diff --git a/it-tools.subdomain.conf.sample b/it-tools.subdomain.conf.sample new file mode 100644 index 0000000..db01ae8 --- /dev/null +++ b/it-tools.subdomain.conf.sample @@ -0,0 +1,45 @@ +## Version 2023/05/08 +# make sure that your it-tools container is named it-tools +# make sure that your dns has a cname set for it-tools + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name it-tools.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app it-tools; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + } +} diff --git a/kavita.subdomain.conf.sample b/kavita.subdomain.conf.sample index 207b82d..9ce5c4a 100644 --- a/kavita.subdomain.conf.sample +++ b/kavita.subdomain.conf.sample @@ -43,4 +43,15 @@ server { proxy_pass $upstream_proto://$upstream_app:$upstream_port; } + + # Needed for OPDS access while using Authelia/ldap + location ~ (/kavita)?/api { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app kavita; + set $upstream_port 5000; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } } diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample index e63d077..550b32c 100644 --- a/nextcloud.subdomain.conf.sample +++ b/nextcloud.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2023/02/05 +## Version 2023/05/10 # make sure that your nextcloud container is named nextcloud # make sure that your dns has a cname set for nextcloud # assuming this container is called "swag", edit your nextcloud container's config @@ -32,6 +32,7 @@ server { set $upstream_proto https; proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # Uncomment X-Frame-Options directive in ssl.conf to pass security checks. proxy_hide_header X-Frame-Options; proxy_max_temp_file_size 2048m; } diff --git a/nextcloud.subfolder.conf.sample b/nextcloud.subfolder.conf.sample index 11bbb75..42d2265 100644 --- a/nextcloud.subfolder.conf.sample +++ b/nextcloud.subfolder.conf.sample @@ -1,4 +1,4 @@ -## Version 2023/02/05 +## Version 2023/05/10 # make sure that your nextcloud container is named nextcloud # make sure that nextcloud is set to work with the base url /nextcloud/ # Assuming this container is called "swag", edit your nextcloud container's config @@ -34,6 +34,7 @@ location ^~ /nextcloud/ { proxy_pass $upstream_proto://$upstream_app:$upstream_port; rewrite /nextcloud(.*) $1 break; + # Uncomment X-Frame-Options directive in ssl.conf to pass security checks. proxy_hide_header X-Frame-Options; proxy_max_temp_file_size 2048m; proxy_set_header Range $http_range; diff --git a/pterodactyl.subdomain.conf.sample b/pterodactyl.subdomain.conf.sample new file mode 100644 index 0000000..2d2b80a --- /dev/null +++ b/pterodactyl.subdomain.conf.sample @@ -0,0 +1,48 @@ +## Version 2023/05/08 +# this is for your actual panel, not nodes +# make sure you set your pterodactyl servers "remote" and "api" addresses to the domains you specify here +# ensure you have enabled "ssl encryption" and (if necessary) "behind proxy" in your pterodactyl server +# make sure that your pterodactyl container is named pterodactyl +# make sure that your dns has a cname set for pterodactyl + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name pterodactyl.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pterodactyl; + set $upstream_port 80; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} diff --git a/pterodactylnode.subdomain.conf.sample b/pterodactylnode.subdomain.conf.sample new file mode 100644 index 0000000..e75e7dc --- /dev/null +++ b/pterodactylnode.subdomain.conf.sample @@ -0,0 +1,59 @@ +## Version 2023/05/08 +# this is for nodes, not your actual panel +# make sure you set your node to use 443 as its API port +# make sure that your pterodactylnode container is named pterodactylnode +# make sure that your dns has a cname set for pterodactylnode + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name pterodactylnode.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; + + # enable for Authelia (requires authelia-location.conf in the location block) + #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + + + location / { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pterodactylnode; + set $upstream_port 443; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } + + location ~ (/pterodactylnode)?/api { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app pterodactylnode; + set $upstream_port 443; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + } +} \ No newline at end of file