mirror of
https://github.com/linuxserver/reverse-proxy-confs.git
synced 2025-07-05 20:41:32 -07:00
Create romm.subdomain.conf.sample
create conf file
This commit is contained in:
Bert Van den Abbeele
parent
abdd34961d
commit
635b2e914a
1 changed files with 55 additions and 0 deletions
55
romm.subdomain.conf.sample
Normal file
55
romm.subdomain.conf.sample
Normal file
|
|
@ -0,0 +1,55 @@
|
||||||
|
## Version 2024/10/26
|
||||||
|
# make sure that your romM container is named romm
|
||||||
|
# make sure that your dns has a cname set for romm
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
|
||||||
|
server_name romm.*;
|
||||||
|
|
||||||
|
include /config/nginx/ssl.conf;
|
||||||
|
|
||||||
|
client_max_body_size 0;
|
||||||
|
|
||||||
|
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||||
|
#include /config/nginx/ldap-server.conf;
|
||||||
|
|
||||||
|
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||||
|
#include /config/nginx/authelia-server.conf;
|
||||||
|
|
||||||
|
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||||
|
#include /config/nginx/authentik-server.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
# enable the next two lines for http auth
|
||||||
|
#auth_basic "Restricted";
|
||||||
|
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||||
|
|
||||||
|
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||||
|
#include /config/nginx/ldap-location.conf;
|
||||||
|
|
||||||
|
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||||
|
#include /config/nginx/authelia-location.conf;
|
||||||
|
|
||||||
|
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||||
|
#include /config/nginx/authentik-location.conf;
|
||||||
|
|
||||||
|
include /config/nginx/proxy.conf;
|
||||||
|
include /config/nginx/resolver.conf;
|
||||||
|
set $upstream_app romm;
|
||||||
|
set $upstream_port 8080;
|
||||||
|
set $upstream_proto http;
|
||||||
|
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||||
|
|
||||||
|
# Hide version
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
# Security headers
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||||
|
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue