diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md new file mode 100644 index 0000000..ae97f83 --- /dev/null +++ b/.github/CONTRIBUTING.md @@ -0,0 +1,25 @@ +# Contributing to reverse-proxy-confs + +## Gotchas + +* While contributing make sure to make all your changes before creating a Pull Request +* Read, and fill the Pull Request template + * If the PR is addressing an existing issue include, closes #\, in the body of the PR commit message +* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://discord.gg/YWrKVTn) + +### Styling + +* Indentation: 4 spaces +* Line-endings: LF +* Trailing newline: yes + +### Requirements + +* Must have the date on the first line, in YYYY/MM/DD format +* For subdomains, add a comment for a needed CNAME +* If the application needs further configuration, specify this in a comment + +* In most cases we want the comments for Authelia, ldap and basic auth to be present +* If the application has known API endpoints, we prefer these to be exempt from auth trough a location block (provided the application has security on the endpoint) + +* Files must not be executeable diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..7eaac77 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,2 @@ +github: linuxserver +open_collective: linuxserver diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..5796fd3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,13 @@ +blank_issues_enabled: false +contact_links: + - name: Discord chat support + url: https://discord.gg/YWrKVTn + about: Realtime support / chat with the community and the team. + + - name: Discourse discussion forum + url: https://discourse.linuxserver.io + about: Post on our community forum. + + - name: Documentation + url: https://docs.linuxserver.io/general/swag#preset-proxy-confs + about: Documentation - information about how this repository works with SWAG. diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml new file mode 100644 index 0000000..8a6b31e --- /dev/null +++ b/.github/ISSUE_TEMPLATE/issue.bug.yml @@ -0,0 +1,36 @@ +# Based on the issue template +name: Bug report +description: Create a report to help us improve. NOT TEMPLATE REQUESTS +title: "[BUG] " +labels: [Bug] +body: + - type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true + - type: textarea + attributes: + label: Current Behavior + description: Tell us what happens instead of the expected behavior. + validations: + required: true + - type: textarea + attributes: + label: Expected Behavior + description: Tell us what should happen. + validations: + required: false + - type: textarea + attributes: + label: Steps To Reproduce + description: Steps to reproduce the behavior. + placeholder: | + 1. In this environment... + 2. With this config... + 3. Run '...' + 4. See error... + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/issue.feature.yml b/.github/ISSUE_TEMPLATE/issue.feature.yml new file mode 100644 index 0000000..66ca66f --- /dev/null +++ b/.github/ISSUE_TEMPLATE/issue.feature.yml @@ -0,0 +1,31 @@ +# Based on the issue template +name: Feature request +description: Suggest an idea for this project. NOT TEMPLATE REQUESTS +title: "[FEAT] <title>" +labels: [enhancement] +body: + - type: checkboxes + attributes: + label: Is this a new feature request? + description: Please search to see if a feature request already exists. + options: + - label: I have searched the existing issues + required: true + - type: textarea + attributes: + label: Wanted change + description: Tell us what you want to happen. + validations: + required: true + - type: textarea + attributes: + label: Reason for change + description: Justify your request, why do you want it, what is the benefit. + validations: + required: true + - type: textarea + attributes: + label: Proposed code change + description: Do you have a potential code change in mind? + validations: + required: false diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index f6a6381..87e8888 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -2,14 +2,25 @@ [linuxserverurl]: https://linuxserver.io [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] - -<!--- Before submitting a pull request please check the following --> +------------------------------ -<!--- That you have made a branch in your fork, we'd rather not merge from your master --> -<!--- That if the PR is addressing an existing issue include, closes #<issue number> , in the body of the PR commit message --> -<!--- You have included links to any files / patches etc your PR may be using in the body of the PR commit message --> -<!--- --> + - [ ] I have read the [contributing](https://github.com/linuxserver/reverse-proxy-confs/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications -## Thanks, team linuxserver.io +------------------------------ +<!--- We welcome all PR’s though this doesn’t guarantee it will be accepted. --> + +## Description +<!--- Describe your changes in detail --> + +## Benefits of this PR and context +<!--- Please explain why we should accept this PR. If this fixes an outstanding bug, please reference the issue # --> + +## How Has This Been Tested? +<!--- Please describe in detail how you tested your changes. --> +<!--- Include details of your testing environment, and the tests you ran to --> +<!--- see how your change affects other areas of the code, etc. --> + +## Source / References +<!--- Please include any forum posts/github links relevant to the PR --> \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..90e05c4 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "github-actions" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" diff --git a/.github/workflows/call-invalid-issues-cron.yml b/.github/workflows/call-invalid-issues-cron.yml new file mode 100644 index 0000000..8c1aead --- /dev/null +++ b/.github/workflows/call-invalid-issues-cron.yml @@ -0,0 +1,12 @@ +name: Mark stale issues and pull requests +on: + schedule: + - cron: "30 1 * * *" + +jobs: + stale: + permissions: + issues: write + pull-requests: write + uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1 + secrets: inherit diff --git a/.github/workflows/call_invalid_helper.yml b/.github/workflows/call_invalid_helper.yml new file mode 100644 index 0000000..773767c --- /dev/null +++ b/.github/workflows/call_invalid_helper.yml @@ -0,0 +1,12 @@ +name: Comment on invalid interaction +on: + issues: + types: + - labeled +jobs: + add-comment-on-invalid: + if: github.event.label.name == 'invalid' + permissions: + issues: write + uses: linuxserver/github-workflows/.github/workflows/invalid-interaction-helper.yml@v1 + secrets: inherit diff --git a/.github/workflows/check_samples.yml b/.github/workflows/check_samples.yml index 3a6c363..dd8c674 100644 --- a/.github/workflows/check_samples.yml +++ b/.github/workflows/check_samples.yml @@ -11,7 +11,8 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3.3.0 - name: Check Allowed File Names run: | diff --git a/README.md b/README.md index 2ba74b2..110b24c 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,12 @@ They are grouped in two: 1. `subfolder` these will allow accessing services at https://yourdomain.com/servicename 2. `subdomain` these will allow accessing services at https://servicename.yourdomain.com +It is recommended that users deploy subdomain reverse proxying and not subfolder. + +Whilst subfolder reverse proxying appears easier to implement the inherent nature of this technique requires that each application developer make accommodations to support it. This is not always the case and it is common to see applications with no or partial support resulting in an unreliable experience. + +Conversely subdomain reverse proxying does not require special accommodation by application developers and will invariably work (or can be made to work) seamlessly without upstream changes. + ## To enable the reverse proxy configs: ### Configure your default site config diff --git a/_template.subdomain.conf.sample b/_template.subdomain.conf.sample index f13fe8f..53024a5 100644 --- a/_template.subdomain.conf.sample +++ b/_template.subdomain.conf.sample @@ -1,8 +1,9 @@ -## Version 2021/05/18 +## Version 2023/02/05 # REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template. # REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for <tags> and replace them. Review other sample files to see how things are done. # REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as DNS or app settings. -# make sure that your dns has a cname set for <container_name> and that your <container_name> container is not using a base url +# make sure that your <container_name> container is named <container_name> +# make sure that your dns has a cname set for <container_name> server { listen 443 ssl; @@ -14,24 +15,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app <container_name>; diff --git a/_template.subfolder.conf.sample b/_template.subfolder.conf.sample index b7f06e4..2f8eff6 100644 --- a/_template.subfolder.conf.sample +++ b/_template.subfolder.conf.sample @@ -1,8 +1,10 @@ -## Version 2021/05/18 +## Version 2023/02/05 # REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template. # REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for <tags> and replace them. Review other sample files to see how things are done. # REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as DNS or app settings. -# first go into <container_name> settings, under "General" set the URL Base to /<container_name>/ and restart the <container_name> container +# make sure that your <container_name> container is named <container_name> +# make sure that <container_name> is set to work with the base url /<container_name>/ + location /<container_name> { return 301 $scheme://$host/<container_name>/; @@ -13,13 +15,15 @@ location ^~ /<container_name>/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app <container_name>; @@ -39,6 +43,6 @@ location ^~ /<container_name>/ { # set $upstream_port <port_number>; # set $upstream_proto <http or https>; # proxy_pass $upstream_proto://$upstream_app:$upstream_port; -# +# # # REMOVE THIS LINE BEFORE SUBMITTING: Additional proxy settings such as headers go below this line, leave the blank line above. # } diff --git a/adguard.subdomain.conf.sample b/adguard.subdomain.conf.sample index e4a17fc..b0e22a4 100644 --- a/adguard.subdomain.conf.sample +++ b/adguard.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/09/24 -# make sure that your dns has a cname set for adguard and that your adguard container is named adguard +## Version 2023/02/05 +# make sure that your adguard container is named adguard +# make sure that your dns has a cname set for adguard server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app adguard; @@ -47,7 +53,7 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - + location /dns-query { # to properly use this please set `allow_unencrypted_doh: true` and `force_https: false` in adguard # see https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#configuration-file diff --git a/adminer.subfolder.conf.sample b/adminer.subfolder.conf.sample index c34fd80..e8b0224 100644 --- a/adminer.subfolder.conf.sample +++ b/adminer.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# adminer does not require a base url setting, but the container needs to be named adminer +## Version 2023/02/05 +# make sure that your adminer container is named adminer +# adminer does not require a base url setting location /adminer { return 301 $scheme://$host/adminer/; @@ -10,13 +11,15 @@ location ^~ /adminer/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app adminer; diff --git a/adminmongo.subdomain.conf.sample b/adminmongo.subdomain.conf.sample index c4adb76..8dfb8e8 100644 --- a/adminmongo.subdomain.conf.sample +++ b/adminmongo.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/07/03 -# make sure that your dns has a cname set for adminmongo and that your adminmongo container is not using a base url +## Version 2023/02/05 +# make sure that your adminmongo container is named adminmongo +# make sure that your dns has a cname set for adminmongo server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app adminmongo; diff --git a/airsonic.subdomain.conf.sample b/airsonic.subdomain.conf.sample index 06b920a..c44939b 100644 --- a/airsonic.subdomain.conf.sample +++ b/airsonic.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url +## Version 2023/02/05 +# make sure that your airsonic container is named airsonic +# make sure that your dns has a cname set for airsonic # add `server.use-forward-headers=true` to `/config/application.properties` to ensure logs contain real source IP server { @@ -12,24 +13,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app airsonic; diff --git a/airsonic.subfolder.conf.sample b/airsonic.subfolder.conf.sample index 89586f5..54b4f88 100644 --- a/airsonic.subfolder.conf.sample +++ b/airsonic.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your airsonic container is named airsonic +# make sure that airsonic is set to work with the base url /airsonic/ # set the CONTEXT_PATH variable to /airsonic in airsonic container. location ^~ /airsonic { @@ -6,13 +8,15 @@ location ^~ /airsonic { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app airsonic; diff --git a/apprise-api.subdomain.conf.sample b/apprise-api.subdomain.conf.sample new file mode 100644 index 0000000..8ab68f3 --- /dev/null +++ b/apprise-api.subdomain.conf.sample @@ -0,0 +1,47 @@ +## Version 2023/02/05 +# make sure that your apprise-api container is named apprise-api +# make sure that your dns has a cname set for apprise-api + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name apprise-api.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app apprise-api; + set $upstream_port 8000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/archisteamfarm.subdomain.conf.sample b/archisteamfarm.subdomain.conf.sample index 5a764f8..3343783 100644 --- a/archisteamfarm.subdomain.conf.sample +++ b/archisteamfarm.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your archisteamfarm container is named archisteamfarm # make sure that your dns has a cname set for archisteamfarm server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app archisteamfarm; diff --git a/aria2-with-webui.subdomain.conf.sample b/aria2-with-webui.subdomain.conf.sample index ddb5f25..b0b5313 100644 --- a/aria2-with-webui.subdomain.conf.sample +++ b/aria2-with-webui.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Make sure that your dns has a cname set for aria2 and that your aria2-with-webui container is not using a base url +## Version 2023/02/05 +# make sure that your aria2 container is named aria2-with-webui +# make sure that your dns has a cname set for aria2 # # The RPC port will need to be changed to 443 in the AriaNg/WebUI-Aria2 settings or by using the AriaNg command api # e.g. https://aria2.example.com/#!/settings/rpc/set/https/aria2.example.com/443/jsonrpc @@ -15,24 +16,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app aria2-with-webui; @@ -41,7 +47,7 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - + location ~ (/aria2-with-webui)?/jsonrpc { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; diff --git a/audiobookshelf.subdomain.conf.sample b/audiobookshelf.subdomain.conf.sample index 30ba450..1338191 100644 --- a/audiobookshelf.subdomain.conf.sample +++ b/audiobookshelf.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for audiobookshelf and that your audiobookshelf container is not using a base url +## Version 2023/02/05 +# make sure that your audiobookshelf container is named audiobookshelf +# make sure that your dns has a cname set for audiobookshelf server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app audiobookshelf; diff --git a/audiobookshelf.subfolder.conf.sample b/audiobookshelf.subfolder.conf.sample index 22cda40..f97b5c3 100644 --- a/audiobookshelf.subfolder.conf.sample +++ b/audiobookshelf.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your audiobookshelf container is named audiobookshelf +# make sure that audiobookshelf is set to work with the base url /audiobookshelf/ # set the CONTEXT_PATH variable to /audiobookshelf in audiobookshelf container. location ^~ /audiobookshelf { @@ -6,13 +8,15 @@ location ^~ /audiobookshelf { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app audiobookshelf; diff --git a/authelia.subdomain.conf.sample b/authelia.subdomain.conf.sample index 004920b..af80d73 100644 --- a/authelia.subdomain.conf.sample +++ b/authelia.subdomain.conf.sample @@ -1,9 +1,10 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your authelia container is named authelia # make sure that your dns has a cname set for authelia -# the default authelia-server and authelia-location confs included with letsencrypt rely on -# subfolder proxy at "/authelia" and enabling of this proxy conf is not necessary. -# But if you'd like to use authelia via subdomain, you can enable this proxy and set up your own -# authelia-server and authelia-location confs as described in authelia docs. +# the default authelia-server and authelia-location confs included with swag rely on +# a built-in subfolder proxy at "/authelia" and enabling this proxy conf is not necessary. +# But if you'd like to use authelia via subdomain, you can enable this proxy and set +# the $authelia_backed variable in the authelia-server.conf. server { listen 443 ssl; diff --git a/authentik.subdomain.conf.sample b/authentik.subdomain.conf.sample new file mode 100644 index 0000000..512c1e8 --- /dev/null +++ b/authentik.subdomain.conf.sample @@ -0,0 +1,25 @@ +## Version 2023/02/05 +# make sure that your authentik container is named authentik-server +# make sure that your dns has a cname set for authentik + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name authentik.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + location / { + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app authentik-server; + set $upstream_port 9000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/babybuddy.subdomain.conf.sample b/babybuddy.subdomain.conf.sample index 337c668..f45810e 100644 --- a/babybuddy.subdomain.conf.sample +++ b/babybuddy.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/05/10 +## Version 2023/02/05 +# make sure that your babybuddy container is named babybuddy # make sure that your dns has a cname set for babybuddy server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app babybuddy; diff --git a/bazarr.subdomain.conf.sample b/bazarr.subdomain.conf.sample index e621768..213bf1d 100644 --- a/bazarr.subdomain.conf.sample +++ b/bazarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for bazarr and that your bazarr container is not using a base url +## Version 2023/02/05 +# make sure that your bazarr container is named bazarr +# make sure that your dns has a cname set for bazarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bazarr; diff --git a/bazarr.subfolder.conf.sample b/bazarr.subfolder.conf.sample index 764615a..eede1dd 100644 --- a/bazarr.subfolder.conf.sample +++ b/bazarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# first go into bazarr settings, under "General" set the URL Base to /bazarr/ and restart the bazarr container +## Version 2023/02/05 +# make sure that your bazarr container is named bazarr +# make sure that bazarr is set to work with the base url /bazarr/ location /bazarr { return 301 $scheme://$host/bazarr/; @@ -10,13 +11,15 @@ location ^~ /bazarr/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bazarr; diff --git a/beets.subdomain.conf.sample b/beets.subdomain.conf.sample index eebf704..f48d62b 100644 --- a/beets.subdomain.conf.sample +++ b/beets.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your beets container is named beets +# make sure that your dns has a cname set for beets #First edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container. -#Make sure that your dns has a cname set for beets and that your beets container is not using a base url server { listen 443 ssl; @@ -12,24 +13,29 @@ server { client_max_body_size 0; - #enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app beets; diff --git a/beets.subfolder.conf.sample b/beets.subfolder.conf.sample index b5cf2f3..7a19a0b 100644 --- a/beets.subfolder.conf.sample +++ b/beets.subfolder.conf.sample @@ -1,18 +1,22 @@ -## Version 2021/05/18 -#first edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container +## Version 2023/02/05 +# make sure that your beets container is named beets +# make sure that beets is set to work with the base url /beets/ +# first edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container location /beets { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app beets; diff --git a/bitwarden.subdomain.conf.sample b/bitwarden.subdomain.conf.sample index 5824530..652175f 100644 --- a/bitwarden.subdomain.conf.sample +++ b/bitwarden.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/02/08 -# make sure that your dns has a cname set for bitwarden and that your bitwarden container is not using a base url -# make sure your bitwarden container is named "bitwarden" +## Version 2023/02/05 +# make sure that your bitwarden container is named bitwarden +# make sure that your dns has a cname set for bitwarden # set the environment variable WEBSOCKET_ENABLED=true on your bitwarden container server { @@ -13,24 +13,29 @@ server { client_max_body_size 128M; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; @@ -45,13 +50,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; diff --git a/bitwarden.subfolder.conf.sample b/bitwarden.subfolder.conf.sample index 5ce9c21..6794b96 100644 --- a/bitwarden.subfolder.conf.sample +++ b/bitwarden.subfolder.conf.sample @@ -1,6 +1,9 @@ -## Version 2022/02/08 +## Version 2023/02/05 +# make sure that your bitwarden container is named bitwarden +# make sure that bitwarden is set to work with the base url /bitwarden/ ## Environmental Variable DOMAIN=https://<DOMAIN>/bitwarden must be set in bitwarden container including subfolder. ## This is using ports 80 and 3012 + location /bitwarden { return 301 $scheme://$host/bitwarden/; } @@ -10,13 +13,15 @@ location ^~ /bitwarden/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; @@ -31,13 +36,15 @@ location ~ (/bitwarden)?/admin { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; diff --git a/boinc.subdomain.conf.sample b/boinc.subdomain.conf.sample index 08bc635..406acbc 100644 --- a/boinc.subdomain.conf.sample +++ b/boinc.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your boinc container is named boinc # make sure that your dns has a cname set for boinc server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app boinc; diff --git a/boinc.subfolder.conf.sample b/boinc.subfolder.conf.sample index d177fd1..34184e1 100644 --- a/boinc.subfolder.conf.sample +++ b/boinc.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/06/28 +## Version 2023/02/05 +# make sure that your bionc container is named bionc +# make sure that bionc is set to work with the base url /bionc/ # In boinc docker arguments, set an env variable for SUBFOLDER=/boinc/ location /boinc { @@ -10,13 +12,15 @@ location ^~ /boinc/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app boinc; diff --git a/booksonic.subdomain.conf.sample b/booksonic.subdomain.conf.sample index c1a2308..3b854e8 100644 --- a/booksonic.subdomain.conf.sample +++ b/booksonic.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for booksonic and that your booksonic container is not using a base url +## Version 2023/02/05 +# make sure that your booksonic container is named booksonic +# make sure that your dns has a cname set for booksonic server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app booksonic; diff --git a/booksonic.subfolder.conf.sample b/booksonic.subfolder.conf.sample index 57596a2..37dfdf9 100644 --- a/booksonic.subfolder.conf.sample +++ b/booksonic.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your booksonic container is named booksonic +# make sure that booksonic is set to work with the base url /booksonic/ # set the CONTEXT_PATH variable to /booksonic in booksonic container. location ^~ /booksonic { @@ -6,13 +8,15 @@ location ^~ /booksonic { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app booksonic; diff --git a/bookstack.subdomain.conf.sample b/bookstack.subdomain.conf.sample index 19514ef..63ff034 100644 --- a/bookstack.subdomain.conf.sample +++ b/bookstack.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for bookstack and that your bookstack container is named bookstack +## Version 2023/02/05 +# make sure that your bookstack container is named bookstack +# make sure that your dns has a cname set for bookstack # Ensure you have the APP_URL Environment Variable set correctly in your Docker Run/Compose or in BookStack Env File (/www/.env) # https://github.com/linuxserver/docker-bookstack#docker @@ -13,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bookstack; diff --git a/budge.subdomain.conf.sample b/budge.subdomain.conf.sample new file mode 100644 index 0000000..c58792a --- /dev/null +++ b/budge.subdomain.conf.sample @@ -0,0 +1,47 @@ +## Version 2023/02/05 +# make sure that your budge container is named budge +# make sure that your dns has a cname set for budge + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name budge.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app budge; + set $upstream_port 443; + set $upstream_proto https; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index fa2361e..54b1418 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your calibre-web container is named calibre-web # make sure that your dns has a cname set for calibre-web server { @@ -11,26 +12,31 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia - # To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is # enabled, "Reverse Proxy Header Name" is set to Remote-User, and each Authelia # user also has a corresponding user manually created in Calibre-Web. - #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; @@ -41,10 +47,10 @@ server { proxy_set_header X-Scheme $scheme; } - + # OPDS feed for eBook reader apps # Even if you use Authelia, the OPDS feed requires a password to be set for - # the user directly in Calibre-Web, as eBook reader apps don't support + # the user directly in Calibre-Web, as eBook reader apps don't support # form-based logins, only HTTP Basic auth. location /opds/ { include /config/nginx/proxy.conf; diff --git a/calibre-web.subfolder.conf.sample b/calibre-web.subfolder.conf.sample index a9d007f..e28a272 100644 --- a/calibre-web.subfolder.conf.sample +++ b/calibre-web.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your calibre-web container is named calibre-web # calibre-web does not require a base url setting location /calibre-web { @@ -10,15 +11,17 @@ location ^~ /calibre-web/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config - # To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is # enabled, "Reverse Proxy Header Name" is set to Remote-User, and each Authelia # user also has a corresponding user manually created in Calibre-Web. - #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; @@ -33,7 +36,7 @@ location ^~ /calibre-web/ { # OPDS feed for eBook reader apps # Even if you use Authelia, the OPDS feed requires a password to be set for -# the user directly in Calibre-Web, as eBook reader apps don't support +# the user directly in Calibre-Web, as eBook reader apps don't support # form-based logins, only HTTP Basic auth. location ^~ /calibre-web/opds/ { include /config/nginx/proxy.conf; diff --git a/calibre.subdomain.conf.sample b/calibre.subdomain.conf.sample index e17c0b9..4d0637d 100644 --- a/calibre.subdomain.conf.sample +++ b/calibre.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/03/29 +## Version 2023/02/05 +# make sure that your calibre container is named calibre # make sure that your dns has a cname set for calibre # for the content server, go into calibre preferences / sharing over the net / advanced and # set the first option for prefix url to '/content-server', save and restart the container @@ -14,24 +15,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; @@ -51,13 +57,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; diff --git a/calibre.subfolder.conf.sample b/calibre.subfolder.conf.sample index 20095ce..21cc09b 100644 --- a/calibre.subfolder.conf.sample +++ b/calibre.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/03/29 +## Version 2023/02/05 +# make sure that your calibre container is named calibre +# make sure that calibre is set to work with the base url /calibre/ # In calibre docker arguments, set an env variable for SUBFOLDER=/calibre/ # for the content server, go into calibre preferences / sharing over the net / advanced and # set the first option for prefix url to '/content-server', save and restart the container @@ -13,13 +15,15 @@ location ^~ /calibre/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; @@ -38,13 +42,15 @@ location ^~ /content-server/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; diff --git a/castopod.subdomain.conf.sample b/castopod.subdomain.conf.sample new file mode 100644 index 0000000..9544a7d --- /dev/null +++ b/castopod.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2023/02/05 +# make sure that your castopod container is named castopod +# make sure that your dns has a cname set for castopod + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name castopod.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app castopod; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/changedetection.subdomain.conf.sample b/changedetection.subdomain.conf.sample index 0f8fc82..f9b3071 100644 --- a/changedetection.subdomain.conf.sample +++ b/changedetection.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/06/25 -# make sure that your dns has a cname set for changedetection and that your changedetection container is named changedetection +## Version 2023/02/05 +# make sure that your changedetection container is named changedetection +# make sure that your dns has a cname set for changedetection server { listen 443 ssl; @@ -11,30 +12,35 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app changedetection; set $upstream_port 5000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/chevereto.subdomain.conf.sample b/chevereto.subdomain.conf.sample index bd166e3..6349fab 100644 --- a/chevereto.subdomain.conf.sample +++ b/chevereto.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/06/28 -# make sure that your dns has a cname set for chevereto and that your chevereto container is not using a base url +## Version 2023/02/05 +# make sure that your chevereto container is named chevereto +# make sure that your dns has a cname set for chevereto server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app chevereto; diff --git a/chronograf.subdomain.conf.sample b/chronograf.subdomain.conf.sample index bd40f8a..76c6e4c 100644 --- a/chronograf.subdomain.conf.sample +++ b/chronograf.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Make sure that your dns has a cname set for chronograf and that your chronograf container is not using a base url +## Version 2023/02/05 +# make sure that your chronograf container is named chronograf +# make sure that your dns has a cname set for chronograf server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app chronograf; diff --git a/chronograf.subfolder.conf.sample b/chronograf.subfolder.conf.sample index 9d59e83..0510f34 100644 --- a/chronograf.subfolder.conf.sample +++ b/chronograf.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your chronograf container is named chronograf +# make sure that chronograf is set to work with the base url /chronograf/ # add BASE_PATH=/chronograf environment variable to your docker compose/run location /chronograf { @@ -10,13 +12,15 @@ location ^~ /chronograf/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app chronograf; diff --git a/cloudbeaver.subdomain.conf.sample b/cloudbeaver.subdomain.conf.sample index d30a844..fe2944c 100644 --- a/cloudbeaver.subdomain.conf.sample +++ b/cloudbeaver.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/02/20 -# make sure that your dns has a cname set for cloudbeaver and that your cloudbeaver container is not using a base url -# tested using dbeaver/cloudbeaver +## Version 2023/02/05 +# make sure that your cloudbeaver container is named cloudbeaver +# make sure that your dns has a cname set for cloudbeaver server { listen 443 ssl; @@ -14,24 +14,29 @@ server { proxy_redirect off; proxy_buffering off; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app cloudbeaver; @@ -40,4 +45,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } -} \ No newline at end of file +} diff --git a/code-server.subdomain.conf.sample b/code-server.subdomain.conf.sample index 3cb52a0..4c7abcb 100644 --- a/code-server.subdomain.conf.sample +++ b/code-server.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your code-server container is named code-server # make sure that your dns has a cname set for code-server server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app code-server; diff --git a/codimd.subdomain.conf.sample b/codimd.subdomain.conf.sample index 6f10a87..2eae937 100644 --- a/codimd.subdomain.conf.sample +++ b/codimd.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2021/05/18 +## Version 2023/02/05 # make sure you have added the following environmental variables to your run command/compose file # CMD_DOMAIN=codimd.server.com # CMD_PROTOCOL_USESSL=true @@ -13,24 +13,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app codimd; diff --git a/collabora.subdomain.conf.sample b/collabora.subdomain.conf.sample index 1c903a2..712cfef 100644 --- a/collabora.subdomain.conf.sample +++ b/collabora.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for collabora and that your collabora container is named collabora +## Version 2023/02/05 +# make sure that your collabora container is named collabora +# make sure that your dns has a cname set for collabora server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app collabora; diff --git a/commento.subdomain.conf.sample b/commento.subdomain.conf.sample index 2e61b8f..db45f68 100644 --- a/commento.subdomain.conf.sample +++ b/commento.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/04/17 -# make sure that your dns has a cname set for commento and that your commento config is not using a subdirectory. +## Version 2023/02/05 +# make sure that your commento container is named commento +# make sure that your dns has a cname set for commento server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - #enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app commento; diff --git a/couchpotato.subdomain.conf.sample b/couchpotato.subdomain.conf.sample index 302e79d..07a6671 100644 --- a/couchpotato.subdomain.conf.sample +++ b/couchpotato.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for couchpotato and that your couchpotato container is not using a base url +## Version 2023/02/05 +# make sure that your couchpotato container is named couchpotato +# make sure that your dns has a cname set for couchpotato server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app couchpotato; diff --git a/couchpotato.subfolder.conf.sample b/couchpotato.subfolder.conf.sample index 4882b96..e416b12 100644 --- a/couchpotato.subfolder.conf.sample +++ b/couchpotato.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into couchpotato settings, under "General" set the URL Base to /couchpotato and restart the couchpotato container +## Version 2023/02/05 +# make sure that your couchpotato container is named couchpotato +# make sure that couchpotato is set to work with the base url /couchpotato/ location ^~ /couchpotato { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app couchpotato; diff --git a/crontabui.subfolder.conf.sample b/crontabui.subfolder.conf.sample index b026018..0398d26 100644 --- a/crontabui.subfolder.conf.sample +++ b/crontabui.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/03/30 +## Version 2023/02/05 +# make sure that your crontabui container is named crontabui # crontabui does not require a base url setting location /crontabui { @@ -10,13 +11,15 @@ location ^~ /crontabui/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app crontabui; diff --git a/crowdsec-dashboard.subdomain.conf.sample b/crowdsec-dashboard.subdomain.conf.sample index a90d8ca..61651e9 100644 --- a/crowdsec-dashboard.subdomain.conf.sample +++ b/crowdsec-dashboard.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/05/24 -# make sure that your dns has a cname set for crowdsec-dashboard and that your crowdsec-dashboard container is not using a base url +## Version 2023/02/05 +# make sure that your crowdsec-dashboard container is named crowdsec-dashboard +# make sure that your dns has a cname set for crowdsec-dashboard server { listen 443 ssl; @@ -11,31 +12,36 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app crowdsec-dashboard; set $upstream_port 3000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + # Uncomment these if you want to lower security, and # allow running in an iFrame (i.e. Organizr) #proxy_hide_header Content-Security-Policy; diff --git a/crowdsec.subdomain.conf.sample b/crowdsec.subdomain.conf.sample new file mode 100644 index 0000000..4274407 --- /dev/null +++ b/crowdsec.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2023/02/05 +# make sure that your crowdsec container is named crowdsec +# make sure that your dns has a cname set for crowdsec + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name crowdsec.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app crowdsec; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/dashy.subdomain.conf.sample b/dashy.subdomain.conf.sample index fb6b540..3f13663 100644 --- a/dashy.subdomain.conf.sample +++ b/dashy.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for dashy and that your dashy container is not using a base url +## Version 2023/02/05 +# make sure that your dashy container is named dashy +# make sure that your dns has a cname set for dashy server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dashy; diff --git a/deluge.subdomain.conf.sample b/deluge.subdomain.conf.sample index b629432..2f94ccd 100644 --- a/deluge.subdomain.conf.sample +++ b/deluge.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for deluge and that your deluge container is not using a base url +## Version 2023/02/05 +# make sure that your deluge container is named deluge +# make sure that your dns has a cname set for deluge server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app deluge; diff --git a/deluge.subfolder.conf.sample b/deluge.subfolder.conf.sample index 7b29f23..74aab62 100644 --- a/deluge.subfolder.conf.sample +++ b/deluge.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your deluge container is named deluge # deluge does not require a base url setting location /deluge { @@ -10,13 +11,15 @@ location ^~ /deluge/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app deluge; diff --git a/dillinger.subdomain.conf.sample b/dillinger.subdomain.conf.sample index fa39245..081b345 100644 --- a/dillinger.subdomain.conf.sample +++ b/dillinger.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your dillinger container is named dillinger # make sure that your dns has a cname set for dillinger server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dillinger; diff --git a/documentserver.subdomain.conf.sample b/documentserver.subdomain.conf.sample index 2fc78df..428116b 100644 --- a/documentserver.subdomain.conf.sample +++ b/documentserver.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2021/05/18 -# Make sure that your dns has a cname set for onlyoffice named "documentserver" -# Make sure that the onlyoffice documentserver container is named "documentserver" +## Version 2023/02/05 +# make sure that your onlyoffice documentserver container is named documentserver +# make sure that your dns has a cname set for documentserver server { listen 443 ssl; @@ -12,24 +12,29 @@ server { client_max_body_size 0; - #enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app documentserver; diff --git a/dokuwiki.subdomain.conf.sample b/dokuwiki.subdomain.conf.sample index 18cf3c6..8e05e12 100644 --- a/dokuwiki.subdomain.conf.sample +++ b/dokuwiki.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2021/05/18 -# First complete the setup by appending install.php to URL. -# Make sure that your dns has a cname set for dokuwiki +## Version 2023/02/05 +# make sure that your dokuwiki container is named dokuwiki +# make sure that your dns has a cname set for dokuwiki +# complete the setup by appending install.php to URL server { listen 443 ssl; @@ -12,24 +13,29 @@ server { client_max_body_size 0; - #enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dokuwiki; diff --git a/dokuwiki.subfolder.conf.sample b/dokuwiki.subfolder.conf.sample index f299a7e..401968f 100644 --- a/dokuwiki.subfolder.conf.sample +++ b/dokuwiki.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your dokuwiki container is named dokuwiki +# make sure that dokuwiki is set to work with the base url /dokuwiki/ # first go into dokuwiki settings (Admin on the top left when Logged in), under "Configuration Settings" set the "basedir" to /dokuwiki/ and restart the dokuwiki container location /dokuwiki { @@ -10,13 +12,15 @@ location ^~ /dokuwiki/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dokuwiki; diff --git a/domoticz.subdomain.conf.sample b/domoticz.subdomain.conf.sample index b4afc88..3311a04 100644 --- a/domoticz.subdomain.conf.sample +++ b/domoticz.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Make sure that your dns has a cname set for domoticz and that your domoticz container is not using a base url +## Version 2023/02/05 +# make sure that your domoticz container is named domoticz +# make sure that your dns has a cname set for domoticz server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app domoticz; diff --git a/domoticz.subfolder.conf.sample b/domoticz.subfolder.conf.sample index 90c4665..9bca758 100644 --- a/domoticz.subfolder.conf.sample +++ b/domoticz.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your domoticz container is named domoticz +# make sure that domoticz is set to work with the base url /domoticz/ # set the WEBROOT variable to domoticz for the domoticz container. location ^~ /domoticz/ { @@ -6,13 +8,15 @@ location ^~ /domoticz/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app domoticz; diff --git a/dozzle.subdomain.conf.sample b/dozzle.subdomain.conf.sample index b2221c9..cc21037 100644 --- a/dozzle.subdomain.conf.sample +++ b/dozzle.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for dozzle and that your dozzle container is named dozzle +## Version 2023/02/05 +# make sure that your dozzle container is named dozzle +# make sure that your dns has a cname set for dozzle server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dozzle; diff --git a/dozzle.subfolder.conf.sample b/dozzle.subfolder.conf.sample index 2d07a28..b0cd5bd 100644 --- a/dozzle.subfolder.conf.sample +++ b/dozzle.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your dozzle container is named dozzle +# make sure that dozzle is set to work with the base url /dozzle/ # First either add "--base /dozzle" or "-e DOZZLE_BASE=/dozzle" to your docker run command, and restart the Dozzle container location /dozzle { @@ -10,13 +12,15 @@ location ^~ /dozzle/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dozzle; diff --git a/drone.subdomain.conf.sample b/drone.subdomain.conf.sample index b54aa68..7d016f2 100644 --- a/drone.subdomain.conf.sample +++ b/drone.subdomain.conf.sample @@ -1,4 +1,7 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your drone container is named drone +# make sure that your dns has a cname set for drone + server { listen 443 ssl; listen [::]:443 ssl; @@ -8,25 +11,30 @@ server { include /config/nginx/ssl.conf; client_max_body_size 0; - - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; - # enable for Authelia + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; - + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app drone; @@ -34,4 +42,4 @@ server { set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } -} \ No newline at end of file +} diff --git a/duplicati.subdomain.conf.sample b/duplicati.subdomain.conf.sample index b0607fc..f333249 100644 --- a/duplicati.subdomain.conf.sample +++ b/duplicati.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for duplicati and that your duplicati container is not using a base url +## Version 2023/02/05 +# make sure that your duplicati container is named duplicati +# make sure that your dns has a cname set for duplicati server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app duplicati; diff --git a/duplicati.subfolder.conf.sample b/duplicati.subfolder.conf.sample index ca83963..2640006 100644 --- a/duplicati.subfolder.conf.sample +++ b/duplicati.subfolder.conf.sample @@ -1,5 +1,7 @@ -## Version 2021/05/18 -# duplicati does not require a base url setting. DUPLICATI AUTH WILL NOT WORK WITH THIS CONFIG, use the auth options below +## Version 2023/02/05 +# make sure that your duplicati container is named duplicati +# duplicati does not require a base url setting +# DUPLICATI AUTH WILL NOT WORK WITH THIS CONFIG, use the auth options below location /duplicati { return 301 $scheme://$host/duplicati/; @@ -10,13 +12,15 @@ location ^~ /duplicati/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app duplicati; diff --git a/emby.subdomain.conf.sample b/emby.subdomain.conf.sample index 936d102..b843ad2 100644 --- a/emby.subdomain.conf.sample +++ b/emby.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for emby and that your emby container is not using a base url +## Version 2023/02/05 +# make sure that your emby container is named emby +# make sure that your dns has a cname set for emby # if emby is running in bridge mode and the container is named "emby", the below config should work as is # if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;" # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby diff --git a/emby.subfolder.conf.sample b/emby.subfolder.conf.sample index 0fcc693..b2295c7 100644 --- a/emby.subfolder.conf.sample +++ b/emby.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for emby +## Version 2023/02/05 +# make sure that your emby container is named emby +# emby does not require a base url setting # if emby is running in bridge mode and the container is named "emby", the below config should work as is # if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;" # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby diff --git a/embystat.subdomain.conf.sample b/embystat.subdomain.conf.sample index 363780a..a738468 100644 --- a/embystat.subdomain.conf.sample +++ b/embystat.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your embystat container is named embystat # make sure that your dns has a cname set for embystat server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app embystat; diff --git a/emulatorjs.subdomain.conf.sample b/emulatorjs.subdomain.conf.sample index c80212e..92b05c2 100644 --- a/emulatorjs.subdomain.conf.sample +++ b/emulatorjs.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/11/03 +## Version 2023/02/05 +# make sure that your emulatorjs container is named emulatorjs # make sure that your dns has a cname set for emulatorjs # In emulatorjs docker arguments, set an env variable for SUBFOLDER=/backend/ # The backend interface will be accessible at https://emulatorjs.yourdomain.com/backend/ @@ -13,25 +14,30 @@ server { include /config/nginx/ssl.conf; client_max_body_size 0; - - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; - # enable for Authelia + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; - + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app emulatorjs; @@ -49,13 +55,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; - + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app emulatorjs; diff --git a/filebot.subdomain.conf.sample b/filebot.subdomain.conf.sample index 20b6d34..1593399 100644 --- a/filebot.subdomain.conf.sample +++ b/filebot.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/06/30 -# make sure that your dns has a cname set for filebot and that your filebot container is not using a base url +## Version 2023/02/05 +# make sure that your filebot container is named filebot +# make sure that your dns has a cname set for filebot server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebot; diff --git a/filebot.subfolder.conf.sample b/filebot.subfolder.conf.sample index e75f6b6..20a7430 100644 --- a/filebot.subfolder.conf.sample +++ b/filebot.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your filebot container is named filebot # filebot does not require a base url setting location /filebot { @@ -10,13 +11,15 @@ location ^~ /filebot/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebot; diff --git a/filebrowser.subdomain.conf.sample b/filebrowser.subdomain.conf.sample index 2ce2094..194815f 100644 --- a/filebrowser.subdomain.conf.sample +++ b/filebrowser.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for filebrowser and that your filebrowser container is not using a base url +## Version 2023/02/05 +# make sure that your filebrowser container is named filebrowser +# make sure that your dns has a cname set for filebrowser server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebrowser; diff --git a/filebrowser.subfolder.conf.sample b/filebrowser.subfolder.conf.sample index d13923d..8c7ceaf 100644 --- a/filebrowser.subfolder.conf.sample +++ b/filebrowser.subfolder.conf.sample @@ -1,5 +1,7 @@ -## Version 2021/05/18 -# set this environment variable on your filebrowser container FILEBROWSER_BASEURL=/filebrowser +## Version 2023/02/05 +# make sure that your filebrowser container is named filebrowser +# make sure that filebrowser is set to work with the base url /filebrowser/ +# set this environment variable on your filebrowser container FB_BASEURL=/filebrowser location /filebrowser { return 301 $scheme://$host/filebrowser/; @@ -10,13 +12,15 @@ location ^~ /filebrowser/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebrowser; diff --git a/firefly.subdomain.conf.sample b/firefly.subdomain.conf.sample index feb855c..b30494c 100644 --- a/firefly.subdomain.conf.sample +++ b/firefly.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for firefly and that your firefly container is not using a base url +## Version 2023/02/05 +# make sure that your firefly container is named firefly +# make sure that your dns has a cname set for firefly server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app firefly; diff --git a/firefox.subdomain.conf.sample b/firefox.subdomain.conf.sample index 109176f..d12cff6 100644 --- a/firefox.subdomain.conf.sample +++ b/firefox.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for firefox and that your firefox container is not using a base url +## Version 2023/02/05 +# make sure that your firefox container is named firefox +# make sure that your dns has a cname set for firefox server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app firefox; diff --git a/flexget.subdomain.conf.sample b/flexget.subdomain.conf.sample index e667042..827ddc8 100644 --- a/flexget.subdomain.conf.sample +++ b/flexget.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your flexget container is named flexget # make sure that your dns has a cname set for flexget server { @@ -11,30 +12,35 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app flexget; set $upstream_port 5050; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/flexget.subfolder.conf.sample b/flexget.subfolder.conf.sample index b5781c2..9b0d782 100644 --- a/flexget.subfolder.conf.sample +++ b/flexget.subfolder.conf.sample @@ -1,35 +1,45 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your flexget container is named flexget +# make sure that flexget is set to work with the base url /flexget/ # make sure to set 'base_url: /flexget' under your flexget's config.yml web_server block -# + location /flexget { return 301 $scheme://$host/flexget/; } - location ^~ /flexget/ { - # enable the next two lines for http auth - #auth_basic "Restricted"; - #auth_basic_user_file /config/nginx/.htpasswd; +location ^~ /flexget/ { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia - #include /config/nginx/authelia-location.conf; + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app flexget; - set $upstream_port 5050; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; - } - - location ^~ /flexget/api/ { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app flexget; - set $upstream_port 5050; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; - } + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app flexget; + set $upstream_port 5050; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} + +location ^~ /flexget/api/ { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app flexget; + set $upstream_port 5050; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} diff --git a/flood.subdomain.conf.sample b/flood.subdomain.conf.sample index c73bc12..dd5c906 100644 --- a/flood.subdomain.conf.sample +++ b/flood.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for flood and that your flood container is not using a base url +## Version 2023/02/05 +# make sure that your flood container is named flood +# make sure that your dns has a cname set for flood server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app flood; diff --git a/flood.subfolder.conf.sample b/flood.subfolder.conf.sample index fe730fe..6b16d65 100644 --- a/flood.subfolder.conf.sample +++ b/flood.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your flood container is named flood # flood does not require a base url setting location /flood { @@ -10,13 +11,15 @@ location ^~ /flood/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app flood; diff --git a/foldingathome.subdomain.conf.sample b/foldingathome.subdomain.conf.sample index 9e77a83..fe66399 100644 --- a/foldingathome.subdomain.conf.sample +++ b/foldingathome.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your foldingathome container is named foldingathome # make sure that your dns has a cname set for foldingathome server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; proxy_buffering off; include /config/nginx/resolver.conf; diff --git a/foundryvtt.subdomain.conf.sample b/foundryvtt.subdomain.conf.sample index 6999fec..ea62cb9 100644 --- a/foundryvtt.subdomain.conf.sample +++ b/foundryvtt.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2021/06/05 -# make sure that your dns has a cname set for foundryvtt -# Ensure that your Foundry VTT's {userData}/Config/options.json file is configured as follows: +## Version 2023/02/05 +# make sure that your foundryvtt container is named foundryvtt +# make sure that your dns has a cname set for foundryvtt +# Ensure that your Foundry VTT's {userData}/Config/options.json file is configured as follows: # "hostname": "your.hostname.com", # "routePrefix": null, # "sslCert": null, @@ -20,30 +21,35 @@ server { client_max_body_size 300M; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app foundryvtt; set $upstream_port 30000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/freshrss.subdomain.conf.sample b/freshrss.subdomain.conf.sample index 5749ebe..fa338b1 100644 --- a/freshrss.subdomain.conf.sample +++ b/freshrss.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/07/08 +## Version 2023/02/05 +# make sure that your freshrss container is named freshrss # make sure that your dns has a cname set for freshrss server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app freshrss; diff --git a/freshrss.subfolder.conf.sample b/freshrss.subfolder.conf.sample index 8dc283d..208d400 100644 --- a/freshrss.subfolder.conf.sample +++ b/freshrss.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/07/08 -# freshrss does not have a base url setting +## Version 2023/02/05 +# make sure that your freshrss container is named freshrss +# freshrss does not require a base url setting location /freshrss { return 301 $scheme://$host/freshrss/; @@ -10,13 +11,15 @@ location ^~ /freshrss/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app freshrss; diff --git a/gaps.subdomain.conf.sample b/gaps.subdomain.conf.sample index a830849..3753a93 100644 --- a/gaps.subdomain.conf.sample +++ b/gaps.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/10/20 -# make sure that your dns has a cname set for gaps and that your gaps container is not using a base url +## Version 2023/02/05 +# make sure that your gaps container is named gaps +# make sure that your dns has a cname set for gaps server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gaps; diff --git a/gaps.subfolder.conf.sample b/gaps.subfolder.conf.sample index 4f2011a..9f99ff7 100644 --- a/gaps.subfolder.conf.sample +++ b/gaps.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/04/08 +## Version 2023/02/05 +# make sure that your gaps container is named gaps +# make sure that gaps is set to work with the base url /gaps/ # In your Docker compose (or docker run) add: BASE_URL: /gaps location /gaps { @@ -10,13 +12,15 @@ location ^~ /gaps/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gaps; diff --git a/get_iplayer.subdomain.conf.sample b/get_iplayer.subdomain.conf.sample index 61adc89..d4a89c9 100644 --- a/get_iplayer.subdomain.conf.sample +++ b/get_iplayer.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/06/25 -# make sure that your dns has a cname set for get_iplayer and that your get_iplayer container is named get_iplayer +## Version 2023/02/05 +# make sure that your get_iplayer container is named get_iplayer +# make sure that your dns has a cname set for get_iplayer server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app get_iplayer; diff --git a/ghost.subdomain.conf.sample b/ghost.subdomain.conf.sample index ad96072..e535a72 100644 --- a/ghost.subdomain.conf.sample +++ b/ghost.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/07/08 -# make sure that your dns has a cname set for ghost and that your ghost config is not using a subdirectory. +## Version 2023/02/05 +# make sure that your ghost container is named ghost +# make sure that your dns has a cname set for ghost server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - #enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ghost; diff --git a/ghost.subfolder.conf.sample b/ghost.subfolder.conf.sample index 242a1e0..5673ccc 100644 --- a/ghost.subfolder.conf.sample +++ b/ghost.subfolder.conf.sample @@ -1,24 +1,28 @@ -## Version 2021/07/08 +## Version 2023/02/05 +# make sure that your ghost container is named ghost +# make sure that ghost is set to work with the base url /ghost/ # Make sure you are using a subfolder in your ghost config file. https://ghost.org/docs/concepts/config/#url # Note: /ghost/ is by default used for the admin page. See https://ghost.org/docs/concepts/config/#admin-url location /blog { - # enable the next two lines for http auth - #uth_basic "Restricted"; - #auth_basic_user_file /config/nginx/.htpasswd; + # enable the next two lines for http auth + #uth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config - #include /config/nginx/authelia-location.conf; + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app ghost; - set $upstream_port 2368; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app ghost; + set $upstream_port 2368; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; } diff --git a/gitea.subdomain.conf.sample b/gitea.subdomain.conf.sample index e10e581..c51fa5b 100644 --- a/gitea.subdomain.conf.sample +++ b/gitea.subdomain.conf.sample @@ -1,5 +1,7 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for gitea and the following parameters in /data/gitea/conf/app.ini are edited +## Version 2023/02/05 +# make sure that your gitea container is named gitea +# make sure that your dns has a cname set for gitea +# edit the following parameters in /data/gitea/conf/app.ini # [server] # SSH_DOMAIN = gitea.server.com # ROOT_URL = https://gitea.server.com/ @@ -15,24 +17,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gitea; diff --git a/gitea.subfolder.conf.sample b/gitea.subfolder.conf.sample index 7f056d4..14f84a7 100644 --- a/gitea.subfolder.conf.sample +++ b/gitea.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your gitea container is named gitea +# make sure that gitea is set to work with the base url /gitea/ # The following parameters in /data/gitea/conf/app.ini should be edited to match your setup # [server] # SSH_DOMAIN = example.com:2222 diff --git a/glances.subdomain.conf.sample b/glances.subdomain.conf.sample index 21c744e..d0baef0 100644 --- a/glances.subdomain.conf.sample +++ b/glances.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for glances and that your glances container is not using a base url +## Version 2023/02/05 +# make sure that your glances container is named glances +# make sure that your dns has a cname set for glances server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app glances; diff --git a/glances.subfolder.conf.sample b/glances.subfolder.conf.sample index e50127c..b4da5f4 100644 --- a/glances.subfolder.conf.sample +++ b/glances.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your glances container is named glances # glances does not require a base url setting location /glances { @@ -10,13 +11,15 @@ location ^~ /glances/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app glances; diff --git a/gotify.subdomain.conf.sample b/gotify.subdomain.conf.sample index d86e0d1..b0f24a8 100644 --- a/gotify.subdomain.conf.sample +++ b/gotify.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your gotify container is named gotify # make sure that your dns has a cname set for gotify server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gotify; diff --git a/gotify.subfolder.conf.sample b/gotify.subfolder.conf.sample index 453a0c0..aae75b8 100644 --- a/gotify.subfolder.conf.sample +++ b/gotify.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# gotify doesn't require a base url +## Version 2023/02/05 +# make sure that your gotify container is named gotify +# gotify does not require a base url setting location /gotify { return 301 $scheme://$host/gotify/; @@ -10,13 +11,15 @@ location /gotify/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /login; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gotify; diff --git a/grafana.subdomain.conf.sample b/grafana.subdomain.conf.sample index 45a7738..b1346f7 100644 --- a/grafana.subdomain.conf.sample +++ b/grafana.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for grafana and that your grafana container is not using a base url +## Version 2023/02/05 +# make sure that your grafana container is named grafana +# make sure that your dns has a cname set for grafana server { listen 443 ssl; @@ -11,33 +12,38 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app grafana; set $upstream_port 3000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + # Clear Authorization Header if you are using http auth and normal Grafana auth - #proxy_set_header Authorization ""; + #proxy_set_header Authorization ""; } } diff --git a/grafana.subfolder.conf.sample b/grafana.subfolder.conf.sample index 6f0eb4a..7e026af 100644 --- a/grafana.subfolder.conf.sample +++ b/grafana.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your grafana container is named grafana +# make sure that grafana is set to work with the base url /grafana/ # grafana requires environment variables set thus: # environment: # - "GF_SERVER_ROOT_URL=https://my.domain.com/grafana" @@ -9,23 +11,25 @@ location ^~ /grafana/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_grafana grafana; set $upstream_port 3000; set $upstream_proto http; proxy_pass http://$upstream_grafana:$upstream_port ; - + # Clear Authorization Header if you are using http auth and normal Grafana auth #proxy_set_header Authorization ""; - + rewrite ^/grafana/(.*)$ /$1 break; } diff --git a/graylog.subdomain.conf.sample b/graylog.subdomain.conf.sample new file mode 100644 index 0000000..2b1b4f6 --- /dev/null +++ b/graylog.subdomain.conf.sample @@ -0,0 +1,49 @@ +## Version 2023/02/05 +# make sure that your graylog container is named graylog +# make sure that your dns has a cname set for graylog +# Ensure the upstream_port matches your GRAYLOG_HTTP_BIND_ADDRESS port +# This conf assumes GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:9000 + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name graylog.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app graylog; + set $upstream_port 9000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/grocy.subdomain.conf.sample b/grocy.subdomain.conf.sample index 239f10c..736bd9a 100644 --- a/grocy.subdomain.conf.sample +++ b/grocy.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your grocy container is named grocy # make sure that your dns has a cname set for grocy server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app grocy; @@ -37,7 +43,7 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - + location /api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; diff --git a/guacamole.subdomain.conf.sample b/guacamole.subdomain.conf.sample index 658b3ed..bc5a1eb 100644 --- a/guacamole.subdomain.conf.sample +++ b/guacamole.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for guacamole and that your guacamole container is not using a base url +## Version 2023/02/05 +# make sure that your guacamole container is named guacamole +# make sure that your dns has a cname set for guacamole server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app guacamole; diff --git a/guacamole.subfolder.conf.sample b/guacamole.subfolder.conf.sample index 54a5b00..b1355f2 100644 --- a/guacamole.subfolder.conf.sample +++ b/guacamole.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your guacamole container is named guacamole # guacamole does not require a base url setting location /guacamole { @@ -10,13 +11,15 @@ location ^~ /guacamole/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app guacamole; diff --git a/hass-configurator.subdomain.conf.sample b/hass-configurator.subdomain.conf.sample index c8ac300..1575a42 100644 --- a/hass-configurator.subdomain.conf.sample +++ b/hass-configurator.subdomain.conf.sample @@ -1,9 +1,9 @@ -## Version 2021/06/02 -# make sure that your dns has a cname set for hass configurator -# this proxy configuration file is for the hass-configurator-docker container that is used +## Version 2023/02/05 +# make sure that your hass container is named hass +# make sure that your dns has a cname set for hass +# this proxy configuration file is for the hass-configurator-docker container that is used # in the hassos addon store (https://github.com/CausticLab/hass-configurator-docker) - server { listen 443 ssl; listen [::]:443 ssl; @@ -14,26 +14,31 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf + include /config/nginx/resolver.conf; set $upstream_app hass-configurator; set $upstream_port 3218; set $upstream_proto http; diff --git a/headphones.subdomain.conf.sample b/headphones.subdomain.conf.sample index 0d0149b..ddee5b3 100644 --- a/headphones.subdomain.conf.sample +++ b/headphones.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your headphones container is named headphones # make sure that your dns has a cname set for headphones server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app headphones; diff --git a/headphones.subfolder.conf.sample b/headphones.subfolder.conf.sample index c5b8d5f..d1dd198 100644 --- a/headphones.subfolder.conf.sample +++ b/headphones.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your headphones container is named headphones +# make sure that headphones is set to work with the base url /headphones/ # first stop the headphones container and edit the config.ini for headphones and set http_root to /headphones and then start the headphones container location ^~ /headphones { @@ -6,13 +8,15 @@ location ^~ /headphones { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app headphones; diff --git a/healthchecks.subdomain.conf.sample b/healthchecks.subdomain.conf.sample index ae41ea9..10592c3 100644 --- a/healthchecks.subdomain.conf.sample +++ b/healthchecks.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/11/14 -# make sure that your dns has a cname set for <container_name> and that your <container_name> container is not using a base url +## Version 2023/02/05 +# make sure that your healthchecks container is named healthchecks +# make sure that your dns has a cname set for healthchecks # make sure your Healthchecks ALLOWED_HOSTS and SITE_ROOT align with the server_name used in this conf. server { @@ -12,24 +13,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app healthchecks; diff --git a/hedgedoc.subdomain.conf.sample b/hedgedoc.subdomain.conf.sample index 4205670..69bf395 100644 --- a/hedgedoc.subdomain.conf.sample +++ b/hedgedoc.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2021/12/09 +## Version 2023/02/05 # make sure you set the following environment variables in your docker arguments # CMD_DOMAIN=hedgedoc.server.com # CMD_URL_ADDPORT=false @@ -14,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app hedgedoc; diff --git a/heimdall.subdomain.conf.sample b/heimdall.subdomain.conf.sample index f40f1cc..519a7f6 100644 --- a/heimdall.subdomain.conf.sample +++ b/heimdall.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your heimdall container is named heimdall # make sure that your dns has a cname set for heimdall server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app heimdall; diff --git a/heimdall.subfolder.conf.sample b/heimdall.subfolder.conf.sample index 0cd0e48..56e6926 100644 --- a/heimdall.subfolder.conf.sample +++ b/heimdall.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your heimdall container is named heimdall # In order to use this location block you need to edit the default file one folder up and comment out the / location location / { @@ -6,13 +7,15 @@ location / { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app heimdall; diff --git a/homeassistant.subdomain.conf.sample b/homeassistant.subdomain.conf.sample index 6bfe3b3..954ba1c 100644 --- a/homeassistant.subdomain.conf.sample +++ b/homeassistant.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/10/11 -# make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url +## Version 2023/02/05 +# make sure that your homeassistant container is named homeassistant +# make sure that your dns has a cname set for homeassistant # As of homeassistant 2021.7.0, it is now required to define the network range your proxy resides in, this is done in Homeassitants configuration.yaml # https://www.home-assistant.io/integrations/http/#trusted_proxies @@ -20,24 +21,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app homeassistant; diff --git a/homebridge.subdomain.conf.sample b/homebridge.subdomain.conf.sample index f1991ca..2178828 100644 --- a/homebridge.subdomain.conf.sample +++ b/homebridge.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for homebridge and that your homebridge container is not using a base url +## Version 2023/02/05 +# make sure that your homebridge container is named homebridge +# make sure that your dns has a cname set for homebridge server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app homebridge; # change to host IP if using host networking mode @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/homer.subdomain.conf.sample b/homer.subdomain.conf.sample index 40020ea..6dd9082 100644 --- a/homer.subdomain.conf.sample +++ b/homer.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for homer and that your homer container is not using a base url +## Version 2023/02/05 +# make sure that your homer container is named homer +# make sure that your dns has a cname set for homer server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app homer; diff --git a/huginn.subdomain.conf.sample b/huginn.subdomain.conf.sample index bb5b88a..ffba571 100644 --- a/huginn.subdomain.conf.sample +++ b/huginn.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your huginn container is named huginn # make sure that your dns has a cname set for huginn server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app huginn; diff --git a/influxdb.subdomain.conf.sample b/influxdb.subdomain.conf.sample index ddb3926..9285c5f 100644 --- a/influxdb.subdomain.conf.sample +++ b/influxdb.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/06/20 -# make sure that your dns has a cname set for influxdb and that your influxdb container is not using a base url +## Version 2023/02/05 +# make sure that your influxdb container is named influxdb +# make sure that your dns has a cname set for influxdb server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app influxdb; diff --git a/jackett.subdomain.conf.sample b/jackett.subdomain.conf.sample index 58536ec..9c6973d 100644 --- a/jackett.subdomain.conf.sample +++ b/jackett.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for jackett and that your jackett container is not using a base url +## Version 2023/02/05 +# make sure that your jackett container is named jackett +# make sure that your dns has a cname set for jackett server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jackett; diff --git a/jackett.subfolder.conf.sample b/jackett.subfolder.conf.sample index 1a6529e..030b96c 100644 --- a/jackett.subfolder.conf.sample +++ b/jackett.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into jackett settings, set the URL Base to /jackett and restart the jackett container +## Version 2023/02/05 +# make sure that your jackett container is named jackett +# make sure that jackett is set to work with the base url /jackett/ location ^~ /jackett { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jackett; diff --git a/jdownloader.subdomain.conf.sample b/jdownloader.subdomain.conf.sample index 3dddca3..797c791 100644 --- a/jdownloader.subdomain.conf.sample +++ b/jdownloader.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/06/30 -# make sure that your dns has a cname set for jdownloader and that your jdownloader container is not using a base url +## Version 2023/02/05 +# make sure that your jdownloader container is named jdownloader +# make sure that your dns has a cname set for jdownloader server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jdownloader; diff --git a/jellyfin.subdomain.conf.sample b/jellyfin.subdomain.conf.sample index 489f34c..37fa3b0 100644 --- a/jellyfin.subdomain.conf.sample +++ b/jellyfin.subdomain.conf.sample @@ -1,10 +1,10 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your jellyfin container is named jellyfin # make sure that your dns has a cname set for jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;" # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin -# in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is, -# and set the "Secure connection mode" to "Handled by reverse proxy" +# in jellyfin settings, under "Advanced/Networking" add subdomain.mydomain.tld as a known proxy server { listen 443 ssl; diff --git a/jellyfin.subfolder.conf.sample b/jellyfin.subfolder.conf.sample index fbbc5c2..3d55e1a 100644 --- a/jellyfin.subfolder.conf.sample +++ b/jellyfin.subfolder.conf.sample @@ -1,10 +1,9 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for jellyfin +## Version 2023/02/05 +# make sure that your jellyfin container is named jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;" # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin -# in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is, set the base url to "/jellyfin", -# and set the "Secure connection mode" to "Handled by reverse proxy" +# in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is, set the base url to "/jellyfin" location /jellyfin { return 301 $scheme://$host/jellyfin/; diff --git a/jellyseerr.subdomain.conf.sample b/jellyseerr.subdomain.conf.sample index 431be31..20a75f0 100644 --- a/jellyseerr.subdomain.conf.sample +++ b/jellyseerr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/06/25 -# make sure that your dns has a cname set for jellyseerr and that your jellyseerr container is named jellyseerr +## Version 2023/02/05 +# make sure that your jellyseerr container is named jellyseerr +# make sure that your dns has a cname set for jellyseerr server { listen 443 ssl; @@ -10,31 +11,36 @@ server { include /config/nginx/ssl.conf; client_max_body_size 0; - - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; - # enable for Authelia + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; - + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jellyseerr; set $upstream_port 5055; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/jenkins.subfolder.conf.sample b/jenkins.subfolder.conf.sample index b26f4f4..ac6e7e2 100644 --- a/jenkins.subfolder.conf.sample +++ b/jenkins.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your jenkins container is named jenkins +# make sure that jenkins is set to work with the base url /jenkins/ # First either add '--prefix=/jenkins' or '-e JENKINS_OPTS="--prefix=/jenkins"' to your docker run command, and restart the Jenkins container. # Also be sure to add '/jenkins/' to your URL under: Jenkins > Configuration > Manage Jenkins > Jenkins URL @@ -11,13 +13,15 @@ location ^~ /jenkins/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jenkins; diff --git a/kanzi.subdomain.conf.sample b/kanzi.subdomain.conf.sample index 282ebc8..0a9ad93 100644 --- a/kanzi.subdomain.conf.sample +++ b/kanzi.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your kanzi container is named kanzi # make sure that your dns has a cname set for kanzi server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app kanzi; diff --git a/kanzi.subfolder.conf.sample b/kanzi.subfolder.conf.sample index f8ab1d0..5ec965d 100644 --- a/kanzi.subfolder.conf.sample +++ b/kanzi.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# kanzi does not have a base url setting +## Version 2023/02/05 +# make sure that your kanzi container is named kanzi +# kanzi does not require a base url setting location /kanzi { return 301 $scheme://$host/kanzi/; @@ -10,13 +11,15 @@ location ^~ /kanzi/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app kanzi; diff --git a/kavita.subdomain.conf.sample b/kavita.subdomain.conf.sample new file mode 100644 index 0000000..207b82d --- /dev/null +++ b/kavita.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2023/02/05 +# make sure that your kavita container is named kavita +# make sure that your dns has a cname set for kavita + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name kavita.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app kavita; + set $upstream_port 5000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/komga.subdomain.conf.sample b/komga.subdomain.conf.sample index a47cdd9..418fd0e 100644 --- a/komga.subdomain.conf.sample +++ b/komga.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for komga and that your komga container is not using a base url +## Version 2023/02/05 +# make sure that your komga container is named komga +# make sure that your dns has a cname set for komga server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; diff --git a/komga.subfolder.conf.sample b/komga.subfolder.conf.sample index b089798..7e6c780 100644 --- a/komga.subfolder.conf.sample +++ b/komga.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/06/06 +## Version 2023/02/05 +# make sure that your komga container is named komga +# make sure that komga is set to work with the base url /komga/ # First make sure your Container has set an Baseurl set via docker-compose File "envirnoment: SERVER_SERVLET_CONTEXT_PATH=/komga" and recreate the container. location /komga { @@ -10,13 +12,15 @@ location ^~ /komga/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; diff --git a/lazylibrarian.subdomain.conf.sample b/lazylibrarian.subdomain.conf.sample index 172aa9e..342af83 100644 --- a/lazylibrarian.subdomain.conf.sample +++ b/lazylibrarian.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your lazylibrarian container is named lazylibrarian # make sure that your dns has a cname set for lazylibrarian server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lazylibrarian; diff --git a/lazylibrarian.subfolder.conf.sample b/lazylibrarian.subfolder.conf.sample index c3a8d97..2ba4c21 100644 --- a/lazylibrarian.subfolder.conf.sample +++ b/lazylibrarian.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into lazylibrarian settings, under "Interface" set the URL Base to /lazylibrarian and restart the lazylibrarian container +## Version 2023/02/05 +# make sure that your lazylibrarian container is named lazylibrarian +# make sure that lazylibrarian is set to work with the base url /lazylibrarian/ location ^~ /lazylibrarian { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lazylibrarian; diff --git a/librespeed.subdomain.conf.sample b/librespeed.subdomain.conf.sample index 9a925b5..8328444 100644 --- a/librespeed.subdomain.conf.sample +++ b/librespeed.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your librespeed container is named librespeed # make sure that your dns has a cname set for librespeed server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app librespeed; diff --git a/lidarr.subdomain.conf.sample b/lidarr.subdomain.conf.sample index 3584793..ccdfe36 100644 --- a/lidarr.subdomain.conf.sample +++ b/lidarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for lidarr and that your lidarr container is not using a base url +## Version 2023/02/05 +# make sure that your lidarr container is named lidarr +# make sure that your dns has a cname set for lidarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lidarr; diff --git a/lidarr.subfolder.conf.sample b/lidarr.subfolder.conf.sample index e8c3c6f..dac4f28 100644 --- a/lidarr.subfolder.conf.sample +++ b/lidarr.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into lidarr settings, under "General" set the URL Base to /lidarr and restart the lidarr container +## Version 2023/02/05 +# make sure that your lidarr container is named lidarr +# make sure that lidarr is set to work with the base url /lidarr/ location ^~ /lidarr { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lidarr; diff --git a/lldap.subdomain.conf.sample b/lldap.subdomain.conf.sample new file mode 100644 index 0000000..684ee77 --- /dev/null +++ b/lldap.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2023/02/05 +# make sure that your lldap container is named lldap +# make sure that your dns has a cname set for lldap + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name lldap.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app lldap; + set $upstream_port 17170; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/lychee.subdomain.conf.sample b/lychee.subdomain.conf.sample index 8a7abe1..80d3260 100644 --- a/lychee.subdomain.conf.sample +++ b/lychee.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your lychee container is named lychee # make sure that your dns has a cname set for lychee server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lychee; diff --git a/lychee.subfolder.conf.sample b/lychee.subfolder.conf.sample index b870753..4b8f6ad 100644 --- a/lychee.subfolder.conf.sample +++ b/lychee.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/10/29 +## Version 2023/02/05 +# make sure that your lychee container is named lychee # lychee does not require a base url setting location /lychee { @@ -10,13 +11,15 @@ location /lychee/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lychee; diff --git a/mailu.subdomain.conf.sample b/mailu.subdomain.conf.sample index 100d348..c9af6fd 100644 --- a/mailu.subdomain.conf.sample +++ b/mailu.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for mailu and that your mailu front container is named front +## Version 2023/02/05 +# make sure that your mailu container is named front +# make sure that your dns has a cname set for mailu server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app front; diff --git a/mailu.subfolder.conf.sample b/mailu.subfolder.conf.sample index a282881..d6c7481 100644 --- a/mailu.subfolder.conf.sample +++ b/mailu.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# mailu does not require a base url setting, but the container needs to be named front +## Version 2023/02/05 +# make sure that your mailu container is named mailu +# mailu does not require a base url setting # This config have been tested with "TLS_FLAVOR=mail" # To avoid errors you must change in docker-compose ports: 80 and 443, more info: https://mailu.io/1.7/reverse.html @@ -13,13 +14,15 @@ location ^~ /admin/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app front; @@ -38,13 +41,15 @@ location ^~ /webmail/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app front; diff --git a/mastodon.subdomain.conf.sample b/mastodon.subdomain.conf.sample new file mode 100644 index 0000000..b816d1d --- /dev/null +++ b/mastodon.subdomain.conf.sample @@ -0,0 +1,50 @@ +## Version 2023/02/05 +# make sure that your mastodon container is named mastodon +# make sure that your dns has a cname set for mastodon +# make sure you set `WEB_DOMAIN=mastodon.example.com` env var for the mastodon container +# if you set `LOCAL_DOMAIN=example.com` (without the mastodon subdomain), then don't forget to add +# the location block for redirecting `/.well-known/webfinger` into your main server block for the WEB_DOMAIN +# See the upstream docs for more info: https://docs.joinmastodon.org/admin/config/#basic + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name mastodon.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app mastodon; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/matomo.subdomain.conf.sample b/matomo.subdomain.conf.sample index a88d89e..772111b 100644 --- a/matomo.subdomain.conf.sample +++ b/matomo.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for matomo and that your matomo container is not using a base url +## Version 2023/02/05 +# make sure that your matomo container is named matomo +# make sure that your dns has a cname set for matomo server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app matomo; @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/mattermost.subdomain.conf.sample b/mattermost.subdomain.conf.sample new file mode 100644 index 0000000..a5b41af --- /dev/null +++ b/mattermost.subdomain.conf.sample @@ -0,0 +1,45 @@ +## Version 2023/02/05 +# Make sure that your DNS has a CNAME record for "mattermost" and your Mattermost container is using the same subdomain +# To learn how to deploy Mattermost via Docker, visit https://docs.mattermost.com/install/install-docker.html + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name mattermost.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app mattermost; + set $upstream_port 8065; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } +} diff --git a/mealie.subdomain.conf.sample b/mealie.subdomain.conf.sample index ba8b6e2..dda960b 100644 --- a/mealie.subdomain.conf.sample +++ b/mealie.subdomain.conf.sample @@ -1,5 +1,5 @@ -## Version 2021/05/21 -# Ensure your DNS has a CNAME set for mealie and that mealie container is not using a base URL. +## Version 2023/02/05 +# Ensure your DNS has a CNAME set for mealie and that mealie container is named. server { listen 443 ssl; @@ -11,7 +11,28 @@ server { client_max_body_size 0; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; @@ -21,6 +42,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - - } diff --git a/medusa.subdomain.conf.sample b/medusa.subdomain.conf.sample index 8eb4600..5617b1c 100644 --- a/medusa.subdomain.conf.sample +++ b/medusa.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your medusa container is named medusa # make sure that your dns has a cname set for medusa server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app medusa; diff --git a/medusa.subfolder.conf.sample b/medusa.subfolder.conf.sample index 15fbcef..2e8ed83 100644 --- a/medusa.subfolder.conf.sample +++ b/medusa.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into medusa settings, under "Interface" set the URL Base to /medusa and restart the medusa container +## Version 2023/02/05 +# make sure that your medusa container is named medusa +# make sure that medusa is set to work with the base url /medusa/ location ^~ /medusa { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app medusa; diff --git a/metube.subdomain.conf.sample b/metube.subdomain.conf.sample index e29def8..88783b1 100644 --- a/metube.subdomain.conf.sample +++ b/metube.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your metube container is named metube # make sure that your dns has a cname set for metube server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app metube; @@ -37,4 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } -} \ No newline at end of file +} diff --git a/metube.subfolder.conf.sample b/metube.subfolder.conf.sample index 1e25570..bb10a01 100644 --- a/metube.subfolder.conf.sample +++ b/metube.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your metube container is named metube +# make sure that metube is set to work with the base url /metube/ # set the URL_PREFIX environment variable for the metube container to "/metube" location /metube { @@ -6,13 +8,15 @@ location /metube { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app metube; diff --git a/miniflux.subdomain.conf.sample b/miniflux.subdomain.conf.sample index 21402f5..66197b6 100644 --- a/miniflux.subdomain.conf.sample +++ b/miniflux.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your miniflux container is named miniflux # make sure that your dns has a cname set for miniflux server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app miniflux; diff --git a/miniflux.subfolder.conf.sample b/miniflux.subfolder.conf.sample index dcdd519..9fce1d9 100644 --- a/miniflux.subfolder.conf.sample +++ b/miniflux.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your miniflux container is named miniflux +# make sure that miniflux is set to work with the base url /miniflux/ # set the environment variable "BASE_URL" to "https://yourdomain.url/miniflux/", or follow this guide to create a config file for Miniflux: https://miniflux.app/docs/configuration.html location /miniflux { @@ -10,13 +12,15 @@ location /miniflux/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app miniflux; diff --git a/monica.subdomain.conf.sample b/monica.subdomain.conf.sample index 46d6044..70e1878 100644 --- a/monica.subdomain.conf.sample +++ b/monica.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/04/27 +## Version 2023/02/05 +# make sure that your monica. container is named monica. # make sure that your dns has a cname set for monica. server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monica; diff --git a/monica.subfolder.conf.sample b/monica.subfolder.conf.sample index 53ebc5e..2e7c84d 100644 --- a/monica.subfolder.conf.sample +++ b/monica.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your monica container is named monica +# make sure that monica is set to work with the base url /monica/ # Set the monica Docker container's APP_URL to a fully-qualified domain that ends with /monica/ and restart the container. # Example: https://yourhost.cc/monica/ @@ -11,13 +13,15 @@ location ^~ /monica/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monica; diff --git a/monitorr.subdomain.conf.sample b/monitorr.subdomain.conf.sample index e3f4098..219c461 100644 --- a/monitorr.subdomain.conf.sample +++ b/monitorr.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your monitorr container is named monitorr # make sure that your dns has a cname set for monitorr server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monitorr; diff --git a/monitorr.subfolder.conf.sample b/monitorr.subfolder.conf.sample index 322f9b3..a084431 100644 --- a/monitorr.subfolder.conf.sample +++ b/monitorr.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your monitorr container is named monitorr # monitorr does not require a base url setting location /monitorr { @@ -10,13 +11,15 @@ location ^~ /monitorr/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monitorr; diff --git a/mstream.subdomain.conf.sample b/mstream.subdomain.conf.sample index 3959f1a..f95471e 100644 --- a/mstream.subdomain.conf.sample +++ b/mstream.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for mstream and your container name is mstream and running using http (default) +## Version 2023/02/05 +# make sure that your mstream container is named mstream +# make sure that your dns has a cname set for mstream server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mstream; diff --git a/mylar.subdomain.conf.sample b/mylar.subdomain.conf.sample index 2d590a0..4d92731 100644 --- a/mylar.subdomain.conf.sample +++ b/mylar.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your mylar container is named mylar # make sure that your dns has a cname set for mylar server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mylar; diff --git a/mylar.subfolder.conf.sample b/mylar.subfolder.conf.sample index ef61020..fe869d6 100644 --- a/mylar.subfolder.conf.sample +++ b/mylar.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your mylar container is named mylar +# make sure that mylar is set to work with the base url /mylar/ # first stop the mylar container and edit the config.ini for mylar and set http_root to /mylar and then start the mylar container location ^~ /mylar { @@ -6,13 +8,15 @@ location ^~ /mylar { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mylar; diff --git a/mytinytodo.subfolder.conf.sample b/mytinytodo.subfolder.conf.sample index eafdadb..d50b856 100644 --- a/mytinytodo.subfolder.conf.sample +++ b/mytinytodo.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your mytinytodo container is named mytinytodo +# make sure that mytinytodo is set to work with the base url /todo/ # works with https://github.com/breakall/mytinytodo-docker # set the mtt_url to 'https://your.domain.com/todo/' in db/config.php @@ -12,13 +14,15 @@ location ^~ /todo/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mytinytodo; diff --git a/n8n.subdomain.conf.sample b/n8n.subdomain.conf.sample index e7ff2e7..73bf79e 100644 --- a/n8n.subdomain.conf.sample +++ b/n8n.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for n8n and that your n8n container is not using a base url +## Version 2023/02/05 +# make sure that your n8n container is named n8n +# make sure that your dns has a cname set for n8n # add `server.use-forward-headers=true` to `/config/application.properties` to ensure logs contain real source IP server { @@ -12,24 +13,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app n8n; diff --git a/navidrome.subdomain.conf.sample b/navidrome.subdomain.conf.sample index 761213f..043070f 100644 --- a/navidrome.subdomain.conf.sample +++ b/navidrome.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for navidrome and that your navidrome container is not using a base url +## Version 2023/02/05 +# make sure that your navidrome container is named navidrome +# make sure that your dns has a cname set for navidrome server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app navidrome; diff --git a/netboot.subdomain.conf.sample b/netboot.subdomain.conf.sample index 8323aef..3f2601b 100644 --- a/netboot.subdomain.conf.sample +++ b/netboot.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your netboot container is named netboot # make sure that your dns has a cname set for netboot server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app netboot; diff --git a/netdata.subdomain.conf.sample b/netdata.subdomain.conf.sample index 02bbb3e..cd4bc56 100644 --- a/netdata.subdomain.conf.sample +++ b/netdata.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your netdata container is named netdata # make sure that your dns has a cname set for netdata server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app netdata; diff --git a/netdata.subfolder.conf.sample b/netdata.subfolder.conf.sample index 9cb78bd..5cb7861 100644 --- a/netdata.subfolder.conf.sample +++ b/netdata.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your netdata container is named netdata # netdata does not require a base url setting location /netdata { @@ -10,13 +11,15 @@ location ^~ /netdata/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app netdata; diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample index c1c846a..e63d077 100644 --- a/nextcloud.subdomain.conf.sample +++ b/nextcloud.subdomain.conf.sample @@ -1,16 +1,17 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your nextcloud container is named nextcloud # make sure that your dns has a cname set for nextcloud # assuming this container is called "swag", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['swag'], -# 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', -# 'overwritehost' => 'nextcloud.your-domain.com', +# 'overwrite.cli.url' => 'https://nextcloud.example.com/', +# 'overwritehost' => 'nextcloud.example.com', # 'overwriteprotocol' => 'https', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. -# 1 => 'nextcloud.your-domain.com', +# 1 => 'nextcloud.example.com', # ), server { @@ -31,6 +32,7 @@ server { set $upstream_proto https; proxy_pass $upstream_proto://$upstream_app:$upstream_port; + proxy_hide_header X-Frame-Options; proxy_max_temp_file_size 2048m; } } diff --git a/nextcloud.subfolder.conf.sample b/nextcloud.subfolder.conf.sample index 717adf5..62fa801 100644 --- a/nextcloud.subfolder.conf.sample +++ b/nextcloud.subfolder.conf.sample @@ -1,27 +1,29 @@ -## Version 2021/07/14 +## Version 2023/02/05 +# make sure that your nextcloud container is named nextcloud +# make sure that nextcloud is set to work with the base url /nextcloud/ # Assuming this container is called "swag", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['swag'], # 'overwritewebroot' => '/nextcloud', -# 'overwrite.cli.url' => 'https://your-domain.com/nextcloud', +# 'overwrite.cli.url' => 'https://example.com/nextcloud', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. -# 1 => 'your-domain.com', +# 1 => 'example.com', # ), location ^~ /.well-known { - # The rules in this block are an adaptation of the rules - # in the Nextcloud `.htaccess` that concern `/.well-known`. + # The rules in this block are an adaptation of the rules + # in the Nextcloud `.htaccess` that concern `/.well-known`. - location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; } - location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; } + location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; } + location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; } - # Let Nextcloud's API for `/.well-known` URIs handle all other - # requests by passing them to the front-end controller. - return 301 /nextcloud/index.php$request_uri; - } + # Let Nextcloud's API for `/.well-known` URIs handle all other + # requests by passing them to the front-end controller. + return 301 /nextcloud/index.php$request_uri; +} location ^~ /nextcloud/ { include /config/nginx/proxy.conf; @@ -32,6 +34,7 @@ location ^~ /nextcloud/ { proxy_pass $upstream_proto://$upstream_app:$upstream_port; rewrite /nextcloud(.*) $1 break; + proxy_hide_header X-Frame-Options; proxy_max_temp_file_size 2048m; proxy_set_header Range $http_range; proxy_set_header If-Range $http_if_range; diff --git a/ntfy.subdomain.conf.sample b/ntfy.subdomain.conf.sample new file mode 100644 index 0000000..a8c425a --- /dev/null +++ b/ntfy.subdomain.conf.sample @@ -0,0 +1,47 @@ +## Version 2023/02/05 +# make sure that your ntfy container is named ntfy +# make sure that your dns has a cname set for ntfy + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name ntfy.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app ntfy; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/nzbget.subdomain.conf.sample b/nzbget.subdomain.conf.sample index 9a5ebc4..578e25d 100644 --- a/nzbget.subdomain.conf.sample +++ b/nzbget.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your nzbget container is named nzbget # make sure that your dns has a cname set for nzbget server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbget; diff --git a/nzbget.subfolder.conf.sample b/nzbget.subfolder.conf.sample index fc2e138..2daf488 100644 --- a/nzbget.subfolder.conf.sample +++ b/nzbget.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your nzbget container is named nzbget +# make sure that nzbget is set to work with the base url /nzbget/ # nzbget does not require a base url setting location /nzbget { @@ -6,13 +8,15 @@ location /nzbget { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbget; diff --git a/nzbhydra.subdomain.conf.sample b/nzbhydra.subdomain.conf.sample index 4041f64..aee62eb 100644 --- a/nzbhydra.subdomain.conf.sample +++ b/nzbhydra.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for nzbhydra and that your nzbhydra container is not using a base url +## Version 2023/02/05 +# make sure that your nzbhydra container is named nzbhydra2 +# make sure that your dns has a cname set for nzbhydra server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbhydra2; diff --git a/nzbhydra.subfolder.conf.sample b/nzbhydra.subfolder.conf.sample index c8d099d..22a721d 100644 --- a/nzbhydra.subfolder.conf.sample +++ b/nzbhydra.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your nzbhydra container is named nzbhydra2 +# make sure that nzbhydra is set to work with the base url /nzbhydra/ # first go into nzbhydra settings, set the URL Base to /nzbhydra, then disable CSRF protection on the same page and restart the nzbhydra container location ^~ /nzbhydra { @@ -6,13 +8,15 @@ location ^~ /nzbhydra { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbhydra2; diff --git a/octoprint.subdomain.conf.sample b/octoprint.subdomain.conf.sample index a8af85e..5da4321 100644 --- a/octoprint.subdomain.conf.sample +++ b/octoprint.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/09/05 -# make sure that your dns has a cname set for octoprint and that your octoprint container is not using a base url +## Version 2023/02/05 +# make sure that your octoprint container is named octoprint +# make sure that your dns has a cname set for octoprint server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app octoprint; @@ -38,5 +44,4 @@ server { proxy_set_header X-Scheme https; } - } diff --git a/ombi.subdomain.conf.sample b/ombi.subdomain.conf.sample index 5f85615..ce90802 100644 --- a/ombi.subdomain.conf.sample +++ b/ombi.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for ombi and that your ombi container is not using a base url +## Version 2023/02/05 +# make sure that your ombi container is named ombi +# make sure that your dns has a cname set for ombi server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ombi; diff --git a/ombi.subfolder.conf.sample b/ombi.subfolder.conf.sample index fa6ad9f..a72188a 100644 --- a/ombi.subfolder.conf.sample +++ b/ombi.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your ombi container is named ombi +# make sure that ombi is set to work with the base url /ombi/ # first go into ombi settings, under the menu "Ombi" set the base url to /ombi and restart the ombi container location /ombi { @@ -10,13 +12,15 @@ location ^~ /ombi/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ombi; diff --git a/openhab.subdomain.conf.sample b/openhab.subdomain.conf.sample index 0841701..39d98c4 100644 --- a/openhab.subdomain.conf.sample +++ b/openhab.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for openhab and that your openhab container is named openhab +## Version 2023/02/05 +# make sure that your openhab container is named openhab +# make sure that your dns has a cname set for openhab server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /login; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openhab; diff --git a/openvpn-as.subdomain.conf.sample b/openvpn-as.subdomain.conf.sample index c6478cf..41bd06e 100644 --- a/openvpn-as.subdomain.conf.sample +++ b/openvpn-as.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for openvpn-as and that your openvpn-as container is not using a base url +## Version 2023/02/05 +# make sure that your openvpn-as container is named openvpn-as +# make sure that your dns has a cname set for openvpn-as server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvpn-as; @@ -43,13 +49,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvpn-as; diff --git a/openvscode-server.subdomain.conf.sample b/openvscode-server.subdomain.conf.sample index bd6c02f..f7b5b0c 100644 --- a/openvscode-server.subdomain.conf.sample +++ b/openvscode-server.subdomain.conf.sample @@ -1,5 +1,9 @@ -## Version 2021/11/29 +## Version 2023/02/05 +# make sure that your openvscode-server container is named openvscode-server # make sure that your dns has a cname set for openvscode-server +# This conf allows accessing internal ports at `PORT` (http) or `PORTs` (https) as subdomain +# Access http port 8080 at `https://8080.openvscode-server.domain.url` +# Access https port 8080 at `https://8080s.openvscode-server.domain.url` server { listen 443 ssl; @@ -11,24 +15,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvscode-server; @@ -49,24 +58,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvscode-server; @@ -75,3 +89,45 @@ server { } } + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name "~^(?<upstream_port>[0-9]{1,10})s\.openvscode-server\..*$"; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app openvscode-server; + set $upstream_proto https; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/organizr-auth.subfolder.conf.sample b/organizr-auth.subfolder.conf.sample index 9d46e6a..cb55d38 100644 --- a/organizr-auth.subfolder.conf.sample +++ b/organizr-auth.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/10/05 +## Version 2023/02/05 +# make sure that your organizr container is named organizr # To use config this with subfolder proxies: # Rename this file to organizr-auth.subfolder.conf # Add one of the auth_request lines from the comments below diff --git a/organizr.subdomain.conf.sample b/organizr.subdomain.conf.sample index a9e95cc..82cb48b 100644 --- a/organizr.subdomain.conf.sample +++ b/organizr.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your organizr container is named organizr # make sure that your dns has a cname set for organizr server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app organizr; diff --git a/organizr.subfolder.conf.sample b/organizr.subfolder.conf.sample index 9a384b5..aed65c3 100644 --- a/organizr.subfolder.conf.sample +++ b/organizr.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your organizr container is named organizr # In order to use this location block you need to edit the default file one folder up and comment out the / and ~ \.php$ locations location / { @@ -6,13 +7,15 @@ location / { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app organizr; diff --git a/osticket.subdomain.conf.sample b/osticket.subdomain.conf.sample index 3d8dfd5..6375436 100644 --- a/osticket.subdomain.conf.sample +++ b/osticket.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for osticket and that your osticket container is named osticket. +## Version 2023/02/05 +# make sure that your osticket container is named osticket +# make sure that your dns has a cname set for osticket server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app osticket; diff --git a/overseerr.subdomain.conf.sample b/overseerr.subdomain.conf.sample index 7d4cb04..973a66e 100644 --- a/overseerr.subdomain.conf.sample +++ b/overseerr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Ensure your DNS has a CNAME set for Overseerr and that Overseerr container is not using a base URL. +## Version 2023/02/05 +# make sure that your overseerr container is named overseerr +# make sure that your dns has a cname set for overseerr server { listen 443 ssl; @@ -11,7 +12,28 @@ server { client_max_body_size 0; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; @@ -21,6 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - - } diff --git a/papermerge.subdomain.conf.sample b/papermerge.subdomain.conf.sample index e407685..6aff9fe 100644 --- a/papermerge.subdomain.conf.sample +++ b/papermerge.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/06/01 +## Version 2023/02/05 +# make sure that your papermerge container is named papermerge # make sure that your dns has a cname set for papermerge server { @@ -11,30 +12,35 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app papermerge; set $upstream_port 8000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/petio.subdomain.conf.sample b/petio.subdomain.conf.sample index d5a9108..e317e5f 100644 --- a/petio.subdomain.conf.sample +++ b/petio.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/07/01 -# make sure that your dns has a cname set for petio and that your petio container is not using a base url +## Version 2023/02/05 +# make sure that your petio container is named petio +# make sure that your dns has a cname set for petio server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app petio; diff --git a/petio.subfolder.conf.sample b/petio.subfolder.conf.sample index 9524ab3..ec382dc 100644 --- a/petio.subfolder.conf.sample +++ b/petio.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/04/23 -# first go into petio settings, under "Base path" set the URL Base to /petio and restart the petio container +## Version 2023/02/05 +# make sure that your petio container is named petio +# make sure that petio is set to work with the base url /petio/ location /petio { return 301 $scheme://$host/petio/; @@ -10,13 +11,15 @@ location ^~ /petio/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app petio; diff --git a/pgadmin.subdomain.conf.sample b/pgadmin.subdomain.conf.sample index 75510b9..e24807e 100644 --- a/pgadmin.subdomain.conf.sample +++ b/pgadmin.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/04/18 -# make sure that your dns has a cname set for pgadmin and that your pgadmin container is not using a base url +## Version 2023/02/05 +# make sure that your pgadmin container is named pgadmin +# make sure that your dns has a cname set for pgadmin server { listen 443 ssl; @@ -11,28 +12,37 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + #enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; - # enable for Authelia - #include /config/nginx/authelia-location.conf; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app pgadmin; - set $upstream_port 80; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; - # Uncomment to allow loading in an iframe (i.e. Organizr) - #proxy_hide_header X-Frame-Options; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pgadmin; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + # Uncomment to allow loading in an iframe (i.e. Organizr) + #proxy_hide_header X-Frame-Options; } } diff --git a/photoprism.subdomain.conf.sample b/photoprism.subdomain.conf.sample index 90776b8..a0dbf5a 100644 --- a/photoprism.subdomain.conf.sample +++ b/photoprism.subdomain.conf.sample @@ -1,5 +1,5 @@ -## Version 2021/05/18 -# Ensure your DNS has a CNAME set for Photoprism and that Photoprism container is not using a base URL. +## Version 2023/02/05 +# Ensure your DNS has a CNAME set for Photoprism and that Photoprism container is named. server { listen 443 ssl; @@ -11,24 +11,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app photoprism; @@ -37,6 +42,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - - } diff --git a/phpmyadmin.subdomain.conf.sample b/phpmyadmin.subdomain.conf.sample index 02a9795..d1d00d2 100644 --- a/phpmyadmin.subdomain.conf.sample +++ b/phpmyadmin.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for phpmyadmin and that your phpmyadmin container is not using a base url +## Version 2023/02/05 +# make sure that your phpmyadmin container is named phpmyadmin +# make sure that your dns has a cname set for phpmyadmin server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app phpmyadmin; diff --git a/phpmyadmin.subfolder.conf.sample b/phpmyadmin.subfolder.conf.sample index 141b397..046528f 100644 --- a/phpmyadmin.subfolder.conf.sample +++ b/phpmyadmin.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your phpmyadmin container is named phpmyadmin # phpmyadmin does not require a base url setting location /phpmyadmin { @@ -10,13 +11,15 @@ location ^~ /phpmyadmin/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app phpmyadmin; diff --git a/picard.subfolder.conf.sample b/picard.subfolder.conf.sample index 753cf18..ca81971 100644 --- a/picard.subfolder.conf.sample +++ b/picard.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your picard container is named picard # picard does not require a base url setting location /picard { @@ -10,13 +11,15 @@ location ^~ /picard/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app picard; diff --git a/pihole.subdomain.conf.sample b/pihole.subdomain.conf.sample index f112298..6c4e2df 100644 --- a/pihole.subdomain.conf.sample +++ b/pihole.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for pihole and that your pihole container is not using a base url +## Version 2023/02/05 +# make sure that your pihole container is named pihole +# make sure that your dns has a cname set for pihole server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; @@ -44,13 +50,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; diff --git a/pihole.subfolder.conf.sample b/pihole.subfolder.conf.sample index ad4ca49..dbc330e 100644 --- a/pihole.subfolder.conf.sample +++ b/pihole.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your pihole container is named pihole # pihole does not require a base url setting location /pihole { @@ -10,13 +11,15 @@ location ^~ /pihole/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; @@ -37,13 +40,15 @@ location ^~ /pihole/admin/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; diff --git a/pinry.subdomain.conf.sample b/pinry.subdomain.conf.sample index 8574c07..8c04401 100644 --- a/pinry.subdomain.conf.sample +++ b/pinry.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/06/25 -# make sure that your dns has a cname set for pinry and that your pinry container is named pinry +## Version 2023/02/05 +# make sure that your pinry container is named pinry +# make sure that your dns has a cname set for pinry server { listen 443 ssl; @@ -11,30 +12,35 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pinry; set $upstream_port 80; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/piwigo.subdomain.conf.sample b/piwigo.subdomain.conf.sample index e9100d6..606e73b 100644 --- a/piwigo.subdomain.conf.sample +++ b/piwigo.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your piwigo container is named piwigo # make sure that your dns has a cname set for piwigo server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app piwigo; diff --git a/pixelfed.subdomain.conf.sample b/pixelfed.subdomain.conf.sample index 6d75ce1..46f71dc 100644 --- a/pixelfed.subdomain.conf.sample +++ b/pixelfed.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for pixelfed and the container is named pixelfed +## Version 2023/02/05 +# make sure that your pixelfed container is named pixelfed +# make sure that your dns has a cname set for pixelfed server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pixelfed; diff --git a/plex.subdomain.conf.sample b/plex.subdomain.conf.sample index b9ea48d..1a99c6e 100644 --- a/plex.subdomain.conf.sample +++ b/plex.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your plex container is named plex # make sure that your dns has a cname set for plex # if plex is running in bridge mode and the container is named "plex", the below config should work as is # if not, replace the line "set $upstream_app plex;" with "set $upstream_app <containername>;" @@ -17,23 +18,28 @@ server { proxy_redirect off; proxy_buffering off; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/plex.subfolder.conf.sample b/plex.subfolder.conf.sample index 667ee65..d1e2ef1 100644 --- a/plex.subfolder.conf.sample +++ b/plex.subfolder.conf.sample @@ -1,7 +1,8 @@ -## Version 2021/05/18 +## Version 2023/02/05 #******** This config no longer works as intended. The web app loads, but no direct connection to server is made. ********* #******** PRs welcome for anyone who figures out how to fix it. Use the subdomain config in the meantime. ******* +# make sure that your plex container is named plex # if plex is running in bridge mode and the container is named "plex", the below config should work as is # if not, replace the line "set $upstream_app plex;" with "set $upstream_app <containername>;" # or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of plex @@ -16,13 +17,15 @@ location ^~ /plex/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/plexwebtools.subdomain.conf.sample b/plexwebtools.subdomain.conf.sample index 7cdc534..4218d41 100644 --- a/plexwebtools.subdomain.conf.sample +++ b/plexwebtools.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for plexwebtools and that your plexwebtools container is not using a base url +## Version 2023/02/05 +# make sure that your plex container is named plex +# make sure that your dns has a cname set for plexwebtools server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/plexwebtools.subfolder.conf.sample b/plexwebtools.subfolder.conf.sample index 8f671e6..6175209 100644 --- a/plexwebtools.subfolder.conf.sample +++ b/plexwebtools.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# first go into plexwebtools settings, set the URL Base to /plexwebtools and restart the plex container +## Version 2023/02/05 +# make sure that your plex container is named plex +# make sure that plexwebtools is set to work with the base url /plexwebtools/ location /plexwebtools { return 301 $scheme://$host/plexwebtools/; @@ -10,13 +11,15 @@ location ^~ /plexwebtools/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/podgrab.subdomain.conf.sample b/podgrab.subdomain.conf.sample index 67a7b14..1878734 100644 --- a/podgrab.subdomain.conf.sample +++ b/podgrab.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for podgrab and that your podgrab container is not using a base url +## Version 2023/02/05 +# make sure that your podgrab container is named podgrab +# make sure that your dns has a cname set for podgrab server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app podgrab; @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/portainer.subdomain.conf.sample b/portainer.subdomain.conf.sample index ad6642e..68d4a58 100644 --- a/portainer.subdomain.conf.sample +++ b/portainer.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your portainer container is named portainer # make sure that your dns has a cname set for portainer server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app portainer; @@ -44,13 +50,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app portainer; diff --git a/portainer.subfolder.conf.sample b/portainer.subfolder.conf.sample index 120e54b..f06e6cc 100644 --- a/portainer.subfolder.conf.sample +++ b/portainer.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your portainer container is named portainer # portainer does not require a base url setting location /portainer { @@ -10,13 +11,15 @@ location ^~ /portainer/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app portainer; diff --git a/privatebin.subdomain.conf.sample b/privatebin.subdomain.conf.sample index 0a7256d..d68ba0d 100644 --- a/privatebin.subdomain.conf.sample +++ b/privatebin.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your privatebin container is named privatebin # make sure that your dns has a cname set for privatebin server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app privatebin; diff --git a/prometheus.subdomain.conf.sample b/prometheus.subdomain.conf.sample index 68effb2..11b7d28 100644 --- a/prometheus.subdomain.conf.sample +++ b/prometheus.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for prometheus and that your prometheus container is not using a base url +## Version 2023/02/05 +# make sure that your prometheus container is named prometheus +# make sure that your dns has a cname set for prometheus server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app prometheus; diff --git a/prowlarr.subdomain.conf.sample b/prowlarr.subdomain.conf.sample index 8dc34ab..22afae3 100644 --- a/prowlarr.subdomain.conf.sample +++ b/prowlarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/28 -# make sure that your dns has a cname set for prowlarr and that your prowlarr container is not using a base url +## Version 2023/02/05 +# make sure that your prowlarr container is named prowlarr +# make sure that your dns has a cname set for prowlarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app prowlarr; @@ -45,5 +51,4 @@ server { set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/prowlarr.subfolder.conf.sample b/prowlarr.subfolder.conf.sample index 75021e7..b67d44e 100644 --- a/prowlarr.subfolder.conf.sample +++ b/prowlarr.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/28 -# first go into prowlarr settings, under "General" set the URL Base to /prowlarr and restart the prowlarr container +## Version 2023/02/05 +# make sure that your prowlarr container is named prowlarr +# make sure that prowlarr is set to work with the base url /prowlarr/ location /prowlarr { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app prowlarr; diff --git a/pwndrop.subdomain.conf.sample b/pwndrop.subdomain.conf.sample new file mode 100644 index 0000000..e7d591c --- /dev/null +++ b/pwndrop.subdomain.conf.sample @@ -0,0 +1,46 @@ +## Version 2023/02/05 +# make sure that your pwndrop container is named pwndrop +# make sure that your dns has a cname set for pwndrop + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name pwndrop.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pwndrop; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/pydio-cells.subdomain.conf.sample b/pydio-cells.subdomain.conf.sample index 3ba3de0..7414da5 100644 --- a/pydio-cells.subdomain.conf.sample +++ b/pydio-cells.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your pydio-cells container is named pydio-cells # make sure that your dns has a cname set for pydio-cells server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pydio-cells; @@ -43,13 +49,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pydio-cells; diff --git a/pydio.subdomain.conf.sample b/pydio.subdomain.conf.sample index e66cb96..699d2d5 100644 --- a/pydio.subdomain.conf.sample +++ b/pydio.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for pydio and that your pydio container is not using a base url +## Version 2023/02/05 +# make sure that your pydio container is named pydio +# make sure that your dns has a cname set for pydio server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pydio; diff --git a/pyload.subdomain.conf.sample b/pyload.subdomain.conf.sample index f2b1de8..e5d88db 100644 --- a/pyload.subdomain.conf.sample +++ b/pyload.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for pyload and that your pyload container is not using a base url +## Version 2023/02/05 +# make sure that your pyload container is named pyload +# make sure that your dns has a cname set for pyload server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pyload; diff --git a/pyload.subfolder.conf.sample b/pyload.subfolder.conf.sample index e401adc..ba0bec7 100644 --- a/pyload.subfolder.conf.sample +++ b/pyload.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/10/03 +## Version 2023/02/05 +# make sure that your pyload container is named pyload +# make sure that pyload is set to work with the base url /pyload/ # First go into pyload settings, under "Web Interface" set the "Path Prefix" to /pyload and restart the pyload container # Only works with pyload-ng @@ -7,13 +9,15 @@ location ^~ /pyload { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pyload; diff --git a/qbittorrent.subdomain.conf.sample b/qbittorrent.subdomain.conf.sample index f8aa78e..ff580c0 100644 --- a/qbittorrent.subdomain.conf.sample +++ b/qbittorrent.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for qbittorrent and that your qbittorrent container is not using a base url +## Version 2023/02/05 +# make sure that your qbittorrent container is named qbittorrent +# make sure that your dns has a cname set for qbittorrent server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app qbittorrent; @@ -38,6 +44,7 @@ server { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ~ (/qbittorrent)?/api { @@ -52,6 +59,7 @@ server { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ~ (/qbittorrent)?/command { @@ -66,6 +74,7 @@ server { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ~ (/qbittorrent)?/query { @@ -80,6 +89,7 @@ server { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ~ (/qbittorrent)?/login { @@ -94,6 +104,7 @@ server { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ~ (/qbittorrent)?/sync { @@ -108,5 +119,21 @@ server { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; + } + + location ~ (/qbittorrent)?/scripts { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app qbittorrent; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + rewrite /qbittorrent(.*) $1 break; + + proxy_set_header Referer ''; + proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } } diff --git a/qbittorrent.subfolder.conf.sample b/qbittorrent.subfolder.conf.sample index 4f9b847..bd56047 100644 --- a/qbittorrent.subfolder.conf.sample +++ b/qbittorrent.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your qbittorrent container is named qbittorrent # qbittorrent does not require a base url setting location /qbittorrent { @@ -10,13 +11,15 @@ location ^~ /qbittorrent/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app qbittorrent; @@ -28,6 +31,7 @@ location ^~ /qbittorrent/ { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ^~ /qbittorrent/api { @@ -42,6 +46,7 @@ location ^~ /qbittorrent/api { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ^~ /qbittorrent/command { @@ -56,6 +61,7 @@ location ^~ /qbittorrent/command { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ^~ /qbittorrent/query { @@ -70,6 +76,7 @@ location ^~ /qbittorrent/query { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ^~ /qbittorrent/login { @@ -84,6 +91,7 @@ location ^~ /qbittorrent/login { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } location ^~ /qbittorrent/sync { @@ -98,4 +106,20 @@ location ^~ /qbittorrent/sync { proxy_set_header Referer ''; proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; +} + +location ^~ /qbittorrent/scripts { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app qbittorrent; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + rewrite /qbittorrent(.*) $1 break; + + proxy_set_header Referer ''; + proxy_set_header Host $upstream_app:$upstream_port; + proxy_set_header X-Forwarded-Host $host; } diff --git a/quassel-web.subdomain.conf.sample b/quassel-web.subdomain.conf.sample index d35702c..2ffe5e4 100644 --- a/quassel-web.subdomain.conf.sample +++ b/quassel-web.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for quassel and make sure Quassel-Web is running on http -# with -e 'HTTPS'='false' or if you're using -e 'ADVANCED'='true' by editing config.json appropriately +## Version 2023/02/05 +# make sure that your quassel container is named quassel-web +# make sure that your dns has a cname set for quassel +# make sure Quassel-Web is running on http with -e 'HTTPS'='false' or if you're using -e 'ADVANCED'='true' by editing config.json appropriately server { listen 443 ssl; @@ -12,24 +13,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app quassel-web; diff --git a/quassel-web.subfolder.conf.sample b/quassel-web.subfolder.conf.sample index 1d831dc..59de63e 100644 --- a/quassel-web.subfolder.conf.sample +++ b/quassel-web.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your quassel-web container is named quassel-web +# make sure that quassel-web is set to work with the base url /quassel/ # Set base-url with docker run command env variable -e 'URL_BASE'='/quassel' and make sure Quassel-Web is running on http # with -e 'HTTPS'='false' or if you're using -e 'ADVANCED'='true' by editing config.json appropriately @@ -7,13 +9,15 @@ location ^~ /quassel { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app quassel-web; diff --git a/radarr.subdomain.conf.sample b/radarr.subdomain.conf.sample index 71efed2..e0dcfe1 100644 --- a/radarr.subdomain.conf.sample +++ b/radarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for radarr and that your radarr container is not using a base url +## Version 2023/02/05 +# make sure that your radarr container is named radarr +# make sure that your dns has a cname set for radarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app radarr; diff --git a/radarr.subfolder.conf.sample b/radarr.subfolder.conf.sample index e8d3dd8..eab06de 100644 --- a/radarr.subfolder.conf.sample +++ b/radarr.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into radarr settings, under "General" set the URL Base to /radarr and restart the radarr container +## Version 2023/02/05 +# make sure that your radarr container is named radarr +# make sure that radarr is set to work with the base url /radarr/ location ^~ /radarr { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app radarr; diff --git a/raneto.subdomain.conf.sample b/raneto.subdomain.conf.sample index 7cddd09..b655ff8 100644 --- a/raneto.subdomain.conf.sample +++ b/raneto.subdomain.conf.sample @@ -1,5 +1,7 @@ -## Version 2021/05/18 -# Make sure that your dns has a cname set for raneto +## Version 2023/02/05 +# make sure that your raneto container is named raneto +# make sure that your dns has a cname set for raneto + server { listen 443 ssl; listen [::]:443 ssl; @@ -10,24 +12,29 @@ server { client_max_body_size 0; - #enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - #enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app raneto; diff --git a/rclone.subfolder.conf.sample b/rclone.subfolder.conf.sample index 47dc7a5..8f22cd6 100644 --- a/rclone.subfolder.conf.sample +++ b/rclone.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/03/19 -# rclone does not require a base url +## Version 2023/02/05 +# make sure that your rclone container is named rclone +# rclone does not require a base url setting location /rclone { return 301 $scheme://$host/rclone/; @@ -10,13 +11,15 @@ location ^~ /rclone/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app rclone; diff --git a/readarr.subdomain.conf.sample b/readarr.subdomain.conf.sample index 84a6202..6bdd663 100644 --- a/readarr.subdomain.conf.sample +++ b/readarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/28 -# make sure that your dns has a cname set for readarr and that your readarr container is not using a base url +## Version 2023/02/05 +# make sure that your readarr container is named readarr +# make sure that your dns has a cname set for readarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app readarr; diff --git a/readarr.subfolder.conf.sample b/readarr.subfolder.conf.sample index e64fb2f..1c25152 100644 --- a/readarr.subfolder.conf.sample +++ b/readarr.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/28 -# first go into readarr settings, under "General" set the URL Base to /readarr and restart the readarr container +## Version 2023/02/05 +# make sure that your readarr container is named readarr +# make sure that readarr is set to work with the base url /readarr/ location ^~ /readarr { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app readarr; diff --git a/recipes.subdomain.conf.sample b/recipes.subdomain.conf.sample index 013a475..1789acf 100644 --- a/recipes.subdomain.conf.sample +++ b/recipes.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your recipes container is named recipes # make sure that your dns has a cname set for recipes # make sure to mount /media/ in your swag container to point to your Recipes Media directory @@ -15,29 +16,34 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; - + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + # serve media files location /media/ { alias /media/; } - + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app recipes; diff --git a/requestrr.subdomain.conf.sample b/requestrr.subdomain.conf.sample index 3e8cead..8495f00 100644 --- a/requestrr.subdomain.conf.sample +++ b/requestrr.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your requestrr container is named requestrr # make sure that your dns has a cname set for requestrr server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app requestrr; diff --git a/resilio-sync.subdomain.conf.sample b/resilio-sync.subdomain.conf.sample index 331f50e..e658a74 100644 --- a/resilio-sync.subdomain.conf.sample +++ b/resilio-sync.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for resilio-sync and that your resilio-sync container is not using a base url +## Version 2023/02/05 +# make sure that your resilio-sync container is named resilio-sync +# make sure that your dns has a cname set for resilio-sync server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app resilio-sync; diff --git a/rutorrent.subdomain.conf.sample b/rutorrent.subdomain.conf.sample index cb259cb..5a67f72 100644 --- a/rutorrent.subdomain.conf.sample +++ b/rutorrent.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your rutorrent container is named rutorrent # make sure that your dns has a cname set for rutorrent server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app rutorrent; @@ -43,13 +49,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # block rpc access by default because it is unprotected # you can comment out the next line to enable remote rpc calls deny all; diff --git a/rutorrent.subfolder.conf.sample b/rutorrent.subfolder.conf.sample index f041a44..bd45a7a 100644 --- a/rutorrent.subfolder.conf.sample +++ b/rutorrent.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your rutorrent container is named rutorrent # rutorrent does not require a base url setting location /rutorrent { @@ -10,13 +11,15 @@ location ^~ /rutorrent/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app rutorrent; @@ -32,13 +35,15 @@ location ^~ /rutorrent/RPC2 { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # block rpc access by default because it is unprotected # you can comment out the next line to enable remote rpc calls deny all; diff --git a/sabnzbd.subdomain.conf.sample b/sabnzbd.subdomain.conf.sample index a3c95d3..4626825 100644 --- a/sabnzbd.subdomain.conf.sample +++ b/sabnzbd.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your sabnzbd container is named sabnzbd # make sure that your dns has a cname set for sabnzbd # edit the sabnzbd.ini host_whitelist to avoid hostname verification issues. This format: # host_whitelist = sabnzbd.domain.com, www.sabnzbd.domain.com @@ -13,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sabnzbd; diff --git a/sabnzbd.subfolder.conf.sample b/sabnzbd.subfolder.conf.sample index 82646a9..f1f79ce 100644 --- a/sabnzbd.subfolder.conf.sample +++ b/sabnzbd.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your sabnzbd container is named sabnzbd +# make sure that sabnzbd is set to work with the base url /sabnzbd/ # sabnzbd already uses the base url /sabnzbd by default so you don't need to do anything extra location ^~ /sabnzbd { @@ -6,13 +8,15 @@ location ^~ /sabnzbd { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sabnzbd; diff --git a/scope.subfolder.conf.sample b/scope.subfolder.conf.sample index f9776fb..0a86c3c 100644 --- a/scope.subfolder.conf.sample +++ b/scope.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Scope does not require a base url setting +## Version 2023/02/05 +# make sure that your scope container is named scope +# scope does not require a base url setting location /scope { return 301 $scheme://$host/scope/; @@ -10,13 +11,15 @@ location ^~ /scope/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app scope; diff --git a/scrutiny.subdomain.conf.sample b/scrutiny.subdomain.conf.sample index 81e7d8e..d03f031 100644 --- a/scrutiny.subdomain.conf.sample +++ b/scrutiny.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for scrutiny and that your scrutiny container is not using a base url +## Version 2023/02/05 +# make sure that your scrutiny container is named scrutiny +# make sure that your dns has a cname set for scrutiny server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app scrutiny; @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/seafile.subdomain.conf.sample b/seafile.subdomain.conf.sample deleted file mode 100644 index 29ffdbe..0000000 --- a/seafile.subdomain.conf.sample +++ /dev/null @@ -1,27 +0,0 @@ -## Version 2021/05/18 -# For use with the official Seafile Docker image (https://download.seafile.com/published/seafile-manual/docker/deploy%20seafile%20with%20docker.md) -# Requires that the seafile container uses the following env variables: -# SEAFILE_SERVER_LETSENCRYPT=true -# SEAFILE_SERVER_HOSTNAME=seafile.yourdomain.com -# Restart or create the seafile container after enabling this subdomain and restarting the letsencrypt contianer - -server { - listen 443 ssl; - listen [::]:443 ssl; - - server_name seafile.*; - - include /config/nginx/ssl.conf; - - client_max_body_size 0; - - location / { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app seafile; - set $upstream_port 443; - set $upstream_proto https; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; - - } -} diff --git a/shinobi.subdomain.conf.sample b/shinobi.subdomain.conf.sample index 0e99596..9e81b1c 100644 --- a/shinobi.subdomain.conf.sample +++ b/shinobi.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/01/03 -# make sure that your dns has a cname set for shinobi and that your shinobi config.json is not using a base url +## Version 2023/02/05 +# make sure that your shinobi container is named shinobi +# make sure that your dns has a cname set for shinobi server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app shinobi; @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/shinobi.subfolder.conf.sample b/shinobi.subfolder.conf.sample index 9f6de1e..9bf1618 100644 --- a/shinobi.subfolder.conf.sample +++ b/shinobi.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/01/03 +## Version 2023/02/05 +# make sure that your shinobi container is named shinobi +# make sure that shinobi is set to work with the base url /shinobi/ # ensure your config.json file has an entry for the base url set to /shinobi, i.e. # "baseurl":"/shinobi" @@ -11,13 +13,15 @@ location ^~ /shinobi/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app shinobi; diff --git a/sickchill.subdomain.conf.sample b/sickchill.subdomain.conf.sample index a292fab..8e01a87 100644 --- a/sickchill.subdomain.conf.sample +++ b/sickchill.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your sickchill container is named sickchill # make sure that your dns has a cname set for sickchill server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickchill; diff --git a/sickchill.subfolder.conf.sample b/sickchill.subfolder.conf.sample index 32d66b5..f862273 100644 --- a/sickchill.subfolder.conf.sample +++ b/sickchill.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your sickchill container is named sickchill +# make sure that sickchill is set to work with the base url /sickchill/ # first stop the sickchill container and edit the config.ini for sickchill and set web_root to /sickchill and then start the sickchill container location ^~ /sickchill { @@ -6,13 +8,15 @@ location ^~ /sickchill { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickchill; diff --git a/sickrage.subdomain.conf.sample b/sickrage.subdomain.conf.sample index b09c6fd..7edb935 100644 --- a/sickrage.subdomain.conf.sample +++ b/sickrage.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your sickrage container is named sickrage # make sure that your dns has a cname set for sickrage server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickrage; diff --git a/sickrage.subfolder.conf.sample b/sickrage.subfolder.conf.sample index 834cce2..72afa68 100644 --- a/sickrage.subfolder.conf.sample +++ b/sickrage.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your sickrage container is named sickrage +# make sure that sickrage is set to work with the base url /sickrage/ # first stop the sickrage container and edit the config.ini for sickrage and set web_root to /sickrage and then start the sickrage container location ^~ /sickrage { @@ -6,13 +8,15 @@ location ^~ /sickrage { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickrage; diff --git a/skyhook.subdomain.conf.sample b/skyhook.subdomain.conf.sample index 3319a9f..a26497e 100644 --- a/skyhook.subdomain.conf.sample +++ b/skyhook.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for skyhook and that your skyhook container is not using a base url +## Version 2023/02/05 +# make sure that your skyhook container is named skyhook +# make sure that your dns has a cname set for skyhook server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app skyhook; @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/slskd.subfolder.conf.sample b/slskd.subfolder.conf.sample new file mode 100644 index 0000000..04159c7 --- /dev/null +++ b/slskd.subfolder.conf.sample @@ -0,0 +1,27 @@ +## Version 2023/02/05 +# make sure that your slskd container is named slskd +# make sure that slskd is set to work with the base url /slskd/ +# first edit the slskd.yml and set 'url_base: /slskd' and restart the slskd container + +location ^~ /slskd { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app slskd; + set $upstream_port 5000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + +} diff --git a/smokeping.subdomain.conf.sample b/smokeping.subdomain.conf.sample index 1298c68..6677e4f 100644 --- a/smokeping.subdomain.conf.sample +++ b/smokeping.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your smokeping container is named smokeping # make sure that your dns has a cname set for smokeping server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app smokeping; diff --git a/smokeping.subfolder.conf.sample b/smokeping.subfolder.conf.sample index 8f45e90..bfdba80 100644 --- a/smokeping.subfolder.conf.sample +++ b/smokeping.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your smokeping container is named smokeping +# make sure that smokeping is set to work with the base url /smokeping/ # smokeping already uses the base url /smokeping by default so you don't need to do anything extra location ^~ /smokeping { @@ -6,13 +8,15 @@ location ^~ /smokeping { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app smokeping; diff --git a/sonarr.subdomain.conf.sample b/sonarr.subdomain.conf.sample index 2f2ed98..44ac17e 100644 --- a/sonarr.subdomain.conf.sample +++ b/sonarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url +## Version 2023/02/05 +# make sure that your sonarr container is named sonarr +# make sure that your dns has a cname set for sonarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sonarr; diff --git a/sonarr.subfolder.conf.sample b/sonarr.subfolder.conf.sample index 76cc151..54fa3ea 100644 --- a/sonarr.subfolder.conf.sample +++ b/sonarr.subfolder.conf.sample @@ -1,18 +1,21 @@ -## Version 2021/05/18 -# first go into sonarr settings, under "General" set the URL Base to /sonarr and restart the sonarr container +## Version 2023/02/05 +# make sure that your sonarr container is named sonarr +# make sure that sonarr is set to work with the base url /sonarr/ location ^~ /sonarr { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sonarr; diff --git a/statping.subdomain.conf.sample b/statping.subdomain.conf.sample index 8f4a685..f5bc18a 100644 --- a/statping.subdomain.conf.sample +++ b/statping.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for statping and that your statping container is not using a base url +## Version 2023/02/05 +# make sure that your statping container is named statup +# make sure that your dns has a cname set for statping # If you are using the SSL docker-compose.yml on the statping repo, then the container name will be set to statup. # On other compose examples, it might be named statping. In that case, change $upstream_app statup to $upstream_app statping @@ -13,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app statup; diff --git a/synapse.subdomain.conf.sample b/synapse.subdomain.conf.sample index 6107f7f..9bf06ce 100644 --- a/synapse.subdomain.conf.sample +++ b/synapse.subdomain.conf.sample @@ -1,12 +1,12 @@ -## Version 2021/10/03 +## Version 2023/02/05 server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; # For the federation port - listen 8448 ssl http2 default_server; - listen [::]:8448 ssl http2 default_server; + listen 8448 ssl; + listen [::]:8448 ssl; server_name matrix.*; @@ -14,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synapse; diff --git a/synclounge.subdomain.conf.sample b/synclounge.subdomain.conf.sample index fe9feb2..1455c92 100644 --- a/synclounge.subdomain.conf.sample +++ b/synclounge.subdomain.conf.sample @@ -1,7 +1,8 @@ -## Version 2021/07/08 +## Version 2023/02/05 +# make sure that your synclounge container is named synclounge +# make sure that your dns has a cname set for synclounge # Use this with SyncLounge v3 and up. # Make sure that you do not have HSTS enabled, otherwise http access won't work -# Make sure that your dns has a cname set for synclounge server { listen 443 ssl; @@ -15,24 +16,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synclounge; @@ -48,5 +54,4 @@ server { proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; } - } diff --git a/synclounge.subfolder.conf.sample b/synclounge.subfolder.conf.sample index 3224526..dc98fb6 100644 --- a/synclounge.subfolder.conf.sample +++ b/synclounge.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/07/08 +## Version 2023/02/05 +# make sure that your synclounge container is named synclounge +# make sure that synclounge is set to work with the base url /synclounge/ # Use this with SyncLounge v3 or up # # To allow non-secure connections (http), which is required by some Plex clients, modify the first block in site-confs/default to look something like this: @@ -29,13 +31,15 @@ location /synclounge/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synclounge; diff --git a/syncthing.subdomain.conf.sample b/syncthing.subdomain.conf.sample index b99a0cd..c03e7d1 100644 --- a/syncthing.subdomain.conf.sample +++ b/syncthing.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for syncthing and that your syncthing container is not using a base url +## Version 2023/02/05 +# make sure that your syncthing container is named syncthing +# make sure that your dns has a cname set for syncthing server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app syncthing; diff --git a/syncthing.subfolder.conf.sample b/syncthing.subfolder.conf.sample index a84037d..be5a72f 100644 --- a/syncthing.subfolder.conf.sample +++ b/syncthing.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your syncthing container is named syncthing # syncthing does not require a base url setting location /syncthing { @@ -10,13 +11,15 @@ location ^~ /syncthing/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app syncthing; diff --git a/taisun.subdomain.conf.sample b/taisun.subdomain.conf.sample index bd3b4f4..86c15a7 100644 --- a/taisun.subdomain.conf.sample +++ b/taisun.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your taisun container is named taisun # make sure that your dns has a cname set for taisun server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app taisun; diff --git a/tasmobackup.subdomain.conf.sample b/tasmobackup.subdomain.conf.sample index bd8f867..177121c 100644 --- a/tasmobackup.subdomain.conf.sample +++ b/tasmobackup.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/06/01 +## Version 2023/02/05 +# make sure that your tasmobackup container is named tasmobackup # make sure that your dns has a cname set for tasmobackup server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tasmobackup; diff --git a/tautulli.subdomain.conf.sample b/tautulli.subdomain.conf.sample index 1ee7811..9f52785 100644 --- a/tautulli.subdomain.conf.sample +++ b/tautulli.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for tautulli and that your tautulli container is not using a base url +## Version 2023/02/05 +# make sure that your tautulli container is named tautulli +# make sure that your dns has a cname set for tautulli server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tautulli; @@ -67,5 +73,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/tautulli.subfolder.conf.sample b/tautulli.subfolder.conf.sample index 9311502..55e9eed 100644 --- a/tautulli.subfolder.conf.sample +++ b/tautulli.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your tautulli container is named tautulli +# make sure that tautulli is set to work with the base url /tautulli/ # first go into tautulli settings, under "Web Interface", click on show advanced, set the HTTP root to /tautulli and restart the tautulli container location ^~ /tautulli { @@ -6,13 +8,15 @@ location ^~ /tautulli { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tautulli; @@ -50,4 +54,4 @@ location ^~ /tautulli/image { set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; -} \ No newline at end of file +} diff --git a/tdarr.subdomain.conf.sample b/tdarr.subdomain.conf.sample index 6a5ff29..5060d5a 100644 --- a/tdarr.subdomain.conf.sample +++ b/tdarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for tdarr and that your tdarr container is not using a base url +## Version 2023/02/05 +# make sure that your tdarr container is named tdarr +# make sure that your dns has a cname set for tdarr server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tdarr; diff --git a/thelounge.subdomain.conf.sample b/thelounge.subdomain.conf.sample index 17ede34..eb53700 100644 --- a/thelounge.subdomain.conf.sample +++ b/thelounge.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your thelounge container is named thelounge # make sure that your dns has a cname set for thelounge server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app thelounge; diff --git a/thelounge.subfolder.conf.sample b/thelounge.subfolder.conf.sample index 5b9bb15..dfd5924 100644 --- a/thelounge.subfolder.conf.sample +++ b/thelounge.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your thelounge container is named thelounge # thelounge does not require a base url setting location /thelounge { @@ -10,13 +11,15 @@ location ^~ /thelounge/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app thelounge; diff --git a/themepark.subdomain.conf.sample b/themepark.subdomain.conf.sample new file mode 100644 index 0000000..737bf13 --- /dev/null +++ b/themepark.subdomain.conf.sample @@ -0,0 +1,52 @@ +## Version 2023/02/05 +# make sure that your theme-park. container is named theme-park. +# make sure that your dns has a cname set for themepark. + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name themepark.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + # If you don't want to cache the CSS files you can uncomment the lines below. + # add_header Last-Modified $date_gmt; + # add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + # if_modified_since off; + # expires -1; + # etag off; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app theme-park; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } +} diff --git a/themepark.subfolder.conf.sample b/themepark.subfolder.conf.sample new file mode 100644 index 0000000..6fff1b3 --- /dev/null +++ b/themepark.subfolder.conf.sample @@ -0,0 +1,40 @@ +## Version 2023/02/05 +# make sure that your theme-park container is named theme-park +# make sure that theme-park is set to work with the base url /theme-park/ +# If you want to change the urlbase update the TP_URLBASE env on the theme-park container. + +location /themepark { + return 301 $scheme://$host/themepark/; +} + +location ^~ /themepark/ { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + # If you don't want to cache the CSS files you can uncomment the lines below. + # add_header Last-Modified $date_gmt; + # add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + # if_modified_since off; + # expires -1; + # etag off; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + sub_filter_types *; + sub_filter 'url("/css/' 'url("/themepark/css/'; + sub_filter_once off; + set $upstream_app theme-park; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} diff --git a/transmission.subdomain.conf.sample b/transmission.subdomain.conf.sample index a23c62e..f8b0542 100644 --- a/transmission.subdomain.conf.sample +++ b/transmission.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2021/05/18 +## Version 2023/02/05 # Make sure that DNS has a cname set for transmission # # Some Transmission Chrome extensions cannot handle HTTP/2 proxies as they @@ -21,24 +21,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app transmission; diff --git a/transmission.subfolder.conf.sample b/transmission.subfolder.conf.sample index f1db572..868e9a5 100644 --- a/transmission.subfolder.conf.sample +++ b/transmission.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Transmission does not require a base url setting +## Version 2023/02/05 +# make sure that your transmission container is named transmission +# transmission does not require a base url setting # # Some Transmission Chrome extensions cannot handle HTTP/2 proxies as they # rely on the HTTP Status Text to determine if they should add the @@ -16,13 +17,15 @@ location ^~ /transmission { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app transmission; diff --git a/tvheadend.subfolder.conf.sample b/tvheadend.subfolder.conf.sample new file mode 100644 index 0000000..644ecbe --- /dev/null +++ b/tvheadend.subfolder.conf.sample @@ -0,0 +1,43 @@ +## Version 2023/02/05 +# make sure that your tvheadend container is named tvheadend +# make sure that tvheadend is set to work with the base url /tvheadend/ +# Before activating this config you need to do two things: +# - enable a setting in the tvheadend web interface +# - change your RUN_OPTS for tvheadend. +# +# You need to enable the setting "PROXY protocol & X-Forwarded For" +# in the tvheadend web interface. This setting can be found in +# "Configuration" -> "General" -> "Base" in the "HTTP Server Settings" Group. +# You need to set the View level to Expert to see it. Once activated, you may need to +# restart your tvheadend container. When testing this config, please be reminded +# that the tvheadend docker can take a very long time to start (>10mins). +# +# For the subfolder to work you also need to edit your tvheadend docker compose / cli config +# and set http_root in RUN_OPTS to tvheadend, e.g. in docker compose: +# - RUN_OPTS= --http_root /tvheadend + +location /tvheadend { + return 301 $scheme://$host/tvheadend/; +} + +location /tvheadend/ { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + + set $upstream_app tvheadend; + set $upstream_port 9981; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} diff --git a/ubooquity.subdomain.conf.sample b/ubooquity.subdomain.conf.sample index d82c0e5..0645993 100644 --- a/ubooquity.subdomain.conf.sample +++ b/ubooquity.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# Make sure that your dns has a cname set for ubooquity and that your ubooquity container is not using a base url +## Version 2023/02/05 +# make sure that your ubooquity container is named ubooquity +# make sure that your dns has a cname set for ubooquity server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ubooquity; diff --git a/ubooquity.subfolder.conf.sample b/ubooquity.subfolder.conf.sample index c580c69..b1a6a5b 100644 --- a/ubooquity.subfolder.conf.sample +++ b/ubooquity.subfolder.conf.sample @@ -1,33 +1,37 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your ubooquity container is named ubooquity +# make sure that ubooquity is set to work with the base url /ubooquity/ # set the reverse proxy prefix in the admin gui to ubooquity. - location ^~ /ubooquity { - # enable the next two lines for http auth - #auth_basic "Restricted"; - #auth_basic_user_file /config/nginx/.htpasswd; +location ^~ /ubooquity { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app ubooquity; - set $upstream_port 2202; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; - } + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app ubooquity; + set $upstream_port 2202; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; - location ^~ /ubooquity/admin { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app ubooquity; - set $upstream_port 2203; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} - } +location ^~ /ubooquity/admin { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app ubooquity; + set $upstream_port 2203; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + +} diff --git a/unifi-controller.subdomain.conf.sample b/unifi-controller.subdomain.conf.sample index 1739b34..a4f27b4 100644 --- a/unifi-controller.subdomain.conf.sample +++ b/unifi-controller.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for unifi and that your unifi-controller container is not using a base url +## Version 2023/02/05 +# make sure that your unifi-controller container is named unifi-controller +# make sure that your dns has a cname set for unifi # NOTE: If you use the proxy_cookie_path setting in proxy.conf you need to remove HTTPOnly; # ex: proxy_cookie_path / "/; Secure"; @@ -13,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app unifi-controller; diff --git a/uptime-kuma.subdomain.conf.sample b/uptime-kuma.subdomain.conf.sample index b7dbf0f..cb59422 100644 --- a/uptime-kuma.subdomain.conf.sample +++ b/uptime-kuma.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for uptime-kuma and that your uptime-kuma container is not using a base url +## Version 2023/02/05 +# make sure that your uptime-kuma container is named uptime-kuma +# make sure that your dns has a cname set for uptime-kuma server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app uptime-kuma; diff --git a/vaultwarden.subdomain.conf.sample b/vaultwarden.subdomain.conf.sample index 53769c3..9dccea8 100644 --- a/vaultwarden.subdomain.conf.sample +++ b/vaultwarden.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/02/08 -# make sure that your dns has a cname set for vaultwarden and that your vaultwarden container is not using a base url -# make sure your vaultwarden container is named "vaultwarden" +## Version 2023/02/05 +# make sure that your vaultwarden container is named vaultwarden +# make sure that your dns has a cname set for vaultwarden # set the environment variable WEBSOCKET_ENABLED=true on your vaultwarden container server { @@ -13,24 +13,29 @@ server { client_max_body_size 128M; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; @@ -45,13 +50,15 @@ server { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; diff --git a/vaultwarden.subfolder.conf.sample b/vaultwarden.subfolder.conf.sample index 456f928..cfc2923 100644 --- a/vaultwarden.subfolder.conf.sample +++ b/vaultwarden.subfolder.conf.sample @@ -1,6 +1,9 @@ -## Version 2022/02/08 +## Version 2023/02/05 +# make sure that your vaultwarden container is named vaultwarden +# make sure that vaultwarden is set to work with the base url /vaultwarden/ ## Environmental Variable DOMAIN=https://<DOMAIN>/vaultwarden must be set in vaultwarden container including subfolder. ## This is using ports 80 and 3012 + location /vaultwarden { return 301 $scheme://$host/vaultwarden/; } @@ -10,13 +13,15 @@ location ^~ /vaultwarden/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; @@ -31,13 +36,15 @@ location ~ (/vaultwarden)?/admin { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; diff --git a/viewtube.subdomain.conf.sample b/viewtube.subdomain.conf.sample new file mode 100644 index 0000000..6753318 --- /dev/null +++ b/viewtube.subdomain.conf.sample @@ -0,0 +1,47 @@ +## Version 2023/02/05 +# make sure that your viewtube container is named viewtube +# make sure that your dns has a cname set for viewtube + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name viewtube.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app viewtube; + set $upstream_port 8066; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/wallabag.subdomain.conf.sample b/wallabag.subdomain.conf.sample index 97fe08f..034b139 100644 --- a/wallabag.subdomain.conf.sample +++ b/wallabag.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for wallabag and that your wallabag container is not using a base url. +## Version 2023/02/05 +# make sure that your wallabag container is named wallabag +# make sure that your dns has a cname set for wallabag # also, make sure your env var in your docker run or compose match the full domain, incl. https:// # i.e. - SYMFONY__ENV__DOMAIN_NAME=https://wallabag.yourdomain.com @@ -13,24 +14,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app wallabag; diff --git a/warpgate.subdomain.conf.sample b/warpgate.subdomain.conf.sample new file mode 100644 index 0000000..345ff55 --- /dev/null +++ b/warpgate.subdomain.conf.sample @@ -0,0 +1,47 @@ +## Version 2023/02/05 +# make sure that your warpgate container is named warpgate +# make sure that your dns has a cname set for warpgate + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name warpgate.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app warpgate; + set $upstream_port 8888; + set $upstream_proto https; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/webtop.subdomain.conf.sample b/webtop.subdomain.conf.sample index 158d278..098edae 100644 --- a/webtop.subdomain.conf.sample +++ b/webtop.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2021/06/04 +## Version 2023/02/05 # make sure that you have a cname set for the webtop # set up authentication here, for better security @@ -12,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app webtop; diff --git a/wordpress.subfolder.conf.sample b/wordpress.subfolder.conf.sample index 6771d55..6b47885 100644 --- a/wordpress.subfolder.conf.sample +++ b/wordpress.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/02/24 +## Version 2023/02/05 +# make sure that your wordpress container is named wordpress +# make sure that wordpress is set to work with the base url /wordpress/ # In order to use this location block you need to edit the default file one folder up and comment out the / location as well as the "~ \.php$" location # tested with the official wordpress docker image @@ -7,13 +9,15 @@ location / { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app wordpress; @@ -21,4 +25,4 @@ location / { set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; -} \ No newline at end of file +} diff --git a/yacht.subdomain.conf.sample b/yacht.subdomain.conf.sample index 8a4cbbc..cfaaa5e 100644 --- a/yacht.subdomain.conf.sample +++ b/yacht.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your yacht container is named yacht # make sure that your dns has a cname set for yacht server { @@ -11,30 +12,35 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app yacht; set $upstream_port 8000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; - + } } diff --git a/youtube-dl-server.subdomain.conf.sample b/youtube-dl-server.subdomain.conf.sample index db00028..9819392 100644 --- a/youtube-dl-server.subdomain.conf.sample +++ b/youtube-dl-server.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for youtube-dl-server and that your youtube-dl-server container is not using a base url +## Version 2023/02/05 +# make sure that your youtube-dl-server container is named youtube-dl-server +# make sure that your dns has a cname set for youtube-dl-server server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app youtube-dl-server; @@ -37,5 +43,4 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } - } diff --git a/youtube-dl.subfolder.conf.sample b/youtube-dl.subfolder.conf.sample index 74f9c1d..4c28675 100644 --- a/youtube-dl.subfolder.conf.sample +++ b/youtube-dl.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/07/08 +## Version 2023/02/05 +# make sure that your youtube-dl-server container is named youtube-dl-server +# youtube-dl-server does not require a base url setting # Works with this youtube-dl Fork: https://github.com/nbr23/youtube-dl-server location /youtube-dl { @@ -10,9 +12,14 @@ location ^~ /youtube-dl/ { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /login; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; diff --git a/zigbee2mqtt.subdomain.conf.sample b/zigbee2mqtt.subdomain.conf.sample new file mode 100644 index 0000000..41e5a04 --- /dev/null +++ b/zigbee2mqtt.subdomain.conf.sample @@ -0,0 +1,47 @@ +## Version 2023/02/05 +# make sure that your zigbee2mqtt container is named zigbee2mqtt +# make sure that your dns has a cname set for zigbee2mqtt + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name zigbee2mqtt.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app zigbee2mqtt; + set $upstream_port 8080; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + +} diff --git a/znc.subdomain.conf.sample b/znc.subdomain.conf.sample index 02faef2..6979297 100644 --- a/znc.subdomain.conf.sample +++ b/znc.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your znc container is named znc # make sure that your dns has a cname set for znc server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app znc; diff --git a/znc.subfolder.conf.sample b/znc.subfolder.conf.sample index 5f176c5..70d2610 100644 --- a/znc.subfolder.conf.sample +++ b/znc.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your znc container is named znc +# make sure that znc is set to work with the base url /znc/ # edit /config/configs/znc.conf and add URIPrefix = /znc/ in the line above </Listener> and restart the znc container location /znc { @@ -6,13 +8,15 @@ location /znc { #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia, also enable authelia-server.conf in the default site config + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app znc; diff --git a/zwavejs2mqtt.subdomain.conf.sample b/zwavejs2mqtt.subdomain.conf.sample index 4eee313..2aea2be 100644 --- a/zwavejs2mqtt.subdomain.conf.sample +++ b/zwavejs2mqtt.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/06/26 +## Version 2023/02/05 +# make sure that your zwavejs2mqtt container is named zwavejs2mqtt # make sure that your dns has a cname set for zwavejs2mqtt server { @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app zwavejs2mqtt;