server_name _; client_max_body_size 0; root /usr/share/jitsi-meet; # ssi on with javascript for multidomain variables in config.js ssi on; ssi_types application/x-javascript application/javascript; index index.html index.htm; error_page 404 /static/404.html; # Security headers add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; location = /config.js { alias /config/config.js; } location = /interface_config.js { alias /config/interface_config.js; } location = /external_api.js { alias /usr/share/jitsi-meet/libs/external_api.min.js; } # ensure all static content can always be found first location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ { add_header 'Access-Control-Allow-Origin' '*'; alias /usr/share/jitsi-meet/$1/$2; } # colibri (JVB) websockets location ~ ^/colibri-ws/default-id/(.*) { proxy_pass http://jvb.meet.jitsi:9090/colibri-ws/default-id/$1$is_args$args; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; tcp_nodelay on; } # BOSH location = /http-bind { proxy_pass {{ .Env.XMPP_BOSH_URL_BASE }}/http-bind; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; } location ~ ^/([^/?&:'"]+)$ { try_files $uri @root_path; } location @root_path { rewrite ^/(.*)$ / break; } {{ if .Env.ETHERPAD_URL_BASE }} # Etherpad-lite location /etherpad/ { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_pass {{ .Env.ETHERPAD_URL_BASE }}/; proxy_set_header X-Forwarded-For $remote_addr; proxy_buffering off; proxy_set_header Host {{ .Env.XMPP_DOMAIN }}; } {{ end }}