server { listen 80; listen [::]:80; listen 443 ssl; listen 8448 ssl; listen [::]:443 ssl; listen [::]:8448 ssl; server_name synapse.localhost; ssl_certificate /root/ssl/cert.pem; ssl_certificate_key /root/ssl/key.pem; # well-known config adding rtc_foci backend # Note well-known is currently not effective due to: # https://spec.matrix.org/v1.12/client-server-api/#well-known-uri the spec # says it must be at https://$server_name/... (implied port 443) Hence, we # currently rely for local development environment on depricated config.json # setting for livekit_service_url location /.well-known/matrix/client { return 200 '{"m.homeserver": {"base_url": "http://synapse.localhost:8008"}, "org.matrix.msc4143.rtc_foci": [{"type": "livekit", "livekit_service_url": "http://localhost:8080"}]}'; default_type application/json; add_header Access-Control-Allow-Origin *; } # Reverse proxy for Matrix Synapse Homeserver # This is also required for development environment. # Reason: the lk-jwt-service uses the federation API for the openid token # verification, which requires TLS location / { proxy_pass "http://homeserver:8008"; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; } error_page 500 502 503 504 /50x.html; }