From e666c9696e44d2b93a8ea258eedd5755476863b4 Mon Sep 17 00:00:00 2001 From: Jakub W Date: Wed, 15 Jan 2025 21:20:48 +0100 Subject: [PATCH 01/11] Add pingvin-share.subdomain.conf,sample Nginx reverse proxy configuration for pingvin-share [stonith404/pingvin-share] --- pingvin-share.subdomain.conf.sample | 56 +++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 pingvin-share.subdomain.conf.sample diff --git a/pingvin-share.subdomain.conf.sample b/pingvin-share.subdomain.conf.sample new file mode 100644 index 0000000..4eee432 --- /dev/null +++ b/pingvin-share.subdomain.conf.sample @@ -0,0 +1,56 @@ +## Version 2025/01/15 +# make sure that your pingvin-share container is named pingvin-share +# make sure that your dns has a cname set for pingvin-share + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name pingvin-share.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pingvin-share; + set $upstream_port 3000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + + location ~ (/pingvin-share)?/api { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pingvin-share; + set $upstream_port 3000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} \ No newline at end of file From 20c78bb90978e7c71577fd6a5cda89af47c0271c Mon Sep 17 00:00:00 2001 From: "J. Scott Elblein" Date: Fri, 17 Jan 2025 21:42:28 -0600 Subject: [PATCH 02/11] Create asciinema.subdomain.conf.sample --- asciinema.subdomain.conf.sample | 45 +++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 asciinema.subdomain.conf.sample diff --git a/asciinema.subdomain.conf.sample b/asciinema.subdomain.conf.sample new file mode 100644 index 0000000..670a64e --- /dev/null +++ b/asciinema.subdomain.conf.sample @@ -0,0 +1,45 @@ +## Version 2025/01/17 +# make sure that your asciinema container is named asciinema +# make sure that your dns has a cname set for asciinema + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name asciinema.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app asciinema; + set $upstream_port 4000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } +} From 72bb6938c39fb0623e1f59c037573d8f2863d7ce Mon Sep 17 00:00:00 2001 From: "J. Scott Elblein" Date: Mon, 20 Jan 2025 16:16:34 -0600 Subject: [PATCH 03/11] Create discount-bandit.subdomain.conf.sample --- discount-bandit.subdomain.conf.sample | 45 +++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 discount-bandit.subdomain.conf.sample diff --git a/discount-bandit.subdomain.conf.sample b/discount-bandit.subdomain.conf.sample new file mode 100644 index 0000000..908d0f7 --- /dev/null +++ b/discount-bandit.subdomain.conf.sample @@ -0,0 +1,45 @@ +## Version 2025/01/20 +# make sure that your discount-bandit container is named discount-bandit +# make sure that your dns has a cname set for discount-bandit + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name discount-bandit.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app discount-bandit; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } +} From 40ed9faf79b86ea260f7e99b257c7e7069eb4916 Mon Sep 17 00:00:00 2001 From: jlssmt Date: Mon, 3 Feb 2025 22:18:53 +0100 Subject: [PATCH 04/11] add kopia --- kopia.subdomain.conf.sample | 46 +++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 kopia.subdomain.conf.sample diff --git a/kopia.subdomain.conf.sample b/kopia.subdomain.conf.sample new file mode 100644 index 0000000..9c64bc3 --- /dev/null +++ b/kopia.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2024/07/16 +# make sure that your kopia container is named kopia +# make sure that your dns has a cname set for kopia + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name kopia.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app kopia; + set $upstream_port 51515; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} From db96605b8d7f1dfc6917c058708c724d819742bb Mon Sep 17 00:00:00 2001 From: "J. Scott Elblein" Date: Fri, 21 Feb 2025 23:09:34 -0600 Subject: [PATCH 05/11] Update asciinema.subdomain.conf.sample Added block for the /dashboard Currently it's an unfinished dash, but author says it's in the works: https://discourse.asciinema.org/t/2-questions-1-post/920/2?u=j_scott_elblein --- asciinema.subdomain.conf.sample | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/asciinema.subdomain.conf.sample b/asciinema.subdomain.conf.sample index 670a64e..af2f327 100644 --- a/asciinema.subdomain.conf.sample +++ b/asciinema.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2025/01/17 +## Version 2025/02/21 # make sure that your asciinema container is named asciinema # make sure that your dns has a cname set for asciinema @@ -42,4 +42,26 @@ server { set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } + + location ~ (/asciinema)?/dashboard { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app asciinema; + set $upstream_port 4002; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } } From 6d51d72612bb5b673ac2ee03079cc3cce11cc31f Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Thu, 20 Mar 2025 16:14:35 +0100 Subject: [PATCH 06/11] Add proxy configuration for Plex library streams --- plex.subdomain.conf.sample | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/plex.subdomain.conf.sample b/plex.subdomain.conf.sample index accc5a7..813cd6d 100644 --- a/plex.subdomain.conf.sample +++ b/plex.subdomain.conf.sample @@ -61,4 +61,12 @@ server { proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor; proxy_set_header X-Plex-Model $http_x_plex_model; } + + location /library/streams/ { + set $upstream_app plex; + set $upstream_port 32400; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + proxy_pass_request_headers off; + } } From b2f335483970def4993db6e73b94bb5fa5fabeb8 Mon Sep 17 00:00:00 2001 From: kinghat Date: Wed, 26 Mar 2025 16:02:55 +0000 Subject: [PATCH 07/11] feat: create spoolman conf samples --- spoolman.subdomain.conf.sample | 46 ++++++++++++++++++++++++++++++++++ spoolman.subfolder.conf.sample | 30 ++++++++++++++++++++++ 2 files changed, 76 insertions(+) create mode 100644 spoolman.subdomain.conf.sample create mode 100644 spoolman.subfolder.conf.sample diff --git a/spoolman.subdomain.conf.sample b/spoolman.subdomain.conf.sample new file mode 100644 index 0000000..c36f308 --- /dev/null +++ b/spoolman.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2025/03/27 +# make sure that your spoolman container is named spoolman +# make sure that your dns has a cname set for spoolman + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name spoolman.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app spoolman; + set $upstream_port 8000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} \ No newline at end of file diff --git a/spoolman.subfolder.conf.sample b/spoolman.subfolder.conf.sample new file mode 100644 index 0000000..4fa88e7 --- /dev/null +++ b/spoolman.subfolder.conf.sample @@ -0,0 +1,30 @@ +## Version 2025/03/27 +# make sure that your spoolman container is named spoolman +# make sure that spoolman is set to work with the base url /spoolman/ + + +location /spoolman { + return 301 $scheme://$host/spoolman/; +} + +location ^~ /spoolman/ { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app spoolman; + set $upstream_port 8000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} \ No newline at end of file From e328f57197907b5fcdca67d9242f8411c1150df7 Mon Sep 17 00:00:00 2001 From: Luke Date: Tue, 15 Apr 2025 11:45:43 +0100 Subject: [PATCH 08/11] Create iplayarr.subdomain.conf.sample --- iplayarr.subdomain.conf.sample | 46 ++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 iplayarr.subdomain.conf.sample diff --git a/iplayarr.subdomain.conf.sample b/iplayarr.subdomain.conf.sample new file mode 100644 index 0000000..fa0886d --- /dev/null +++ b/iplayarr.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2025/04/15 +# make sure that your iplayarr container is named iplayarr +# make sure that your dns has a cname set for iplayarr + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name iplayarr.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app iplayarr; + set $upstream_port 4404; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} From 06b6e01254e21272c9f081936f0244fd304dcc9f Mon Sep 17 00:00:00 2001 From: RagingCub Date: Sat, 26 Apr 2025 12:34:53 -0400 Subject: [PATCH 09/11] Resolve api incompatibility with authelia for gitea --- gitea.subdomain.conf.sample | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gitea.subdomain.conf.sample b/gitea.subdomain.conf.sample index 4549b5e..347d79e 100644 --- a/gitea.subdomain.conf.sample +++ b/gitea.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2024/07/16 +## Version 2025/04/26 # make sure that your gitea container is named gitea # make sure that your dns has a cname set for gitea # edit the following parameters in /data/gitea/conf/app.ini @@ -49,7 +49,7 @@ server { } - location ~ (/gitea)?/info/lfs { + location ~ (/gitea)?/(api|info/lfs) { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gitea; From 3a40049ca283da785e33436a6868123f996e319a Mon Sep 17 00:00:00 2001 From: Noneangel <1888627+Noneangel@users.noreply.github.com> Date: Sun, 18 May 2025 19:20:27 +0200 Subject: [PATCH 10/11] Fix Jellyfin CORS --- jellyfin.subdomain.conf.sample | 10 +++++++--- jellyfin.subfolder.conf.sample | 6 ++++-- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/jellyfin.subdomain.conf.sample b/jellyfin.subdomain.conf.sample index 53a42d1..d8291a2 100644 --- a/jellyfin.subdomain.conf.sample +++ b/jellyfin.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2025/01/11 +## Version 2025/05/18 # make sure that your jellyfin container is named jellyfin # make sure that your dns has a cname set for jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is @@ -22,7 +22,9 @@ server { set $upstream_app jellyfin; set $upstream_port 8096; set $upstream_proto http; - add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; + if ($http_user_agent ~ Web0S) { + add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; + } proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Range $http_range; @@ -35,7 +37,9 @@ server { set $upstream_app jellyfin; set $upstream_port 8096; set $upstream_proto http; - add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; + if ($http_user_agent ~ Web0S) { + add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; + } proxy_pass $upstream_proto://$upstream_app:$upstream_port; } diff --git a/jellyfin.subfolder.conf.sample b/jellyfin.subfolder.conf.sample index 72c5ab3..0e5e01d 100644 --- a/jellyfin.subfolder.conf.sample +++ b/jellyfin.subfolder.conf.sample @@ -1,4 +1,4 @@ -## Version 2025/01/11 +## Version 2025/05/18 # make sure that your jellyfin container is named jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app ;" @@ -15,7 +15,9 @@ location ^~ /jellyfin/ { set $upstream_app jellyfin; set $upstream_port 8096; set $upstream_proto http; - add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; + if ($http_user_agent ~ Web0S) { + add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; + } proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Range $http_range; From a3faf77c52f342a74928a3fe38c121c46aa3f8ec Mon Sep 17 00:00:00 2001 From: Gianmarco Mameli Date: Fri, 23 May 2025 11:09:29 +0200 Subject: [PATCH 11/11] Update version number in plex.subdomain.conf.sample to 2025/05/23 --- plex.subdomain.conf.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plex.subdomain.conf.sample b/plex.subdomain.conf.sample index 813cd6d..8ea6dae 100644 --- a/plex.subdomain.conf.sample +++ b/plex.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2024/07/16 +## Version 2025/05/23 # make sure that your plex container is named plex # make sure that your dns has a cname set for plex # if plex is running in bridge mode and the container is named "plex", the below config should work as is