github/reverse-proxy-confs
1
0
Fork 0
mirror of https://github.com/linuxserver/reverse-proxy-confs.git synced 2025-07-06 04:51:33 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'master' into linkwarden

Browse source
This commit is contained in:
jlssmt 2024-09-12 16:08:02 +02:00 committed by GitHub
commit ef609ac099
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 417 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
dashy.subdomain.conf.sample
View file

@ -38,7 +38,7 @@ server {
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf; include /config/nginx/resolver.conf;
set $upstream_app dashy; set $upstream_app dashy;
set $upstream_port 80; set $upstream_port 8080;
set $upstream_proto http; set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_pass $upstream_proto://$upstream_app:$upstream_port;
} }

56
ddns-updater.subdomain.conf.sample Normal file
View file

@ -0,0 +1,56 @@
## Version 2024/08/04
# make sure that your ddns-updater container is named ddns-updater
# make sure that your dns has a cname set for ddns-updater
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name ddns-updater.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ddns-updater;
set $upstream_port 8000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/ddns-updater)?/api {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ddns-updater;
set $upstream_port 8000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

36
ddns-updater.subfolder.conf.sample Normal file
View file

@ -0,0 +1,36 @@
## Version 2024/08/04
# make sure that your ddns-updater container is named ddns-updater
# make sure that ddns-updater is set to work with the base url /ddns-updater/
location ^~ /ddns-updater {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ddns-updater;
set $upstream_port 8000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /ddns-updater/api {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app ddns-updater;
set $upstream_port 8000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

46
dockge.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2024/07/16
# make sure that your dockge container is named dockge
# make sure that your dns has a cname set for dockge
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name dockge.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app dockge;
set $upstream_port 5001;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

31
dockge.subfolder.conf.sample Normal file
View file

@ -0,0 +1,31 @@
## Version 2023/02/05
# make sure that your dockge container is named dockge
# make sure that dockge is set to work with the base url /dockge/
location /dockge {
return 301 $scheme://$host/dockge/;
}
location ^~ /dockge/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app dockge;
set $upstream_port 5001;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

20
jellyfin.subdomain.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2024/07/16 ## Version 2024/08/22
# make sure that your jellyfin container is named jellyfin # make sure that your jellyfin container is named jellyfin
# make sure that your dns has a cname set for jellyfin # make sure that your dns has a cname set for jellyfin
# if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
@ -37,4 +37,22 @@ server {
proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_pass $upstream_proto://$upstream_app:$upstream_port;
} }
# Restrict access to /metrics
# https://jellyfin.org/docs/general/networking/monitoring/#prometheus-metrics
location /metrics {
allow 192.168.0.0/16;
allow 10.0.0.0/8;
allow 172.16.0.0/12;
allow 127.0.0.0/8;
deny all;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app jellyfin;
set $upstream_port 8096;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
} }

46
lubelogger.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2024/08/18
# make sure that your lubelogger container is named lubelogger
# make sure that your dns has a cname set for lubelogger
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name lubelogger.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app lubelogger;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

46
paperless.subdomain.conf.sample Normal file
View file

@ -0,0 +1,46 @@
## Version 2024/07/16
# make sure that your paperless container is named paperless
# make sure that your dns has a cname set for paperless
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name paperless.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app paperless;
set $upstream_port 8000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

30
paperless.subfolder.conf.sample Normal file
View file

@ -0,0 +1,30 @@
## Version 2023/02/05
# make sure that your paperless container is named paperless
# make sure that paperless is set to work with the base url /paperless/
location /paperless {
return 301 $scheme://$host/paperless/;
}
location ^~ /paperless/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app paperless;
set $upstream_port 8000;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

7
vaultwarden.subdomain.conf.sample
View file

@ -62,6 +62,13 @@ server {
# enable for Authentik (requires authentik-server.conf in the server block) # enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf; #include /config/nginx/authentik-location.conf;
# if you enable admin page via ADMIN_TOKEN env variable
# consider restricting access to LAN only via uncommenting the following lines
#allow 10.0.0.0/8;
#allow 172.16.0.0/12;
#allow 192.168.0.0/16;
#deny all;
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf; include /config/nginx/resolver.conf;
set $upstream_app vaultwarden; set $upstream_app vaultwarden;

7
vaultwarden.subfolder.conf.sample
View file

@ -49,6 +49,13 @@ location ~ ^(/vaultwarden)?/admin {
# enable for Authentik (requires authentik-server.conf in the server block) # enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf; #include /config/nginx/authentik-location.conf;
# if you enable admin page via ADMIN_TOKEN env variable
# consider restricting access to LAN only via uncommenting the following lines
#allow 10.0.0.0/8;
#allow 172.16.0.0/12;
#allow 192.168.0.0/16;
#deny all;
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf; include /config/nginx/resolver.conf;
set $upstream_app vaultwarden; set $upstream_app vaultwarden;

56
whisparr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,56 @@
## Version 2024/08/04
# make sure that your whisparr container is named whisparr
# make sure that your dns has a cname set for whisparr
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name whisparr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app whisparr;
set $upstream_port 6969;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ~ (/whisparr)?/api {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app whisparr;
set $upstream_port 6969;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}

36
whisparr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,36 @@
## Version 2024/08/04
# make sure that your whisparr container is named whisparr
# make sure that whisparr is set to work with the base url /whisparr/
location ^~ /whisparr {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app whisparr;
set $upstream_port 6969;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
location ^~ /whisparr/api {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app whisparr;
set $upstream_port 6969;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}