alpn.30443.conf

#See:  https://superuser.com/questions/1135208/can-nginx-serve-ssh-and-https-at-the-same-time-on-the-same-port




    server {
        listen 30443;
        listen unix:/etc/nginx/socks/alpn.30443.sock;
        ssl_preread on;
        proxy_pass $ssl_multiplexer;
#       proxy_protocol on;
#       set_real_ip_from  172.18.0.0/32;
    }





    map $ssl_preread_alpn_protocols $ssl_multiplexer {
    
        default           127.0.0.1:443;      # default to nginx

        "h2"     unix:/etc/nginx/socks/alpn.h2.sock;     #for h2 alpn


        "xmpp-server"     unix:/etc/nginx/socks/alpn.xmpp.sock;   xmpp-server
        
        "h3"     unix:/etc/nginx/socks/alpn.h3.sock;             #for h3 alpn,  I use for ssh

    }

    # ssl termination for c2s connections
    server {
        listen unix:/etc/nginx/socks/alpn.h2.sock ssl ;
        ssl_certificate /etc/nginx/certs/default.crt;
        ssl_certificate_key /etc/nginx/certs/default.key;
        proxy_ssl off;
        proxy_pass localhost:20001;
    }

    # ssl termination for s2s connections
    server {
        listen unix:/etc/nginx/socks/alpn.xmpp.sock ssl ;#proxy_protocol;
        # ... <- tls keys and options here
        ssl_certificate /etc/nginx/certs/default.crt;
        ssl_certificate_key /etc/nginx/certs/default.key;

        proxy_ssl off;
        proxy_pass localhost:5269;
    }

    # ssl termination for ssh connections
    server {
        listen unix:/etc/nginx/socks/alpn.h3.sock ssl  ;#proxy_protocol;
        ssl_certificate /etc/nginx/certs/default.crt;
        ssl_certificate_key /etc/nginx/certs/default.key;

        proxy_ssl off;
        proxy_pass localhost:22;
    }