github/reverse-proxy-confs
1
0
Fork 0
mirror of https://github.com/linuxserver/reverse-proxy-confs.git synced 2025-08-22 06:13:49 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'upstream/master' into master

Browse source
This commit is contained in:
J. Scott Elblein 2020-09-09 22:51:13 -05:00
commit 5dfb668994
157 changed files with 3492 additions and 625 deletions
Download patch file Download diff file Expand all files Collapse all files

24
.github/workflows/allowed_names.yml vendored Normal file
View file

@ -0,0 +1,24 @@
name: Check Allowed File Names
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
check-allowed-file-names:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Check Allowed File Names
run: |
NOT_SAMPLES=$(find . -not -path '*/\.*' -type f ! \( -name '*.conf.sample' -o -name 'README.md' -o -name 'LICENSE' \))
NOT_SAMPLES_COUNT=$(echo "${NOT_SAMPLES}" | wc -w)
if (( NOT_SAMPLES_COUNT > 0 )); then
echo "The following files are not allowed:"
echo "${NOT_SAMPLES}"
exit 1
fi

49
adguard.subdomain.conf.sample Normal file
View file

@ -0,0 +1,49 @@
# make sure that your dns has a cname set for adguard and that your adguard container is named adguard
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name adguard.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app adguard;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location /control {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app adguard;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
adminer.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /adminer {
return 301 $scheme://$host/adminer/;
}
location ^~ /adminer/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,10 +11,16 @@ location ^~ /adminer/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_adminer adminer;
proxy_pass http://$upstream_adminer:8080;
set $upstream_app adminer;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

16
airsonic.subdomain.conf.sample
View file

@ -1,4 +1,5 @@
# make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url
# add `server.use-forward-headers=true` to `/config/application.properties` to ensure logs contain real source IP
server {
listen 443 ssl;
@ -13,6 +14,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +24,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_airsonic airsonic;
proxy_pass http://$upstream_airsonic:4040;
set $upstream_app airsonic;
set $upstream_port 4040;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
airsonic.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location ^~ /airsonic {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_airsonic airsonic;
proxy_pass http://$upstream_airsonic:4040;
set $upstream_app airsonic;
set $upstream_port 4040;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

27
authelia.subdomain.conf.sample Normal file
View file

@ -0,0 +1,27 @@
# make sure that your dns has a cname set for authelia
# the default authelia-server and authelia-location confs included with letsencrypt rely on
# subfolder proxy at "/authelia" and enabling of this proxy conf is not necessary.
# But if you'd like to use authelia via subdomain, you can enable this proxy and set up your own
# authelia-server and authelia-location confs as described in authelia docs.
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name authelia.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app authelia;
set $upstream_port 9091;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

25
bazarr.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,27 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bazarr bazarr;
proxy_pass http://$upstream_bazarr:6767;
set $upstream_app bazarr;
set $upstream_port 6767;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/bazarr)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app bazarr;
set $upstream_port 6767;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

23
bazarr.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /bazarr {
return 301 $scheme://$host/bazarr/;
}
location ^~ /bazarr/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,10 +11,26 @@ location ^~ /bazarr/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bazarr bazarr;
proxy_pass http://$upstream_bazarr:6767;
set $upstream_app bazarr;
set $upstream_port 6767;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /bazarr/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app bazarr;
set $upstream_port 6767;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
beets.subdomain.conf.sample
View file

@ -14,6 +14,9 @@ server {
#enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
#enable the next two lines for http auth
#auth_basic "Restricted";
@ -21,11 +24,17 @@ server {
#enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_beets beets;
proxy_pass http://$upstream_beets:8337;
set $upstream_app beets;
set $upstream_port 8337;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

14
beets.subfolder.conf.sample
View file

@ -7,14 +7,18 @@ location /beets {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_beets beets;
proxy_pass http://$upstream_beets:8337;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
set $upstream_app beets;
set $upstream_port 8337;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Script-Name /beets;
}

55
bitwarden.subdomain.conf.sample
View file

@ -1,4 +1,6 @@
# make sure that your dns has a cname set for bitwarden and that your bitwarden container is not using a base url
# make sure your bitwarden container is named "bitwarden"
# set the environment variable WEBSOCKET_ENABLED=true on your bitwarden container
server {
listen 443 ssl;
@ -13,6 +15,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,28 +25,58 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bitwarden bitwarden;
proxy_pass http://$upstream_bitwarden:80;
set $upstream_app bitwarden;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location /admin {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app bitwarden;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location /notifications/hub {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bitwarden bitwarden;
proxy_pass http://$upstream_bitwarden:80;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
set $upstream_app bitwarden;
set $upstream_port 3012;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location /notifications/hub/negotiate {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bitwarden bitwarden;
proxy_pass http://$upstream_bitwarden:80;
}
set $upstream_app bitwarden;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

40
boinc.subdomain.conf.sample Normal file
View file

@ -0,0 +1,40 @@
# make sure that your dns has a cname set for boinc
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name boinc.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_buffering off;
resolver 127.0.0.11 valid=30s;
set $upstream_app boinc;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

39
booksonic.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for booksonic and that your booksonic container is not using a base url
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name booksonic.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app booksonic;
set $upstream_port 4040;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

22
booksonic.subfolder.conf.sample Normal file
View file

@ -0,0 +1,22 @@
# set the CONTEXT_PATH variable to /booksonic in booksonic container.
location ^~ /booksonic {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app booksonic;
set $upstream_port 4040;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

41
bookstack.subdomain.conf.sample Normal file
View file

@ -0,0 +1,41 @@
# make sure that your dns has a cname set for bookstack and that your bookstack container is named bookstack
# Ensure you have the APP_URL Environment Variable set correctly in your Docker Run/Compose or in BookStack Env File (/www/.env)
# https://github.com/linuxserver/docker-bookstack#docker
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name bookstack.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
#enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app bookstack;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

41
calibre-web.subdomain.conf.sample Normal file
View file

@ -0,0 +1,41 @@
# make sure that your dns has a cname set for calibre-web
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name calibre-web.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app calibre-web;
set $upstream_port 8083;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
proxy_set_header X-Scheme $scheme;
}
}

28
calibre-web.subfolder.conf.sample Normal file
View file

@ -0,0 +1,28 @@
# calibre-web does not require a base url setting
location /calibre-web {
return 301 $scheme://$host/calibre-web/;
}
location ^~ /calibre-web/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app calibre-web;
set $upstream_port 8083;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Script-Name /calibre-web;
}

39
calibre.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for calibre
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name calibre.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app calibre;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_buffering off;
}
}

26
calibre.subfolder.conf.sample Normal file
View file

@ -0,0 +1,26 @@
# calibre does not require a base url setting
location /calibre {
return 301 $scheme://$host/calibre/;
}
location ^~ /calibre/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app calibre;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /calibre(.*) $1 break;
}

39
code-server.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for code-server
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name code-server.* "~^[0-9]{1,10}\.code-server\..*$";
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app code-server;
set $upstream_port 8443;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
codimd.subdomain.conf.sample
View file

@ -15,6 +15,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -22,11 +25,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_codimd codimd;
proxy_pass http://$upstream_codimd:3000;
set $upstream_app codimd;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

49
collabora.subdomain.conf.sample
View file

@ -8,47 +8,70 @@ server {
include /config/nginx/ssl.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_collabora collabora;
# static files
location ^~ /loleaflet {
proxy_pass https://$upstream_collabora:9980;
resolver 127.0.0.11 valid=30s;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
}
# WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass https://$upstream_collabora:9980;
resolver 127.0.0.11 valid=30s;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
}
# Capabilities
location ^~ /hosting/capabilities {
proxy_pass https://$upstream_collabora:9980;
resolver 127.0.0.11 valid=30s;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
}
# main websocket
location ~ ^/lool/(.*)/ws$ {
proxy_pass https://$upstream_collabora:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
resolver 127.0.0.11 valid=30s;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
# download, presentation and image upload
location ~ ^/lool {
proxy_pass https://$upstream_collabora:9980;
resolver 127.0.0.11 valid=30s;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
}
# Admin Console websocket
location ^~ /lool/adminws {
proxy_pass https://$upstream_collabora:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
resolver 127.0.0.11 valid=30s;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}

15
couchpotato.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_couchpotato couchpotato;
proxy_pass http://$upstream_couchpotato:5050;
set $upstream_app couchpotato;
set $upstream_port 5050;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
couchpotato.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location ^~ /couchpotato {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_couchpotato couchpotato;
proxy_pass http://$upstream_couchpotato:5050;
set $upstream_app couchpotato;
set $upstream_port 5050;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
deluge.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_deluge deluge;
proxy_pass http://$upstream_deluge:8112;
set $upstream_app deluge;
set $upstream_port 8112;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
deluge.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /deluge {
return 301 $scheme://$host/deluge/;
}
location ^~ /deluge/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,12 +11,18 @@ location ^~ /deluge/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_deluge deluge;
set $upstream_app deluge;
set $upstream_port 8112;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /deluge(.*) $1 break;
proxy_pass http://$upstream_deluge:8112;
proxy_set_header X-Deluge-Base "/deluge/";
}

15
dillinger.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_dillinger dillinger;
proxy_pass http://$upstream_dillinger:8080;
set $upstream_app dillinger;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

40
documentserver.subdomain.conf.sample Normal file
View file

@ -0,0 +1,40 @@
# Make sure that your dns has a cname set for onlyoffice named "documentserver"
# Make sure that the onlyoffice documentserver container is named "documentserver"
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name documentserver.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
#enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
#enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
#enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app documentserver;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
dokuwiki.subdomain.conf.sample
View file

@ -14,6 +14,9 @@ server {
#enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
#enable the next two lines for http auth
#auth_basic "Restricted";
@ -21,11 +24,17 @@ server {
#enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_dokuwiki dokuwiki;
proxy_pass http://$upstream_dokuwiki:80;
set $upstream_app dokuwiki;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
domoticz.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_domoticz domoticz;
proxy_pass http://$upstream_domoticz:8080;
set $upstream_app domoticz;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
domoticz.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location ^~ /domoticz/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_domoticz domoticz;
proxy_pass http://$upstream_domoticz:8080;
set $upstream_app domoticz;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

39
dozzle.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for dozzle and that your dozzle container is named dozzle
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name dozzle.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app dozzle;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
dozzle.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /dozzle {
return 301 $scheme://$host/dozzle/;
}
location ^~ /dozzle/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,13 +11,19 @@ location ^~ /dozzle/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
resolver 127.0.0.11 valid=30s;
set $upstream_dozzle dozzle;
proxy_pass http://$upstream_dozzle:8080;
set $upstream_app dozzle;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
duplicati.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,10 +23,16 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_duplicati duplicati;
proxy_pass http://$upstream_duplicati:8200;
set $upstream_app duplicati;
set $upstream_port 8200;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
duplicati.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /duplicati {
return 301 $scheme://$host/duplicati/;
}
location ^~ /duplicati/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,10 +11,16 @@ location ^~ /duplicati/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_duplicati duplicati;
set $upstream_app duplicati;
set $upstream_port 8200;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /duplicati(.*) $1 break;
proxy_pass http://$upstream_duplicati:8200;
}

23
emby.subdomain.conf.sample
View file

@ -1,6 +1,7 @@
# make sure that your dns has a cname set for emby, if emby is running in bridge mode, the below config should work as is, although,
# the container name is expected to be "emby", if not, replace the lines "set $upstream_emby emby;" with "set $upstream_emby <containername>;"
# for host mode, replace the lines "proxy_pass http://$upstream_emby:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of emby
# make sure that your dns has a cname set for emby and that your emby container is not using a base url
# if emby is running in bridge mode and the container is named "emby", the below config should work as is
# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
# and set the "Secure connection mode" to "Handled by reverse proxy"
@ -17,20 +18,12 @@ server {
location / {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_emby emby;
proxy_pass http://$upstream_emby:8096;
set $upstream_app emby;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
}
location ~ (/emby)?/socket {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_emby emby;
proxy_pass http://$upstream_emby:8096;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}
}

22
emby.subfolder.conf.sample
View file

@ -1,17 +1,21 @@
# if emby is running in bridge mode, the below config should work as is, although, the container name is expected to be "emby",
# if not, replace the lines "set $upstream_emby emby;" with "set $upstream_emby <containername>;"
# for host mode, replace the lines "proxy_pass http://$upstream_emby:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of emby
# make sure that your dns has a cname set for emby
# if emby is running in bridge mode and the container is named "emby", the below config should work as is
# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url and subdomain,
# and set the "Secure connection mode" to "Handled by reverse proxy"
location /emby {
return 301 $scheme://$host/emby/;
}
location ^~ /emby/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_emby emby;
proxy_pass http://$upstream_emby:8096;
set $upstream_app emby;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
@ -20,9 +24,9 @@ location ^~ /emby/ {
location ^~ /embywebsocket {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_emby emby;
proxy_pass http://$upstream_emby:8096;
set $upstream_app emby;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}

39
embystat.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for embystat
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name embystat.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app embystat;
set $upstream_port 6555;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
flood.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_flood flood;
proxy_pass http://$upstream_flood:3000;
set $upstream_app flood;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
flood.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /flood {
return 301 $scheme://$host/flood/;
}
location ^~ /flood/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /flood/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_flood flood;
set $upstream_app flood;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /flood(.*) $1 break;
proxy_pass http://$upstream_flood:3000;
}

40
foldingathome.subdomain.conf.sample Normal file
View file

@ -0,0 +1,40 @@
# make sure that your dns has a cname set for foldingathome
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name foldingathome.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_buffering off;
resolver 127.0.0.11 valid=30s;
set $upstream_app foldingathome;
set $upstream_port 7396;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

45
freshrss.subdomain.conf.sample Normal file
View file

@ -0,0 +1,45 @@
# make sure that your dns has a cname set for freshrss
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name freshrss.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app freshrss;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_redirect off;
proxy_buffering off;
proxy_set_header X-Forwarded-Port $server_port;
proxy_cookie_path / "/; HTTPOnly; Secure";
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
}
}

33
freshrss.subfolder.conf.sample Normal file
View file

@ -0,0 +1,33 @@
# freshrss does not have a base url setting
location /freshrss {
return 301 $scheme://$host/freshrss/;
}
location ^~ /freshrss/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app freshrss;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /freshrss(.*) $1 break;
proxy_redirect off;
proxy_buffering off;
proxy_set_header X-Forwarded-Port $server_port;
proxy_cookie_path / "/; HTTPOnly; Secure";
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
}

40
ghost.subdomain.conf.sample Normal file
View file

@ -0,0 +1,40 @@
# make sure that your dns has a cname set for ghost and that your ghost config is not using a subdirectory.
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name ghost.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
#enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
#enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
#enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app ghost;
set $upstream_port 2368;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_redirect off;
}
}

24
ghost.subfolder.conf.sample Normal file
View file

@ -0,0 +1,24 @@
# Make sure you are using a subfolder in your ghost config file. https://ghost.org/docs/concepts/config/#url
# Note: /ghost/ is by default used for the admin page. See https://ghost.org/docs/concepts/config/#admin-url
location /blog {
# enable the next two lines for http auth
#uth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
#enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app ghost;
set $upstream_port 2368;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_redirect off;
}

17
gitea.subdomain.conf.sample
View file

@ -4,8 +4,6 @@
# ROOT_URL = https://gitea.server.com/
# DOMAIN = gitea.server.com
server {
listen 443 ssl;
listen [::]:443 ssl;
@ -19,6 +17,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -26,11 +27,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_gitea gitea;
proxy_pass http://$upstream_gitea:3000;
set $upstream_app gitea;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

7
gitea.subfolder.conf.sample
View file

@ -11,7 +11,10 @@ location /gitea {
location ^~ /gitea/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_gitea gitea;
set $upstream_app gitea;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /gitea(.*) $1 break;
proxy_pass http://$upstream_gitea:3000;
}

15
glances.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_glances glances;
proxy_pass http://$upstream_glances:61208;
set $upstream_app glances;
set $upstream_port 61208;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
glances.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /glances {
return 301 $scheme://$host/glances/;
}
location ^~ /glances/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /glances/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_glances glances;
set $upstream_app glances;
set $upstream_port 61208;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /glances(.*) $1 break;
proxy_pass http://$upstream_glances:61208;
}

39
gotify.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for gotify
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name gotify.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app gotify;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
grafana.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_grafana grafana;
proxy_pass http://$upstream_grafana:3000;
set $upstream_app grafana;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

16
grocy.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,12 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_grocy grocy;
proxy_pass http://$upstream_grocy:80;
}
set $upstream_app grocy;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
guacamole.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,12 +23,18 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_buffering off;
resolver 127.0.0.11 valid=30s;
set $upstream_guacamole guacamole;
proxy_pass http://$upstream_guacamole:8080;
set $upstream_app guacamole;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
guacamole.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /guacamole {
return 301 $scheme://$host/guacamole/;
}
location ^~ /guacamole/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,12 +11,18 @@ location ^~ /guacamole/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_buffering off;
resolver 127.0.0.11 valid=30s;
set $upstream_guacamole guacamole;
set $upstream_app guacamole;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /guacamole(.*) $1 break;
proxy_pass http://$upstream_guacamole:8080;
}

15
headphones.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_headphones headphones;
proxy_pass http://$upstream_headphones:8181;
set $upstream_app headphones;
set $upstream_port 8181;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
headphones.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location ^~ /headphones {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_headphones headphones;
proxy_pass http://$upstream_headphones:8181;
set $upstream_app headphones;
set $upstream_port 8181;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
heimdall.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_heimdall heimdall;
proxy_pass https://$upstream_heimdall:443;
set $upstream_app heimdall;
set $upstream_port 443;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
heimdall.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location / {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_heimdall heimdall;
proxy_pass https://$upstream_heimdall:443;
set $upstream_app heimdall;
set $upstream_port 443;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

24
homeassistant.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,22 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_homeassistant homeassistant;
proxy_pass http://$upstream_homeassistant:8123;
}
set $upstream_app homeassistant;
set $upstream_port 8123;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
location /api/websocket {
resolver 127.0.0.11 valid=30s;
set $upstream_homeassistant homeassistant;
proxy_pass http://$upstream_homeassistant:8123;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

34
jackett.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,18 +23,37 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
set $upstream_app jackett;
set $upstream_port 9117;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/jackett)?/(api|dl) {
location ~ (/jackett)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
set $upstream_app jackett;
set $upstream_port 9117;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/jackett)?/dl {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app jackett;
set $upstream_port 9117;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

33
jackett.subfolder.conf.sample
View file

@ -1,23 +1,42 @@
# first go into jackett settings, set the URL Base to /jackett and restart the jackett container
location /jackett {
location ^~ /jackett {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
set $upstream_app jackett;
set $upstream_port 9117;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ /jackett/(api|dl) {
location ^~ /jackett/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
set $upstream_app jackett;
set $upstream_port 9117;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /jackett/dl {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app jackett;
set $upstream_port 9117;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

23
jellyfin.subdomain.conf.sample
View file

@ -1,7 +1,8 @@
# make sure that your dns has a cname set for jellyfin, if jellyfin is running in bridge mode, the below config should work as is, although,
# the container name is expected to be "jellyfin", if not, replace the lines "set $upstream_jellyfin jellyfin;" with "set $upstream_jellyfin <containername>;"
# for host mode, replace the lines "proxy_pass http://$upstream_jellyfin:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of jellyfin
# in jellyfin settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
# make sure that your dns has a cname set for jellyfin
# if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
# if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;"
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin
# in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is,
# and set the "Secure connection mode" to "Handled by reverse proxy"
server {
@ -17,8 +18,10 @@ server {
location / {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jellyfin jellyfin;
proxy_pass http://$upstream_jellyfin:8096;
set $upstream_app jellyfin;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
@ -27,10 +30,10 @@ server {
location ~ (/jellyfin)?/socket {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jellyfin jellyfin;
proxy_pass http://$upstream_jellyfin:8096;
set $upstream_app jellyfin;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}
}

26
jellyfin.subfolder.conf.sample
View file

@ -1,28 +1,22 @@
# if jellyfin is running in bridge mode, the below config should work as is, although, the container name is expected to be "jellyfin",
# if not, replace the lines "set $upstream_jellyfin jellyfin;" with "set $upstream_jellyfin <containername>;"
# for host mode, replace the lines "proxy_pass http://$upstream_jellyfin:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of jellyfin
# in jellyfin settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url and subdomain,
# make sure that your dns has a cname set for jellyfin
# if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
# if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;"
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin
# in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is, set the base url to "/jellyfin",
# and set the "Secure connection mode" to "Handled by reverse proxy"
location /jellyfin {
return 301 $scheme://$host/jellyfin/;
}
location ^~ /jellyfin/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jellyfin jellyfin;
proxy_pass http://$upstream_jellyfin:8096;
set $upstream_app jellyfin;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
}
location ^~ /jellyfinwebsocket {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jellyfin jellyfin;
proxy_pass http://$upstream_jellyfin:8096;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}

13
jenkins.subfolder.conf.sample
View file

@ -11,19 +11,24 @@ location ^~ /jenkins/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
# This is the maximum upload size
client_max_body_size 10m;
sendfile off;
include /config/nginx/proxy.conf;
proxy_max_temp_file_size 0;
proxy_temp_file_write_size 64k;
proxy_request_buffering off;
proxy_buffering off;
resolver 127.0.0.11 valid=30s;
set $upstream_jenkins jenkins;
proxy_pass http://$upstream_jenkins:8080;
set $upstream_app jenkins;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
kanzi.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_kanzi kanzi;
proxy_pass https://$upstream_kanzi:8000;
set $upstream_app kanzi;
set $upstream_port 8000;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
kanzi.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /kanzi {
return 301 $scheme://$host/kanzi/;
}
location ^~ /kanzi/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /kanzi/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_kanzi kanzi;
set $upstream_app kanzi;
set $upstream_port 8000;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /kanzi(.*) $1 break;
proxy_pass https://$upstream_kanzi:8000;
}

15
lazylibrarian.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lazylibrarian lazylibrarian;
proxy_pass http://$upstream_lazylibrarian:5299;
set $upstream_app lazylibrarian;
set $upstream_port 5299;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
lazylibrarian.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location ^~ /lazylibrarian {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lazylibrarian lazylibrarian;
proxy_pass http://$upstream_lazylibrarian:5299;
set $upstream_app lazylibrarian;
set $upstream_port 5299;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

39
librespeed.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for librespeed
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name librespeed.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app librespeed;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

22
lidarr.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,18 +23,27 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lidarr lidarr;
proxy_pass http://$upstream_lidarr:8686;
set $upstream_app lidarr;
set $upstream_port 8686;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/lidarr)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lidarr lidarr;
proxy_pass http://$upstream_lidarr:8686;
set $upstream_app lidarr;
set $upstream_port 8686;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

19
lidarr.subfolder.conf.sample
View file

@ -7,17 +7,26 @@ location ^~ /lidarr {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lidarr lidarr;
proxy_pass http://$upstream_lidarr:8686;
set $upstream_app lidarr;
set $upstream_port 8686;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /lidarr/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lidarr lidarr;
proxy_pass http://$upstream_lidarr:8686;
set $upstream_app lidarr;
set $upstream_port 8686;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

39
lychee.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for lychee
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name lychee.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app lychee;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

39
mailu.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for mailu and that your mailu front container is named front
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name mailu.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app front;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

54
mailu.subfolder.conf.sample Normal file
View file

@ -0,0 +1,54 @@
# mailu does not require a base url setting, but the container needs to be named front
# This config have been tested with "TLS_FLAVOR=mail"
# To avoid errors you must change in docker-compose ports: 80 and 443, more info: https://mailu.io/1.7/reverse.html
location /admin{
return 301 $scheme://$host/admin/;
}
location ^~ /admin/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app front;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location /webmail{
return 301 $scheme://$host/webmail/;
}
location ^~ /webmail/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app front;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

17
medusa.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,13 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
resolver 127.0.0.11 valid=30s;
set $upstream_medusa medusa;
proxy_pass http://$upstream_medusa:8081;
set $upstream_app medusa;
set $upstream_port 8081;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

14
medusa.subfolder.conf.sample
View file

@ -7,12 +7,16 @@ location ^~ /medusa {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
resolver 127.0.0.11 valid=30s;
set $upstream_medusa medusa;
proxy_pass http://$upstream_medusa:8081;
set $upstream_app medusa;
set $upstream_port 8081;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

39
miniflux.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for miniflux
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name miniflux.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app miniflux;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

26
miniflux.subfolder.conf.sample Normal file
View file

@ -0,0 +1,26 @@
# set the environment variable "BASE_URL" to "https://yourdomain.url/miniflux/", or follow this guide to create a config file for Miniflux: https://miniflux.app/docs/configuration.html
location /miniflux {
return 301 $scheme://$host/miniflux/;
}
location /miniflux/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app miniflux;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
monitorr.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_monitorr monitorr;
proxy_pass http://$upstream_monitorr:80;
set $upstream_app monitorr;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
monitorr.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /monitorr {
return 301 $scheme://$host/monitorr/;
}
location ^~ /monitorr/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,10 +11,16 @@ location ^~ /monitorr/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_monitorr monitorr;
proxy_pass http://$upstream_monitorr:80;
set $upstream_app monitorr;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

15
mstream.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_mstream mstream;
proxy_pass http://$upstream_mstream:3000;
set $upstream_app mstream;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
mylar.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_mylar mylar;
proxy_pass http://$upstream_mylar:8090;
set $upstream_app mylar;
set $upstream_port 8090;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

12
mylar.subfolder.conf.sample
View file

@ -7,10 +7,16 @@ location ^~ /mylar {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_mylar mylar;
proxy_pass http://$upstream_mylar:8090;
set $upstream_app mylar;
set $upstream_port 8090;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

12
mytinytodo.subfolder.conf.sample
View file

@ -4,6 +4,7 @@
location /todo {
return 301 $scheme://$host/todo/;
}
location ^~ /todo/ {
# enable the next two lines for http auth
@ -12,10 +13,15 @@ location ^~ /todo/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_mytinytodo mytinytodo;
proxy_pass http://$upstream_mytinytodo:80/;
set $upstream_app mytinytodo;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port/;
}

39
netboot.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for netboot
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name netboot.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app netboot;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

15
netdata.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,11 +23,17 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_netdata netdata;
proxy_pass http://$upstream_netdata:19999;
set $upstream_app netdata;
set $upstream_port 19999;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

13
netdata.subfolder.conf.sample
View file

@ -3,6 +3,7 @@
location /netdata {
return 301 $scheme://$host/netdata/;
}
location ^~ /netdata/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -10,11 +11,17 @@ location ^~ /netdata/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_netdata netdata;
set $upstream_app netdata;
set $upstream_port 19999;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /netdata(.*) $1 break;
proxy_pass http://$upstream_netdata:19999;
}

11
nextcloud.subdomain.conf.sample
View file

@ -1,7 +1,7 @@
# make sure that your dns has a cname set for nextcloud
# assuming this container is called "letsencrypt", edit your nextcloud container's config
# assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
# 'trusted_proxies' => ['letsencrypt'],
# 'trusted_proxies' => ['swag'],
# 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
# 'overwritehost' => 'nextcloud.your-domain.com',
# 'overwriteprotocol' => 'https',
@ -25,8 +25,11 @@ server {
location / {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nextcloud nextcloud;
set $upstream_app nextcloud;
set $upstream_port 443;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_max_temp_file_size 2048m;
proxy_pass https://$upstream_nextcloud:443;
}
}

13
nextcloud.subfolder.conf.sample
View file

@ -1,6 +1,6 @@
# Assuming this container is called "letsencrypt", edit your nextcloud container's config
# Assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
# 'trusted_proxies' => ['letsencrypt'],
# 'trusted_proxies' => ['swag'],
# 'overwritewebroot' => '/nextcloud',
# 'overwrite.cli.url' => 'https://your-domain.com/nextcloud',
#
@ -26,15 +26,16 @@ location /nextcloud {
location ^~ /nextcloud/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nextcloud nextcloud;
rewrite /nextcloud(.*) $1 break;
proxy_pass https://$upstream_nextcloud:443;
set $upstream_app nextcloud;
set $upstream_port 443;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /nextcloud(.*) $1 break;
proxy_max_temp_file_size 2048m;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_ssl_session_reuse off;
}

42
nzbget.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,32 +23,47 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbget/jsonrpc {
location ~ (/nzbget)?(/[^\/:]*:[^\/:]*)?/jsonrpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbget/jsonprpc {
location ~ (/nzbget)?(/[^\/:]*:[^\/]*)?/jsonprpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbget/xmlrpc {
location ~ (/nzbget)?(/[^\/:]*:[^\/]*)?/xmlrpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

41
nzbget.subfolder.conf.sample
View file

@ -1,37 +1,52 @@
# nzbget does not require a base url setting
location ^~ /nzbget {
location /nzbget {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbget/jsonrpc {
location ~ /nzbget(/[^\/:]*:[^\/]*)?/jsonrpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbget/jsonprpc {
location ~ /nzbget(/[^\/:]*:[^\/]*)?/jsonprpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbget/xmlrpc {
location ~ /nzbget(/[^\/:]*:[^\/]*)?/xmlrpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
set $upstream_app nzbget;
set $upstream_port 6789;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

62
nzbhydra.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,18 +23,67 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/nzbhydra)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/nzbhydra)?/getnzb {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/nzbhydra)?/gettorrent {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/nzbhydra)?/rss {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/nzbhydra)?/torznab/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

59
nzbhydra.subfolder.conf.sample
View file

@ -7,17 +7,66 @@ location ^~ /nzbhydra {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbhydra/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbhydra/getnzb {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbhydra/gettorrent {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbhydra/rss {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /nzbhydra/torznab/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app nzbhydra2;
set $upstream_port 5076;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

30
ombi.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,29 +23,42 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
set $upstream_app ombi;
set $upstream_port 3579;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
# This allows access to the actual api
location ~ (/ombi)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
set $upstream_app ombi;
set $upstream_port 3579;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
# This allows access to the documentation for the api
location ~ (/ombi)?/swagger {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
set $upstream_app ombi;
set $upstream_port 3579;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
if ($http_referer ~* /ombi) {
rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
}

28
ombi.subfolder.conf.sample
View file

@ -11,21 +11,31 @@ location ^~ /ombi/ {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
set $upstream_app ombi;
set $upstream_port 3579;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
# This allows access to the actual api
location ^~ /ombi/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
set $upstream_app ombi;
set $upstream_port 3579;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
if ($http_referer ~* /ombi) {
rewrite ^/api/(.*) /ombi/api/$1? redirect;
}
@ -34,9 +44,13 @@ if ($http_referer ~* /ombi) {
location ^~ /ombi/swagger {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
set $upstream_app ombi;
set $upstream_port 3579;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
if ($http_referer ~* /ombi) {
rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
}

60
openvpn-as.subdomain.conf.sample Normal file
View file

@ -0,0 +1,60 @@
# make sure that your dns has a cname set for openvpn-as and that your openvpn-as container is not using a base url
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name openvpn-as.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app openvpn-as;
set $upstream_port 943;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location /admin {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app openvpn-as;
set $upstream_port 943;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

38
organizr-auth.subfolder.conf.sample Normal file
View file

@ -0,0 +1,38 @@
# To use config this with subfolder proxies:
# Rename this file to organizr-auth.subfolder.conf
# Add one of the auth_request lines from the comments below
# ex:
# auth_request /auth-0;
#
# To use config this with subdomain proxies:
# Rename this file to organizr-auth.subfolder.conf (the subfolder file name is still used)
# Add the following line in your other subdomain proxy configs
# include /config/nginx/proxy-confs/organizr-auth.subfolder.conf;
# Add one of the auth_request lines from the comments below
# ex:
# include /config/nginx/proxy-confs/organizr-auth.subfolder.conf;
# auth_request /auth-0;
location ~ /auth-([0-9]+) {
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_auth_app organizr;
set $upstream_auth_port 80;
set $upstream_auth_proto http;
proxy_pass $upstream_auth_proto://$upstream_auth_app:$upstream_auth_port/api/?v1/auth&group=$1;
proxy_set_header Content-Length "";
# Do not uncomment the lines below, these are examples for usue in other proxy configs
#auth_request /auth-0; #=Admin
#auth_request /auth-1; #=Co-Admin
#auth_request /auth-2; #=Super User
#auth_request /auth-3; #=Power User
#auth_request /auth-4; #=User
#auth_request /auth-998; #=Logged In
#auth_request /auth-999; #=Guest
}
# Optional redirect server authentication errors to organizr authentication page
# NOTE: $host must be modified to your public URL when using subdomain proxies
#error_page 401 $scheme://$host/?error=$status&return=$request_uri;

35
organizr.subdomain.conf.sample
View file

@ -13,6 +13,9 @@ server {
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
@ -20,31 +23,21 @@ server {
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80;
set $upstream_app organizr;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ /auth-(admin|user) {
# This is used for Organizr V1
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/auth.php?$1;
proxy_set_header Content-Length "";
}
# Optional redirect server errors to organizr error pages
#error_page 400 402 403 404 405 408 500 502 503 504 $scheme://$host/?error=$status;
location ~ /auth-([0-9]+) {
# This is used for Organizr V2
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/api/?v1/auth&group=$1;
proxy_set_header Content-Length "";
}
}

35
organizr.subfolder.conf.sample
View file

@ -1,4 +1,4 @@
# In order to use this location block you need to edit the default file one folder up and comment out the / location
# In order to use this location block you need to edit the default file one folder up and comment out the / and ~ \.php$ locations
location / {
# enable the next two lines for http auth
@ -7,30 +7,19 @@ location / {
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
#error_page 401 =200 /ldaplogin;
# enable for Authelia, also enable authelia-server.conf in the default site config
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80;
set $upstream_app organizr;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ /auth-(admin|user) {
# This is used for Organizr V1
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/auth.php?$1;
proxy_set_header Content-Length "";
}
location ~ /auth-([0-9]+) {
# This is used for Organizr V2
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/api/?v1/auth&group=$1;
proxy_set_header Content-Length "";
}
# Optional redirect server errors to organizr error pages
#error_page 400 402 403 404 405 408 500 502 503 504 $scheme://$host/?error=$status;

39
osticket.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for osticket and that your osticket container is named osticket.
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name osticket.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app osticket;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

Some files were not shown because too many files have changed in this diff Show more