Merge branch 'master' into cadvisor-endpoints

.github/workflows/call-issue-pr-tracker.yml

@@ -2,9 +2,11 @@ name: Issue & PR Tracker
 
 on:
   issues:
-    types: [opened,reopened,labeled,unlabeled]
+    types: [opened,reopened,labeled,unlabeled,closed]
   pull_request_target:
-    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled]
+    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
+  pull_request_review:
+    types: [submitted,edited,dismissed]
 
 jobs:
   manage-project:

.github/workflows/check_samples.yml

@@ -12,7 +12,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.5.0
+        uses: actions/checkout@v3.5.2
 
       - name: Check Allowed File Names
         run: |
@@ -58,3 +58,24 @@ jobs:
               done
               exit 1
           fi
+
+      - name: Check Nginx Conf Validity
+        run: |
+          curl -fsL "https://raw.githubusercontent.com/linuxserver/docker-swag/master/root/defaults/nginx/proxy.conf.sample" -o proxy.conf
+          docker run -d --rm --name nginx -v "${GITHUB_WORKSPACE}:/testconfs:ro" ghcr.io/linuxserver/nginx
+          sleep 5
+          docker exec nginx bash -c "\
+            mkdir -p /config/nginx/proxy-confs && \
+            cp /testconfs/*.conf.sample /config/nginx/proxy-confs/ && \
+            cp /testconfs/proxy.conf /config/nginx/ && \
+            rm -rf /config/nginx/proxy-confs/{_template.sub*,heimdall.subf*,boinc.subf*,organizr.subf*,wordpress.subf*} && \
+            echo 'include /config/nginx/proxy-confs/*.subdomain.conf.sample;' >> /config/nginx/site-confs/default.conf && \
+            sed -i -r 's|(root \\\$root;)|\1\ninclude /config/nginx/proxy-confs/*.subfolder.conf.sample;|' /config/nginx/site-confs/default.conf"
+          VALIDITY=$(docker exec nginx nginx -t 2>&1) || :
+          echo "${VALIDITY}"
+          echo "${VALIDITY}" >> $GITHUB_STEP_SUMMARY
+          if ! docker exec nginx nginx -t >/dev/null 2>&1; then
+            docker stop nginx
+            exit 1
+          fi
+          docker stop nginx

authelia.subdomain.conf.sample

@@ -1,10 +1,6 @@
-## Version 2023/02/12
+## Version 2023/04/29
 # make sure that your authelia container is named authelia
 # make sure that your dns has a cname set for authelia
-# the default authelia-server and authelia-location confs included with swag rely on
-# a built-in subfolder proxy at "/authelia" and enabling this proxy conf is not necessary.
-# But if you'd like to use authelia via subdomain, you can enable this proxy and set
-# the $authelia_backed variable in the authelia-server.conf.
 
 server {
     listen 443 ssl;
@@ -36,22 +32,4 @@ server {
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     }
-
-    location ~ (/authelia)?/metrics {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        # block metrics access by default because it is unprotected
-        # you can comment out the next line to enable remote metrics
-        deny all;
-
-        include /config/nginx/proxy.conf;
-        include /config/nginx/resolver.conf;
-        set $upstream_app authelia;
-        set $upstream_port 9959;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-    }
 }

authentik.subdomain.conf.sample

@@ -1,4 +1,4 @@
-## Version 2023/02/12
+## Version 2023/04/14
 # make sure that your authentik container is named authentik-server
 # make sure that your dns has a cname set for authentik
 
@@ -32,22 +32,4 @@ server {
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     }
-
-    location ~ (/authentik)?/metrics {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        # block metrics access by default because it is unprotected
-        # you can comment out the next line to enable remote metrics
-        deny all;
-
-        include /config/nginx/proxy.conf;
-        include /config/nginx/resolver.conf;
-        set $upstream_app authentik-server;
-        set $upstream_port 9300;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-    }
 }

dsmrreader.subdomain.conf.sample

@@ -0,0 +1,46 @@
+## Version 2023/02/05
+# make sure that your dsmr container is named dsmr
+# make sure that your dns has a cname set for dsmr
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name dsmr.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app dsmr;
+        set $upstream_port 80;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

duplicacy.subdomain.conf.sample

@@ -0,0 +1,46 @@
+## Version 2023/04/13
+# make sure that your duplicacy container is named duplicacy
+# make sure that your dns has a cname set for duplicacy
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name duplicacy.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app duplicacy;
+        set $upstream_port 3875;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

esphome.subdomain.conf.sample

@@ -0,0 +1,46 @@
+## Version 2023/02/05
+# make sure that your esphome container is named esphome
+# make sure that your dns has a cname set for esphome
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name esphome.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app esphome;
+        set $upstream_port 6052;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

grafana.subdomain.conf.sample

@@ -1,4 +1,4 @@
-## Version 2023/02/12
+## Version 2023/04/20
 # make sure that your grafana container is named grafana
 # make sure that your dns has a cname set for grafana
 
@@ -55,23 +55,8 @@ server {
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
-    }
+        # Clear Authorization Header if you are using http auth and normal Grafana auth
-
+        #proxy_set_header    Authorization       "";
-    location ~ (/grafana)?/metrics {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        # block metrics access by default because it is unprotected
-        # you can comment out the next line to enable remote metrics
-        deny all;
-
-        include /config/nginx/proxy.conf;
-        include /config/nginx/resolver.conf;
-        set $upstream_app grafana;
-        set $upstream_port 3000;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     }
 }

grafana.subfolder.conf.sample

@@ -1,4 +1,4 @@
-## Version 2023/02/12
+## Version 2023/04/20
 # make sure that your grafana container is named grafana
 # make sure that grafana is set to work with the base url /grafana/
 # grafana requires environment variables set thus:
@@ -22,10 +22,10 @@ location ^~ /grafana/ {
 
     include /config/nginx/proxy.conf;
     include /config/nginx/resolver.conf;
-    set $upstream_grafana grafana;
+    set $upstream_app grafana;
     set $upstream_port 3000;
     set $upstream_proto http;
-    proxy_pass http://$upstream_grafana:$upstream_port ;
+    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     # Clear Authorization Header if you are using http auth and normal Grafana auth
     #proxy_set_header    Authorization       "";
@@ -37,33 +37,10 @@ location ^~ /grafana/ {
 location ^~ /grafana/api {
     include /config/nginx/proxy.conf;
     include /config/nginx/resolver.conf;
-    set $upstream_grafana grafana;
+    set $upstream_app grafana;
     set $upstream_port 3000;
     set $upstream_proto http;
-    proxy_pass http://$upstream_grafana:$upstream_port ;
+    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-    # Clear Authorization Header if you are using http auth and normal Grafana auth
-    #proxy_set_header    Authorization       "";
-
-    rewrite ^/grafana/(.*)$ /$1 break;
-
-}
-
-location ^~ /grafana/metrics {
-    # enable the next two lines for http auth
-    #auth_basic "Restricted";
-    #auth_basic_user_file /config/nginx/.htpasswd;
-
-    # block metrics access by default because it is unprotected
-    # you can comment out the next line to enable remote metrics
-    deny all;
-
-    include /config/nginx/proxy.conf;
-    include /config/nginx/resolver.conf;
-    set $upstream_grafana grafana;
-    set $upstream_port 3000;
-    set $upstream_proto http;
-    proxy_pass http://$upstream_grafana:$upstream_port ;
 
     # Clear Authorization Header if you are using http auth and normal Grafana auth
     #proxy_set_header    Authorization       "";

homarr.subdomain.conf.sample

@@ -0,0 +1,45 @@
+## Version 2023/02/05
+# make sure that your homarr container is named homarr
+# make sure that your dns has a cname set for homarr
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name homarr.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app homarr;
+        set $upstream_port 7575;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+    }
+}

jfa-go.subdomain.conf.sample

@@ -0,0 +1,46 @@
+## Version 2023/04/16
+# make sure that your jfa-go container is named jfa-go
+# make sure that your dns has a cname set for jfa-go
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name jfa-go.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app jfa-go;
+        set $upstream_port 8056;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

jfa-go.subfolder.conf.sample

@@ -0,0 +1,33 @@
+## Version 2023/02/05
+# make sure that your jfa-go container is named jfa-go
+# make sure to set the URL base (“Reverse Proxy subfolder”) in jfa-go > Settings > General (ui > url_base in jfa-go config.ini) to "/jfa-go/"
+
+location /jfa-go {
+    return 301 $scheme://$host/jfa-go/;
+}
+
+location ^~ /jfa-go/ {
+    # enable the next two lines for http auth
+    #auth_basic "Restricted";
+    #auth_basic_user_file /config/nginx/.htpasswd;
+
+    # enable for ldap auth (requires ldap-server.conf in the server block)
+    #include /config/nginx/ldap-location.conf;
+
+    # enable for Authelia (requires authelia-server.conf in the server block)
+    #include /config/nginx/authelia-location.conf;
+
+    # enable for Authentik (requires authentik-server.conf in the server block)
+    #include /config/nginx/authentik-location.conf;
+
+    include /config/nginx/proxy.conf;
+    include /config/nginx/resolver.conf;
+    set $upstream_app jfa-go;
+    set $upstream_port 8056;
+    set $upstream_proto http;
+    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    # Remove the CSP header set for Jellyfin
+    proxy_hide_header Content-Security-Policy;
+    add_header Content-Security-Policy "";
+}

kasm.subdomain.conf.sample

@@ -0,0 +1,96 @@
+## Version 2023/04/18
+# make sure that your kasm container is named kasm
+# make sure that your dns has a cname set for kasm and kasm-wizard
+
+# This configuration assumes 8443 with the environment variable -e KASM_PORT=8443 set adjust to your needs
+# Post installation you will need to access Kasm > Admin > Zones > default zone (edit) and modify 
+# Proxy Port to 0 as documented https://www.kasmweb.com/docs/latest/how_to/reverse_proxy.html#update-zones
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name kasm.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app kasm;
+        set $upstream_port 8443;
+        set $upstream_proto https;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+
+}
+
+# Wizard UI - Please enable some form of auth if publishing to the internet
+# Or simply remove this and access it locally
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name kasm-wizard.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app kasm;
+        set $upstream_port 3000;
+        set $upstream_proto https;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+
+}

kavita.subfolder.conf.sample

@@ -0,0 +1,40 @@
+## Version 2023/04/13
+# make sure that your kavita container is named kavita
+# make sure that kavita is set to work with the base url /kavita/
+
+location /kavita {
+    return 301 $scheme://$host/kavita/;
+}
+
+location ^~ /kavita/ {
+    # enable the next two lines for http auth
+    #auth_basic "Restricted";
+    #auth_basic_user_file /config/nginx/.htpasswd;
+
+    # enable for ldap auth (requires ldap-server.conf in the server block)
+    #include /config/nginx/ldap-location.conf;
+
+    # enable for Authelia (requires authelia-server.conf in the server block)
+    #include /config/nginx/authelia-location.conf;
+
+    # enable for Authentik (requires authentik-server.conf in the server block)
+    #include /config/nginx/authentik-location.conf;
+
+    include /config/nginx/proxy.conf;
+    include /config/nginx/resolver.conf;
+    set $upstream_app kavita;
+    set $upstream_port 5000;
+    set $upstream_proto http;
+    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+}
+
+location ^~ /kavita/api {
+    include /config/nginx/proxy.conf;
+    include /config/nginx/resolver.conf;
+    set $upstream_app kavita;
+    set $upstream_port 5000;
+    set $upstream_proto http;
+    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+}

notifiarr.subdomain.conf.sample

@@ -0,0 +1,45 @@
+## Version 2023/02/05
+# make sure that your notifiarr container is named notifiarr
+# make sure that your dns has a cname set for notifiarr
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name notifiarr.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app notifiarr;
+        set $upstream_port 5454;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+    }
+}

oogway.subdomain.conf.sample

@@ -0,0 +1,47 @@
+## Version 2023/04/13
+# make sure that your oogway container is named oogway
+# make sure that your dns has a cname set for oogway
+
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name oogway.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app oogway;
+        set $upstream_port 8080;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

prometheus.subdomain.conf.sample

@@ -1,4 +1,4 @@
-## Version 2023/02/12
+## Version 2023/04/14
 # make sure that your prometheus container is named prometheus
 # make sure that your dns has a cname set for prometheus
 
@@ -67,22 +67,4 @@ server {
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 
     }
-
-    location ~ (/prometheus)?/metrics {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        # block metrics access by default because it is unprotected
-        # you can comment out the next line to enable remote metrics
-        deny all;
-
-        include /config/nginx/proxy.conf;
-        include /config/nginx/resolver.conf;
-        set $upstream_app prometheus;
-        set $upstream_port 9090;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
-    }
 }

wizarr.subdomain.conf.sample

@@ -0,0 +1,45 @@
+## Version 2023/02/05
+# make sure that your wizarr container is named wizarr
+# make sure that your dns has a cname set for wizarr
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name wizarr.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    # enable for ldap auth (requires ldap-location.conf in the location block)
+    #include /config/nginx/ldap-server.conf;
+
+    # enable for Authelia (requires authelia-location.conf in the location block)
+    #include /config/nginx/authelia-server.conf;
+
+    # enable for Authentik (requires authentik-location.conf in the location block)
+    #include /config/nginx/authentik-server.conf;
+
+    location / {
+        # enable the next two lines for http auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        # enable for ldap auth (requires ldap-server.conf in the server block)
+        #include /config/nginx/ldap-location.conf;
+
+        # enable for Authelia (requires authelia-server.conf in the server block)
+        #include /config/nginx/authelia-location.conf;
+
+        # enable for Authentik (requires authentik-server.conf in the server block)
+        #include /config/nginx/authentik-location.conf;
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app wizarr;
+        set $upstream_port 5690;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+    }
+}