# Version 2022/10/04 server { listen 443 ssl; listen [::]:443 ssl; # For the federation port listen 8448 ssl; listen [::]:8448 ssl; server_name matrix.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; # enable for Authelia #include /config/nginx/authelia-server.conf; # Uncomment the following block if you want Mjolnir to recieve reports instead of Synapse. #location ~ ^/_matrix/client/r0/rooms/([^/]*)/report/(.*)$ { # Abuse reports should be sent to Mjölnir. # Add CORS, otherwise a browser will refuse this request. #add_header 'Access-Control-Allow-Credentials' 'true' always; #add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; #add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since' always; #add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; #add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days # Alias the regexps, to ensure that they're not rewritten. #set $room_id $1; #set $event_id $2; #proxy_pass http://mjolnir:8081/api/1/report/$room_id/$event_id; #} location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /ldaplogin; # enable for Authelia #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synapse; set $upstream_port 8008; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; location /.well-known/matrix/client { default_type application/json; add_header Access-Control-Allow-Origin *; } } }