github/reverse-proxy-confs
1
0
Fork 0
mirror of https://github.com/linuxserver/reverse-proxy-confs.git synced 2025-07-05 04:26:02 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

initial upload

Browse source
This commit is contained in:
aptalca 2018-11-19 10:55:59 -05:00
parent c91aa85ed4
commit f2c8d54e2b
74 changed files with 2038 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

17
.gitattributes vendored Normal file
View file

@ -0,0 +1,17 @@
# Auto detect text files and perform LF normalization
* text=auto
# Custom for Visual Studio
*.cs diff=csharp
# Standard to msysgit
*.doc diff=astextplain
*.DOC diff=astextplain
*.docx diff=astextplain
*.DOCX diff=astextplain
*.dot diff=astextplain
*.DOT diff=astextplain
*.pdf diff=astextplain
*.PDF diff=astextplain
*.rtf diff=astextplain
*.RTF diff=astextplain

21
.github/ISSUE_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,21 @@
<!--- Provide a general summary of the issue in the Title above -->
[linuxserverurl]: https://linuxserver.io
[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl]
<!--- If you have an issue with the project, please provide us with the following information -->
<!--- Host OS -->
<!--- Command line users, your run/create command, GUI/Unraid users, a screenshot of your template settings. -->
<!--- Docker log output, docker log <container-name> -->
<!--- Mention if you're using symlinks on any of the volume mounts. -->
<!--- If you have a suggestion or fix for the project, please provide us with the following information -->
<!--- What you think your suggestion brings to the project, or fixes with the project -->
<!--- If it's a fix, would it be better suited as a Pull request to the repo ? -->
## Thanks, team linuxserver.io

15
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,15 @@
<!--- Provide a general summary of your changes in the Title above -->
[linuxserverurl]: https://linuxserver.io
[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl]
<!--- Before submitting a pull request please check the following -->
<!--- That you have made a branch in your fork, we'd rather not merge from your master -->
<!--- That if the PR is addressing an existing issue include, closes #<issue number> , in the body of the PR commit message -->
<!--- You have included links to any files / patches etc your PR may be using in the body of the PR commit message -->
<!--- -->
## Thanks, team linuxserver.io

1
README.md
View file

@ -1 +0,0 @@
# reverse-proxy-confs

36
_readme Normal file
View file

@ -0,0 +1,36 @@
This folder contains sample reverse proxy configs for various docker images linuxserver provides. They are grouped in two:
1. "subfolder" these will allow accessing services at https://yourdomain.com/servicename
2. "subdomain" these will allow accessing services at https://servicename.yourdomain.com
To enable the reverse proxies:
1) rename the conf files and remove the ".sample" at the end (ie. "sonarr.subfolder.conf") and
2) restart the letsencrypt container
Make sure that your default site config contains the following lines in the appropriate spots as seen in the default version:
1) for subfolder methods: "include /config/nginx/proxy-confs/*.subfolder.conf;"
2) for subdomain methods: "include /config/nginx/proxy-confs/*.subdomain.conf;"
To disable the configs, simply rename the files to add back the ".sample" to the end, and restart letsencrypt.
If you are reverse proxying linuxserver containers installed on the same host with the recommended options, you shouldn't
need to edit these conf files. However, some files require you to make changes to the service containers such as adding
base urls in their settings. Each conf file lists the required changes on the first line.
These confs also assume that the letsencrypt container can reach other containers via their dns hostnames (defaults to
container name) resolved via docker's internal dns. This is achieved through having the containers attached to the same
user defined docker bridge network.
- If you are using docker-compose and the containers are managed through the same yaml file, docker-compose will automatically
create a custom network and attach all containers to it. You don't have to do anything extra.
- If you are starting the containers via command line, first create a bridge network via "docker network create [networkname]"
and define that network in the container run/create command via "--network [networkname]".
- If you are using a gui manager like portainer, you can create a custom bridge network in the gui, and select it when creating
a new container.
- If you are using unraid, create a custom network in command line via "docker network create [networkname]", then go to docker service settings (under advanced) and
set the option "Preserve user defined networks:" to "Yes". Then in each container setting, do one of the following:
1) Unraid 6.5.0 or earlier - (under advanced) add "--network=[networkname]" into "Extra Parameters".
2) Unraid 6.5.1 or later - in the network type dropdown, select "Custom : [networkname]".
You would have to do the above for the letsencrypt container as well, so they are all on the same custom network. The bridge
network that unraid uses by default does not allow container to container communication.
If the reverse proxied containers are not reachable via dns or they are running on a different machine, you will have to modify
these confs to fit your needs.

16
airsonic.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# set the CONTEXT_PATH variable to /airsonic in airsonic container.
location ^~ /airsonic {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_airsonic airsonic;
proxy_pass http://$upstream_airsonic:4040;
}

29
bazarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for bazarr and that your bazarr container is not using a base url
server {
listen 443 ssl;
server_name bazarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bazarr bazarr;
proxy_pass http://$upstream_bazarr:6767;
}
}

19
bazarr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,19 @@
# first go into bazarr settings, under "General" set the URL Base to /bazarr/ and restart the bazarr container
location /bazarr {
return 301 $scheme://$host/bazarr/;
}
location ^~ /bazarr/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_bazarr bazarr;
proxy_pass http://$upstream_bazarr:6767;
}

29
couchpotato.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for couchpotato and that your couchpotato container is not using a base url
server {
listen 443 ssl;
server_name couchpotato.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_couchpotato couchpotato;
proxy_pass http://$upstream_couchpotato:5050;
}
}

16
couchpotato.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first go into couchpotato settings, under "General" set the URL Base to /couchpotato and restart the couchpotato container
location ^~ /couchpotato {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_couchpotato couchpotato;
proxy_pass http://$upstream_couchpotato:5050;
}

29
deluge.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for deluge and that your deluge container is not using a base url
server {
listen 443 ssl;
server_name deluge.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_deluge deluge;
proxy_pass http://$upstream_deluge:8112;
}
}

21
deluge.subfolder.conf.sample Normal file
View file

@ -0,0 +1,21 @@
# deluge does not require a base url setting
location /deluge {
return 301 $scheme://$host/deluge/;
}
location ^~ /deluge/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_deluge deluge;
rewrite /deluge(.*) $1 break;
proxy_pass http://$upstream_deluge:8112;
proxy_set_header X-Deluge-Base "/deluge/";
}

28
duplicati.subdomain.conf.sample Normal file
View file

@ -0,0 +1,28 @@
# make sure that your dns has a cname set for duplicati and that your duplicati container is not using a base url
server {
listen 443 ssl;
server_name duplicati.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
resolver 127.0.0.11 valid=30s;
set $upstream_duplicati duplicati;
proxy_pass http://$upstream_duplicati:8200;
}
}

19
duplicati.subfolder.conf.sample Normal file
View file

@ -0,0 +1,19 @@
# duplicati does not require a base url setting. DUPLICATI AUTH WILL NOT WORK WITH THIS CONFIG, use the auth options below
location /duplicati {
return 301 $scheme://$host/duplicati/;
}
location ^~ /duplicati/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
resolver 127.0.0.11 valid=30s;
set $upstream_duplicati duplicati;
rewrite /duplicati(.*) $1 break;
proxy_pass http://$upstream_duplicati:8200;
}

26
emby.subdomain.conf.sample Normal file
View file

@ -0,0 +1,26 @@
# make sure that your dns has a cname set for emby, if emby is running in bridge mode, the below config should work as is, although,
# the container name is expected to be "emby", if not, replace the line "set $upstream_emby emby;" with "set $upstream_emby <containername>;"
# for host mode, replace the line "proxy_pass http://$upstream_emby:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of emby
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
# and set the "Secure connection mode" to "Handled by reverse proxy"
server {
listen 443 ssl;
server_name emby.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_emby emby;
proxy_pass http://$upstream_emby:8096;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

20
emby.subfolder.conf.sample Normal file
View file

@ -0,0 +1,20 @@
# if emby is running in bridge mode, the below config should work as is, although, the container name is expected to be "emby",
# if not, replace the line "set $upstream_emby emby;" with "set $upstream_emby <containername>;"
# for host mode, replace the line "proxy_pass http://$upstream_emby:8096;" with "proxy_pass http://HOSTIP:8096;" HOSTIP being the IP address of emby
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url and subdomain,
# and set the "Secure connection mode" to "Handled by reverse proxy"
location /emby {
return 301 $scheme://$host/emby/;
}
location ^~ /emby/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_emby emby;
proxy_pass http://$upstream_emby:8096;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}

29
flood.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for flood and that your flood container is not using a base url
server {
listen 443 ssl;
server_name flood.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_flood flood;
proxy_pass http://$upstream_flood:3000;
}
}

20
flood.subfolder.conf.sample Normal file
View file

@ -0,0 +1,20 @@
# flood does not require a base url setting
location /flood {
return 301 $scheme://$host/flood/;
}
location ^~ /flood/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_flood flood;
rewrite /flood(.*) $1 break;
proxy_pass http://$upstream_flood:3000;
}

29
headphones.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for headphones
server {
listen 443 ssl;
server_name headphones.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_headphones headphones;
proxy_pass http://$upstream_headphones:8181;
}
}

16
headphones.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first stop the headphones container and edit the config.ini for headphones and set http_root to /headphones and then start the headphones container
location ^~ /headphones {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_headphones headphones;
proxy_pass http://$upstream_headphones:8181;
}

29
heimdall.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for heimdall
server {
listen 443 ssl;
server_name heimdall.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_heimdall heimdall;
proxy_pass https://$upstream_heimdall:443;
}
}

36
jackett.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for jackett and that your jackett container is not using a base url
server {
listen 443 ssl;
server_name jackett.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
}
location ~ (/jackett)?/(api|dl) {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
}
}

23
jackett.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# first go into jackett settings, set the URL Base to /jackett and restart the jackett container
location /jackett {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
}
location ~ /jackett/(api|dl) {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_jackett jackett;
proxy_pass http://$upstream_jackett:9117;
}

29
lazylibrarian.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for lazylibrarian
server {
listen 443 ssl;
server_name lazylibrarian.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lazylibrarian lazylibrarian;
proxy_pass http://$upstream_lazylibrarian:5299;
}
}

16
lazylibrarian.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first go into lazylibrarian settings, under "Interface" set the URL Base to /lazylibrarian and restart the lazylibrarian container
location ^~ /lazylibrarian {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lazylibrarian lazylibrarian;
proxy_pass http://$upstream_lazylibrarian:5299;
}

29
lidarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for lidarr and that your lidarr container is not using a base url
server {
listen 443 ssl;
server_name lidarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lidarr lidarr;
proxy_pass http://$upstream_lidarr:8686;
}
}

16
lidarr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first go into lidarr settings, under "General" set the URL Base to /lidarr and restart the lidarr container
location ^~ /lidarr {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_lidarr lidarr;
proxy_pass http://$upstream_lidarr:8686;
}

29
medusa.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for medusa
server {
listen 443 ssl;
server_name medusa.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_medusa medusa;
proxy_pass http://$upstream_medusa:8081;
}
}

16
medusa.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first go into medusa settings, under "Interface" set the URL Base to /medusa and restart the medusa container
location ^~ /medusa {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_medusa medusa;
proxy_pass http://$upstream_medusa:8081;
}

29
monitorr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for monitorr
server {
listen 443 ssl;
server_name monitorr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_monitorr monitorr;
proxy_pass http://$upstream_monitorr:80;
}
}

16
monitorr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# monitorr does not require a base url setting
location ^~ /monitorr {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_monitorr monitorr;
proxy_pass http://$upstream_monitorr:80;
}

29
mylar.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for mylar
server {
listen 443 ssl;
server_name mylar.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_mylar mylar;
proxy_pass http://$upstream_mylar:8090;
}
}

16
mylar.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first stop the mylar container and edit the config.ini for mylar and set http_root to /mylar and then start the mylar container
location ^~ /mylar {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_mylar mylar;
proxy_pass http://$upstream_mylar:8090;
}

29
netdata.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for netdata
server {
listen 443 ssl;
server_name netdata.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_netdata netdata;
proxy_pass http://$upstream_netdata:19999;
}
}

20
netdata.subfolder.conf.sample Normal file
View file

@ -0,0 +1,20 @@
# netdata does not require a base url setting
location /netdata {
return 301 $scheme://$host/netdata/;
}
location ^~ /netdata/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_netdata netdata;
rewrite /netdata(.*) $1 break;
proxy_pass http://$upstream_netdata:19999;
}

31
nextcloud.subdomain.conf.sample Normal file
View file

@ -0,0 +1,31 @@
# make sure that your dns has a cname set for nextcloud
# assuming this container is called "letsencrypt", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
# 'trusted_proxies' => ['letsencrypt'],
# 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
# 'overwritehost' => 'nextcloud.your-domain.com',
# 'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
# array (
# 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
# 1 => 'nextcloud.your-domain.com',
# ),
server {
listen 443 ssl;
server_name nextcloud.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nextcloud nextcloud;
proxy_max_temp_file_size 2048m;
proxy_pass https://$upstream_nextcloud:443;
}
}

40
nextcloud.subfolder.conf.sample Normal file
View file

@ -0,0 +1,40 @@
# Assuming this container is called "letsencrypt", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
# 'trusted_proxies' => ['letsencrypt'],
# 'overwritewebroot' => '/nextcloud',
# 'overwrite.cli.url' => 'https://your-domain.com/nextcloud',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
# array (
# 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
# 1 => 'your-domain.com',
# ),
# Redirects for DAV clients
location = /.well-known/carddav {
return 301 $scheme://$host/nextcloud/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/nextcloud/remote.php/dav;
}
location /nextcloud {
return 301 $scheme://$host/nextcloud/;
}
location ^~ /nextcloud/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nextcloud nextcloud;
rewrite /nextcloud(.*) $1 break;
proxy_pass https://$upstream_nextcloud:443;
proxy_max_temp_file_size 2048m;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_ssl_session_reuse off;
}

29
nzbget.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for nzbget
server {
listen 443 ssl;
server_name nzbget.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
}
}

16
nzbget.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# nzbget does not require a base url setting
location ^~ /nzbget {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbget nzbget;
proxy_pass http://$upstream_nzbget:6789;
}

36
nzbhydra.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for nzbhydra and that your nzbhydra container is not using a base url
server {
listen 443 ssl;
server_name nzbhydra.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
}
location ~ (/nzbhydra)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
}
}

23
nzbhydra.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# first go into nzbhydra settings, set the URL Base to /nzbhydra and restart the nzbhydra container
location ^~ /nzbhydra {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
}
location ^~ /nzbhydra/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_nzbhydra hydra2;
proxy_pass http://$upstream_nzbhydra:5076;
}

39
ombi.subdomain.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# make sure that your dns has a cname set for ombi and that your ombi container is not using a base url
server {
listen 443 ssl;
server_name ombi.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
}
location ~ (/ombi)?/swagger {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
}
if ($http_referer ~* /ombi) {
rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
}
}

30
ombi.subfolder.conf.sample Normal file
View file

@ -0,0 +1,30 @@
# first go into ombi settings, under the menu "Ombi" set the base url to /ombi and restart the ombi container
location /ombi {
return 301 $scheme://$host/ombi/;
}
location ^~ /ombi/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
}
location ^~ /ombi/swagger {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_ombi ombi;
proxy_pass http://$upstream_ombi:3579;
}
if ($http_referer ~* /ombi) {
rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
}

49
organizr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,49 @@
# make sure that your dns has a cname set for organizr
server {
listen 443 ssl;
server_name organizr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80;
}
location ~ /auth-(admin|user) {
# This is used for Organizr V1
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/auth.php?$1;
proxy_set_header Content-Length "";
}
location ~ /auth-([0-9]+) {
# This is used for Organizr V2
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/api/?v1/auth&group=$1;
proxy_set_header Content-Length "";
}
}

36
organizr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# In order to use this location block you need to edit the default file one folder up and comment out the / location
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80;
}
location ~ /auth-(admin|user) {
# This is used for Organizr V1
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/auth.php?$1;
proxy_set_header Content-Length "";
}
location ~ /auth-([0-9]+) {
# This is used for Organizr V2
internal;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_organizr organizr;
proxy_pass http://$upstream_organizr:80/api/?v1/auth&group=$1;
proxy_set_header Content-Length "";
}

29
phpmyadmin.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for phpmyadmin and that your phpmyadmin container is not using a base url
server {
listen 443 ssl;
server_name phpmyadmin.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_phpmyadmin phpmyadmin;
proxy_pass http://$upstream_phpmyadmin:80;
}
}

20
phpmyadmin.subfolder.conf.sample Normal file
View file

@ -0,0 +1,20 @@
# phpmyadmin does not require a base url setting
location /phpmyadmin {
return 301 $scheme://$host/phpmyadmin/;
}
location ^~ /phpmyadmin/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_phpmyadmin phpmyadmin;
rewrite /phpmyadmin(.*) $1 break;
proxy_pass http://$upstream_phpmyadmin:80;
}

44
pihole.subdomain.conf.sample Normal file
View file

@ -0,0 +1,44 @@
# make sure that your dns has a cname set for pihole and that your pihole container is not using a base url
server {
listen 443 ssl;
server_name pihole.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_pihole pihole;
proxy_pass http://$upstream_pihole:80;
}
location /admin {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_pihole pihole;
proxy_pass http://$upstream_pihole:80;
}
}

39
pihole.subfolder.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# pihole does not require a base url setting
location /pihole {
return 301 $scheme://$host/pihole/;
}
location ^~ /pihole/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_pihole pihole;
rewrite /pihole(.*) $1 break;
proxy_pass http://$upstream_pihole:80;
}
location /pihole/admin {
return 301 $scheme://$host/pihole/admin/;
}
location ^~ /pihole/admin/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_pihole pihole;
rewrite /pihole(.*) $1 break;
proxy_pass http://$upstream_pihole:80;
}

50
plex.subdomain.conf.sample Normal file
View file

@ -0,0 +1,50 @@
# make sure that your dns has a cname set for plex, if plex is running in bridge mode, the below config should work as is, for host mode,
# replace the line "proxy_pass https://$upstream_plex:32400;" with "proxy_pass https://HOSTIP:32400;" HOSTIP being the IP address of plex
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://plex.yourdomain.url:443")
server {
listen 443 ssl;
server_name plex.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
proxy_redirect off;
proxy_buffering off;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_plex plex;
proxy_pass http://$upstream_plex:32400;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
proxy_set_header X-Plex-Device $http_x_plex_device;
proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;
proxy_set_header X-Plex-Platform $http_x_plex_platform;
proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
proxy_set_header X-Plex-Product $http_x_plex_product;
proxy_set_header X-Plex-Token $http_x_plex_token;
proxy_set_header X-Plex-Version $http_x_plex_version;
proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
proxy_set_header X-Plex-Provides $http_x_plex_provides;
proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
proxy_set_header X-Plex-Model $http_x_plex_model;
}
}

39
plex.subfolder.conf.sample Normal file
View file

@ -0,0 +1,39 @@
# plex does not require a base url setting
# if plex is running in bridge mode, the below config should work as is.
# for host mode, replace the line "proxy_pass https://$upstream_plex:32400;" with "proxy_pass https://HOSTIP:32400;" HOSTIP being the IP address of plex
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://yourdomain.url/plex:443")
location /plex {
return 301 $scheme://$host/plex/;
}
location ^~ /plex/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_plex plex;
rewrite /plex(.*) $1 break;
proxy_pass http://$upstream_plex:32400;
proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
proxy_set_header X-Plex-Device $http_x_plex_device;
proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;
proxy_set_header X-Plex-Platform $http_x_plex_platform;
proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
proxy_set_header X-Plex-Product $http_x_plex_product;
proxy_set_header X-Plex-Token $http_x_plex_token;
proxy_set_header X-Plex-Version $http_x_plex_version;
proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
proxy_set_header X-Plex-Provides $http_x_plex_provides;
proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
proxy_set_header X-Plex-Model $http_x_plex_model;
}
if ($http_referer ~* /plex) {
rewrite ^/web/(.*) /plex/web/$1? redirect;
}

29
plexwebtools.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for plexwebtools and that your plexwebtools container is not using a base url
server {
listen 443 ssl;
server_name plexwebtools.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_plex plex;
proxy_pass http://$upstream_plex:33400;
}
}

19
plexwebtools.subfolder.conf.sample Normal file
View file

@ -0,0 +1,19 @@
# first go into plexwebtools settings, set the URL Base to /plexwebtools and restart the plex container
location /plexwebtools {
return 301 $scheme://$host/plexwebtools/;
}
location ^~ /plexwebtools/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_plex plex;
proxy_pass http://$upstream_plex:33400;
}

49
portainer.subdomain.conf.sample Normal file
View file

@ -0,0 +1,49 @@
# make sure that your dns has a cname set for portainer
server {
listen 443 ssl;
server_name portainer.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
resolver 127.0.0.11 valid=30s;
set $upstream_portainer portainer;
proxy_pass http://$upstream_portainer:9000;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_hide_header X-Frame-Options; # Possibly nott needed after Portainer 1.20.0
}
location /api/websocket/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
resolver 127.0.0.11 valid=30s;
set $upstream_portainer portainer;
proxy_pass http://$upstream_portainer:9000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_hide_header X-Frame-Options; # Possibly nott needed after Portainer 1.20.0
}
}

32
portainer.subfolder.conf.sample Normal file
View file

@ -0,0 +1,32 @@
# portainer does not require a base url setting
location /portainer {
return 301 $scheme://$host/portainer/;
}
location ^~ /portainer/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_portainer portainer;
rewrite /portainer(.*) $1 break;
proxy_pass http://$upstream_portainer:9000;
proxy_hide_header X-Frame-Options; # Possibly nott needed after Portainer 1.20.0
}
location ^~ /portainer/api/websocket/ {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_portainer portainer;
rewrite /portainer(.*) $1 break;
proxy_pass http://$upstream_portainer:9000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_hide_header X-Frame-Options; # Possibly nott needed after Portainer 1.20.0
}

29
pydio.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for pydio and that your pydio container is not using a base url
server {
listen 443 ssl;
server_name pydio.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_pydio pydio;
proxy_pass https://$upstream_pydio:443;
}
}

36
radarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for radarr and that your radarr container is not using a base url
server {
listen 443 ssl;
server_name radarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_radarr radarr;
proxy_pass http://$upstream_radarr:7878;
}
location ~ (/radarr)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_radarr radarr;
proxy_pass http://$upstream_radarr:7878;
}
}

23
radarr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# first go into radarr settings, under "General" set the URL Base to /radarr and restart the radarr container
location ^~ /radarr {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_radarr radarr;
proxy_pass http://$upstream_radarr:7878;
}
location ^~ /radarr/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_radarr radarr;
proxy_pass http://$upstream_radarr:7878;
}

36
rutorrent.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for rutorrent
server {
listen 443 ssl;
server_name rutorrent.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_rutorrent rutorrent;
proxy_pass http://$upstream_rutorrent:80;
}
location /RPC2 {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_rutorrent rutorrent;
proxy_pass http://$upstream_rutorrent:80;
}
}

28
rutorrent.subfolder.conf.sample Normal file
View file

@ -0,0 +1,28 @@
# rutorrent does not require a base url setting
location /rutorrent {
return 301 $scheme://$host/rutorrent/;
}
location ^~ /rutorrent/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_rutorrent rutorrent;
rewrite /rutorrent(.*) $1 break;
proxy_pass http://$upstream_rutorrent:80;
}
location ^~ /rutorrent/RPC2 {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_rutorrent rutorrent;
rewrite /rutorrent(.*) $1 break;
proxy_pass http://$upstream_rutorrent:80;
}

36
sabnzbd.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for sabnzbd
server {
listen 443 ssl;
server_name sabnzbd.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sabnzbd sabnzbd;
proxy_pass http://$upstream_sabnzbd:8080;
}
location ~ (/sabnzbd)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sabnzbd sabnzbd;
proxy_pass http://$upstream_sabnzbd:8080;
}
}

23
sabnzbd.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# sabnzbd already uses the base url /sabnzbd by default so you don't need to do anything extra
location ^~ /sabnzbd {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sabnzbd sabnzbd;
proxy_pass http://$upstream_sabnzbd:8080;
}
location ^~ /sabnzbd/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sabnzbd sabnzbd;
proxy_pass http://$upstream_sabnzbd:8080;
}

29
sickrage.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for sickrage
server {
listen 443 ssl;
server_name sickrage.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sickrage sickrage;
proxy_pass http://$upstream_sickrage:8081;
}
}

16
sickrage.subfolder.conf.sample Normal file
View file

@ -0,0 +1,16 @@
# first stop the sickrage container and edit the config.ini for sickrage and set web_root to /sickrage and then start the sickrage container
location ^~ /sickrage {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sickrage sickrage;
proxy_pass http://$upstream_sickrage:8081;
}

36
sonarr.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url
server {
listen 443 ssl;
server_name sonarr.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sonarr sonarr;
proxy_pass http://$upstream_sonarr:8989;
}
location ~ (/sonarr)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sonarr sonarr;
proxy_pass http://$upstream_sonarr:8989;
}
}

23
sonarr.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# first go into sonarr settings, under "General" set the URL Base to /sonarr and restart the sonarr container
location ^~ /sonarr {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sonarr sonarr;
proxy_pass http://$upstream_sonarr:8989;
}
location ^~ /sonarr/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_sonarr sonarr;
proxy_pass http://$upstream_sonarr:8989;
}

29
syncthing.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for syncthing and that your syncthing container is not using a base url
server {
listen 443 ssl;
server_name syncthing.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_syncthing syncthing;
proxy_pass http://$upstream_syncthing:8384;
}
}

36
tautulli.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for tautulli and that your tautulli container is not using a base url
server {
listen 443 ssl;
server_name tautulli.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_tautulli tautulli;
proxy_pass http://$upstream_tautulli:8181;
}
location ~ (/tautulli)?/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_tautulli tautulli;
proxy_pass http://$upstream_tautulli:8181;
}
}

23
tautulli.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# first go into tautulli settings, under "Web Interface", click on show advanced, set the HTTP root to /tautulli and restart the tautulli container
location ^~ /tautulli {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_tautulli tautulli;
proxy_pass http://$upstream_tautulli:8181;
}
location ^~ /tautulli/api {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_tautulli tautulli;
proxy_pass http://$upstream_tautulli:8181;
}

29
thelounge.subdomain.conf.sample Normal file
View file

@ -0,0 +1,29 @@
# make sure that your dns has a cname set for thelounge
server {
listen 443 ssl;
server_name thelounge.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_thelounge thelounge;
proxy_pass http://$upstream_thelounge:9000;
}
}

20
thelounge.subfolder.conf.sample Normal file
View file

@ -0,0 +1,20 @@
# thelounge does not require a base url setting
location /thelounge {
return 301 $scheme://$host/thelounge/;
}
location ^~ /thelounge/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_thelounge thelounge;
rewrite /thelounge(.*) $1 break;
proxy_pass http://$upstream_thelounge:9000;
}

36
transmission.subdomain.conf.sample Normal file
View file

@ -0,0 +1,36 @@
# make sure that your dns has a cname set for transmission
server {
listen 443 ssl;
server_name transmission.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_transmission transmission;
proxy_pass http://$upstream_transmission:9091;
}
location ~ (/transmission)?/rpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_transmission transmission;
proxy_pass http://$upstream_transmission:9091;
}
}

23
transmission.subfolder.conf.sample Normal file
View file

@ -0,0 +1,23 @@
# transmission does not require a base url setting
location ^~ /transmission {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_transmission transmission;
proxy_pass http://$upstream_transmission:9091;
}
location ^~ /transmission/rpc {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_transmission transmission;
proxy_pass http://$upstream_transmission:9091;
}

51
unifi.subdomain.conf.sample Normal file
View file

@ -0,0 +1,51 @@
# make sure that your dns has a cname set for unifi and that your unifi container is not using a base url
server {
listen 443 ssl;
server_name unifi.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_unifi unifi;
proxy_pass https://$upstream_unifi:8443;
}
location /wss {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_unifi unifi;
proxy_pass https://$upstream_unifi:8443;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_ssl_verify off;
}
}