Merge remote-tracking branch 'upstream/master' into master

2025-08-22 06:13:49 -07:00 · 2020-09-09 22:51:13 -05:00 · 2020-09-09 22:51:13 -05:00 · 5dfb668994
commit 5dfb668994
parent b7aa78393b 388a3a7e7f
157 changed files with 3492 additions and 625 deletions
--- a/.github/workflows/allowed_names.yml
+++ b/.github/workflows/allowed_names.yml
@ -0,0 +1,24 @@
 name: Check Allowed File Names
 on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
 jobs:
  check-allowed-file-names:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: Check Allowed File Names
      run: |
        NOT_SAMPLES=$(find . -not -path '*/\.*' -type f ! \( -name '*.conf.sample' -o -name 'README.md' -o -name 'LICENSE' \))
        NOT_SAMPLES_COUNT=$(echo "${NOT_SAMPLES}" | wc -w)
        if (( NOT_SAMPLES_COUNT > 0 )); then
            echo "The following files are not allowed:"
            echo "${NOT_SAMPLES}"
            exit 1
        fi
--- a/adguard.subdomain.conf.sample
+++ b/adguard.subdomain.conf.sample
@ -0,0 +1,49 @@
 # make sure that your dns has a cname set for adguard and that your adguard container is named adguard
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name adguard.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app adguard;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location /control {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app adguard;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/adminer.subfolder.conf.sample
+++ b/adminer.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /adminer {
    return 301 $scheme://$host/adminer/;
 }
 location ^~ /adminer/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,10 +11,16 @@ location ^~ /adminer/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_adminer adminer;
+    set $upstream_app adminer;
-    proxy_pass http://$upstream_adminer:8080;
+    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/airsonic.subdomain.conf.sample
+++ b/airsonic.subdomain.conf.sample
@ -1,4 +1,5 @@
 # make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url
 # add `server.use-forward-headers=true` to `/config/application.properties` to ensure logs contain real source IP
 server {
    listen 443 ssl;
@ -13,6 +14,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +24,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
-        
+
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_airsonic airsonic;
+        set $upstream_app airsonic;
-        proxy_pass http://$upstream_airsonic:4040;
+        set $upstream_port 4040;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/airsonic.subfolder.conf.sample
+++ b/airsonic.subfolder.conf.sample
@ -7,10 +7,16 @@ location ^~ /airsonic {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_airsonic airsonic;
+    set $upstream_app airsonic;
-    proxy_pass http://$upstream_airsonic:4040;
+    set $upstream_port 4040;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/authelia.subdomain.conf.sample
+++ b/authelia.subdomain.conf.sample
@ -0,0 +1,27 @@
 # make sure that your dns has a cname set for authelia
 # the default authelia-server and authelia-location confs included with letsencrypt rely on
 # subfolder proxy at "/authelia" and enabling of this proxy conf is not necessary.
 # But if you'd like to use authelia via subdomain, you can enable this proxy and set up your own
 # authelia-server and authelia-location confs as described in authelia docs.
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name authelia.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app authelia;
        set $upstream_port 9091;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/bazarr.subdomain.conf.sample
+++ b/bazarr.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,27 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_bazarr bazarr;
+        set $upstream_app bazarr;
-        proxy_pass http://$upstream_bazarr:6767;
+        set $upstream_port 6767;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/bazarr)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app bazarr;
        set $upstream_port 6767;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/bazarr.subfolder.conf.sample
+++ b/bazarr.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /bazarr {
    return 301 $scheme://$host/bazarr/;
 }
 location ^~ /bazarr/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,10 +11,26 @@ location ^~ /bazarr/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_bazarr bazarr;
+    set $upstream_app bazarr;
-    proxy_pass http://$upstream_bazarr:6767;
+    set $upstream_port 6767;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /bazarr/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app bazarr;
    set $upstream_port 6767;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/beets.subdomain.conf.sample
+++ b/beets.subdomain.conf.sample
@ -1,4 +1,4 @@
-#First edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container. 
+#First edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container.
 #Make sure that your dns has a cname set for beets and that your beets container is not using a base url
 server {
@ -14,6 +14,9 @@ server {
    #enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        #enable the next two lines for http auth
        #auth_basic "Restricted";
@ -21,11 +24,17 @@ server {
        #enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_beets beets;
+        set $upstream_app beets;
-        proxy_pass http://$upstream_beets:8337;
+        set $upstream_port 8337;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/beets.subfolder.conf.sample
+++ b/beets.subfolder.conf.sample
@ -7,14 +7,18 @@ location /beets {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_beets beets;
+    set $upstream_app beets;
-    proxy_pass http://$upstream_beets:8337;
+    set $upstream_port 8337;
-    proxy_set_header Host $host;
+    set $upstream_proto http;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    proxy_set_header X-Scheme $scheme;
    proxy_set_header X-Script-Name /beets;
 }
--- a/bitwarden.subdomain.conf.sample
+++ b/bitwarden.subdomain.conf.sample
@ -1,4 +1,6 @@
 # make sure that your dns has a cname set for bitwarden and that your bitwarden container is not using a base url
 # make sure your bitwarden container is named "bitwarden"
 # set the environment variable WEBSOCKET_ENABLED=true on your bitwarden container
 server {
    listen 443 ssl;
@ -13,6 +15,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,28 +25,58 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_bitwarden bitwarden;
+        set $upstream_app bitwarden;
-        proxy_pass http://$upstream_bitwarden:80;
+        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location /admin {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app bitwarden;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location /notifications/hub {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_bitwarden bitwarden;
+        set $upstream_app bitwarden;
-        proxy_pass http://$upstream_bitwarden:80;
+        set $upstream_port 3012;
-        proxy_set_header Upgrade $http_upgrade;
+        set $upstream_proto http;
-        proxy_set_header Connection "Upgrade";
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location /notifications/hub/negotiate {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_bitwarden bitwarden;
+        set $upstream_app bitwarden;
-        proxy_pass http://$upstream_bitwarden:80;
+        set $upstream_port 80;
-    }
+        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/boinc.subdomain.conf.sample
+++ b/boinc.subdomain.conf.sample
@ -0,0 +1,40 @@
 # make sure that your dns has a cname set for boinc
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name boinc.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        proxy_buffering off;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app boinc;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/booksonic.subdomain.conf.sample
+++ b/booksonic.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for booksonic and that your booksonic container is not using a base url
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name booksonic.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app booksonic;
        set $upstream_port 4040;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/booksonic.subfolder.conf.sample
+++ b/booksonic.subfolder.conf.sample
@ -0,0 +1,22 @@
 # set the CONTEXT_PATH variable to /booksonic in booksonic container.
 location ^~ /booksonic {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app booksonic;
    set $upstream_port 4040;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/bookstack.subdomain.conf.sample
+++ b/bookstack.subdomain.conf.sample
@ -0,0 +1,41 @@
 # make sure that your dns has a cname set for bookstack and that your bookstack container is named bookstack
 # Ensure you have the APP_URL Environment Variable set correctly in your Docker Run/Compose or in BookStack Env File (/www/.env)
 # https://github.com/linuxserver/docker-bookstack#docker
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name bookstack.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        #enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app bookstack;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/calibre-web.subdomain.conf.sample
+++ b/calibre-web.subdomain.conf.sample
@ -0,0 +1,41 @@
 # make sure that your dns has a cname set for calibre-web
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name calibre-web.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
 	location / {
 		# enable the next two lines for http auth
 		#auth_basic "Restricted";
 		#auth_basic_user_file /config/nginx/.htpasswd;
 		# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
 		#auth_request /auth;
 		#error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
 		resolver 127.0.0.11 valid=30s;
 		set $upstream_app calibre-web;
 		set $upstream_port 8083;
 		set $upstream_proto http;
 		proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 		proxy_set_header Host $http_host;
 		proxy_set_header X-Scheme $scheme;
 	}
 }
--- a/calibre-web.subfolder.conf.sample
+++ b/calibre-web.subfolder.conf.sample
@ -0,0 +1,28 @@
 # calibre-web does not require a base url setting
 location /calibre-web {
    return 301 $scheme://$host/calibre-web/;
 }
 location ^~ /calibre-web/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app calibre-web;
    set $upstream_port 8083;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    proxy_set_header Host $http_host;
    proxy_set_header X-Scheme $scheme;
    proxy_set_header X-Script-Name /calibre-web;
 }
--- a/calibre.subdomain.conf.sample
+++ b/calibre.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for calibre
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name calibre.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app calibre;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_buffering off;
    }
 }
--- a/calibre.subfolder.conf.sample
+++ b/calibre.subfolder.conf.sample
@ -0,0 +1,26 @@
 # calibre does not require a base url setting
 location /calibre {
    return 301 $scheme://$host/calibre/;
 }
 location ^~ /calibre/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app calibre;
    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /calibre(.*) $1 break;
 }
--- a/code-server.subdomain.conf.sample
+++ b/code-server.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for code-server
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name code-server.* "~^[0-9]{1,10}\.code-server\..*$";
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app code-server;
        set $upstream_port 8443;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/codimd.subdomain.conf.sample
+++ b/codimd.subdomain.conf.sample
@ -15,6 +15,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -22,11 +25,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_codimd codimd;
+        set $upstream_app codimd;
-        proxy_pass http://$upstream_codimd:3000;
+        set $upstream_port 3000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-}
+}
--- a/collabora.subdomain.conf.sample
+++ b/collabora.subdomain.conf.sample
@ -8,47 +8,70 @@ server {
    include /config/nginx/ssl.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_collabora collabora;
    # static files
    location ^~ /loleaflet {
-        proxy_pass https://$upstream_collabora:9980;
+        resolver 127.0.0.11 valid=30s;
        set $upstream_app collabora;
        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Host $http_host;
    }
    # WOPI discovery URL
    location ^~ /hosting/discovery {
-        proxy_pass https://$upstream_collabora:9980;
+        resolver 127.0.0.11 valid=30s;
        set $upstream_app collabora;
        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Host $http_host;
    }
    # Capabilities
    location ^~ /hosting/capabilities {
-        proxy_pass https://$upstream_collabora:9980;
+        resolver 127.0.0.11 valid=30s;
        set $upstream_app collabora;
        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Host $http_host;
    }
    # main websocket
    location ~ ^/lool/(.*)/ws$ {
-        proxy_pass https://$upstream_collabora:9980;
+        resolver 127.0.0.11 valid=30s;
-        proxy_set_header Upgrade $http_upgrade;
+        set $upstream_app collabora;
-        proxy_set_header Connection "Upgrade";
+        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }
    # download, presentation and image upload
    location ~ ^/lool {
-        proxy_pass https://$upstream_collabora:9980;
+        resolver 127.0.0.11 valid=30s;
        set $upstream_app collabora;
        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Host $http_host;
    }
    # Admin Console websocket
    location ^~ /lool/adminws {
-        proxy_pass https://$upstream_collabora:9980;
+        resolver 127.0.0.11 valid=30s;
-        proxy_set_header Upgrade $http_upgrade;
+        set $upstream_app collabora;
-        proxy_set_header Connection "Upgrade";
+        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }
--- a/couchpotato.subdomain.conf.sample
+++ b/couchpotato.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_couchpotato couchpotato;
+        set $upstream_app couchpotato;
-        proxy_pass http://$upstream_couchpotato:5050;
+        set $upstream_port 5050;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/couchpotato.subfolder.conf.sample
+++ b/couchpotato.subfolder.conf.sample
@ -7,10 +7,16 @@ location ^~ /couchpotato {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_couchpotato couchpotato;
+    set $upstream_app couchpotato;
-    proxy_pass http://$upstream_couchpotato:5050;
+    set $upstream_port 5050;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/deluge.subdomain.conf.sample
+++ b/deluge.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_deluge deluge;
+        set $upstream_app deluge;
-        proxy_pass http://$upstream_deluge:8112;
+        set $upstream_port 8112;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/deluge.subfolder.conf.sample
+++ b/deluge.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /deluge {
    return 301 $scheme://$host/deluge/;
 }
 location ^~ /deluge/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,12 +11,18 @@ location ^~ /deluge/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_deluge deluge;
+    set $upstream_app deluge;
    set $upstream_port 8112;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /deluge(.*) $1 break;
    proxy_pass http://$upstream_deluge:8112;
    proxy_set_header X-Deluge-Base "/deluge/";
 }
--- a/dillinger.subdomain.conf.sample
+++ b/dillinger.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_dillinger dillinger;
+        set $upstream_app dillinger;
-        proxy_pass http://$upstream_dillinger:8080;
+        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-}
+}
--- a/documentserver.subdomain.conf.sample
+++ b/documentserver.subdomain.conf.sample
@ -0,0 +1,40 @@
 # Make sure that your dns has a cname set for onlyoffice named "documentserver"
 # Make sure that the onlyoffice documentserver container is named "documentserver"
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name documentserver.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    #enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        #enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        #enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app documentserver;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/dokuwiki.subdomain.conf.sample
+++ b/dokuwiki.subdomain.conf.sample
@ -1,4 +1,4 @@
-# First complete the setup by appending install.php to URL. 
+# First complete the setup by appending install.php to URL.
 # Make sure that your dns has a cname set for dokuwiki
 server {
@ -14,6 +14,9 @@ server {
    #enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        #enable the next two lines for http auth
        #auth_basic "Restricted";
@ -21,11 +24,17 @@ server {
        #enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_dokuwiki dokuwiki;
+        set $upstream_app dokuwiki;
-        proxy_pass http://$upstream_dokuwiki:80;
+        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/domoticz.subdomain.conf.sample
+++ b/domoticz.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_domoticz domoticz;
+        set $upstream_app domoticz;
-        proxy_pass http://$upstream_domoticz:8080;
+        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-}
+}
--- a/domoticz.subfolder.conf.sample
+++ b/domoticz.subfolder.conf.sample
@ -7,10 +7,16 @@ location ^~ /domoticz/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_domoticz domoticz;
+    set $upstream_app domoticz;
-    proxy_pass http://$upstream_domoticz:8080;
+    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/dozzle.subdomain.conf.sample
+++ b/dozzle.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for dozzle and that your dozzle container is named dozzle
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name dozzle.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app dozzle;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/dozzle.subfolder.conf.sample
+++ b/dozzle.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /dozzle {
    return 301 $scheme://$host/dozzle/;
 }
 location ^~ /dozzle/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,13 +11,19 @@ location ^~ /dozzle/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    chunked_transfer_encoding off;
    proxy_buffering off;
    proxy_cache off;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_dozzle dozzle;
+    set $upstream_app dozzle;
-    proxy_pass http://$upstream_dozzle:8080;
+    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/duplicati.subdomain.conf.sample
+++ b/duplicati.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,10 +23,16 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_duplicati duplicati;
+        set $upstream_app duplicati;
-        proxy_pass http://$upstream_duplicati:8200;
+        set $upstream_port 8200;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/duplicati.subfolder.conf.sample
+++ b/duplicati.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /duplicati {
    return 301 $scheme://$host/duplicati/;
 }
 location ^~ /duplicati/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,10 +11,16 @@ location ^~ /duplicati/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_duplicati duplicati;
+    set $upstream_app duplicati;
    set $upstream_port 8200;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /duplicati(.*) $1 break;
    proxy_pass http://$upstream_duplicati:8200;
 }
--- a/emby.subdomain.conf.sample
+++ b/emby.subdomain.conf.sample
@ -1,6 +1,7 @@
-# make sure that your dns has a cname set for emby, if emby is running in bridge mode, the below config should work as is, although,
+# make sure that your dns has a cname set for emby and that your emby container is not using a base url
-# the container name is expected to be "emby", if not, replace the lines "set $upstream_emby emby;" with "set $upstream_emby <containername>;"
+# if emby is running in bridge mode and the container is named "emby", the below config should work as is
-# for host mode, replace the lines "proxy_pass http://$upstream_emby:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of emby
+# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
 # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
 # in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
 # and set the "Secure connection mode" to "Handled by reverse proxy"
@ -17,20 +18,12 @@ server {
    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_emby emby;
+        set $upstream_app emby;
-        proxy_pass http://$upstream_emby:8096;
+        set $upstream_port 8096;
-		
+        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
    }
    location ~ (/emby)?/socket {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_emby emby;
        proxy_pass http://$upstream_emby:8096;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
   }
 }
--- a/emby.subfolder.conf.sample
+++ b/emby.subfolder.conf.sample
@ -1,18 +1,22 @@
-# if emby is running in bridge mode, the below config should work as is, although, the container name is expected to be "emby",
+# make sure that your dns has a cname set for emby
-# if not, replace the lines "set $upstream_emby emby;" with "set $upstream_emby <containername>;"
+# if emby is running in bridge mode and the container is named "emby", the below config should work as is
-# for host mode, replace the lines "proxy_pass http://$upstream_emby:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of emby
+# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
 # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
 # in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url and subdomain,
 # and set the "Secure connection mode" to "Handled by reverse proxy"
 location /emby {
    return 301 $scheme://$host/emby/;
 }
 location ^~ /emby/ {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_emby emby;
+    set $upstream_app emby;
-    proxy_pass http://$upstream_emby:8096;
+    set $upstream_port 8096;
-    
+    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    proxy_set_header Range $http_range;
    proxy_set_header If-Range $http_if_range;
 }
@ -20,9 +24,9 @@ location ^~ /emby/ {
 location ^~ /embywebsocket {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_emby emby;
+    set $upstream_app emby;
-    proxy_pass http://$upstream_emby:8096;
+    set $upstream_port 8096;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
 }
--- a/embystat.subdomain.conf.sample
+++ b/embystat.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for embystat
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name embystat.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app embystat;
        set $upstream_port 6555;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/flood.subdomain.conf.sample
+++ b/flood.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_flood flood;
+        set $upstream_app flood;
-        proxy_pass http://$upstream_flood:3000;
+        set $upstream_port 3000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/flood.subfolder.conf.sample
+++ b/flood.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /flood {
    return 301 $scheme://$host/flood/;
 }
 location ^~ /flood/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /flood/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_flood flood;
+    set $upstream_app flood;
    set $upstream_port 3000;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /flood(.*) $1 break;
    proxy_pass http://$upstream_flood:3000;
 }
--- a/foldingathome.subdomain.conf.sample
+++ b/foldingathome.subdomain.conf.sample
@ -0,0 +1,40 @@
 # make sure that your dns has a cname set for foldingathome
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name foldingathome.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        proxy_buffering off;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app foldingathome;
        set $upstream_port 7396;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/freshrss.subdomain.conf.sample
+++ b/freshrss.subdomain.conf.sample
@ -0,0 +1,45 @@
 # make sure that your dns has a cname set for freshrss
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name freshrss.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app freshrss;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_cookie_path / "/; HTTPOnly; Secure";
        proxy_set_header Authorization $http_authorization;
        proxy_pass_header Authorization;
    }
 }
--- a/freshrss.subfolder.conf.sample
+++ b/freshrss.subfolder.conf.sample
@ -0,0 +1,33 @@
 # freshrss does not have a base url setting
 location /freshrss {
    return 301 $scheme://$host/freshrss/;
 }
 location ^~ /freshrss/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app freshrss;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /freshrss(.*) $1 break;
    proxy_redirect off;
    proxy_buffering off;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_cookie_path / "/; HTTPOnly; Secure";
    proxy_set_header Authorization $http_authorization;
    proxy_pass_header Authorization;
 }
--- a/ghost.subdomain.conf.sample
+++ b/ghost.subdomain.conf.sample
@ -0,0 +1,40 @@
 # make sure that your dns has a cname set for ghost and that your ghost config is not using a subdirectory.
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name ghost.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    #enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        #enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        #enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app ghost;
        set $upstream_port 2368;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_redirect off;
    }
 }
--- a/ghost.subfolder.conf.sample
+++ b/ghost.subfolder.conf.sample
@ -0,0 +1,24 @@
 # Make sure you are using a subfolder in your ghost config file. https://ghost.org/docs/concepts/config/#url
 # Note: /ghost/ is by default used for the admin page. See https://ghost.org/docs/concepts/config/#admin-url
 location /blog {
  # enable the next two lines for http auth
  #uth_basic "Restricted";
  #auth_basic_user_file /config/nginx/.htpasswd;
  #enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
  #auth_request /auth;
  #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
  include /config/nginx/proxy.conf;
  resolver 127.0.0.11 valid=30s;
  set $upstream_app ghost;
  set $upstream_port 2368;
  set $upstream_proto http;
  proxy_pass $upstream_proto://$upstream_app:$upstream_port;
  proxy_redirect off;
 }
--- a/gitea.subdomain.conf.sample
+++ b/gitea.subdomain.conf.sample
@ -4,8 +4,6 @@
 # ROOT_URL         = https://gitea.server.com/
 # DOMAIN           = gitea.server.com
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
@ -19,6 +17,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -26,11 +27,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_gitea gitea;
+        set $upstream_app gitea;
-        proxy_pass http://$upstream_gitea:3000;
+        set $upstream_port 3000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/gitea.subfolder.conf.sample
+++ b/gitea.subfolder.conf.sample
@ -11,7 +11,10 @@ location /gitea {
 location ^~ /gitea/ {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_gitea gitea;
+    set $upstream_app gitea;
    set $upstream_port 3000;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /gitea(.*) $1 break;
    proxy_pass http://$upstream_gitea:3000;
 }
--- a/glances.subdomain.conf.sample
+++ b/glances.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_glances glances;
+        set $upstream_app glances;
-        proxy_pass http://$upstream_glances:61208;
+        set $upstream_port 61208;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/glances.subfolder.conf.sample
+++ b/glances.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /glances {
    return 301 $scheme://$host/glances/;
 }
 location ^~ /glances/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /glances/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_glances glances;
+    set $upstream_app glances;
    set $upstream_port 61208;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /glances(.*) $1 break;
    proxy_pass http://$upstream_glances:61208;
 }
--- a/gotify.subdomain.conf.sample
+++ b/gotify.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for gotify
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name gotify.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app gotify;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/grafana.subdomain.conf.sample
+++ b/grafana.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_grafana grafana;
+        set $upstream_app grafana;
-        proxy_pass http://$upstream_grafana:3000;
+        set $upstream_port 3000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/grocy.subdomain.conf.sample
+++ b/grocy.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,12 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_grocy grocy;
+        set $upstream_app grocy;
-        proxy_pass http://$upstream_grocy:80;
+        set $upstream_port 80;
-    }
+        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-}
+    }
 }
--- a/guacamole.subdomain.conf.sample
+++ b/guacamole.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,12 +23,18 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        proxy_buffering off;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_guacamole guacamole;
+        set $upstream_app guacamole;
-        proxy_pass http://$upstream_guacamole:8080;
+        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/guacamole.subfolder.conf.sample
+++ b/guacamole.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /guacamole {
    return 301 $scheme://$host/guacamole/;
 }
 location ^~ /guacamole/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,12 +11,18 @@ location ^~ /guacamole/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    proxy_buffering off;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_guacamole guacamole;
+    set $upstream_app guacamole;
    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /guacamole(.*) $1 break;
    proxy_pass http://$upstream_guacamole:8080;
 }
--- a/headphones.subdomain.conf.sample
+++ b/headphones.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_headphones headphones;
+        set $upstream_app headphones;
-        proxy_pass http://$upstream_headphones:8181;
+        set $upstream_port 8181;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/headphones.subfolder.conf.sample
+++ b/headphones.subfolder.conf.sample
@ -7,10 +7,16 @@ location ^~ /headphones {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_headphones headphones;
+    set $upstream_app headphones;
-    proxy_pass http://$upstream_headphones:8181;
+    set $upstream_port 8181;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/heimdall.subdomain.conf.sample
+++ b/heimdall.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_heimdall heimdall;
+        set $upstream_app heimdall;
-        proxy_pass https://$upstream_heimdall:443;
+        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/heimdall.subfolder.conf.sample
+++ b/heimdall.subfolder.conf.sample
@ -7,10 +7,16 @@ location / {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_heimdall heimdall;
+    set $upstream_app heimdall;
-    proxy_pass https://$upstream_heimdall:443;
+    set $upstream_port 443;
    set $upstream_proto https;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/homeassistant.subdomain.conf.sample
+++ b/homeassistant.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,22 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_homeassistant homeassistant;
+        set $upstream_app homeassistant;
-        proxy_pass http://$upstream_homeassistant:8123;
+        set $upstream_port 8123;
-    }
+        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    location /api/websocket {
        resolver 127.0.0.11 valid=30s;
        set $upstream_homeassistant homeassistant;
        proxy_pass http://$upstream_homeassistant:8123;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
 }
--- a/jackett.subdomain.conf.sample
+++ b/jackett.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,18 +23,37 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_jackett jackett;
+        set $upstream_app jackett;
-        proxy_pass http://$upstream_jackett:9117;
+        set $upstream_port 9117;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-    location ~ (/jackett)?/(api|dl) {
+    location ~ (/jackett)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_jackett jackett;
+        set $upstream_app jackett;
-        proxy_pass http://$upstream_jackett:9117;
+        set $upstream_port 9117;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/jackett)?/dl {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app jackett;
        set $upstream_port 9117;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/jackett.subfolder.conf.sample
+++ b/jackett.subfolder.conf.sample
@ -1,23 +1,42 @@
 # first go into jackett settings, set the URL Base to /jackett and restart the jackett container
-location /jackett {
+location ^~ /jackett {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_jackett jackett;
+    set $upstream_app jackett;
-    proxy_pass http://$upstream_jackett:9117;
+    set $upstream_port 9117;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
-location ~ /jackett/(api|dl) {
+location ^~ /jackett/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_jackett jackett;
+    set $upstream_app jackett;
-    proxy_pass http://$upstream_jackett:9117;
+    set $upstream_port 9117;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /jackett/dl {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app jackett;
    set $upstream_port 9117;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/jellyfin.subdomain.conf.sample
+++ b/jellyfin.subdomain.conf.sample
@ -1,7 +1,8 @@
-# make sure that your dns has a cname set for jellyfin, if jellyfin is running in bridge mode, the below config should work as is, although,
+# make sure that your dns has a cname set for jellyfin
-# the container name is expected to be "jellyfin", if not, replace the lines "set $upstream_jellyfin jellyfin;" with "set $upstream_jellyfin <containername>;"
+# if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
-# for host mode, replace the lines "proxy_pass http://$upstream_jellyfin:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of jellyfin
+# if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;"
-# in jellyfin settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
+# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin
 # in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is,
 # and set the "Secure connection mode" to "Handled by reverse proxy"
 server {
@ -17,20 +18,22 @@ server {
    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_jellyfin jellyfin;
+        set $upstream_app jellyfin;
-        proxy_pass http://$upstream_jellyfin:8096;
+        set $upstream_port 8096;
-		
+        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
    }
-	
+
    location ~ (/jellyfin)?/socket {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_jellyfin jellyfin;
+        set $upstream_app jellyfin;
-        proxy_pass http://$upstream_jellyfin:8096;
+        set $upstream_port 8096;
-		
+        set $upstream_proto http;
-        proxy_set_header Upgrade $http_upgrade;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-        proxy_set_header Connection $http_connection;
+
-   }
+    }
-}
+}
--- a/jellyfin.subfolder.conf.sample
+++ b/jellyfin.subfolder.conf.sample
@ -1,28 +1,22 @@
-# if jellyfin is running in bridge mode, the below config should work as is, although, the container name is expected to be "jellyfin",
+# make sure that your dns has a cname set for jellyfin
-# if not, replace the lines "set $upstream_jellyfin jellyfin;" with "set $upstream_jellyfin <containername>;"
+# if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
-# for host mode, replace the lines "proxy_pass http://$upstream_jellyfin:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of jellyfin
+# if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;"
-# in jellyfin settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url and subdomain,
+# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin
 # in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is, set the base url to "/jellyfin",
 # and set the "Secure connection mode" to "Handled by reverse proxy"
 location /jellyfin {
    return 301 $scheme://$host/jellyfin/;
 }
 location ^~ /jellyfin/ {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_jellyfin jellyfin;
+    set $upstream_app jellyfin;
-    proxy_pass http://$upstream_jellyfin:8096;
+    set $upstream_port 8096;
-    
+    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    proxy_set_header Range $http_range;
    proxy_set_header If-Range $http_if_range;
 }
 location ^~ /jellyfinwebsocket {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_jellyfin jellyfin;
    proxy_pass http://$upstream_jellyfin:8096;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
 }
--- a/jenkins.subfolder.conf.sample
+++ b/jenkins.subfolder.conf.sample
@ -11,19 +11,24 @@ location ^~ /jenkins/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
 	# This is the maximum upload size
 	client_max_body_size 10m;
 	sendfile off;
    include /config/nginx/proxy.conf;
    proxy_max_temp_file_size 0;
    proxy_temp_file_write_size 64k;
    proxy_request_buffering off;
    proxy_buffering off;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_jenkins jenkins;    
+    set $upstream_app jenkins;
-    proxy_pass http://$upstream_jenkins:8080;
+    set $upstream_port 8080;
-}
+    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/kanzi.subdomain.conf.sample
+++ b/kanzi.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_kanzi kanzi;
+        set $upstream_app kanzi;
-        proxy_pass https://$upstream_kanzi:8000;
+        set $upstream_port 8000;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/kanzi.subfolder.conf.sample
+++ b/kanzi.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /kanzi {
    return 301 $scheme://$host/kanzi/;
 }
 location ^~ /kanzi/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /kanzi/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_kanzi kanzi;
+    set $upstream_app kanzi;
    set $upstream_port 8000;
    set $upstream_proto https;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /kanzi(.*) $1 break;
    proxy_pass https://$upstream_kanzi:8000;
 }
--- a/lazylibrarian.subdomain.conf.sample
+++ b/lazylibrarian.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_lazylibrarian lazylibrarian;
+        set $upstream_app lazylibrarian;
-        proxy_pass http://$upstream_lazylibrarian:5299;
+        set $upstream_port 5299;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/lazylibrarian.subfolder.conf.sample
+++ b/lazylibrarian.subfolder.conf.sample
@ -7,10 +7,16 @@ location ^~ /lazylibrarian {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_lazylibrarian lazylibrarian;
+    set $upstream_app lazylibrarian;
-    proxy_pass http://$upstream_lazylibrarian:5299;
+    set $upstream_port 5299;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/librespeed.subdomain.conf.sample
+++ b/librespeed.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for librespeed
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name librespeed.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app librespeed;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/lidarr.subdomain.conf.sample
+++ b/lidarr.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,18 +23,27 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_lidarr lidarr;
+        set $upstream_app lidarr;
-        proxy_pass http://$upstream_lidarr:8686;
+        set $upstream_port 8686;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/lidarr)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_lidarr lidarr;
+        set $upstream_app lidarr;
-        proxy_pass http://$upstream_lidarr:8686;
+        set $upstream_port 8686;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/lidarr.subfolder.conf.sample
+++ b/lidarr.subfolder.conf.sample
@ -7,17 +7,26 @@ location ^~ /lidarr {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_lidarr lidarr;
+    set $upstream_app lidarr;
-    proxy_pass http://$upstream_lidarr:8686;
+    set $upstream_port 8686;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /lidarr/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_lidarr lidarr;
+    set $upstream_app lidarr;
-    proxy_pass http://$upstream_lidarr:8686;
+    set $upstream_port 8686;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/lychee.subdomain.conf.sample
+++ b/lychee.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for lychee
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name lychee.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app lychee;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/mailu.subdomain.conf.sample
+++ b/mailu.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for mailu and that your mailu front container is named front
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name mailu.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app front;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/mailu.subfolder.conf.sample
+++ b/mailu.subfolder.conf.sample
@ -0,0 +1,54 @@
 # mailu does not require a base url setting, but the container needs to be named front
 # This config have been tested with "TLS_FLAVOR=mail"
 # To avoid errors you must change in docker-compose ports: 80 and 443, more info: https://mailu.io/1.7/reverse.html
 location /admin{
    return 301 $scheme://$host/admin/;
 }
 location ^~ /admin/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app front;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location /webmail{
    return 301 $scheme://$host/webmail/;
 }
 location ^~ /webmail/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app front;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/medusa.subdomain.conf.sample
+++ b/medusa.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,13 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        resolver 127.0.0.11 valid=30s;
-        set $upstream_medusa medusa;
+        set $upstream_app medusa;
-        proxy_pass http://$upstream_medusa:8081;
+        set $upstream_port 8081;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/medusa.subfolder.conf.sample
+++ b/medusa.subfolder.conf.sample
@ -7,12 +7,16 @@ location ^~ /medusa {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    resolver 127.0.0.11 valid=30s;
-    set $upstream_medusa medusa;
+    set $upstream_app medusa;
-    proxy_pass http://$upstream_medusa:8081;
+    set $upstream_port 8081;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/miniflux.subdomain.conf.sample
+++ b/miniflux.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for miniflux
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name miniflux.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app miniflux;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/miniflux.subfolder.conf.sample
+++ b/miniflux.subfolder.conf.sample
@ -0,0 +1,26 @@
 # set the environment variable "BASE_URL" to "https://yourdomain.url/miniflux/", or follow this guide to create a config file for Miniflux: https://miniflux.app/docs/configuration.html
 location /miniflux {
    return 301 $scheme://$host/miniflux/;
 }
 location /miniflux/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app miniflux;
    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/monitorr.subdomain.conf.sample
+++ b/monitorr.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_monitorr monitorr;
+        set $upstream_app monitorr;
-        proxy_pass http://$upstream_monitorr:80;
+        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/monitorr.subfolder.conf.sample
+++ b/monitorr.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /monitorr {
    return 301 $scheme://$host/monitorr/;
 }
 location ^~ /monitorr/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,10 +11,16 @@ location ^~ /monitorr/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_monitorr monitorr;
+    set $upstream_app monitorr;
-    proxy_pass http://$upstream_monitorr:80;
+    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/mstream.subdomain.conf.sample
+++ b/mstream.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
-        
+
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
 	include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_mstream mstream;
+        set $upstream_app mstream;
-        proxy_pass http://$upstream_mstream:3000;
+        set $upstream_port 3000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/mylar.subdomain.conf.sample
+++ b/mylar.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_mylar mylar;
+        set $upstream_app mylar;
-        proxy_pass http://$upstream_mylar:8090;
+        set $upstream_port 8090;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/mylar.subfolder.conf.sample
+++ b/mylar.subfolder.conf.sample
@ -7,10 +7,16 @@ location ^~ /mylar {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_mylar mylar;
+    set $upstream_app mylar;
-    proxy_pass http://$upstream_mylar:8090;
+    set $upstream_port 8090;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/mytinytodo.subfolder.conf.sample
+++ b/mytinytodo.subfolder.conf.sample
@ -4,6 +4,7 @@
 location /todo {
    return 301 $scheme://$host/todo/;
 }
 location ^~ /todo/ {
    # enable the next two lines for http auth
@ -12,10 +13,15 @@ location ^~ /todo/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_mytinytodo mytinytodo;
+    set $upstream_app mytinytodo;
-    proxy_pass http://$upstream_mytinytodo:80/;
+    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port/;
 }
--- a/netboot.subdomain.conf.sample
+++ b/netboot.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for netboot
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name netboot.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app netboot;
        set $upstream_port 3000;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/netdata.subdomain.conf.sample
+++ b/netdata.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_netdata netdata;
+        set $upstream_app netdata;
-        proxy_pass http://$upstream_netdata:19999;
+        set $upstream_port 19999;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/netdata.subfolder.conf.sample
+++ b/netdata.subfolder.conf.sample
@ -3,6 +3,7 @@
 location /netdata {
    return 301 $scheme://$host/netdata/;
 }
 location ^~ /netdata/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /netdata/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_netdata netdata;
+    set $upstream_app netdata;
    set $upstream_port 19999;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /netdata(.*) $1 break;
    proxy_pass http://$upstream_netdata:19999;
 }
--- a/nextcloud.subdomain.conf.sample
+++ b/nextcloud.subdomain.conf.sample
@ -1,7 +1,7 @@
 # make sure that your dns has a cname set for nextcloud
-# assuming this container is called "letsencrypt", edit your nextcloud container's config
+# assuming this container is called "swag", edit your nextcloud container's config
 # located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
-#  'trusted_proxies' => ['letsencrypt'],
+#  'trusted_proxies' => ['swag'],
 #  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
 #  'overwritehost' => 'nextcloud.your-domain.com',
 #  'overwriteprotocol' => 'https',
@ -25,8 +25,11 @@ server {
    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nextcloud nextcloud;
+        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
        proxy_pass https://$upstream_nextcloud:443;
    }
 }
--- a/nextcloud.subfolder.conf.sample
+++ b/nextcloud.subfolder.conf.sample
@ -1,6 +1,6 @@
-# Assuming this container is called "letsencrypt", edit your nextcloud container's config
+# Assuming this container is called "swag", edit your nextcloud container's config
 # located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
-#  'trusted_proxies' => ['letsencrypt'],
+#  'trusted_proxies' => ['swag'],
 #  'overwritewebroot' => '/nextcloud',
 #  'overwrite.cli.url' => 'https://your-domain.com/nextcloud',
 #
@ -26,15 +26,16 @@ location /nextcloud {
 location ^~ /nextcloud/ {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nextcloud nextcloud;
+    set $upstream_app nextcloud;
    set $upstream_port 443;
    set $upstream_proto https;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    rewrite /nextcloud(.*) $1 break;
    proxy_pass https://$upstream_nextcloud:443;
    proxy_max_temp_file_size 2048m;
    proxy_set_header Range $http_range;
    proxy_set_header If-Range $http_if_range;
-    proxy_set_header Connection $http_connection;
+        proxy_redirect off;
    proxy_redirect off;
    proxy_ssl_session_reuse off;
-} 
+}
--- a/nzbget.subdomain.conf.sample
+++ b/nzbget.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,32 +23,47 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nzbget nzbget;
+        set $upstream_app nzbget;
-        proxy_pass http://$upstream_nzbget:6789;
+        set $upstream_port 6789;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-    location ^~ /nzbget/jsonrpc {
+    location ~ (/nzbget)?(/[^\/:]*:[^\/:]*)?/jsonrpc {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nzbget nzbget;
+        set $upstream_app nzbget;
-        proxy_pass http://$upstream_nzbget:6789;
+        set $upstream_port 6789;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-    location ^~ /nzbget/jsonprpc {
+    location ~ (/nzbget)?(/[^\/:]*:[^\/]*)?/jsonprpc {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nzbget nzbget;
+        set $upstream_app nzbget;
-        proxy_pass http://$upstream_nzbget:6789;
+        set $upstream_port 6789;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-    location ^~ /nzbget/xmlrpc {
+    location ~ (/nzbget)?(/[^\/:]*:[^\/]*)?/xmlrpc {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nzbget nzbget;
+        set $upstream_app nzbget;
-        proxy_pass http://$upstream_nzbget:6789;
+        set $upstream_port 6789;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/nzbget.subfolder.conf.sample
+++ b/nzbget.subfolder.conf.sample
@ -1,37 +1,52 @@
 # nzbget does not require a base url setting
-location ^~ /nzbget {
+location /nzbget {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nzbget nzbget;
+    set $upstream_app nzbget;
-    proxy_pass http://$upstream_nzbget:6789;
+    set $upstream_port 6789;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
-location ^~ /nzbget/jsonrpc {
+location ~ /nzbget(/[^\/:]*:[^\/]*)?/jsonrpc {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nzbget nzbget;
+    set $upstream_app nzbget;
-    proxy_pass http://$upstream_nzbget:6789;
+    set $upstream_port 6789;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
-location ^~ /nzbget/jsonprpc {
+location ~ /nzbget(/[^\/:]*:[^\/]*)?/jsonprpc {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nzbget nzbget;
+    set $upstream_app nzbget;
-    proxy_pass http://$upstream_nzbget:6789;
+    set $upstream_port 6789;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
-location ^~ /nzbget/xmlrpc {
+location ~ /nzbget(/[^\/:]*:[^\/]*)?/xmlrpc {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nzbget nzbget;
+    set $upstream_app nzbget;
-    proxy_pass http://$upstream_nzbget:6789;
+    set $upstream_port 6789;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/nzbhydra.subdomain.conf.sample
+++ b/nzbhydra.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,18 +23,67 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nzbhydra hydra2;
+        set $upstream_app nzbhydra2;
-        proxy_pass http://$upstream_nzbhydra:5076;
+        set $upstream_port 5076;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/nzbhydra)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_nzbhydra hydra2;
+        set $upstream_app nzbhydra2;
-        proxy_pass http://$upstream_nzbhydra:5076;
+        set $upstream_port 5076;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/nzbhydra)?/getnzb {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nzbhydra2;
        set $upstream_port 5076;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/nzbhydra)?/gettorrent {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nzbhydra2;
        set $upstream_port 5076;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/nzbhydra)?/rss {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nzbhydra2;
        set $upstream_port 5076;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location ~ (/nzbhydra)?/torznab/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nzbhydra2;
        set $upstream_port 5076;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/nzbhydra.subfolder.conf.sample
+++ b/nzbhydra.subfolder.conf.sample
@ -7,17 +7,66 @@ location ^~ /nzbhydra {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nzbhydra hydra2;
+    set $upstream_app nzbhydra2;
-    proxy_pass http://$upstream_nzbhydra:5076;
+    set $upstream_port 5076;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /nzbhydra/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_nzbhydra hydra2;
+    set $upstream_app nzbhydra2;
-    proxy_pass http://$upstream_nzbhydra:5076;
+    set $upstream_port 5076;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /nzbhydra/getnzb {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app nzbhydra2;
    set $upstream_port 5076;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /nzbhydra/gettorrent {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app nzbhydra2;
    set $upstream_port 5076;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /nzbhydra/rss {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app nzbhydra2;
    set $upstream_port 5076;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /nzbhydra/torznab/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app nzbhydra2;
    set $upstream_port 5076;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
--- a/ombi.subdomain.conf.sample
+++ b/ombi.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,29 +23,42 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_ombi ombi;
+        set $upstream_app ombi;
-        proxy_pass http://$upstream_ombi:3579;
+        set $upstream_port 3579;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    # This allows access to the actual api
    location ~ (/ombi)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_ombi ombi;
+        set $upstream_app ombi;
-        proxy_pass http://$upstream_ombi:3579;
+        set $upstream_port 3579;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
   }
    # This allows access to the documentation for the api
    location ~ (/ombi)?/swagger {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_ombi ombi;
+        set $upstream_app ombi;
-        proxy_pass http://$upstream_ombi:3579;
+        set $upstream_port 3579;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
   }
   if ($http_referer ~* /ombi) {
       rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
   }
--- a/ombi.subfolder.conf.sample
+++ b/ombi.subfolder.conf.sample
@ -11,21 +11,31 @@ location ^~ /ombi/ {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_ombi ombi;
+    set $upstream_app ombi;
-    proxy_pass http://$upstream_ombi:3579;
+    set $upstream_port 3579;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 # This allows access to the actual api
 location ^~ /ombi/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_ombi ombi;
+    set $upstream_app ombi;
-    proxy_pass http://$upstream_ombi:3579;
+    set $upstream_port 3579;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 if ($http_referer ~* /ombi) {
    rewrite ^/api/(.*) /ombi/api/$1? redirect;
 }
@ -34,9 +44,13 @@ if ($http_referer ~* /ombi) {
 location ^~ /ombi/swagger {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_ombi ombi;
+    set $upstream_app ombi;
-    proxy_pass http://$upstream_ombi:3579;
+    set $upstream_port 3579;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 if ($http_referer ~* /ombi) {
    rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
 }
--- a/openvpn-as.subdomain.conf.sample
+++ b/openvpn-as.subdomain.conf.sample
@ -0,0 +1,60 @@
 # make sure that your dns has a cname set for openvpn-as and that your openvpn-as container is not using a base url
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name openvpn-as.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app openvpn-as;
        set $upstream_port 943;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    location /admin {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app openvpn-as;
        set $upstream_port 943;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/organizr-auth.subfolder.conf.sample
+++ b/organizr-auth.subfolder.conf.sample
@ -0,0 +1,38 @@
 # To use config this with subfolder proxies:
 #   Rename this file to organizr-auth.subfolder.conf
 #   Add one of the auth_request lines from the comments below
 #   ex:
 #     auth_request /auth-0;
 #
 # To use config this with subdomain proxies:
 #   Rename this file to organizr-auth.subfolder.conf (the subfolder file name is still used)
 #   Add the following line in your other subdomain proxy configs
 #     include /config/nginx/proxy-confs/organizr-auth.subfolder.conf;
 #   Add one of the auth_request lines from the comments below
 #   ex:
 #     include /config/nginx/proxy-confs/organizr-auth.subfolder.conf;
 #     auth_request /auth-0;
 location ~ /auth-([0-9]+) {
    internal;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_auth_app organizr;
    set $upstream_auth_port 80;
    set $upstream_auth_proto http;
    proxy_pass $upstream_auth_proto://$upstream_auth_app:$upstream_auth_port/api/?v1/auth&group=$1;
    proxy_set_header Content-Length "";
    # Do not uncomment the lines below, these are examples for usue in other proxy configs
    #auth_request /auth-0;   #=Admin
    #auth_request /auth-1;   #=Co-Admin
    #auth_request /auth-2;   #=Super User
    #auth_request /auth-3;   #=Power User
    #auth_request /auth-4;   #=User
    #auth_request /auth-998; #=Logged In
    #auth_request /auth-999; #=Guest
 }
 # Optional redirect server authentication errors to organizr authentication page
 # NOTE: $host must be modified to your public URL when using subdomain proxies
 #error_page 401 $scheme://$host/?error=$status&return=$request_uri;
--- a/organizr.subdomain.conf.sample
+++ b/organizr.subdomain.conf.sample
@ -13,6 +13,9 @@ server {
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
@ -20,31 +23,21 @@ server {
        # enable the next two lines for ldap auth
        #auth_request /auth;
-        #error_page 401 =200 /login;
+        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
-        set $upstream_organizr organizr;
+        set $upstream_app organizr;
-        proxy_pass http://$upstream_organizr:80;
+        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
-    location ~ /auth-(admin|user) {
+    # Optional redirect server errors to organizr error pages
-        # This is used for Organizr V1
+    #error_page 400 402 403 404 405 408 500 502 503 504  $scheme://$host/?error=$status;
        internal;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_organizr organizr;
        proxy_pass http://$upstream_organizr:80/auth.php?$1;
        proxy_set_header Content-Length "";
    }
    location ~ /auth-([0-9]+) {
        # This is used for Organizr V2
        internal;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_organizr organizr;
        proxy_pass http://$upstream_organizr:80/api/?v1/auth&group=$1;
        proxy_set_header Content-Length "";
    }
 }
--- a/organizr.subfolder.conf.sample
+++ b/organizr.subfolder.conf.sample
@ -1,4 +1,4 @@
-# In order to use this location block you need to edit the default file one folder up and comment out the / location
+# In order to use this location block you need to edit the default file one folder up and comment out the / and ~ \.php$ locations
 location / {
    # enable the next two lines for http auth
@ -7,30 +7,19 @@ location / {
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
-    #error_page 401 =200 /login;
+    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
-    set $upstream_organizr organizr;
+    set $upstream_app organizr;
-    proxy_pass http://$upstream_organizr:80;
+    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
-location ~ /auth-(admin|user) {
+# Optional redirect server errors to organizr error pages
-    # This is used for Organizr V1
+#error_page 400 402 403 404 405 408 500 502 503 504  $scheme://$host/?error=$status;
    internal;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_organizr organizr;
    proxy_pass http://$upstream_organizr:80/auth.php?$1;
    proxy_set_header Content-Length "";
 }
 location ~ /auth-([0-9]+) {
    # This is used for Organizr V2
    internal;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_organizr organizr;
    proxy_pass http://$upstream_organizr:80/api/?v1/auth&group=$1;
    proxy_set_header Content-Length "";
 }
--- a/osticket.subdomain.conf.sample
+++ b/osticket.subdomain.conf.sample
@ -0,0 +1,39 @@
 # make sure that your dns has a cname set for osticket and that your osticket container is named osticket.
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name osticket.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    #include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        #include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app osticket;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/Show more
+++ b/Show more