load_module "modules/ngx_rtmp_module.so"; user www-data; worker_processes 1; events { worker_connections 1024; } http { server_tokens off; include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; listen 443 ssl; access_log /nginx_access.log; error_log /nginx_error.log info; ssl_certificate /var/lib/dehydrated/certs/${LETSENCRYPT_DOMAIN}/fullchain.pem; ssl_certificate_key /var/lib/dehydrated/certs/${LETSENCRYPT_DOMAIN}/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; ssl_dhparam /etc/nginx/dhparams.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers off; gzip off; location /stat { rtmp_stat all; rtmp_stat_stylesheet stat.xsl; allow all; satisfy any; } location /stat.xsl { root /var/www/html; allow all; satisfy any; } location /tts { proxy_pass http://host.docker.internal:3000/; proxy_redirect off; proxy_buffering off; } location /bootstrap.min.css { proxy_pass http://host.docker.internal:3000/bootstrap.min.css; proxy_redirect off; proxy_buffering off; } location /jquery.js { proxy_pass http://host.docker.internal:3000/jquery.js; proxy_redirect off; proxy_buffering off; } location /tts.js { proxy_pass http://host.docker.internal:3000/tts.js; proxy_redirect off; proxy_buffering off; } location /tts_queue { proxy_pass http://host.docker.internal:3000/tts_queue; proxy_redirect off; proxy_buffering off; } location /tts_done { proxy_pass http://host.docker.internal:3000/tts_done; proxy_redirect off; proxy_buffering off; } location /token { proxy_pass http://host.docker.internal:3000/token; proxy_redirect off; proxy_buffering off; } location /favicon.ico { proxy_pass http://host.docker.internal:3000/favicon.ico; proxy_redirect off; proxy_buffering off; } location / { root /var/www/html; try_files $uri $uri/index.py; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /var/www/html; } location ~* remote.js$ { root /var/www/html; allow all; satisfy any; } location ~* debug.xml$ { root /var/www/html; allow all; satisfy any; } location ~* \.php$ { root /var/www/html/; fastcgi_pass unix:/run/php/php7.4-fpm.sock; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; allow all; satisfy any; } location ~* data.py$ { gzip off; root /var/www/html/; fastcgi_pass unix:/var/run/fcgiwrap.socket; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; allow all; satisfy any; } location ~* set_obs.py$ { gzip off; root /var/www/html/; fastcgi_pass unix:/var/run/fcgiwrap.socket; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; allow all; satisfy any; } location ~* set_ext.py$ { gzip off; root /var/www/html/; fastcgi_pass unix:/var/run/fcgiwrap.socket; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; allow all; satisfy any; } location ~* \.py$ { gzip off; root /var/www/html/; fastcgi_pass unix:/var/run/fcgiwrap.socket; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; allow 127.0.0.1; auth_basic "Login with your OBS remote password"; auth_basic_user_file /var/www/.htpasswd; satisfy any; } } } rtmp { server { listen 1935; chunk_size 4096; application live { live on; record off; allow publish all; on_publish http://localhost/auth.php; drop_idle_publisher 10s; } } }