From 635b2e914ad72ae4aee91230f67420978a3dd145 Mon Sep 17 00:00:00 2001 From: Bert Van den Abbeele Date: Sat, 26 Oct 2024 18:36:18 +0200 Subject: [PATCH 01/12] Create romm.subdomain.conf.sample create conf file --- romm.subdomain.conf.sample | 55 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 romm.subdomain.conf.sample diff --git a/romm.subdomain.conf.sample b/romm.subdomain.conf.sample new file mode 100644 index 0000000..06317e3 --- /dev/null +++ b/romm.subdomain.conf.sample @@ -0,0 +1,55 @@ +## Version 2024/10/26 +# make sure that your romM container is named romm +# make sure that your dns has a cname set for romm + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name romm.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app romm; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + # Hide version + server_tokens off; + + # Security headers + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + } +} \ No newline at end of file From 18707c1177923192abbfbae9d8ab8db37bb80d54 Mon Sep 17 00:00:00 2001 From: Bert Van den Abbeele Date: Wed, 27 Nov 2024 12:21:00 +0100 Subject: [PATCH 02/12] remove optional headers --- romm.subdomain.conf.sample | 9 --------- 1 file changed, 9 deletions(-) diff --git a/romm.subdomain.conf.sample b/romm.subdomain.conf.sample index 06317e3..07c34d4 100644 --- a/romm.subdomain.conf.sample +++ b/romm.subdomain.conf.sample @@ -42,14 +42,5 @@ server { set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - # Hide version - server_tokens off; - - # Security headers - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - add_header Referrer-Policy "no-referrer-when-downgrade" always; } } \ No newline at end of file From db5c710a2bac9a69f441b26a21e0f4803fe9bac9 Mon Sep 17 00:00:00 2001 From: Doug Edey Date: Fri, 6 Dec 2024 08:34:36 -0500 Subject: [PATCH 03/12] Add kobo specific location matching for Calibre-web confs --- calibre-web.subdomain.conf.sample | 14 +++++++++++++- calibre-web.subfolder.conf.sample | 13 +++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index 934f353..a1c5f59 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2024/07/16 +## Version 2024/12/06 # make sure that your calibre-web container is named calibre-web # make sure that your dns has a cname set for calibre-web @@ -61,4 +61,16 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Scheme $scheme; } + + # Feed for Kobo + location /kobo/ { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app calibre-web; + set $upstream_port 8083; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + proxy_set_header X-Scheme $scheme; + proxy_buffer_size 32k; + } } diff --git a/calibre-web.subfolder.conf.sample b/calibre-web.subfolder.conf.sample index e28a272..751ad2a 100644 --- a/calibre-web.subfolder.conf.sample +++ b/calibre-web.subfolder.conf.sample @@ -48,3 +48,16 @@ location ^~ /calibre-web/opds/ { proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /calibre-web; } + +# Feed for Kobo +location ^~ /calibre-web/kobo/ { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app calibre-web; + set $upstream_port 8083; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Script-Name /calibre-web; + proxy_buffer_size 32k; +} From ed470885d3ffdc9c1e1db0d44b676d19d63be375 Mon Sep 17 00:00:00 2001 From: aptalca <541623+aptalca@users.noreply.github.com> Date: Thu, 19 Dec 2024 10:15:43 -0500 Subject: [PATCH 04/12] dnsdist: remove http2 --- dnsdist.subdomain.conf.sample | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsdist.subdomain.conf.sample b/dnsdist.subdomain.conf.sample index b2befca..b90bf07 100644 --- a/dnsdist.subdomain.conf.sample +++ b/dnsdist.subdomain.conf.sample @@ -1,10 +1,10 @@ -## Version 2024/11/26 +## Version 2024/12/19 # make sure that your container is named dnsdist # make sure that your dns has a cname set for dnsdist server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; server_name dnsdist.*; From 92248c030df57316061f3ce9070c2f0429261215 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Sat, 21 Dec 2024 17:36:16 -0500 Subject: [PATCH 05/12] support kobo --- calibre-web.subdomain.conf.sample | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index 934f353..bb5f3b1 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -61,4 +61,19 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Scheme $scheme; } + + # For kobo e-reader sync support + # you will need to bypass ^/kobo.* in authentik or authelia if they are used. + location /kobo { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app calibre-web; + set $upstream_port 8083; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + proxy_set_header X-Scheme $scheme; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + proxy_buffer_size 128k; + } } From 050574b95b896b5fe44285cc4d767a189cb10e33 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Sat, 21 Dec 2024 17:37:37 -0500 Subject: [PATCH 06/12] date --- calibre-web.subdomain.conf.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index bb5f3b1..606edc3 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2024/07/16 +## Version 2024/12/21 # make sure that your calibre-web container is named calibre-web # make sure that your dns has a cname set for calibre-web From d320762625c425442e3ff25d86743068949cedc7 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Sat, 21 Dec 2024 17:41:50 -0500 Subject: [PATCH 07/12] undo driz-mistake merge --- calibre-web.subdomain.conf.sample | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index 606edc3..53904e8 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -62,18 +62,4 @@ server { proxy_set_header X-Scheme $scheme; } - # For kobo e-reader sync support - # you will need to bypass ^/kobo.* in authentik or authelia if they are used. - location /kobo { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app calibre-web; - set $upstream_port 8083; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; - proxy_set_header X-Scheme $scheme; - proxy_buffers 4 256k; - proxy_busy_buffers_size 256k; - proxy_buffer_size 128k; - } } From 9b6af9b16aee8ede3a952e22020f9da89a17562a Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Sat, 21 Dec 2024 17:50:20 -0500 Subject: [PATCH 08/12] undo driz mistake merge --- calibre-web.subdomain.conf.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index 53904e8..c985652 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2024/12/21 +## Version 2024/07/16 # make sure that your calibre-web container is named calibre-web # make sure that your dns has a cname set for calibre-web From 97ea7961a463ef1cb04b09adfc0a27fbe12c737a Mon Sep 17 00:00:00 2001 From: Joel Gillman Date: Fri, 15 Nov 2024 17:42:03 -0600 Subject: [PATCH 09/12] Allow access to Baby Buddy API without auth --- babybuddy.subdomain.conf.sample | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/babybuddy.subdomain.conf.sample b/babybuddy.subdomain.conf.sample index d0aa27d..4f7ee11 100644 --- a/babybuddy.subdomain.conf.sample +++ b/babybuddy.subdomain.conf.sample @@ -43,4 +43,14 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } + + location ~ ^/api/ { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app babybuddy; + set $upstream_port 8000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } } From d43ecbce70ca3cce5a328f5b05df7e316c93335a Mon Sep 17 00:00:00 2001 From: Joel Gillman Date: Sun, 29 Dec 2024 12:00:35 -0600 Subject: [PATCH 10/12] Update date on babybuddy subdomain config --- babybuddy.subdomain.conf.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/babybuddy.subdomain.conf.sample b/babybuddy.subdomain.conf.sample index 4f7ee11..af83363 100644 --- a/babybuddy.subdomain.conf.sample +++ b/babybuddy.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2024/07/16 +## Version 2024/12/29 # make sure that your babybuddy container is named babybuddy # make sure that your dns has a cname set for babybuddy From 0d77daf9cbaf6cb7b1dc8c45031070434287d721 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Wed, 1 Jan 2025 14:55:03 -0500 Subject: [PATCH 11/12] test for large comic support --- calibre-web.subdomain.conf.sample | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index ca6bbde..b75eba3 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -64,13 +64,15 @@ server { # Feed for Kobo location /kobo/ { - include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre-web; set $upstream_port 8083; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Scheme $scheme; - proxy_buffer_size 32k; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; } } \ No newline at end of file From b852188a2b7a81f157cd8164e901174da68627f0 Mon Sep 17 00:00:00 2001 From: driz <40674481+drizuid@users.noreply.github.com> Date: Wed, 1 Jan 2025 14:56:00 -0500 Subject: [PATCH 12/12] for subfolder too... i guess they exist --- calibre-web.subfolder.conf.sample | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/calibre-web.subfolder.conf.sample b/calibre-web.subfolder.conf.sample index 751ad2a..011c6fc 100644 --- a/calibre-web.subfolder.conf.sample +++ b/calibre-web.subfolder.conf.sample @@ -51,7 +51,6 @@ location ^~ /calibre-web/opds/ { # Feed for Kobo location ^~ /calibre-web/kobo/ { - include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre-web; set $upstream_port 8083; @@ -59,5 +58,7 @@ location ^~ /calibre-web/kobo/ { proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /calibre-web; - proxy_buffer_size 32k; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; }