126 lines
5.3 KiB
Text
126 lines
5.3 KiB
Text
upstream synapse_master {
|
|
server localhost:8008;
|
|
}
|
|
|
|
upstream synapse_federation {
|
|
server localhost:8082;
|
|
}
|
|
|
|
upstream synapse_generic {
|
|
server localhost:8081;
|
|
}
|
|
|
|
map $request_uri $synapse_backend {
|
|
default synapse_master;
|
|
|
|
# Sync requests
|
|
~*^/_matrix/client/(r0|v3)/sync$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3)/events$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3)/initialSync$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ synapse_generic;
|
|
|
|
# Federation requests
|
|
~*^/_matrix/federation/v1/event/ synapse_federation;
|
|
~*^/_matrix/federation/v1/state/ synapse_federation;
|
|
~*^/_matrix/federation/v1/state_ids/ synapse_federation;
|
|
~*^/_matrix/federation/v1/backfill/ synapse_federation;
|
|
~*^/_matrix/federation/v1/get_missing_events/ synapse_federation;
|
|
~*^/_matrix/federation/v1/publicRooms synapse_federation;
|
|
~*^/_matrix/federation/v1/query/ synapse_federation;
|
|
~*^/_matrix/federation/v1/make_join/ synapse_federation;
|
|
~*^/_matrix/federation/v1/make_leave/ synapse_federation;
|
|
~*^/_matrix/federation/(v1|v2)/send_join/ synapse_federation;
|
|
~*^/_matrix/federation/(v1|v2)/send_leave/ synapse_federation;
|
|
~*^/_matrix/federation/(v1|v2)/invite/ synapse_federation;
|
|
~*^/_matrix/federation/v1/event_auth/ synapse_federation;
|
|
~*^/_matrix/federation/v1/exchange_third_party_invite/ synapse_federation;
|
|
~*^/_matrix/federation/v1/user/devices/ synapse_federation;
|
|
~*^/_matrix/key/v2/query synapse_federation;
|
|
~*^/_matrix/federation/v1/hierarchy/ synapse_federation;
|
|
|
|
# Inbound federation transaction request
|
|
~*^/_matrix/federation/v1/send/ synapse_federation;
|
|
|
|
# Client API requests
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ synapse_generic;
|
|
~*^/_matrix/client/v1/rooms/.*/hierarchy$ synaspe_generic;
|
|
~*^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ synapse_generic;
|
|
~*^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/account/3pid$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/account/whoami$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/devices$ synapse_generic;
|
|
~*^/_matrix/client/versions$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/search$ synapse_generic;
|
|
|
|
# Encryption requests
|
|
~*^/_matrix/client/(r0|v3|unstable)/keys/query$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/keys/changes$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/keys/claim$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/room_keys/ synapse_generic;
|
|
|
|
# Registration/login requests
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/login$ synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/register$ synapse_generic;
|
|
~*^/_matrix/client/v1/register/m.login.registration_token/validity$ synapse_generic;
|
|
|
|
# Event sending requests
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/join/ synapse_generic;
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ synapse_generic;
|
|
|
|
# Account data requests
|
|
~*^/_matrix/client/(r0|v3|unstable)/.*/tags synapse_generic;
|
|
~*^/_matrix/client/(r0|v3|unstable)/.*/account_data synapse_generic;
|
|
|
|
# Receipts requests
|
|
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt synapse_generic;
|
|
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers synapse_generic;
|
|
|
|
# Presence requests
|
|
~*^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ synapse_generic;
|
|
|
|
# User directory search requests
|
|
~*^/_matrix/client/(r0|v3|unstable)/user_directory/search$ synapse_generic;
|
|
}
|
|
|
|
|
|
server {
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/synapse.tws-matrix.ungleich.cloud/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/synapse.tws-matrix.ungleich.cloud/privkey.pem;
|
|
|
|
server_name synapse.tws-matrix.ungleich.cloud;
|
|
|
|
client_max_body_size 512m;
|
|
|
|
error_page 403 404 /403_404.html;
|
|
location = /403_404.html {
|
|
default_type application/json;
|
|
return 200 'You are not authorized to access this page.';
|
|
}
|
|
|
|
location ~ /_matrix|/_synapse {
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_connect_timeout 3600;
|
|
proxy_send_timeout 3600;
|
|
proxy_read_timeout 3600;
|
|
send_timeout 3600;
|
|
proxy_pass http://$synapse_backend;
|
|
}
|
|
}
|