mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-10 02:38:10 +02:00
Kevin Veen-Birkenbach
26a1992d84
Nginx: define 'map $http_upgrade $connection_upgrade' once in http{} and reuse; drop duplicate map from ws_generic vhost; tidy ws location headers/spacing. Nextcloud: add WS location for standalone signaling; render & mount Janus config (NAT 1:1, ICE enforce/ignore lists, libnice hardening); extend CSP (connect-src/frame-src for cloud & collabora, worker-src blob:); disable keeporsweep app; replace nginx reload handler with compose up; add NEXTCLOUD_HOST_JANUS_CONF_PATH and related vars.
Context: https://chatgpt.com/share/68db9f41-16ec-800f-9cdf-7530862f89aa
31 lines
870 B
Django/Jinja
31 lines
870 B
Django/Jinja
server {
|
|
server_name {{ domain }};
|
|
|
|
{% include 'roles/sys-svc-letsencrypt/templates/ssl_header.j2' %}
|
|
|
|
{% include 'roles/sys-front-inj-all/templates/server.conf.j2' %}
|
|
|
|
client_max_body_size {{ client_max_body_size | default('100m') }};
|
|
keepalive_timeout 70;
|
|
sendfile on;
|
|
|
|
gzip on;
|
|
gzip_disable "msie6";
|
|
gzip_vary on;
|
|
gzip_proxied any;
|
|
gzip_comp_level 6;
|
|
gzip_buffers 16 8k;
|
|
gzip_http_version 1.1;
|
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
|
|
|
add_header Strict-Transport-Security "max-age=31536000";
|
|
|
|
{% include 'roles/sys-svc-proxy/templates/location/html.conf.j2' %}
|
|
|
|
{% if location_ws is defined %}
|
|
{% include 'roles/sys-svc-proxy/templates/location/ws.conf.j2' %}
|
|
{% endif %}
|
|
|
|
error_page 500 501 502 503 504 /500.html;
|
|
}
|