Skip to content

NGINX Configuration (Archiv)

Jump to bottom
Andreas edited this page Feb 8, 2025 · 1 revision

We higly suggest nginx Webserver to run the jitsi-admin

This only works with latest Ubuntu where PHP8.2 ist already in the repo

apt install nginx nginx-extras curl php8.2 php8.2-{fpm,common,cli,ldap,curl,mbstring,json,gd,mysqli,xml,gettext,fileinfo,fileinfo,ctype,zip,intl,mcrypt,mysql,sqlite3}

Sample config for your nginx webserver

#/etc/nginx/sites-enabled/jitsi-admin.con
upstream jitsi-admin {
    server unix:/var/run/php8.2-fpm.sock;
}
upstream keycloak {
    server 127.0.0.1:8080;
}


server {
listen 80;

server_name mydomain.com; #replace domain to your domain

root /var/www/jitsi-admin/public;
index index.php;


# Add Headers
add_header X-Frame-Options SAMEORIGIN always;
add_header X-XSS-Protection "1; mode=block" always;
more_set_headers 'Server: unset';
more_set_headers 'x-powered-by: unset';

# Client Configuation
client_max_body_size 10M;


# Default Symfony Location Configuration
location / {
    try_files $uri /index.php$is_args$args;
}

location ~ ^/index\.php(/|$) {
    fastcgi_pass jitsi-admin;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    internal;
}

location ~ \.php$ {
    return 404;
}

location /ws/.well-known/mercure {
    proxy_pass http://127.0.0.1:3000/.well-known/mercure;
    proxy_set_header Host $host;
    proxy_set_header X_Real_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location /ws {
    proxy_pass http://127.0.0.1:3000/ws;
    proxy_set_header Host $host;
    proxy_set_header X_Real_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    proxy_read_timeout 600;
    proxy_connect_timeout 600;
    proxy_send_timeout 600;
}

location /.well-known/mercure {
    proxy_pass http://127.0.0.1:3000/.well-known/mercure;
    proxy_set_header Host $host;
    proxy_set_header X_Real_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_read_timeout 600;
    proxy_connect_timeout 600;
    proxy_send_timeout 600;
}

location /realms{
    gzip off;
    client_max_body_size 256M;
    proxy_read_timeout 360;
    proxy_buffer_size 128k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 256k;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Frame-Options SAMEORIGIN;
    proxy_pass http://keycloak/;
}

}
Clone this wiki locally