ArcticFoxes-Synapse-Docker-.../swag/nginx/proxy-confs/synapse.subdomain.conf

68 lines
2.3 KiB
Plaintext

# Version 2022/10/04
server {
listen 443 ssl;
listen [::]:443 ssl;
# For the federation port
listen 8448 ssl;
listen [::]:8448 ssl;
server_name matrix.*;
include /config/nginx/ssl.conf;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
# Uncomment the following block if you want Mjolnir to recieve reports instead of Synapse.
#location ~ ^/_matrix/client/r0/rooms/([^/]*)/report/(.*)$ {
# Abuse reports should be sent to Mjölnir.
# Add CORS, otherwise a browser will refuse this request.
#add_header 'Access-Control-Allow-Credentials' 'true' always;
#add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
#add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since' always;
#add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
#add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days
# Alias the regexps, to ensure that they're not rewritten.
#set $room_id $1;
#set $event_id $2;
#proxy_pass http://mjolnir:8081/api/1/report/$room_id/$event_id;
#}
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app synapse;
set $upstream_port 8008;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
location /.well-known/matrix/client {
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
}
}