next set of updates

2020-05-26 21:15:31 -07:00
parent 2327d9d6c0
commit 7707eb5865
61 changed files with 43942 additions and 122 deletions
--- a/jails/config/meet/nginx.conf
+++ b/jails/config/meet/nginx.conf
@ -0,0 +1,190 @@
+
+#user  nobody;
+worker_processes  1;
+
+# This default error log path is compiled-in to make sure configuration parsing
+# errors are logged somewhere, especially during unattended boot when stderr
+# isn't normally logged anywhere. This path will be touched on every nginx
+# start regardless of error log location configured here. See
+# https://trac.nginx.org/nginx/ticket/147 for more info. 
+#
+#error_log  /var/log/nginx/error.log;
+#
+
+#pid        logs/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+    #                  '$status $body_bytes_sent "$http_referer" '
+    #                  '"$http_user_agent" "$http_x_forwarded_for"';
+
+    #access_log  logs/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+#    server {
+#        listen       80;
+#        server_name  localhost;
+
+        #charset koi8-r;
+
+        #access_log  logs/host.access.log  main;
+
+#        location / {
+#            root   /usr/local/www/nginx;
+#            index  index.html index.htm;
+#        }
+
+        #error_page  404              /404.html;
+
+        # redirect server error pages to the static page /50x.html
+        #
+#        error_page   500 502 503 504  /50x.html;
+#        location = /50x.html {
+#            root   /usr/local/www/nginx-dist;
+#        }
+
+        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+        #
+        #location ~ \.php$ {
+        #    proxy_pass   http://127.0.0.1;
+        #}
+
+        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+        #
+        #location ~ \.php$ {
+        #    root           html;
+        #    fastcgi_pass   127.0.0.1:9000;
+        #    fastcgi_index  index.php;
+        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+        #    include        fastcgi_params;
+        #}
+
+        # deny access to .htaccess files, if Apache's document root
+        # concurs with nginx's one
+        #
+        #location ~ /\.ht {
+        #    deny  all;
+        #}
+#    }
+
+
+    # another virtual host using mix of IP-, name-, and port-based configuration
+    #
+    #server {
+    #    listen       8000;
+    #    listen       somename:8080;
+    #    server_name  somename  alias  another.alias;
+
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #}
+
+
+    # HTTPS server
+    #
+    #server {
+    #    listen       443 ssl;
+    #    server_name  localhost;
+
+    #    ssl_certificate      cert.pem;
+    #    ssl_certificate_key  cert.key;
+
+    #    ssl_session_cache    shared:SSL:1m;
+    #    ssl_session_timeout  5m;
+
+    #    ssl_ciphers  HIGH:!aNULL:!MD5;
+    #    ssl_prefer_server_ciphers  on;
+
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #}
+
+    server_names_hash_bucket_size 64;
+
+    server {
+	    listen 80 default_server;
+	    listen [::]:80 default_server;
+	    server_name _;
+	    return 301 https://$host$request_uri;
+    }
+
+    server {
+        listen      0.0.0.0:443 ssl http2;
+        listen      [::]:443 ssl http2;
+        server_name meet.ahlawat.com;
+
+        ssl_certificate      /mnt/certs/fullchain.pem;
+        ssl_certificate_key  /mnt/certs/privkey.pem;
+
+        ssl_session_cache    shared:SSL:1m;
+        ssl_session_timeout  5m;
+
+        ssl_ciphers  HIGH:!aNULL:!MD5;
+        ssl_prefer_server_ciphers  on;
+
+        #access_log  logs/host.access.log  main;
+
+        #location /favicon.ico { access_log off; log_not_found off; }
+
+        root /usr/local/www/jitsi-meet;
+        index index.html;
+        location ~ ^/([a-zA-Z0-9=\?]+)$ {
+            rewrite ^/(.*)$ / break;
+        }
+        location / {
+            ssi on;
+        }
+        # BOSH, Bidirectional-streams Over Synchronous HTTP
+        # https://en.wikipedia.org/wiki/BOSH_(protocol)
+        location /http-bind {
+            proxy_pass      http://meet.ahlawat.com:5280/http-bind;
+            proxy_set_header X-Forwarded-For $remote_addr;
+            proxy_set_header Host $http_host;
+        }
+        # external_api.js must be accessible from the root of the
+        # installation for the electron version of Jitsi Meet to work
+        # https://github.com/jitsi/jitsi-meet-electron
+        location /external_api.js {
+            alias /usr/local/www/jitsi-meet/libs/external_api.min.js;
+        }
+
+        # xmpp websockets
+        location /xmpp-websocket {
+            proxy_pass http://meet.ahlawat.com:5280/xmpp-websocket;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_set_header Host $host;
+            tcp_nodelay on;
+        }
+
+        #error_page  404              /404.html;
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   /usr/local/www/nginx-dist;
+        }
+    }
+}