worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; types { application/wasm wasm; } sendfile on; keepalive_timeout 65; server { listen 80 default_server; server_name _; return 301 https://$host$request_uri; } server { listen 0.0.0.0:443 ssl http2; http2_push_preload on; ssl_certificate jitsi.example.com.crt; ssl_certificate_key jitsi.example.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; ssl_early_data on; server_name jitsi.example.com; root %%LOCALBASE%%/www/jitsi-meet; index index.html; location ~ ^/([a-zA-Z0-9=\?\-])+$ { rewrite ^/(.*)$ / break; } location / { ssi on; } # BOSH, Bidirectional-streams Over Synchronous HTTP # https://en.wikipedia.org/wiki/BOSH_(protocol) location = /http-bind { proxy_pass http://localhost:5280/http-bind; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; } location ~ ^/colibri-ws/default-id/(.*) { proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; tcp_nodelay on; } # external_api.js must be accessible from the root of the # installation for the electron version of Jitsi Meet to work # https://github.com/jitsi/jitsi-meet-electron location /external_api.js { alias /srv/jitsi-meet/libs/external_api.min.js; } } }