server { server_name chat.mydomain.com; listen 8443 ssl; listen 443 ssl; access_log /var/log/nginx/chat.mydomain.com_access_log main; error_log /var/log/nginx/chat.mydomain.com_error_log info; location ~ ^(/_matrix|/_synapse/client) { # note: do not add a path (even a single /) after the port in `proxy_pass`, # otherwise nginx will canonicalise the URI and cause signature verification # errors. proxy_pass http://127.0.0.1:8008; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; # Nginx by default only allows file uploads up to 1M in size # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml client_max_body_size 500M; # Synapse responses may be chunked, which is an HTTP/1.1 feature. proxy_http_version 1.1; } include com.mydomain/certbot.conf; }