github/reverse-proxy-confs
1
0
Fork 0
mirror of https://github.com/linuxserver/reverse-proxy-confs.git synced 2025-07-05 20:41:32 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Create romm.subdomain.conf.sample

Browse source 
create conf file
This commit is contained in:
Bert Van den Abbeele 2024-10-26 18:36:18 +02:00 committed by Joseph Harry
parent c41f4e49ad
commit 2b6d327321
No known key found for this signature in database
GPG key ID: 672E70D2EB06270B
1 changed files with 55 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

55
romm.subdomain.conf.sample Normal file
View file

@ -0,0 +1,55 @@
## Version 2024/10/26
# make sure that your romM container is named romm
# make sure that your dns has a cname set for romm
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name romm.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app romm;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Hide version
server_tokens off;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
}
}