BigBlueButton/bigbluebutton-Github
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4464c87596
bigbluebutton-Github/build/packages-template/bbb-etherpad/notes.nginx
Calvin Walton 9ecea0804e nginx config: Allow overriding the $scheme variable 
The etherpad component's nginx configuration needs to know the request
scheme in order to set some variables that influence whether the
'Secure' flag is set on cookies. Right now it directly uses the $scheme
variable, but this variable does not get set to the expected value if
nginx is behind a reverse-proxy where the proxy handles TLS termination.

Adjust the etherpad nginx config to use a variable with a different name
$real_scheme, which can be set in the nginx server block to match the
configuration of the nginx listeners.

This variable is set to the value of $scheme in the default
/etc/sites-available/bigbluebutton file. The bbb-install.sh script will
be updated to set this variable in the configurations it writes.

People using other installation scripts will need to add this variable
to their nginx configuration file, or etherpad might not operate correctly.
2023-04-25 17:13:24 -04:00

77 lines
2.7 KiB
Nginx Configuration File
Raw Blame History

# https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy
location /pad/p/ {
# Avoid setting the user name from the embedded URL
if ($arg_userName) {
return 401;
}
rewrite /pad/p/(.*) /p/$1 break;
rewrite ^/pad/p$ /pad/p/ permanent;
proxy_pass http://127.0.0.1:9001/p;
proxy_pass_header Server;
proxy_redirect /p /pad/p;
proxy_set_header Host $host;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr; # http://wiki.nginx.org/HttpProxyModule
proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP
proxy_set_header X-Forwarded-Proto $real_scheme; # for EP to set secure cookie flag when https is used
proxy_http_version 1.1;
auth_request /bigbluebutton/connection/checkAuthorization;
auth_request_set $auth_status $upstream_status;
}
location /pad/auth_session {
rewrite /pad/auth_session(.*) /auth_session$1 break;
proxy_pass http://127.0.0.1:9001/;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_buffering off;
auth_request /bigbluebutton/connection/checkAuthorization;
auth_request_set $auth_status $upstream_status;
}
location /pad {
rewrite /pad/(.*) /$1 break;
rewrite ^/pad$ /pad/ permanent;
proxy_pass http://127.0.0.1:9001/;
proxy_pass_header Server;
proxy_redirect / /pad/;
proxy_set_header Host $host;
proxy_buffering off;
}
location /pad/socket.io/socket.io.js {
rewrite /pad/socket.io/socket.io.js /socket.io/socket.io.js break;
proxy_pass http://127.0.0.1:9001/;
proxy_set_header Host $host;
proxy_buffering off;
}
location /pad/socket.io {
rewrite /pad/socket.io/(.*) /socket.io/$1 break;
proxy_pass http://127.0.0.1:9001/;
proxy_redirect / /pad/;
proxy_set_header Host $host;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr; # http://wiki.nginx.org/HttpProxyModule
proxy_set_header X-Forwarded-For $remote_addr; # EP logs to show the actual remote IP
proxy_set_header X-Forwarded-Proto $real_scheme; # for EP to set secure cookie flag when https is used
proxy_set_header Host $host; # pass the host header
proxy_http_version 1.1; # recommended with keepalive connections
# WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
auth_request /bigbluebutton/connection/checkAuthorization;
auth_request_set $auth_status $upstream_status;
}
location /static {
rewrite /static/(.*) /static/$1 break;
proxy_pass http://127.0.0.1:9001/;
proxy_set_header Host $host;
proxy_buffering off;
}
Reference in New Issue View Git Blame Copy Permalink