Like 0
Fork 0

Last active 1689016119

as a quick example

kris's Avatar kris revised this gist 1689016119. Go to revision

1 file changed, 59 insertions

gistfile1.txt(file created)

@@ -0,0 +1,59 @@
1 + # Reverse proxy of websocket and bosh endpoints from Ejabberd
2 + # Reverse proxy of http_upload for Ejabberd
3 + # Todo: add /admin and /api endpoints
4 +
5 + server {
6 + listen 443 ssl http2;
7 + listen [::]:443 ssl http2;
8 +
9 + server_name xmpp.example.org;
10 +
11 + ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;
12 + ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;
13 + ssl_trusted_certificate /etc/letsencrypt/live/example.org/chain.pem;
14 +
15 +
16 + # Ejabberd BOSH
17 + location /bosh {
18 + proxy_pass http://localhost:5280/bosh;
19 + proxy_set_header Host $host;
20 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
21 + proxy_set_header X-Forwarded-Proto $scheme;
22 + proxy_buffering off;
23 + tcp_nodelay on;
24 + }
25 +
26 + # Ejabberd websocket
27 + location /ws {
28 + proxy_pass http://localhost:5280/ws;
29 + proxy_http_version 1.1;
30 + proxy_set_header Connection "Upgrade";
31 + proxy_set_header Upgrade $http_upgrade;
32 + proxy_set_header Host $host;
33 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
34 + proxy_set_header X-Forwarded-Proto $scheme;
35 + proxy_read_timeout 900s;
36 + }
37 + }
38 +
39 + # http_upload
40 + server {
41 + listen 443 ssl http2;
42 + listen [::]:443 ssl http2;
43 +
44 + server_name uploads.example.org;
45 +
46 + ssl_certificate /etc/letsencrypt/live/uploads.example.org/fullchain.pem;
47 + ssl_certificate_key /etc/letsencrypt/live/uploads.example.org/privkey.pem;
48 + ssl_trusted_certificate /etc/letsencrypt/live/uploads.example.org/chain.pem;
49 +
50 + location /upload {
51 + proxy_pass http://localhost:5280/upload;
52 + proxy_set_header Host "uploads.example.org";
53 + client_max_body_size 110M;
54 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
55 + proxy_set_header X-Forwarded-Proto $scheme;
56 + proxy_buffering off;
57 + tcp_nodelay on;
58 + }
59 + }
Newer Older

Powered by Opengist Load: 19ms

English
HomeLegal