diff options
Diffstat (limited to 'files/nginx_conf.j2')
| -rw-r--r-- | files/nginx_conf.j2 | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/files/nginx_conf.j2 b/files/nginx_conf.j2 index fbddce8..da4222d 100644 --- a/files/nginx_conf.j2 +++ b/files/nginx_conf.j2 @@ -29,3 +29,54 @@ server { return 301 https://$host$request_uri; } + +{% if anonymous_login %} + +server { + listen 443 ssl; + listen [::]:443; + + ssl_certificate /etc/prosody/certs/{{ virtual_host }}.crt; + ssl_certificate_key /etc/prosody/certs/{{ virtual_host }}.key; + + server_name anon.{{ virtual_host }}; + + location / { + proxy_pass https://localhost:5281; + proxy_set_header Host "anon.{{ virtual_host }}"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_buffering off; + tcp_nodelay on; + } + + location /http-bind { + proxy_pass https://localhost:5281; + proxy_set_header Host "anon.{{ virtual_host }}"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_buffering off; + tcp_nodelay on; + } + + location /.well-known/host-meta { + add_header Access-Control-Allow-Origin * always; + return 200 "<?xml version='1.0' encoding='utf-8'?> +<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> + <Link rel='urn:xmpp:alt-connections:xbosh' + href='https://anon.{{ virtual_host }}/http-bind' /> +</XRD> +"; + } +} + +server { + listen 80; + listen [::]:80; + + server_name anon.{{ virtual_host }}; + + return 301 https://$host$request_uri; +} + +{% endif %} |