80 lines
2.4 KiB
Plaintext
80 lines
2.4 KiB
Plaintext
|
##WEBSERVER DEFINITIONS FOR ALL MATRIX SERVICES ON LYSERGIC.DEV
|
||
|
|
||
|
##SYNAPSE
|
||
|
server {
|
||
|
listen 202.61.255.116:443 ssl;
|
||
|
listen [2a03:4000:55:d20::]:443 ssl;
|
||
|
|
||
|
# For the federation port
|
||
|
listen 202.61.255.116:8448 ssl default_server;
|
||
|
listen [2a03:4000:55:d20::]:8448 ssl;
|
||
|
listen 192.168.0.115:8448 ssl;
|
||
|
|
||
|
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
|
||
|
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
|
||
|
ssl_session_timeout 1d;
|
||
|
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||
|
ssl_session_tickets off;
|
||
|
|
||
|
ssl_protocols TLSv1.3 TLSv1.2;
|
||
|
ssl_prefer_server_ciphers off;
|
||
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||
|
ssl_stapling on;
|
||
|
ssl_stapling_verify on;
|
||
|
resolver 127.0.0.4;
|
||
|
|
||
|
server_name matrix.lysergic.dev;
|
||
|
|
||
|
location ~* ^(\/_matrix|\/_synapse\/client) {
|
||
|
proxy_pass http://[::1]:8763;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||
|
proxy_set_header Host $host;
|
||
|
client_max_body_size 100M;
|
||
|
}
|
||
|
|
||
|
location /.well-known/matrix/client {
|
||
|
return 200 '{"m.homeserver": {"base_url": "https://matrix.lysergic.dev"}, "m.identity_server": {"base_url": "https://ident.matrix.liberta.casa"}}';
|
||
|
default_type application/json;
|
||
|
add_header Access-Control-Allow-Origin *;
|
||
|
}
|
||
|
|
||
|
location /.well-known/matrix/server {
|
||
|
return 200 '{"m.server": "matrix.lysergic.dev:8448"}';
|
||
|
default_type application/json;
|
||
|
add_header Access-Control-Allow-Origin *;
|
||
|
}
|
||
|
|
||
|
|
||
|
location / {
|
||
|
proxy_pass http://[::1]:8763/;
|
||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||
|
proxy_set_header Host $host;
|
||
|
client_max_body_size 100M;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#ELEMENT
|
||
|
server {
|
||
|
listen 202.61.255.116:443 ssl;
|
||
|
listen [2a03:4000:55:d20::]:443 ssl;
|
||
|
server_name element.lysergic.dev;
|
||
|
|
||
|
root /mnt/gluster01/web/matrix/element-lysergic;
|
||
|
|
||
|
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
|
||
|
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
|
||
|
ssl_session_timeout 1d;
|
||
|
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||
|
ssl_session_tickets off;
|
||
|
|
||
|
ssl_protocols TLSv1.3;
|
||
|
ssl_prefer_server_ciphers off;
|
||
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||
|
ssl_stapling on;
|
||
|
ssl_stapling_verify on;
|
||
|
resolver 127.0.0.4;
|
||
|
}
|
||
|
|