![]() Proxy_set_header X-Forwarded-For $remote_addr Proxy_pass $upstream_proto://$upstream_app:$upstream_port Gzip_proxied no-cache no-store private expired auth Gzip_types text/plain text/css application/javascript application/json image/x-icon application/octet-stream application/wasm # or "set $upstream_app " for host mode, HOSTIP being the IP address of jitsi # if not, replace the line "set $upstream_app jitsi " with "set $upstream_app " # if jitsi is running in bridge mode and the container is named "jitsi", the below config should work as is # make sure that your DNS has a cname set for jitsi This also simplifies SSL certificate management on the server by ensuring that SWAG is responsible for all of it (we will shortly be disabling the use of letsencrypt in Jitsi to complete this process.). This is because the secure https communication over the internet between Jitsi Meet clients and the Jitsi Meet server is handled by the reverse proxy and there is no need for maintaining secure communication between individual containers on the private docker bridge network. Note that in the configuration file, the connection between the reverse proxy and the jitsi container only uses http communication over port 80 (see $upstream_proto, $upstream_port). NB: This requires a cname record to be created for the jitsi subdomain with the domain's DNS provider. swag/config/nginx/proxy-confs/ directory with the name. which requires the following configuration file to be created in the. The docker image of Jitsi Meet will be proxied as a subdomain of the chosen domain i.e. Create a reverse proxy configuration Jitsi Meet swag is the relative path to where the docker bind mount storing SWAG's persistent data are located. The configuration of the SWAG reverse proxy is described in a separate document but note that in these instructions a path beginning. Is all that is needed to create the network that will be used. Create a docker bridge networkįirst of all, it is necessary to create a named docker bridge network for the reverse proxy and all the services that will be proxied behind it. ![]() However it does not have a ready-made proxy configuration file for Jitsi so one needs to be written. It handles SSL certificate generation using either LetsEncrypt or ZeroSSL and comes with proxy configuration files for the other linuxserver.io containers and select other applications such as NetData. The reverse proxy I will be using is the linuxserver.io nginx-based Secure Web Application Gateway (SWAG) container. The Jitsi Meet documentation includes a detailed set of instructions for getting the official Jitsi Meet docker image running and these can be used as a comprehensive reference for getting the Jitsi containers running behind a reverse proxy. Running Jitsi Meet on Docker Behind a Reverse Proxy
0 Comments
Leave a Reply. |