#user nobody; worker_processes 1; # This default error log path is compiled-in to make sure configuration parsing # errors are logged somewhere, especially during unattended boot when stderr # isn't normally logged anywhere. This path will be touched on every nginx # start regardless of error log location configured here. See # https://trac.nginx.org/nginx/ticket/147 for more info. # #error_log /var/log/nginx/error.log; # #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; # server { # listen 80; # server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; # location / { # root /usr/local/www/nginx; # index index.html index.htm; # } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # root /usr/local/www/nginx-dist; # } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} # } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} server_names_hash_bucket_size 64; server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 301 https://$host$request_uri; } server { listen 0.0.0.0:443 ssl http2; listen [::]:443 ssl http2; server_name meet.ahlawat.com; ssl_certificate /mnt/certs/fullchain.pem; ssl_certificate_key /mnt/certs/privkey.pem; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; #access_log logs/host.access.log main; #location /favicon.ico { access_log off; log_not_found off; } root /usr/local/www/jitsi-meet; index index.html; location ~ ^/([a-zA-Z0-9=\?]+)$ { rewrite ^/(.*)$ / break; } location / { ssi on; } # BOSH, Bidirectional-streams Over Synchronous HTTP # https://en.wikipedia.org/wiki/BOSH_(protocol) location /http-bind { proxy_pass http://meet.ahlawat.com:5280/http-bind; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; } # external_api.js must be accessible from the root of the # installation for the electron version of Jitsi Meet to work # https://github.com/jitsi/jitsi-meet-electron location /external_api.js { alias /usr/local/www/jitsi-meet/libs/external_api.min.js; } # xmpp websockets location /xmpp-websocket { proxy_pass http://meet.ahlawat.com:5280/xmpp-websocket; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; tcp_nodelay on; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } } }