worker_processes auto; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; access_log /var/log/nginx/access.log; sendfile on; keepalive_timeout 65; server { server_name uechi.io; listen 80; root /var/www/html; error_page 404 /404.html; # Matix/Synapse # https://matrix-org.github.io/synapse/develop/reverse_proxy.html # https://matrix-org.github.io/synapse/latest/setup/installation.html#client-well-known-uri location ~ ^(/_matrix|/_synapse/client) { # note: do not add a path (even a single /) after the port in `proxy_pass`, # otherwise nginx will canonicalise the URI and cause signature verification # errors. # https://stackoverflow.com/a/54719226/2276646 resolver 127.0.0.11 valid=30s; set $upstream_synapse synapse; proxy_pass http://$upstream_synapse:8008; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; # Nginx by default only allows file uploads up to 1M in size # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml client_max_body_size 50M; } location /.well-known/matrix/client { return 200 '{"m.homeserver": {"base_url": "https://matrix.uechi.io"}}'; default_type application/json; add_header Access-Control-Allow-Origin *; } location /.well-known/matrix/server { return 200 '{"m.server": "matrix.uechi.io:443"}'; default_type application/json; add_header Access-Control-Allow-Origin *; } location /404.html { internal; } location = /robots.txt { allow all; log_not_found off; access_log off; } location / { index index.html; try_files $uri $uri.html $uri/index.html @fallback; } location = / { if ($http_user_agent ~ curl) { rewrite / /TERMINAL last; } } location @fallback { root /var/www/html/_; try_files $uri $uri.html $uri/index.html =404; } } server { listen 80; server_name www.uechi.io; return 301 $scheme://uechi.io$request_uri; } }