diff --git a/.github/workflows/check_samples.yml b/.github/workflows/check_samples.yml index 00f8489..d645f0d 100644 --- a/.github/workflows/check_samples.yml +++ b/.github/workflows/check_samples.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4.0.0 + uses: actions/checkout@v4.1.0 - name: Check Allowed File Names run: | diff --git a/komga.subdomain.conf.sample b/komga.subdomain.conf.sample index 2cec3ba..6cf2191 100644 --- a/komga.subdomain.conf.sample +++ b/komga.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2023/05/31 +## Version 2023/09/05 # make sure that your komga container is named komga # make sure that your dns has a cname set for komga @@ -38,7 +38,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; - set $upstream_port 8080; + set $upstream_port 25600; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -48,7 +48,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; - set $upstream_port 8080; + set $upstream_port 25600; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/komga.subfolder.conf.sample b/komga.subfolder.conf.sample index 7cd97d7..f9e60d6 100644 --- a/komga.subfolder.conf.sample +++ b/komga.subfolder.conf.sample @@ -1,4 +1,4 @@ -## Version 2023/02/05 +## Version 2023/09/05 # make sure that your komga container is named komga # make sure that komga is set to work with the base url /komga/ # First make sure your Container has set an Baseurl set via docker-compose File "envirnoment: SERVER_SERVLET_CONTEXT_PATH=/komga" and recreate the container. @@ -24,7 +24,7 @@ location ^~ /komga/ { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; - set $upstream_port 8080 ; + set $upstream_port 25600 ; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -34,7 +34,7 @@ location ^~ /komga/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; - set $upstream_port 8080; + set $upstream_port 25600; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } diff --git a/nocodb.subdomain.conf.sample b/nocodb.subdomain.conf.sample new file mode 100644 index 0000000..26e877b --- /dev/null +++ b/nocodb.subdomain.conf.sample @@ -0,0 +1,45 @@ +## Version 2023/09/28 +# make sure that your nocodb container is named nocodb +# make sure that your dns has a cname set for nocodb + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name nocodb.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app nocodb; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } +} diff --git a/qbittorrent.subdomain.conf.sample b/qbittorrent.subdomain.conf.sample index 6bb63b6..4dd6135 100644 --- a/qbittorrent.subdomain.conf.sample +++ b/qbittorrent.subdomain.conf.sample @@ -1,6 +1,14 @@ -## Version 2023/05/31 +## Version 2023/10/10 # make sure that your qbittorrent container is named qbittorrent # make sure that your dns has a cname set for qbittorrent +# Api and related location bypasses are now commented out by default +# due to users easily misconfiguring qbittorrent to allow +# public access through the api endpoint by including SWAG in +# "Bypass authentication for clients in whitelisted IP subnets", +# which results in all connections through SWAG to be considered +# local and bypassing auth, which also applies to qbittorrent's +# api endpoint (webui api) +# enable at your own risk server { listen 443 ssl http2; @@ -47,93 +55,108 @@ server { proxy_set_header X-Forwarded-Host $host; } - location ~ (/qbittorrent)?/api { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # location ~ (/qbittorrent)?/api { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; + # rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; - } + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } - location ~ (/qbittorrent)?/command { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # location ~ (/qbittorrent)?/command { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; + # rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; - } + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } - location ~ (/qbittorrent)?/query { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # location ~ (/qbittorrent)?/css { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; + # rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; - } + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } - location ~ (/qbittorrent)?/login { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # location ~ (/qbittorrent)?/query { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; + # rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; - } + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } - location ~ (/qbittorrent)?/sync { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # location ~ (/qbittorrent)?/login { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; + # rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; - } + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } - location ~ (/qbittorrent)?/scripts { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # location ~ (/qbittorrent)?/sync { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; + # rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; - } + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } + + # location ~ (/qbittorrent)?/scripts { + # include /config/nginx/proxy.conf; + # include /config/nginx/resolver.conf; + # set $upstream_app qbittorrent; + # set $upstream_port 8080; + # set $upstream_proto http; + # proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + # rewrite /qbittorrent(.*) $1 break; + + # proxy_set_header Referer ''; + # proxy_set_header Host $upstream_app:$upstream_port; + # proxy_set_header X-Forwarded-Host $host; + # } } diff --git a/qbittorrent.subfolder.conf.sample b/qbittorrent.subfolder.conf.sample index bd56047..d0bd429 100644 --- a/qbittorrent.subfolder.conf.sample +++ b/qbittorrent.subfolder.conf.sample @@ -1,6 +1,14 @@ -## Version 2023/02/05 +## Version 2023/10/10 # make sure that your qbittorrent container is named qbittorrent # qbittorrent does not require a base url setting +# Api and related location bypasses are now commented out by default +# due to users easily misconfiguring qbittorrent to allow +# public access through the api endpoint by including SWAG in +# "Bypass authentication for clients in whitelisted IP subnets", +# which results in all connections through SWAG to be considered +# local and bypassing auth, which also applies to qbittorrent's +# api endpoint (webui api) +# enable at your own risk location /qbittorrent { return 301 $scheme://$host/qbittorrent/; @@ -34,92 +42,107 @@ location ^~ /qbittorrent/ { proxy_set_header X-Forwarded-Host $host; } -location ^~ /qbittorrent/api { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +# location ^~ /qbittorrent/api { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; +# rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; -} +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# } -location ^~ /qbittorrent/command { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +# location ^~ /qbittorrent/command { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; +# rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; -} +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# } -location ^~ /qbittorrent/query { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +# location ^~ /qbittorrent/css { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; +# rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; -} +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# } -location ^~ /qbittorrent/login { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +# location ^~ /qbittorrent/query { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; +# rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; -} +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# } -location ^~ /qbittorrent/sync { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +# location ^~ /qbittorrent/login { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; +# rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; -} +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# } -location ^~ /qbittorrent/scripts { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app qbittorrent; - set $upstream_port 8080; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +# location ^~ /qbittorrent/sync { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - rewrite /qbittorrent(.*) $1 break; +# rewrite /qbittorrent(.*) $1 break; - proxy_set_header Referer ''; - proxy_set_header Host $upstream_app:$upstream_port; - proxy_set_header X-Forwarded-Host $host; -} +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# } + +# location ^~ /qbittorrent/scripts { +# include /config/nginx/proxy.conf; +# include /config/nginx/resolver.conf; +# set $upstream_app qbittorrent; +# set $upstream_port 8080; +# set $upstream_proto http; +# proxy_pass $upstream_proto://$upstream_app:$upstream_port; + +# rewrite /qbittorrent(.*) $1 break; + +# proxy_set_header Referer ''; +# proxy_set_header Host $upstream_app:$upstream_port; +# proxy_set_header X-Forwarded-Host $host; +# }