types { application/wasm wasm; } ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Gzip Settings ## gzip on; access_log /dev/stdout; server_names_hash_bucket_size 64; server { listen 0.0.0.0:443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name _; ssl_certificate /etc/nginx/jitsi.crt; ssl_certificate_key /etc/nginx/jitsi.key; root /srv/jitsi-meet; index index.html; # lot of work would be needed to improve location rules # - in order to allow - and _ in the URL, even space # - while not shadowing other files (.js and following locations) # - passed some times twice on the problem, not as easy as it seems location ~ ^/([a-zA-Z0-9=\?]+)$ { rewrite ^/(.*)$ / break; } location / { ssi on; } location /external_api.js { alias /srv/jitsi-meet/libs/external_api.min.js; } location /http-bind { proxy_pass http://jitsi-xmpp:5280/http-bind; proxy_set_header X-Forwarded-For \$remote_addr; proxy_set_header Host \$http_host; } } }