## Version 2020/12/09
# Use this with SyncLounge v3 or up
#
# To allow non-secure connections (http), which is required by some Plex clients, modify the first block in site-confs/default to look something like this:
#server {
#        listen 80 default_server;
#        listen [::]:80 default_server;
#        server_name _;
#
#        # Don't force redirect SyncLounge to https
#        include /config/nginx/proxy-confs/synclounge.subfolder.conf;
#
#        location / {
#            return 301 https://$host$request_uri;
#        }
#}

# Uncomment to force SyncLounge to always load over http. Only use this if you've allowed http per the above instructions.
#if ($scheme = https) {
#    return 301 http://$host$request_uri;
#}

location /synclounge {
    return 301 $scheme://$host/synclounge/;
}

location /synclounge/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;

    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;

    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;

    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app synclounge;
    set $upstream_port 8088;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    rewrite /synclounge(.*) $1 break;

    proxy_redirect off;
    proxy_buffering off;
    proxy_socket_keepalive on;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
    proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
    proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;

}