2019-02-09 00:53:57 +08:00
|
|
|
# Handle request to bbb-web running within a SpringBoot Tomcat embedded servlet container. This is for BBB-API and Presentation.
|
2017-09-19 02:25:00 +08:00
|
|
|
location /bigbluebutton {
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
|
|
|
|
location /bigbluebutton {
|
2019-02-10 00:36:27 +08:00
|
|
|
proxy_pass http://127.0.0.1:8090;
|
2017-09-19 02:25:00 +08:00
|
|
|
proxy_redirect default;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
2021-11-21 05:45:08 +08:00
|
|
|
# Workaround IE refusal to set cookies in iframe
|
|
|
|
add_header P3P 'CP="No P3P policy available"';
|
2017-09-19 02:25:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
location ~ "^\/bigbluebutton\/presentation\/(?<prestoken>[a-zA-Z0-9_-]+)/upload$" {
|
2021-11-21 05:45:08 +08:00
|
|
|
proxy_pass http://127.0.0.1:8090;
|
2017-09-19 02:25:00 +08:00
|
|
|
proxy_redirect default;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
|
|
|
# Workaround IE refusal to set cookies in iframe
|
2021-11-21 05:45:08 +08:00
|
|
|
add_header P3P 'CP="No P3P policy available"';
|
2017-09-19 02:25:00 +08:00
|
|
|
|
2021-04-10 02:41:19 +08:00
|
|
|
# high limit for presentation as bbb-web will reject upload if larger than configured
|
|
|
|
client_max_body_size 1000m;
|
2017-09-19 02:25:00 +08:00
|
|
|
client_body_buffer_size 128k;
|
|
|
|
|
|
|
|
proxy_connect_timeout 90;
|
|
|
|
proxy_send_timeout 90;
|
|
|
|
proxy_read_timeout 90;
|
|
|
|
|
|
|
|
proxy_buffer_size 4k;
|
|
|
|
proxy_buffers 4 32k;
|
|
|
|
proxy_busy_buffers_size 64k;
|
|
|
|
proxy_temp_file_write_size 64k;
|
|
|
|
|
|
|
|
include fastcgi_params;
|
|
|
|
|
|
|
|
proxy_request_buffering off;
|
|
|
|
|
|
|
|
# Send a sub-request to allow bbb-web to refuse before loading
|
2021-04-10 02:41:19 +08:00
|
|
|
# If file is larger than configured bbb-web will return with code 403 and Header: x-file-too-large = 1
|
|
|
|
auth_request /bigbluebutton/presentation/checkPresentation;
|
|
|
|
error_page 403 = @error403;
|
|
|
|
auth_request_set $file_too_large_header $upstream_http_x_file_too_large;
|
2017-09-19 02:25:00 +08:00
|
|
|
|
|
|
|
}
|
|
|
|
|
2020-04-10 02:40:33 +08:00
|
|
|
location /bigbluebutton/presentation/download {
|
|
|
|
return 404;
|
|
|
|
}
|
|
|
|
|
|
|
|
location ~ "^/bigbluebutton/presentation/download\/[0-9a-f]+-[0-9]+/[0-9a-f]+-[0-9]+$" {
|
|
|
|
if ($arg_presFilename !~ "^[0-9a-f]+-[0-9]+\.[0-9a-zA-Z]+$") {
|
|
|
|
return 404;
|
|
|
|
}
|
|
|
|
proxy_pass http://127.0.0.1:8090$uri$is_args$args;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
# Workaround IE refusal to set cookies in iframe
|
|
|
|
add_header P3P 'CP="No P3P policy available"';
|
|
|
|
}
|
|
|
|
|
2017-09-19 02:25:00 +08:00
|
|
|
location = /bigbluebutton/presentation/checkPresentation {
|
2019-02-10 00:36:27 +08:00
|
|
|
proxy_pass http://127.0.0.1:8090;
|
2017-09-19 02:25:00 +08:00
|
|
|
proxy_redirect default;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
|
|
|
proxy_set_header X-Presentation-Token $prestoken;
|
|
|
|
proxy_set_header X-Original-URI $request_uri;
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
proxy_set_header X-Original-Content-Length $http_content_length;
|
2022-07-28 04:59:40 +08:00
|
|
|
proxy_set_header X-Original-Method $request_method;
|
2017-09-19 02:25:00 +08:00
|
|
|
|
2021-04-10 02:41:19 +08:00
|
|
|
# high limit for presentation as bbb-web will reject upload if larger than configured
|
|
|
|
client_max_body_size 1000m;
|
2017-09-19 02:25:00 +08:00
|
|
|
client_body_buffer_size 128k;
|
|
|
|
|
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_request_buffering off;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2019-01-08 00:54:37 +08:00
|
|
|
# To check connection authentication, include:
|
|
|
|
# auth_request /bigbluebutton/connection/checkAuthorization;
|
|
|
|
# auth_request_set $auth_status $upstream_status;
|
|
|
|
#
|
|
|
|
# and make sure to add sessionToken param in the request URI
|
|
|
|
location = /bigbluebutton/connection/checkAuthorization {
|
|
|
|
internal;
|
2019-02-10 00:36:27 +08:00
|
|
|
proxy_pass http://127.0.0.1:8090;
|
2019-01-08 00:54:37 +08:00
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
proxy_set_header X-Original-URI $request_uri;
|
|
|
|
}
|
2019-06-07 05:54:31 +08:00
|
|
|
|
2024-09-26 01:48:17 +08:00
|
|
|
location = /bigbluebutton/connection/checkGraphqlAuthorization {
|
|
|
|
internal;
|
|
|
|
proxy_pass http://127.0.0.1:8090;
|
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
proxy_set_header X-Original-URI $request_uri;
|
|
|
|
# this is required for CORS preflight checks in cluster setup
|
|
|
|
proxy_set_header X-Original-Method $request_method;
|
|
|
|
}
|
|
|
|
|
2021-12-17 10:34:46 +08:00
|
|
|
location = /bigbluebutton/connection/legacyCheckAuthorization {
|
|
|
|
internal;
|
|
|
|
proxy_pass http://127.0.0.1:8090;
|
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
proxy_set_header X-Original-URI $request_uri;
|
|
|
|
}
|
|
|
|
|
2021-02-10 23:24:24 +08:00
|
|
|
location = /bigbluebutton/connection/validatePad {
|
|
|
|
internal;
|
|
|
|
proxy_pass http://127.0.0.1:8090;
|
|
|
|
proxy_pass_request_body off;
|
|
|
|
proxy_set_header Content-Length "";
|
|
|
|
proxy_set_header X-Original-URI $request_uri;
|
|
|
|
}
|
|
|
|
|
2019-06-07 05:54:31 +08:00
|
|
|
location ~ "^/bigbluebutton\/textTrack\/(?<textTrackToken>[a-zA-Z0-9]+)\/(?<recordId>[a-zA-Z0-9_-]+)\/(?<textTrack>.+)$" {
|
|
|
|
# Workaround IE refusal to set cookies in iframe
|
|
|
|
add_header P3P 'CP="No P3P policy available"';
|
|
|
|
|
|
|
|
# Allow 30M uploaded presentation document.
|
|
|
|
client_max_body_size 30m;
|
|
|
|
client_body_buffer_size 128k;
|
|
|
|
|
|
|
|
proxy_connect_timeout 90;
|
|
|
|
proxy_send_timeout 90;
|
|
|
|
proxy_read_timeout 90;
|
|
|
|
|
|
|
|
proxy_buffer_size 4k;
|
|
|
|
proxy_buffers 4 32k;
|
|
|
|
proxy_busy_buffers_size 64k;
|
|
|
|
proxy_temp_file_write_size 64k;
|
|
|
|
|
|
|
|
include fastcgi_params;
|
|
|
|
|
|
|
|
proxy_request_buffering off;
|
|
|
|
|
|
|
|
# Send a sub-request to allow bbb-web to refuse before loading
|
|
|
|
auth_request /bigbluebutton/textTrack/validateAuthToken;
|
|
|
|
|
|
|
|
default_type text/plain;
|
|
|
|
alias /var/bigbluebutton/captions/$recordId/$textTrack;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
location = /bigbluebutton/textTrack/validateAuthToken {
|
|
|
|
internal;
|
|
|
|
proxy_pass http://127.0.0.1:8090;
|
|
|
|
proxy_redirect default;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
|
|
|
proxy_set_header X-textTrack-token $textTrackToken;
|
|
|
|
proxy_set_header X-textTrack-recordId $recordId;
|
|
|
|
proxy_set_header X-textTrack-track $textTrack;
|
|
|
|
proxy_set_header X-Original-URI $request_uri;
|
|
|
|
}
|
|
|
|
|
2024-06-29 03:51:06 +08:00
|
|
|
location /bigbluebutton/ping {
|
|
|
|
default_type text/plain;
|
|
|
|
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0";
|
|
|
|
add_header Pragma "no-cache";
|
|
|
|
add_header Expires "0";
|
2024-09-26 01:48:17 +08:00
|
|
|
# this Header is required for cluster setups as the ping check is a
|
|
|
|
# CORS request. No cookies are required so we can just allow anyone
|
|
|
|
# to use this endpoint.
|
|
|
|
add_header 'Access-Control-Allow-Origin' '*';
|
2024-06-29 03:51:06 +08:00
|
|
|
return 200 "";
|
|
|
|
}
|
|
|
|
|
2019-01-08 00:54:37 +08:00
|
|
|
}
|
2021-04-10 02:41:19 +08:00
|
|
|
|
|
|
|
location @error403 {
|
|
|
|
if ($file_too_large_header = '1') {
|
|
|
|
return 413;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 403;
|
|
|
|
}
|