github/reverse-proxy-confs
1
0
Fork 0
mirror of https://github.com/linuxserver/reverse-proxy-confs.git synced 2025-07-07 05:21:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'master' into cadvisor-endpoints

Browse source
This commit is contained in:
Eric Nemchik 2023-05-07 09:19:13 -05:00 committed by GitHub
commit 62c721de1a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 572 additions and 110 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.github/workflows/call-issue-pr-tracker.yml vendored
View file

@ -2,9 +2,11 @@ name: Issue & PR Tracker
on:
issues:
types: [opened,reopened,labeled,unlabeled]
types: [opened,reopened,labeled,unlabeled,closed]
pull_request_target:
types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled]
types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
pull_request_review:
types: [submitted,edited,dismissed]
jobs:
manage-project:

23
.github/workflows/check_samples.yml vendored
View file

@ -12,7 +12,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3.5.0
uses: actions/checkout@v3.5.2
- name: Check Allowed File Names
run: |
@ -58,3 +58,24 @@ jobs:
done
exit 1
fi
- name: Check Nginx Conf Validity
run: |
curl -fsL "https://raw.githubusercontent.com/linuxserver/docker-swag/master/root/defaults/nginx/proxy.conf.sample" -o proxy.conf
docker run -d --rm --name nginx -v "${GITHUB_WORKSPACE}:/testconfs:ro" ghcr.io/linuxserver/nginx
sleep 5
docker exec nginx bash -c "\
mkdir -p /config/nginx/proxy-confs && \
cp /testconfs/*.conf.sample /config/nginx/proxy-confs/ && \
cp /testconfs/proxy.conf /config/nginx/ && \
rm -rf /config/nginx/proxy-confs/{_template.sub*,heimdall.subf*,boinc.subf*,organizr.subf*,wordpress.subf*} && \
echo 'include /config/nginx/proxy-confs/*.subdomain.conf.sample;' >> /config/nginx/site-confs/default.conf && \
sed -i -r 's|(root \\\$root;)|\1\ninclude /config/nginx/proxy-confs/*.subfolder.conf.sample;|' /config/nginx/site-confs/default.conf"
VALIDITY=$(docker exec nginx nginx -t 2>&1) || :
echo "${VALIDITY}"
echo "${VALIDITY}" >> $GITHUB_STEP_SUMMARY
if ! docker exec nginx nginx -t >/dev/null 2>&1; then
docker stop nginx
exit 1
fi
docker stop nginx

24
authelia.subdomain.conf.sample
View file

@ -1,10 +1,6 @@
## Version 2023/02/12
## Version 2023/04/29
# make sure that your authelia container is named authelia
# make sure that your dns has a cname set for authelia
# the default authelia-server and authelia-location confs included with swag rely on
# a built-in subfolder proxy at "/authelia" and enabling this proxy conf is not necessary.
# But if you'd like to use authelia via subdomain, you can enable this proxy and set
# the $authelia_backed variable in the authelia-server.conf.
server {
listen 443 ssl;
@ -36,22 +32,4 @@ server {
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/authelia)?/metrics {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# block metrics access by default because it is unprotected
# you can comment out the next line to enable remote metrics
deny all;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app authelia;
set $upstream_port 9959;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

20
authentik.subdomain.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2023/02/12
## Version 2023/04/14
# make sure that your authentik container is named authentik-server
# make sure that your dns has a cname set for authentik
@ -32,22 +32,4 @@ server {
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/authentik)?/metrics {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# block metrics access by default because it is unprotected
# you can comment out the next line to enable remote metrics
deny all;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app authentik-server;
set $upstream_port 9300;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

46
dsmrreader.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2023/02/05
# make sure that your dsmr container is named dsmr
# make sure that your dns has a cname set for dsmr
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name dsmr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app dsmr;
set $upstream_port 80;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

46
duplicacy.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2023/04/13
# make sure that your duplicacy container is named duplicacy
# make sure that your dns has a cname set for duplicacy
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name duplicacy.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app duplicacy;
set $upstream_port 3875;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

46
esphome.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2023/02/05
# make sure that your esphome container is named esphome
# make sure that your dns has a cname set for esphome
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name esphome.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app esphome;
set $upstream_port 6052;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

21
grafana.subdomain.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2023/02/12
## Version 2023/04/20
# make sure that your grafana container is named grafana
# make sure that your dns has a cname set for grafana
@ -55,23 +55,8 @@ server {
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/grafana)?/metrics {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# block metrics access by default because it is unprotected
# you can comment out the next line to enable remote metrics
deny all;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app grafana;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Clear Authorization Header if you are using http auth and normal Grafana auth
#proxy_set_header Authorization "";
}
}

33
grafana.subfolder.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2023/02/12
## Version 2023/04/20
# make sure that your grafana container is named grafana
# make sure that grafana is set to work with the base url /grafana/
# grafana requires environment variables set thus:
@ -22,10 +22,10 @@ location ^~ /grafana/ {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_grafana grafana;
set $upstream_app grafana;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass http://$upstream_grafana:$upstream_port ;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Clear Authorization Header if you are using http auth and normal Grafana auth
#proxy_set_header Authorization "";
@ -37,33 +37,10 @@ location ^~ /grafana/ {
location ^~ /grafana/api {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_grafana grafana;
set $upstream_app grafana;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass http://$upstream_grafana:$upstream_port ;
# Clear Authorization Header if you are using http auth and normal Grafana auth
#proxy_set_header Authorization "";
rewrite ^/grafana/(.*)$ /$1 break;
}
location ^~ /grafana/metrics {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# block metrics access by default because it is unprotected
# you can comment out the next line to enable remote metrics
deny all;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_grafana grafana;
set $upstream_port 3000;
set $upstream_proto http;
proxy_pass http://$upstream_grafana:$upstream_port ;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Clear Authorization Header if you are using http auth and normal Grafana auth
#proxy_set_header Authorization "";

45
homarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,45 @@
## Version 2023/02/05
# make sure that your homarr container is named homarr
# make sure that your dns has a cname set for homarr
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name homarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app homarr;
set $upstream_port 7575;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

46
jfa-go.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2023/04/16
# make sure that your jfa-go container is named jfa-go
# make sure that your dns has a cname set for jfa-go
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name jfa-go.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app jfa-go;
set $upstream_port 8056;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

33
jfa-go.subfolder.conf.sample Normal file
View file

@ -0,0 +1,33 @@
## Version 2023/02/05
# make sure that your jfa-go container is named jfa-go
# make sure to set the URL base (“Reverse Proxy subfolder”) in jfa-go > Settings > General (ui > url_base in jfa-go config.ini) to "/jfa-go/"
location /jfa-go {
return 301 $scheme://$host/jfa-go/;
}
location ^~ /jfa-go/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app jfa-go;
set $upstream_port 8056;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Remove the CSP header set for Jellyfin
proxy_hide_header Content-Security-Policy;
add_header Content-Security-Policy "";
}

96
kasm.subdomain.conf.sample Normal file
View file

@ -0,0 +1,96 @@
## Version 2023/04/18
# make sure that your kasm container is named kasm
# make sure that your dns has a cname set for kasm and kasm-wizard
# This configuration assumes 8443 with the environment variable -e KASM_PORT=8443 set adjust to your needs
# Post installation you will need to access Kasm > Admin > Zones > default zone (edit) and modify
# Proxy Port to 0 as documented https://www.kasmweb.com/docs/latest/how_to/reverse_proxy.html#update-zones
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name kasm.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app kasm;
set $upstream_port 8443;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
# Wizard UI - Please enable some form of auth if publishing to the internet
# Or simply remove this and access it locally
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name kasm-wizard.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app kasm;
set $upstream_port 3000;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

40
kavita.subfolder.conf.sample Normal file
View file

@ -0,0 +1,40 @@
## Version 2023/04/13
# make sure that your kavita container is named kavita
# make sure that kavita is set to work with the base url /kavita/
location /kavita {
return 301 $scheme://$host/kavita/;
}
location ^~ /kavita/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app kavita;
set $upstream_port 5000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /kavita/api {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app kavita;
set $upstream_port 5000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

45
notifiarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,45 @@
## Version 2023/02/05
# make sure that your notifiarr container is named notifiarr
# make sure that your dns has a cname set for notifiarr
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name notifiarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app notifiarr;
set $upstream_port 5454;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

47
oogway.subdomain.conf.sample Normal file
View file

@ -0,0 +1,47 @@
## Version 2023/04/13
# make sure that your oogway container is named oogway
# make sure that your dns has a cname set for oogway
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name oogway.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app oogway;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

20
prometheus.subdomain.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2023/02/12
## Version 2023/04/14
# make sure that your prometheus container is named prometheus
# make sure that your dns has a cname set for prometheus
@ -67,22 +67,4 @@ server {
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/prometheus)?/metrics {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# block metrics access by default because it is unprotected
# you can comment out the next line to enable remote metrics
deny all;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app prometheus;
set $upstream_port 9090;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

45
wizarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,45 @@
## Version 2023/02/05
# make sure that your wizarr container is named wizarr
# make sure that your dns has a cname set for wizarr
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name wizarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app wizarr;
set $upstream_port 5690;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}