Files
chat/nginx-example.conf
Ty Clifford 6217a216a7 - Implemented.
Safari/iPhone recording now uses MP4/AAC when WebM is unavailable.
WebM remains the default when supported and FFmpeg is disabled.
Added optional FFmpeg profiles: recommended M4A/AAC-LC or requested 
MP4/H.264 + AAC.
Added MIME-aware, playsinline audio playback.
Added dashboard controls under Plans & Platform → Voice Transcoding / 
FFmpeg.
Added Apache/Nginx media MIME configuration and documentation.
Core implementation: voice_transcoder.php (line 72), messages.php (line 
86), and cyberchat-app.js (line 635).
2026-06-09 02:21:42 -04:00

98 lines
2.3 KiB
Plaintext

# nginx-example.conf — Example Nginx virtual host for CyberChat
server {
listen 80;
server_name chat.yourdomain.com;
# Redirect HTTP to HTTPS
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name chat.yourdomain.com;
# SSL — update paths to your certs
ssl_certificate /etc/letsencrypt/live/chat.yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/chat.yourdomain.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
root /var/www/html/cyberchat;
index index.html index.php;
client_max_body_size 16m;
# Serve static files directly
location ~* \.(css|js|ico|png|jpg|woff2?)$ {
expires 7d;
add_header Cache-Control "public, immutable";
}
location ~* \.html?$ {
expires -1;
add_header Cache-Control "no-cache, no-store, must-revalidate";
try_files $uri =404;
}
# Never execute files from the voice upload directory
location ~ ^/uploads/voice/.*\.(php|phtml|phar|cgi|pl|py|sh)$ {
deny all;
return 404;
}
location ~* ^/uploads/voice/.*\.m4a$ {
default_type audio/mp4;
try_files $uri =404;
}
location ~* ^/uploads/voice/.*\.aac$ {
default_type audio/aac;
try_files $uri =404;
}
location ~* ^/uploads/voice/.*\.webm$ {
default_type audio/webm;
try_files $uri =404;
}
location ~* ^/uploads/voice/.*\.mp4$ {
default_type video/mp4;
try_files $uri =404;
}
# PHP files
location ~ \.php$ {
fastcgi_pass unix:/run/php/php8.1-fpm.sock; # adjust PHP version
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# Block direct access to storage and internal libraries
location ~ ^/(db|archive|lib)/ {
deny all;
return 404;
}
# Block credentials and SQLite sidecar files
location = /config.json {
deny all;
return 404;
}
location ~* \.sqlite($|-wal$|-shm$) {
deny all;
return 404;
}
# Block dotfiles such as .htaccess and .gitignore
location ~ /\. {
deny all;
return 404;
}
# Default
location / {
try_files $uri $uri/ =404;
}
}