mirror of
https://github.com/linuxserver/reverse-proxy-confs.git
synced 2026-07-08 17:42:32 +02:00
show POC for SWAG
This commit is contained in:
+222
-242
@@ -437,269 +437,249 @@ subdomains:
|
||||
port: 80
|
||||
- name: tinyauth
|
||||
port: 3000
|
||||
|
||||
subfolders:
|
||||
- name: airsonic
|
||||
port: 4040
|
||||
- name: audiobookshelf
|
||||
# --- MIGRATED FROM CUSTOM ---
|
||||
- name: adguard
|
||||
port: 80
|
||||
- name: booksonic
|
||||
port: 4040
|
||||
- name: couchpotato
|
||||
port: 5050
|
||||
- name: domoticz
|
||||
port: 8080
|
||||
- name: flaresolverr
|
||||
port: 8191
|
||||
- name: headphones
|
||||
port: 8181
|
||||
- name: lazylibrarian
|
||||
port: 5299
|
||||
- name: medusa
|
||||
port: 8081
|
||||
- name: metube
|
||||
port: 8081
|
||||
- name: mylar
|
||||
port: 8090
|
||||
- name: pyload
|
||||
port: 8000
|
||||
- name: quassel-web
|
||||
port: 64080
|
||||
- name: sickchill
|
||||
port: 8081
|
||||
- name: sickrage
|
||||
port: 8081
|
||||
- name: slskd
|
||||
port: 5000
|
||||
- name: smokeping
|
||||
extra_locations:
|
||||
- path: /control
|
||||
- path: /dns-query
|
||||
- name: aria2-with-webui
|
||||
port: 80
|
||||
- name: webtop
|
||||
port: 3000
|
||||
- name: znc
|
||||
port: 6501
|
||||
- name: adminer
|
||||
extra_locations:
|
||||
- path: /jsonrpc
|
||||
port: 6800
|
||||
proxy_pass_path: /jsonrpc
|
||||
- path: /rpc
|
||||
port: 6800
|
||||
proxy_pass_path: /rpc
|
||||
- name: asciinema
|
||||
port: 4000
|
||||
extra_locations:
|
||||
- path: /dashboard
|
||||
port: 4002
|
||||
- name: authelia
|
||||
port: 9091
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- name: authentik
|
||||
port: 9000
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- name: bitwarden
|
||||
port: 8080
|
||||
redirect: true
|
||||
- name: autobrr
|
||||
port: 7474
|
||||
redirect: true
|
||||
- name: crontabui
|
||||
port: 8000
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: dockge
|
||||
port: 5001
|
||||
redirect: true
|
||||
- name: gatus
|
||||
client_max_body_size: 128M
|
||||
extra_locations:
|
||||
- path: /admin
|
||||
- path: /api
|
||||
- path: /notifications/hub
|
||||
- name: calibre
|
||||
port: 8080
|
||||
redirect: true
|
||||
- name: miniflux
|
||||
port: 8080
|
||||
redirect: true
|
||||
- name: monitorr
|
||||
buffering_off: true
|
||||
extra_locations:
|
||||
- path: /content-server/
|
||||
port: 8081
|
||||
- name: calibre-web
|
||||
port: 8083
|
||||
proxy_set_headers:
|
||||
- key: X-Scheme
|
||||
value: $scheme
|
||||
extra_locations:
|
||||
- path: /opds/
|
||||
proxy_set_headers:
|
||||
- key: X-Scheme
|
||||
value: $scheme
|
||||
- path: /kobo/
|
||||
proxy_set_headers:
|
||||
- key: X-Forwarded-Host
|
||||
value: $http_host
|
||||
- key: X-Scheme
|
||||
value: $scheme
|
||||
custom_directives:
|
||||
- proxy_buffer_size 128k
|
||||
- proxy_buffers 4 256k
|
||||
- proxy_busy_buffers_size 256k
|
||||
- name: emby
|
||||
port: 8096
|
||||
proxy_set_headers:
|
||||
- key: Range
|
||||
value: $http_range
|
||||
- key: If-Range
|
||||
value: $http_if_range
|
||||
- name: emulatorjs
|
||||
port: 80
|
||||
redirect: true
|
||||
- name: petio
|
||||
port: 7777
|
||||
redirect: true
|
||||
- name: planka
|
||||
port: 1337
|
||||
redirect: true
|
||||
- name: qui
|
||||
port: 7476
|
||||
redirect: true
|
||||
- name: shinobi
|
||||
extra_locations:
|
||||
- path: /backend/
|
||||
port: 3000
|
||||
- name: filebrowser
|
||||
port: 8080
|
||||
redirect: true
|
||||
- name: spoolman
|
||||
port: 8000
|
||||
redirect: true
|
||||
- name: ddns-updater
|
||||
port: 8000
|
||||
api: true
|
||||
- name: kavita
|
||||
port: 5000
|
||||
redirect: true
|
||||
api: true
|
||||
- name: komga
|
||||
port: 25600
|
||||
redirect: true
|
||||
api: true
|
||||
- name: lidarr
|
||||
port: 8686
|
||||
api: true
|
||||
- name: radarr
|
||||
port: 7878
|
||||
api: true
|
||||
- name: readarr
|
||||
port: 8787
|
||||
api: true
|
||||
- name: sabnzbd
|
||||
port: 8080
|
||||
api: true
|
||||
- name: sonarr
|
||||
port: 8989
|
||||
api: true
|
||||
- name: whisparr
|
||||
port: 6969
|
||||
api: true
|
||||
- name: dokuwiki
|
||||
port: 80
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: duplicati
|
||||
port: 8200
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: filebot
|
||||
port: 5800
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: flood
|
||||
port: 3000
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: forgejo
|
||||
port: 3000
|
||||
redirect: true
|
||||
rewrite: true
|
||||
extra_locations:
|
||||
- path: /api/public
|
||||
- path: /share
|
||||
- path: /static
|
||||
- name: gitea
|
||||
port: 3000
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: glances
|
||||
port: 61208
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: guacamole
|
||||
port: 8080
|
||||
redirect: true
|
||||
rewrite: true
|
||||
buffering_off: true
|
||||
- name: homepage
|
||||
port: 3000
|
||||
rewrite: true
|
||||
- name: lychee
|
||||
port: 80
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: netdata
|
||||
port: 19999
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: phpmyadmin
|
||||
port: 80
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: picard
|
||||
extra_locations:
|
||||
- path: /(api|info/lfs)
|
||||
- name: homeassistant
|
||||
port: 8123
|
||||
extra_locations:
|
||||
- path: ^/(api|local|media)/
|
||||
- name: jackett
|
||||
port: 9117
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- path: /dl
|
||||
- name: jdownloader
|
||||
port: 5800
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: scope
|
||||
port: 4040
|
||||
redirect: true
|
||||
rewrite: true
|
||||
- name: semaphore
|
||||
extra_locations:
|
||||
- path: /websockify
|
||||
proxy_pass_path: /websockify
|
||||
- name: metabase
|
||||
port: 3000
|
||||
rewrite: true
|
||||
- name: thelounge
|
||||
extra_locations:
|
||||
- path: ^/api
|
||||
- name: nzbget
|
||||
port: 6789
|
||||
extra_locations:
|
||||
- path: /(/[^\/:]*:[^\/:]*)?/jsonrpc
|
||||
- path: /(/[^\/:]*:[^\/]*)?/jsonprpc
|
||||
- path: /(/[^\/:]*:[^\/]*)?/xmlrpc
|
||||
- name: nzbhydra
|
||||
port: 5076
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- path: /getnzb
|
||||
- path: /gettorrent
|
||||
- path: /rss
|
||||
- path: /torznab/api
|
||||
- name: ombi
|
||||
port: 3579
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- path: /swagger
|
||||
custom_directives:
|
||||
- if ($http_referer ~* /ombi) { rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect; }
|
||||
- name: organizr
|
||||
port: 80
|
||||
- name: pihole
|
||||
port: 80
|
||||
proxy_hide_headers:
|
||||
- X-Frame-Options
|
||||
extra_locations:
|
||||
- path: /admin
|
||||
proxy_hide_headers:
|
||||
- X-Frame-Options
|
||||
- name: plex
|
||||
port: 32400
|
||||
proxy_redirect_off: true
|
||||
buffering_off: true
|
||||
proxy_set_headers:
|
||||
- { key: X-Plex-Client-Identifier, value: $http_x_plex_client_identifier }
|
||||
- { key: X-Plex-Device, value: $http_x_plex_device }
|
||||
- { key: X-Plex-Device-Name, value: $http_x_plex_device_name }
|
||||
- { key: X-Plex-Platform, value: $http_x_plex_platform }
|
||||
- { key: X-Plex-Platform-Version, value: $http_x_plex_platform_version }
|
||||
- { key: X-Plex-Product, value: $http_x_plex_product }
|
||||
- { key: X-Plex-Token, value: $http_x_plex_token }
|
||||
- { key: X-Plex-Version, value: $http_x_plex_version }
|
||||
- { key: X-Plex-Nocache, value: $http_x_plex_nocache }
|
||||
- { key: X-Plex-Provides, value: $http_x_plex_provides }
|
||||
- { key: X-Plex-Device-Vendor, value: $http_x_plex_device_vendor }
|
||||
- { key: X-Plex-Model, value: $http_x_plex_model }
|
||||
extra_locations:
|
||||
- path: /library/streams/
|
||||
custom_directives:
|
||||
- proxy_pass_request_headers off
|
||||
- name: plexwebtools
|
||||
port: 33400
|
||||
app: plex
|
||||
- name: portainer
|
||||
port: 9000
|
||||
redirect: true
|
||||
rewrite: true
|
||||
proxy_hide_headers:
|
||||
- X-Frame-Options
|
||||
extra_locations:
|
||||
- path: /api
|
||||
proxy_hide_headers:
|
||||
- X-Frame-Options
|
||||
- name: prometheus
|
||||
port: 9090
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- path: /-/(healthy|ready|reload|quit)
|
||||
- name: prowlarr
|
||||
port: 9696
|
||||
extra_locations:
|
||||
- path: /(/[0-9]+)?/api
|
||||
- path: /(/[0-9]+)?/download
|
||||
- name: pterodactylnode
|
||||
port: 443
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- name: sonarrtorss
|
||||
port: 18989
|
||||
extra_locations:
|
||||
- path: ^/(api/|sonarr$|rss$|atom$|json$)
|
||||
- name: synclounge
|
||||
port: 8088
|
||||
websockets: true
|
||||
- name: syncthing
|
||||
port: 8384
|
||||
proxy_hide_headers:
|
||||
- Authorization
|
||||
extra_locations:
|
||||
- path: /rest
|
||||
proxy_hide_headers:
|
||||
- Authorization
|
||||
- name: tautulli
|
||||
port: 8181
|
||||
extra_locations:
|
||||
- path: /api
|
||||
- path: /newsletter
|
||||
- path: /image
|
||||
- name: transmission
|
||||
port: 9091
|
||||
proxy_pass_headers:
|
||||
- X-Transmission-Session-Id
|
||||
extra_locations:
|
||||
- path: /rpc
|
||||
- name: ubooquity
|
||||
port: 2202
|
||||
extra_locations:
|
||||
- path: /admin
|
||||
port: 2203
|
||||
- path: /admin-res
|
||||
port: 2203
|
||||
- path: /admin-api
|
||||
port: 2203
|
||||
- name: uptime-kuma
|
||||
port: 3001
|
||||
extra_locations:
|
||||
- path: /(status|assets|icon.svg)
|
||||
- name: vaultwarden
|
||||
port: 80
|
||||
client_max_body_size: 128M
|
||||
extra_locations:
|
||||
- path: ^/admin
|
||||
- path: /api
|
||||
- path: /notifications/hub
|
||||
- name: watchstate
|
||||
port: 8080
|
||||
extra_locations:
|
||||
- path: /v1/api
|
||||
- name: wikijs
|
||||
port: 3000
|
||||
extra_locations:
|
||||
- path: /graphql
|
||||
|
||||
custom:
|
||||
subdomains:
|
||||
- adguard
|
||||
- aria2-with-webui
|
||||
- asciinema
|
||||
- authelia
|
||||
- authentik
|
||||
- bitwarden
|
||||
- calibre
|
||||
- calibre-web
|
||||
- code-server
|
||||
- emby
|
||||
- emulatorjs
|
||||
- filebrowser
|
||||
- gitea
|
||||
- homeassistant
|
||||
- jackett
|
||||
- jdownloader
|
||||
- jellyfin
|
||||
- kasm
|
||||
- mailcow
|
||||
- metabase
|
||||
- nextcloud
|
||||
- nexusoss
|
||||
- nzbget
|
||||
- nzbhydra
|
||||
- ombi
|
||||
- openvpn-as
|
||||
- openvscode-server
|
||||
- organizr
|
||||
- pihole
|
||||
- plex
|
||||
- plexwebtools
|
||||
- portainer
|
||||
- prometheus
|
||||
- prowlarr
|
||||
- pterodactylnode
|
||||
- pydio-cells
|
||||
- recipes
|
||||
- rutorrent
|
||||
- sonarrtorss
|
||||
- synapse
|
||||
- synclounge
|
||||
- syncthing
|
||||
- tautulli
|
||||
- transmission
|
||||
- ubooquity
|
||||
- uptime-kuma
|
||||
- vaultwarden
|
||||
- watchstate
|
||||
- wikijs
|
||||
subfolders:
|
||||
- bazarr
|
||||
- beets
|
||||
- beszel
|
||||
- boinc
|
||||
- calibre
|
||||
- calibre-web
|
||||
- deluge
|
||||
- dozzle
|
||||
- emby
|
||||
- filebrowser
|
||||
- flexget
|
||||
- freshrss
|
||||
- gaps
|
||||
- grafana
|
||||
- jackett
|
||||
- jenkins
|
||||
- jfa-go
|
||||
- mailu
|
||||
- monica
|
||||
- mytinytodo
|
||||
- nextcloud
|
||||
- nzbget
|
||||
- nzbhydra
|
||||
- ombi
|
||||
- organizr-auth
|
||||
- organizr
|
||||
- pihole
|
||||
- plex
|
||||
- plexwebtools
|
||||
- portainer
|
||||
- prowlarr
|
||||
- rclone
|
||||
- rutorrent
|
||||
- sonarrtorss
|
||||
- synclounge
|
||||
- syncthing
|
||||
- tautulli
|
||||
- themepark
|
||||
- transmission
|
||||
- tvheadend
|
||||
- ubooquity
|
||||
- vaultwarden
|
||||
- wordpress
|
||||
- youtube-dl
|
||||
|
||||
@@ -1,76 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your adguard container is named adguard
|
||||
# make sure that your dns has a cname set for adguard
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name adguard.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app adguard;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /control {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app adguard;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /dns-query {
|
||||
# to properly use this please set `allow_unencrypted_doh: true` and `force_https: false` in adguard
|
||||
# see https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#configuration-file
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app adguard;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,78 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your aria2 container is named aria2-with-webui
|
||||
# make sure that your dns has a cname set for aria2
|
||||
#
|
||||
# The RPC port will need to be changed to 443 in the AriaNg/WebUI-Aria2 settings or by using the AriaNg command api
|
||||
# e.g. https://aria2.example.com/#!/settings/rpc/set/https/aria2.example.com/443/jsonrpc
|
||||
# https://aria2.example.com/#!/settings/rpc/set?protocol=https&host=aria2.example.com&port=443&interface=aria2-with-webui/jsonrpc
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name aria2.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app aria2-with-webui;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/aria2-with-webui)?/jsonrpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app aria2-with-webui;
|
||||
set $upstream_port 6800;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port/jsonrpc;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/aria2-with-webui)?/rpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app aria2-with-webui;
|
||||
set $upstream_port 6800;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port/rpc;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,78 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your asciinema container is named asciinema
|
||||
# make sure that your dns has a cname set for asciinema
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name asciinema.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app asciinema;
|
||||
set $upstream_port 4000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/asciinema)?/dashboard {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app asciinema;
|
||||
set $upstream_port 4002;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your authelia container is named authelia
|
||||
# make sure that your dns has a cname set for authelia
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name authelia.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
location / {
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app authelia;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/authelia)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app authelia;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your authentik container is named authentik-server
|
||||
# make sure that your dns has a cname set for authentik
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name authentik.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
location / {
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app authentik-server;
|
||||
set $upstream_port 9000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/authentik)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app authentik-server;
|
||||
set $upstream_port 9000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,40 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your bazarr container is named bazarr
|
||||
# make sure that bazarr is set to work with the base url /bazarr/
|
||||
|
||||
location /bazarr {
|
||||
return 301 $scheme://$host/bazarr/;
|
||||
}
|
||||
|
||||
location ^~ /bazarr/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app bazarr;
|
||||
set $upstream_port 6767;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /bazarr/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app bazarr;
|
||||
set $upstream_port 6767;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,29 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your beets container is named beets
|
||||
# make sure that beets is set to work with the base url /beets/
|
||||
# first edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container
|
||||
|
||||
location /beets {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app beets;
|
||||
set $upstream_port 8337;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Script-Name /beets;
|
||||
}
|
||||
@@ -1,41 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your beszel container is named beszel
|
||||
# make sure that beszel is set to work with the base url /beszel/
|
||||
|
||||
|
||||
location /beszel {
|
||||
return 301 $scheme://$host/beszel/;
|
||||
}
|
||||
|
||||
location ^~ /beszel/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app beszel;
|
||||
set $upstream_port 8090;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /beszel/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app beszel;
|
||||
set $upstream_port 8090;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,104 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your bitwarden container is named bitwarden
|
||||
# make sure that your dns has a cname set for bitwarden
|
||||
# if you are using bitwarden (the official image), use the bitwarden conf
|
||||
# if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf
|
||||
#
|
||||
# bitwarden defaults to port 8080 and can be changed using the environment variable BW_PORT_HTTP on the bitwarden container
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name bitwarden.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 128M;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app bitwarden;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/bitwarden)?/admin {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app bitwarden;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/bitwarden)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app bitwarden;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/bitwarden)?/notifications/hub {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app bitwarden;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your bionc container is named bionc
|
||||
# make sure that bionc is set to work with the base url /bionc/
|
||||
# In boinc docker arguments, set an env variable for SUBFOLDER=/boinc/
|
||||
|
||||
location /boinc {
|
||||
return 301 $scheme://$host/boinc/;
|
||||
}
|
||||
|
||||
location ^~ /boinc/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app boinc;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_buffering off;
|
||||
}
|
||||
|
||||
# If using subfolders for multiple Linux Desktop containers (full gui apps being rendered over web).
|
||||
# You will need to modify this path and modify the the client settings in the application.
|
||||
# Settings > Advanced > Websocket > Path
|
||||
# IE websockify-boinc
|
||||
location ^~ /websockify {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app boinc;
|
||||
set $upstream_port 6901;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_buffering off;
|
||||
}
|
||||
@@ -1,86 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your calibre-web container is named calibre-web
|
||||
# make sure that your dns has a cname set for calibre-web
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name calibre-web.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
# To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is
|
||||
# enabled, "Reverse Proxy Header Name" is set to Remote-User, and each Authelia
|
||||
# user also has a corresponding user manually created in Calibre-Web.
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
}
|
||||
|
||||
# OPDS feed for eBook reader apps
|
||||
# Even if you use Authelia, the OPDS feed requires a password to be set for
|
||||
# the user directly in Calibre-Web, as eBook reader apps don't support
|
||||
# form-based logins, only HTTP Basic auth.
|
||||
location /opds/ {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
}
|
||||
|
||||
# Feed for Kobo
|
||||
location /kobo/ {
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_buffer_size 128k;
|
||||
proxy_buffers 4 256k;
|
||||
proxy_busy_buffers_size 256k;
|
||||
}
|
||||
}
|
||||
@@ -1,64 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your calibre-web container is named calibre-web
|
||||
# calibre-web does not require a base url setting
|
||||
|
||||
location /calibre-web {
|
||||
return 301 $scheme://$host/calibre-web/;
|
||||
}
|
||||
|
||||
location ^~ /calibre-web/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
# To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is
|
||||
# enabled, "Reverse Proxy Header Name" is set to Remote-User, and each Authelia
|
||||
# user also has a corresponding user manually created in Calibre-Web.
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Script-Name /calibre-web;
|
||||
}
|
||||
|
||||
# OPDS feed for eBook reader apps
|
||||
# Even if you use Authelia, the OPDS feed requires a password to be set for
|
||||
# the user directly in Calibre-Web, as eBook reader apps don't support
|
||||
# form-based logins, only HTTP Basic auth.
|
||||
location ^~ /calibre-web/opds/ {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Script-Name /calibre-web;
|
||||
}
|
||||
|
||||
# Feed for Kobo
|
||||
location ^~ /calibre-web/kobo/ {
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Script-Name /calibre-web;
|
||||
proxy_buffer_size 128k;
|
||||
proxy_buffers 4 256k;
|
||||
proxy_busy_buffers_size 256k;
|
||||
}
|
||||
@@ -1,87 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your calibre container is named calibre
|
||||
# make sure that your dns has a cname set for calibre
|
||||
# for the content server, go into calibre preferences / sharing over the net / advanced and
|
||||
# set the first option for prefix url to '/content-server', save and restart the container
|
||||
# the content server will be accessible at 'https://calibre.domain.com/content-server/'
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name calibre.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_buffering off;
|
||||
}
|
||||
|
||||
location /content-server {
|
||||
return 301 $scheme://$host/content-server/;
|
||||
}
|
||||
|
||||
location ^~ /content-server/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre;
|
||||
set $upstream_port 8081;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,89 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your calibre container is named calibre
|
||||
# make sure that calibre is set to work with the base url /calibre/
|
||||
# In calibre docker arguments, set an env variable for SUBFOLDER=/calibre/
|
||||
# for the content server, go into calibre preferences / sharing over the net / advanced and
|
||||
# set the first option for prefix url to '/content-server', save and restart the container
|
||||
# the content server will be accessible at 'https://domain.com/content-server/'
|
||||
|
||||
location /calibre {
|
||||
return 301 $scheme://$host/calibre/;
|
||||
}
|
||||
|
||||
location ^~ /calibre/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /content-server {
|
||||
return 301 $scheme://$host/content-server/;
|
||||
}
|
||||
|
||||
location ^~ /content-server/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre;
|
||||
set $upstream_port 8081;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
# If using subfolders for multiple Linux Desktop containers (full gui apps being rendered over web).
|
||||
# You will need to modify this path and modify the the client settings in the application.
|
||||
# Settings > Advanced > Websocket > Path
|
||||
# IE websockify-calibre
|
||||
location ^~ /websockify {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app calibre;
|
||||
set $upstream_port 6901;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_buffering off;
|
||||
}
|
||||
@@ -1,32 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your deluge container is named deluge
|
||||
# deluge does not require a base url setting
|
||||
|
||||
location /deluge {
|
||||
return 301 $scheme://$host/deluge/;
|
||||
}
|
||||
|
||||
location ^~ /deluge/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app deluge;
|
||||
set $upstream_port 8112;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /deluge(.*) $1 break;
|
||||
proxy_set_header X-Deluge-Base "/deluge/";
|
||||
}
|
||||
@@ -1,34 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your dozzle container is named dozzle
|
||||
# make sure that dozzle is set to work with the base url /dozzle/
|
||||
# First either add "--base /dozzle" or "-e DOZZLE_BASE=/dozzle" to your docker run command, and restart the Dozzle container
|
||||
|
||||
location /dozzle {
|
||||
return 301 $scheme://$host/dozzle/;
|
||||
}
|
||||
|
||||
location ^~ /dozzle/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app dozzle;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
chunked_transfer_encoding off;
|
||||
proxy_buffering off;
|
||||
proxy_cache off;
|
||||
}
|
||||
@@ -1,33 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your emby container is named emby
|
||||
# make sure that your dns has a cname set for emby
|
||||
# if emby is running in bridge mode and the container is named "emby", the below config should work as is
|
||||
# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
|
||||
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
|
||||
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
|
||||
# and set the "Secure connection mode" to "Handled by reverse proxy"
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name emby.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
location / {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app emby;
|
||||
set $upstream_port 8096;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header Range $http_range;
|
||||
proxy_set_header If-Range $http_if_range;
|
||||
}
|
||||
}
|
||||
@@ -1,34 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your emby container is named emby
|
||||
# emby does not require a base url setting
|
||||
# if emby is running in bridge mode and the container is named "emby", the below config should work as is
|
||||
# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
|
||||
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
|
||||
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url and subdomain,
|
||||
# and set the "Secure connection mode" to "Handled by reverse proxy"
|
||||
|
||||
location /emby {
|
||||
return 301 $scheme://$host/emby/;
|
||||
}
|
||||
|
||||
location ^~ /emby/ {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app emby;
|
||||
set $upstream_port 8096;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header Range $http_range;
|
||||
proxy_set_header If-Range $http_if_range;
|
||||
}
|
||||
|
||||
location ^~ /embywebsocket {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app emby;
|
||||
set $upstream_port 8096;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,85 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your emulatorjs container is named emulatorjs
|
||||
# make sure that your dns has a cname set for emulatorjs
|
||||
# In emulatorjs docker arguments, set an env variable for SUBFOLDER=/backend/
|
||||
# The backend interface will be accessible at https://emulatorjs.yourdomain.com/backend/
|
||||
# Don't forget to enable auth at least for the /backend/ location
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name emulatorjs.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app emulatorjs;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location /backend {
|
||||
return 301 $scheme://$host/backend/;
|
||||
}
|
||||
|
||||
location ^~ /backend/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app emulatorjs;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,80 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your filebrowser container is named filebrowser
|
||||
# make sure that your dns has a cname set for filebrowser
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name filebrowser.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/filebrowser)?/api/public {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/filebrowser)?/share {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/filebrowser)?/static {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,61 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your filebrowser container is named filebrowser
|
||||
# make sure that filebrowser is set to work with the base url /filebrowser/
|
||||
# set this environment variable on your filebrowser container FB_BASEURL=/filebrowser
|
||||
|
||||
location /filebrowser {
|
||||
return 301 $scheme://$host/filebrowser/;
|
||||
}
|
||||
|
||||
location ^~ /filebrowser/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /filebrowser/api/public {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /filebrowser/share {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /filebrowser/static {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app filebrowser;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,39 +0,0 @@
|
||||
## Version 2023/02/12
|
||||
# make sure that your flexget container is named flexget
|
||||
# make sure that flexget is set to work with the base url /flexget/
|
||||
# make sure to set 'base_url: /flexget' under your flexget's config.yml web_server block
|
||||
|
||||
location /flexget {
|
||||
return 301 $scheme://$host/flexget/;
|
||||
}
|
||||
|
||||
location ^~ /flexget/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app flexget;
|
||||
set $upstream_port 5050;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ^~ /flexget/api/ {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app flexget;
|
||||
set $upstream_port 5050;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
@@ -1,36 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your freshrss container is named freshrss
|
||||
# freshrss does not require a base url setting
|
||||
|
||||
location /freshrss {
|
||||
return 301 $scheme://$host/freshrss/;
|
||||
}
|
||||
|
||||
location ^~ /freshrss/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app freshrss;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /freshrss(.*) $1 break;
|
||||
proxy_buffering off;
|
||||
proxy_set_header X-Forwarded-Port $server_port;
|
||||
proxy_cookie_path / "/; HTTPOnly; Secure";
|
||||
proxy_set_header Authorization $http_authorization;
|
||||
proxy_pass_header Authorization;
|
||||
}
|
||||
@@ -1,33 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your gaps container is named gaps
|
||||
# make sure that gaps is set to work with the base url /gaps/
|
||||
# In your Docker compose (or docker run) add: BASE_URL: /gaps
|
||||
|
||||
location /gaps {
|
||||
return 301 $scheme://$host/gaps/;
|
||||
}
|
||||
|
||||
location ^~ /gaps/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app gaps;
|
||||
set $upstream_port 8484;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
# Uncomment to allow loading in an iframe (i.e. Organizr)
|
||||
# proxy_hide_header X-Frame-Options;
|
||||
}
|
||||
@@ -1,69 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your gitea container is named gitea
|
||||
# make sure that your dns has a cname set for gitea
|
||||
# edit the following parameters in /data/gitea/conf/app.ini
|
||||
# [server]
|
||||
# SSH_DOMAIN = gitea.server.com
|
||||
# ROOT_URL = https://gitea.server.com/
|
||||
# DOMAIN = gitea.server.com
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name gitea.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app gitea;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/gitea)?/(api|info/lfs) {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app gitea;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,50 +0,0 @@
|
||||
## Version 2023/04/20
|
||||
# make sure that your grafana container is named grafana
|
||||
# make sure that grafana is set to work with the base url /grafana/
|
||||
# grafana requires environment variables set thus:
|
||||
# environment:
|
||||
# - "GF_SERVER_ROOT_URL=https://my.domain.com/grafana"
|
||||
# - "GF_SERVER_DOMAIN=https://my.domain.com/"
|
||||
|
||||
location ^~ /grafana/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app grafana;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
# Clear Authorization Header if you are using http auth and normal Grafana auth
|
||||
#proxy_set_header Authorization "";
|
||||
|
||||
rewrite ^/grafana/(.*)$ /$1 break;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /grafana/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app grafana;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
# Clear Authorization Header if you are using http auth and normal Grafana auth
|
||||
#proxy_set_header Authorization "";
|
||||
|
||||
rewrite ^/grafana/(.*)$ /$1 break;
|
||||
|
||||
}
|
||||
@@ -1,72 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your homeassistant container is named homeassistant
|
||||
# make sure that your dns has a cname set for homeassistant
|
||||
|
||||
# As of homeassistant 2021.7.0, it is now required to define the network range your proxy resides in, this is done in Homeassitants configuration.yaml
|
||||
# https://www.home-assistant.io/integrations/http/#trusted_proxies
|
||||
# Example below uses the default dockernetwork ranges, you may need to update this if you dont use defaults.
|
||||
#
|
||||
# http:
|
||||
# use_x_forwarded_for: true
|
||||
# trusted_proxies:
|
||||
# - 172.16.0.0/12
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name homeassistant.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app homeassistant;
|
||||
set $upstream_port 8123;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ ^/(api|local|media)/ {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app homeassistant;
|
||||
set $upstream_port 8123;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,74 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your jackett container is named jackett
|
||||
# make sure that your dns has a cname set for jackett
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name jackett.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/jackett)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/jackett)?/dl {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,46 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your jackett container is named jackett
|
||||
# make sure that jackett is set to work with the base url /jackett/
|
||||
|
||||
location ^~ /jackett {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /jackett/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /jackett/dl {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,62 +0,0 @@
|
||||
## Version 2025/08/07
|
||||
# make sure that your jdownloader container is named jdownloader
|
||||
# make sure that your dns has a cname set for jdownloader
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name jdownloader.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jdownloader;
|
||||
set $upstream_port 5800;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/jdownloader)?/websockify {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jdownloader;
|
||||
set $upstream_port 5800;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port/websockify;
|
||||
}
|
||||
}
|
||||
@@ -1,39 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your jenkins container is named jenkins
|
||||
# make sure that jenkins is set to work with the base url /jenkins/
|
||||
# First either add '--prefix=/jenkins' or '-e JENKINS_OPTS="--prefix=/jenkins"' to your docker run command, and restart the Jenkins container.
|
||||
# Also be sure to add '/jenkins/' to your URL under: Jenkins > Configuration > Manage Jenkins > Jenkins URL
|
||||
|
||||
location /jenkins {
|
||||
return 301 $scheme://$host/jenkins/;
|
||||
}
|
||||
|
||||
location ^~ /jenkins/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jenkins;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
# This is the maximum upload size
|
||||
client_max_body_size 10m;
|
||||
sendfile off;
|
||||
proxy_max_temp_file_size 0;
|
||||
proxy_temp_file_write_size 64k;
|
||||
proxy_request_buffering off;
|
||||
proxy_buffering off;
|
||||
}
|
||||
@@ -1,33 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your jfa-go container is named jfa-go
|
||||
# make sure to set the URL base (“Reverse Proxy subfolder”) in jfa-go > Settings > General (ui > url_base in jfa-go config.ini) to "/jfa-go/"
|
||||
|
||||
location /jfa-go {
|
||||
return 301 $scheme://$host/jfa-go/;
|
||||
}
|
||||
|
||||
location ^~ /jfa-go/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app jfa-go;
|
||||
set $upstream_port 8056;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
# Remove the CSP header set for Jellyfin
|
||||
proxy_hide_header Content-Security-Policy;
|
||||
add_header Content-Security-Policy "";
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your mailu container is named mailu
|
||||
# mailu does not require a base url setting
|
||||
|
||||
# This config have been tested with "TLS_FLAVOR=mail"
|
||||
# To avoid errors you must change in docker-compose ports: 80 and 443, more info: https://mailu.io/1.7/reverse.html
|
||||
|
||||
location /admin {
|
||||
return 301 $scheme://$host/admin/;
|
||||
}
|
||||
|
||||
location ^~ /admin/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app front;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /webmail {
|
||||
return 301 $scheme://$host/webmail/;
|
||||
}
|
||||
|
||||
location ^~ /webmail/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app front;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,62 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your metabase container is named metabase
|
||||
# make sure that your dns has a cname set for metabase
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name metabase.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app metabase;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ ^/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app metabase;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,31 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your monica container is named monica
|
||||
# make sure that monica is set to work with the base url /monica/
|
||||
# Set the monica Docker container's APP_URL to a fully-qualified domain that ends with /monica/ and restart the container.
|
||||
# Example: https://yourhost.cc/monica/
|
||||
|
||||
location /monica {
|
||||
return 301 $scheme://$host/monica/;
|
||||
}
|
||||
|
||||
location ^~ /monica/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app monica;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
@@ -1,31 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your mytinytodo container is named mytinytodo
|
||||
# make sure that mytinytodo is set to work with the base url /todo/
|
||||
# works with https://github.com/breakall/mytinytodo-docker
|
||||
# set the mtt_url to 'https://your.domain.com/todo/' in db/config.php
|
||||
|
||||
location /todo {
|
||||
return 301 $scheme://$host/todo/;
|
||||
}
|
||||
|
||||
location ^~ /todo/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app mytinytodo;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port/;
|
||||
}
|
||||
@@ -1,51 +0,0 @@
|
||||
## Version 2024/04/25
|
||||
# make sure that your nextcloud container is named nextcloud
|
||||
# make sure that nextcloud is set to work with the base url /nextcloud/
|
||||
# Assuming this container is called "swag", edit your nextcloud container's config
|
||||
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
|
||||
# 'trusted_proxies' => [gethostbyname('swag')],
|
||||
# 'overwritewebroot' => '/nextcloud',
|
||||
# 'overwrite.cli.url' => 'https://example.com/nextcloud',
|
||||
#
|
||||
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
|
||||
# array (
|
||||
# 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
|
||||
# 1 => 'example.com',
|
||||
# ),
|
||||
|
||||
location ^~ /.well-known {
|
||||
# The rules in this block are an adaptation of the rules
|
||||
# in the Nextcloud `.htaccess` that concern `/.well-known`.
|
||||
|
||||
location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; }
|
||||
location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; }
|
||||
|
||||
# Let Nextcloud's API for `/.well-known` URIs handle all other
|
||||
# requests by passing them to the front-end controller.
|
||||
return 301 /nextcloud/index.php$request_uri;
|
||||
}
|
||||
|
||||
location ^~ /nextcloud/ {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nextcloud;
|
||||
set $upstream_port 443;
|
||||
set $upstream_proto https;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /nextcloud(.*) $1 break;
|
||||
|
||||
proxy_set_header Range $http_range;
|
||||
proxy_set_header If-Range $http_if_range;
|
||||
proxy_ssl_session_reuse off;
|
||||
|
||||
# Hide proxy response headers from Nextcloud that conflict with ssl.conf
|
||||
# Uncomment the Optional additional headers in SWAG's ssl.conf to pass Nextcloud's security scan
|
||||
proxy_hide_header Referrer-Policy;
|
||||
proxy_hide_header X-Content-Type-Options;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
proxy_hide_header X-XSS-Protection;
|
||||
|
||||
# Disable proxy buffering
|
||||
proxy_buffering off;
|
||||
}
|
||||
@@ -1,84 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your nzbget container is named nzbget
|
||||
# make sure that your dns has a cname set for nzbget
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name nzbget.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbget)?(/[^\/:]*:[^\/:]*)?/jsonrpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbget)?(/[^\/:]*:[^\/]*)?/jsonprpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbget)?(/[^\/:]*:[^\/]*)?/xmlrpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,57 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your nzbget container is named nzbget
|
||||
# make sure that nzbget is set to work with the base url /nzbget/
|
||||
# nzbget does not require a base url setting
|
||||
|
||||
location /nzbget {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /nzbget(/[^\/:]*:[^\/]*)?/jsonrpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /nzbget(/[^\/:]*:[^\/]*)?/jsonprpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /nzbget(/[^\/:]*:[^\/]*)?/xmlrpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbget;
|
||||
set $upstream_port 6789;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,104 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your nzbhydra container is named nzbhydra2
|
||||
# make sure that your dns has a cname set for nzbhydra
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name nzbhydra.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbhydra)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbhydra)?/getnzb {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbhydra)?/gettorrent {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbhydra)?/rss {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/nzbhydra)?/torznab/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,77 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your nzbhydra container is named nzbhydra2
|
||||
# make sure that nzbhydra is set to work with the base url /nzbhydra/
|
||||
# first go into nzbhydra settings, set the URL Base to /nzbhydra, then disable CSRF protection on the same page and restart the nzbhydra container
|
||||
|
||||
location ^~ /nzbhydra {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /nzbhydra/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /nzbhydra/getnzb {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /nzbhydra/gettorrent {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /nzbhydra/rss {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /nzbhydra/torznab/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app nzbhydra2;
|
||||
set $upstream_port 5076;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,80 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your ombi container is named ombi
|
||||
# make sure that your dns has a cname set for ombi
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name ombi.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ombi;
|
||||
set $upstream_port 3579;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
# This allows access to the actual api
|
||||
location ~ (/ombi)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ombi;
|
||||
set $upstream_port 3579;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
# This allows access to the documentation for the api
|
||||
location ~ (/ombi)?/swagger {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ombi;
|
||||
set $upstream_port 3579;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
if ($http_referer ~* /ombi) {
|
||||
rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
|
||||
}
|
||||
}
|
||||
@@ -1,61 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your ombi container is named ombi
|
||||
# make sure that ombi is set to work with the base url /ombi/
|
||||
# first go into ombi settings, under the menu "Ombi" set the base url to /ombi and restart the ombi container
|
||||
|
||||
location /ombi {
|
||||
return 301 $scheme://$host/ombi/;
|
||||
}
|
||||
|
||||
location ^~ /ombi/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ombi;
|
||||
set $upstream_port 3579;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
# This allows access to the actual api
|
||||
location ^~ /ombi/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ombi;
|
||||
set $upstream_port 3579;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
if ($http_referer ~* /ombi) {
|
||||
rewrite ^/api/(.*) /ombi/api/$1? redirect;
|
||||
}
|
||||
|
||||
# This allows access to the documentation for the api
|
||||
location ^~ /ombi/swagger {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ombi;
|
||||
set $upstream_port 3579;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
if ($http_referer ~* /ombi) {
|
||||
rewrite ^/swagger/(.*) /ombi/swagger/$1? redirect;
|
||||
}
|
||||
@@ -1,41 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your organizr container is named organizr
|
||||
# To use config this with subfolder proxies:
|
||||
# Rename this file to organizr-auth.subfolder.conf
|
||||
# Add one of the auth_request lines from the comments below
|
||||
# ex:
|
||||
# auth_request /auth-0;
|
||||
#
|
||||
# To use config this with subdomain proxies:
|
||||
# Rename this file to organizr-auth.subfolder.conf (the subfolder file name is still used)
|
||||
# Add the following line in your other subdomain proxy configs
|
||||
# include /config/nginx/proxy-confs/organizr-auth.subfolder.conf;
|
||||
# Add one of the auth_request lines from the comments below
|
||||
# ex:
|
||||
# include /config/nginx/proxy-confs/organizr-auth.subfolder.conf;
|
||||
# auth_request /auth-0;
|
||||
|
||||
location ~ /auth-([0-9]+) {
|
||||
internal;
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_auth_app organizr;
|
||||
set $upstream_auth_port 80;
|
||||
set $upstream_auth_proto http;
|
||||
proxy_pass $upstream_auth_proto://$upstream_auth_app:$upstream_auth_port/api/v2/auth?group=$1;
|
||||
|
||||
proxy_set_header Content-Length "";
|
||||
|
||||
# Do not uncomment the lines below, these are examples for use in other proxy configs
|
||||
#auth_request /auth-0; #=Admin
|
||||
#auth_request /auth-1; #=Co-Admin
|
||||
#auth_request /auth-2; #=Super User
|
||||
#auth_request /auth-3; #=Power User
|
||||
#auth_request /auth-4; #=User
|
||||
#auth_request /auth-998; #=Logged In
|
||||
#auth_request /auth-999; #=Guest
|
||||
}
|
||||
|
||||
# Optional redirect server authentication errors to organizr authentication page
|
||||
# NOTE: $host must be modified to your public URL when using subdomain proxies
|
||||
#error_page 401 $scheme://$host/?error=$status&return=$scheme://$http_host$request_uri;
|
||||
@@ -1,58 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your organizr container is named organizr
|
||||
# make sure that your dns has a cname set for organizr
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name organizr.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app organizr;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
# Optional redirect server errors to organizr error pages
|
||||
#error_page 400 402 403 404 405 408 500 502 503 504 $scheme://$host/?error=$status;
|
||||
|
||||
}
|
||||
@@ -1,29 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your organizr container is named organizr
|
||||
# In order to use this location block you need to edit the default file one folder up and comment out the / and ~ \.php$ locations
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app organizr;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
# Optional redirect server errors to organizr error pages
|
||||
#error_page 400 402 403 404 405 408 500 502 503 504 $scheme://$host/?error=$status;
|
||||
@@ -1,82 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your pihole container is named pihole
|
||||
# make sure that your dns has a cname set for pihole
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name pihole.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app pihole;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_hide_header X-Frame-Options;
|
||||
}
|
||||
|
||||
location /admin {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app pihole;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_hide_header X-Frame-Options;
|
||||
}
|
||||
}
|
||||
@@ -1,61 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your pihole container is named pihole
|
||||
# pihole does not require a base url setting
|
||||
|
||||
location /pihole {
|
||||
return 301 $scheme://$host/pihole/;
|
||||
}
|
||||
|
||||
location ^~ /pihole/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app pihole;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /pihole(.*) $1 break;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
}
|
||||
|
||||
location /pihole/admin {
|
||||
return 301 $scheme://$host/pihole/admin/;
|
||||
}
|
||||
|
||||
location ^~ /pihole/admin/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app pihole;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /pihole(.*) $1 break;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
}
|
||||
@@ -1,80 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your plex container is named plex
|
||||
# make sure that your dns has a cname set for plex
|
||||
# if plex is running in bridge mode and the container is named "plex", the below config should work as is
|
||||
# if not, replace the line "set $upstream_app plex;" with "set $upstream_app <containername>;"
|
||||
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of plex
|
||||
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://plex.yourdomain.url:443")
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name plex.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
proxy_redirect off;
|
||||
proxy_buffering off;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app plex;
|
||||
set $upstream_port 32400;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
|
||||
proxy_set_header X-Plex-Device $http_x_plex_device;
|
||||
proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;
|
||||
proxy_set_header X-Plex-Platform $http_x_plex_platform;
|
||||
proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
|
||||
proxy_set_header X-Plex-Product $http_x_plex_product;
|
||||
proxy_set_header X-Plex-Token $http_x_plex_token;
|
||||
proxy_set_header X-Plex-Version $http_x_plex_version;
|
||||
proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
|
||||
proxy_set_header X-Plex-Provides $http_x_plex_provides;
|
||||
proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
|
||||
proxy_set_header X-Plex-Model $http_x_plex_model;
|
||||
}
|
||||
|
||||
location /library/streams/ {
|
||||
set $upstream_app plex;
|
||||
set $upstream_port 32400;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
proxy_pass_request_headers off;
|
||||
}
|
||||
}
|
||||
@@ -1,54 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
#******** This config no longer works as intended. The web app loads, but no direct connection to server is made. *********
|
||||
#******** PRs welcome for anyone who figures out how to fix it. Use the subdomain config in the meantime. *******
|
||||
|
||||
# make sure that your plex container is named plex
|
||||
# if plex is running in bridge mode and the container is named "plex", the below config should work as is
|
||||
# if not, replace the line "set $upstream_app plex;" with "set $upstream_app <containername>;"
|
||||
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of plex
|
||||
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://yourdomain.url:443/plex")
|
||||
|
||||
location /plex {
|
||||
return 301 $scheme://$host/plex/;
|
||||
}
|
||||
|
||||
location ^~ /plex/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app plex;
|
||||
set $upstream_port 32400;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /plex(.*) $1 break;
|
||||
|
||||
proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
|
||||
proxy_set_header X-Plex-Device $http_x_plex_device;
|
||||
proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;
|
||||
proxy_set_header X-Plex-Platform $http_x_plex_platform;
|
||||
proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
|
||||
proxy_set_header X-Plex-Product $http_x_plex_product;
|
||||
proxy_set_header X-Plex-Token $http_x_plex_token;
|
||||
proxy_set_header X-Plex-Version $http_x_plex_version;
|
||||
proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
|
||||
proxy_set_header X-Plex-Provides $http_x_plex_provides;
|
||||
proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
|
||||
proxy_set_header X-Plex-Model $http_x_plex_model;
|
||||
}
|
||||
|
||||
if ($http_referer ~* /plex) {
|
||||
rewrite ^/web/(.*) /plex/web/$1? redirect;
|
||||
}
|
||||
@@ -1,54 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your plex container is named plex
|
||||
# make sure that your dns has a cname set for plexwebtools
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name plexwebtools.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app plex;
|
||||
set $upstream_port 33400;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,30 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your plex container is named plex
|
||||
# make sure that plexwebtools is set to work with the base url /plexwebtools/
|
||||
|
||||
location /plexwebtools {
|
||||
return 301 $scheme://$host/plexwebtools/;
|
||||
}
|
||||
|
||||
location ^~ /plexwebtools/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app plex;
|
||||
set $upstream_port 33400;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,66 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your portainer container is named portainer
|
||||
# make sure that your dns has a cname set for portainer
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name portainer.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app portainer;
|
||||
set $upstream_port 9000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_hide_header X-Frame-Options; # Possibly not needed after Portainer 1.20.0
|
||||
}
|
||||
|
||||
location ~ (/portainer)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app portainer;
|
||||
set $upstream_port 9000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_hide_header X-Frame-Options; # Possibly not needed after Portainer 1.20.0
|
||||
}
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
## Version 2023/02/12
|
||||
# make sure that your portainer container is named portainer
|
||||
# portainer does not require a base url setting
|
||||
|
||||
location /portainer {
|
||||
return 301 $scheme://$host/portainer/;
|
||||
}
|
||||
|
||||
location ^~ /portainer/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app portainer;
|
||||
set $upstream_port 9000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /portainer(.*) $1 break;
|
||||
proxy_hide_header X-Frame-Options; # Possibly not needed after Portainer 1.20.0
|
||||
}
|
||||
|
||||
location ^~ /portainer/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app portainer;
|
||||
set $upstream_port 9000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /portainer(.*) $1 break;
|
||||
proxy_hide_header X-Frame-Options; # Possibly not needed after Portainer 1.20.0
|
||||
}
|
||||
@@ -1,78 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your prometheus container is named prometheus
|
||||
# make sure that your dns has a cname set for prometheus
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name prometheus.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prometheus;
|
||||
set $upstream_port 9090;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/prometheus)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prometheus;
|
||||
set $upstream_port 9090;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/prometheus)?/-/(healthy|ready|reload|quit) {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prometheus;
|
||||
set $upstream_port 9090;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,72 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your prowlarr container is named prowlarr
|
||||
# make sure that your dns has a cname set for prowlarr
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name prowlarr.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prowlarr;
|
||||
set $upstream_port 9696;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/prowlarr)?(/[0-9]+)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prowlarr;
|
||||
set $upstream_port 9696;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ (/prowlarr)?(/[0-9]+)?/download {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prowlarr;
|
||||
set $upstream_port 9696;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,46 +0,0 @@
|
||||
## Version 2023/09/13
|
||||
# make sure that your prowlarr container is named prowlarr
|
||||
# make sure that prowlarr is set to work with the base url /prowlarr/
|
||||
|
||||
location /prowlarr {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prowlarr;
|
||||
set $upstream_port 9696;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /prowlarr(/[0-9]+)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prowlarr;
|
||||
set $upstream_port 9696;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /prowlarr(/[0-9]+)?/download {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app prowlarr;
|
||||
set $upstream_port 9696;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,67 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# this is for nodes, not your actual panel
|
||||
# make sure you set your node to use 443 as its API port
|
||||
# make sure that your pterodactylnode container is named pterodactylnode
|
||||
# make sure that your dns has a cname set for pterodactylnode
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name pterodactylnode.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app pterodactylnode;
|
||||
set $upstream_port 443;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/pterodactylnode)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app pterodactylnode;
|
||||
set $upstream_port 443;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,42 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your rclone container is named rclone
|
||||
# rclone does not require a base url setting
|
||||
|
||||
location /rclone {
|
||||
return 301 $scheme://$host/rclone/;
|
||||
}
|
||||
|
||||
location ^~ /rclone/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app rclone;
|
||||
set $upstream_port 5800;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /rclone(.*) $1 break;
|
||||
}
|
||||
|
||||
location ^~ /rclone/websockify {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app rclone;
|
||||
set $upstream_port 5800;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port/websockify/;
|
||||
|
||||
rewrite /rclone(.*) $1 break;
|
||||
}
|
||||
@@ -1,59 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your rutorrent container is named rutorrent
|
||||
# rutorrent does not require a base url setting
|
||||
|
||||
location /rutorrent {
|
||||
return 301 $scheme://$host/rutorrent/;
|
||||
}
|
||||
|
||||
location ^~ /rutorrent/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app rutorrent;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /rutorrent(.*) $1 break;
|
||||
}
|
||||
|
||||
location ^~ /rutorrent/RPC2 {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# block rpc access by default because it is unprotected
|
||||
# you can comment out the next line to enable remote rpc calls
|
||||
deny all;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app rutorrent;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /rutorrent(.*) $1 break;
|
||||
}
|
||||
@@ -1,62 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your sonarrtorss container is named sonarrtorss
|
||||
# make sure that your dns has a cname set for sonarrtorss
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name sonarrtorss.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app sonarrtorss;
|
||||
set $upstream_port 18989;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
|
||||
location ~ ^/(api/|sonarr$|rss$|atom$|json$) {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app sonarrtorss;
|
||||
set $upstream_port 18989;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
}
|
||||
@@ -1,38 +0,0 @@
|
||||
## Version 2024/06/21
|
||||
# make sure that your sonarrtorss container is named sonarrtorss
|
||||
# sonarrtorss does not require a base url setting
|
||||
|
||||
location ^~ /sonarrtorss {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app sonarrtorss;
|
||||
set $upstream_port 18989;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /sonarrtorss(.*) $1 break;
|
||||
}
|
||||
|
||||
location ~ ^/sonarrtorss/(api/|sonarr$|rss$|atom$|json$) {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app sonarrtorss;
|
||||
set $upstream_port 18989;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /sonarrtorss(.*) $1 break;
|
||||
}
|
||||
@@ -1,66 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your synclounge container is named synclounge
|
||||
# make sure that your dns has a cname set for synclounge
|
||||
# Use this with SyncLounge v3 and up.
|
||||
# Make sure that you do not have HSTS enabled, otherwise http access won't work
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
server_name synclounge.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app synclounge;
|
||||
set $upstream_port 8088;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_socket_keepalive on;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
|
||||
proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
|
||||
proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,59 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your synclounge container is named synclounge
|
||||
# make sure that synclounge is set to work with the base url /synclounge/
|
||||
# Use this with SyncLounge v3 or up
|
||||
#
|
||||
# To allow non-secure connections (http), which is required by some Plex clients, modify the first block in site-confs/default to look something like this:
|
||||
#server {
|
||||
# listen 80 default_server;
|
||||
# listen [::]:80 default_server;
|
||||
# server_name _;
|
||||
#
|
||||
# # Don't force redirect SyncLounge to https
|
||||
# include /config/nginx/proxy-confs/synclounge.subfolder.conf;
|
||||
#
|
||||
# location / {
|
||||
# return 301 https://$host$request_uri;
|
||||
# }
|
||||
#}
|
||||
|
||||
# Uncomment to force SyncLounge to always load over http. Only use this if you've allowed http per the above instructions.
|
||||
#if ($scheme = https) {
|
||||
# return 301 http://$host$request_uri;
|
||||
#}
|
||||
|
||||
location /synclounge {
|
||||
return 301 $scheme://$host/synclounge/;
|
||||
}
|
||||
|
||||
location /synclounge/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app synclounge;
|
||||
set $upstream_port 8088;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /synclounge(.*) $1 break;
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_socket_keepalive on;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
|
||||
proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
|
||||
proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;
|
||||
|
||||
}
|
||||
@@ -1,66 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your syncthing container is named syncthing
|
||||
# make sure that your dns has a cname set for syncthing
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name syncthing.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app syncthing;
|
||||
set $upstream_port 8384;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_hide_header Authorization;
|
||||
}
|
||||
|
||||
location ~ (/syncthing)?/rest {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app syncthing;
|
||||
set $upstream_port 8384;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_hide_header Authorization;
|
||||
}
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
## Version 2023/02/12
|
||||
# make sure that your syncthing container is named syncthing
|
||||
# syncthing does not require a base url setting
|
||||
|
||||
location /syncthing {
|
||||
return 301 $scheme://$host/syncthing/;
|
||||
}
|
||||
|
||||
location ^~ /syncthing/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app syncthing;
|
||||
set $upstream_port 8384;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /syncthing(.*) $1 break;
|
||||
proxy_hide_header Authorization;
|
||||
}
|
||||
|
||||
location ^~ /syncthing/rest {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app syncthing;
|
||||
set $upstream_port 8384;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
rewrite /syncthing(.*) $1 break;
|
||||
proxy_hide_header Authorization;
|
||||
}
|
||||
@@ -1,84 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your tautulli container is named tautulli
|
||||
# make sure that your dns has a cname set for tautulli
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name tautulli.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/tautulli)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/tautulli)?/newsletter {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/tautulli)?/image {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,57 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your tautulli container is named tautulli
|
||||
# make sure that tautulli is set to work with the base url /tautulli/
|
||||
# first go into tautulli settings, under "Web Interface", click on show advanced, set the HTTP root to /tautulli and restart the tautulli container
|
||||
|
||||
location ^~ /tautulli {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /tautulli/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /tautulli/newsletter {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /tautulli/image {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app tautulli;
|
||||
set $upstream_port 8181;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,40 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your theme-park container is named theme-park
|
||||
# make sure that theme-park is set to work with the base url /theme-park/
|
||||
# If you want to change the urlbase update the TP_URLBASE env on the theme-park container.
|
||||
|
||||
location /themepark {
|
||||
return 301 $scheme://$host/themepark/;
|
||||
}
|
||||
|
||||
location ^~ /themepark/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# If you don't want to cache the CSS files you can uncomment the lines below.
|
||||
# add_header Last-Modified $date_gmt;
|
||||
# add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
|
||||
# if_modified_since off;
|
||||
# expires -1;
|
||||
# etag off;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
sub_filter_types *;
|
||||
sub_filter 'url("/css/' 'url("/themepark/css/';
|
||||
sub_filter_once off;
|
||||
set $upstream_app theme-park;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
@@ -1,73 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# Make sure that DNS has a cname set for transmission
|
||||
#
|
||||
# Some Transmission Chrome extensions cannot handle HTTP/2 proxies as they
|
||||
# rely on the HTTP Status Text to determine if they should add the
|
||||
# X-Transmission-Session-Id header or not. HTTP/2 does not return this text
|
||||
# so jQuery responses are empty. This causes RPCs to fail.
|
||||
#
|
||||
# If your extension is affected, you can remove http2 from
|
||||
# /config/nginx/nginx.conf or submit a bug report with the
|
||||
# extension developer to fix their extensions to support HTTP/2.
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name transmission.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app transmission;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_pass_header X-Transmission-Session-Id;
|
||||
}
|
||||
|
||||
location ~ (/transmission)?/rpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app transmission;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,47 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your transmission container is named transmission
|
||||
# transmission does not require a base url setting
|
||||
#
|
||||
# Some Transmission Chrome extensions cannot handle HTTP/2 proxies as they
|
||||
# rely on the HTTP Status Text to determine if they should add the
|
||||
# X-Transmission-Session-Id header or not. HTTP/2 does not return this text
|
||||
# so jQuery responses are empty. This causes RPCs to fail.
|
||||
#
|
||||
# If your extension is affected, you can remove http2 from the default server
|
||||
# in /config/nginx/site-confs/default or listen on a different port that has
|
||||
# no http2 servers defined. Better yet, submit a bug report with the
|
||||
# extension developer to fix their extensions to support HTTP/2.
|
||||
|
||||
location ^~ /transmission {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app transmission;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_pass_header X-Transmission-Session-Id;
|
||||
}
|
||||
|
||||
location ^~ /transmission/rpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app transmission;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your tvheadend container is named tvheadend
|
||||
# make sure that tvheadend is set to work with the base url /tvheadend/
|
||||
# Before activating this config you need to do two things:
|
||||
# - enable a setting in the tvheadend web interface
|
||||
# - change your RUN_OPTS for tvheadend.
|
||||
#
|
||||
# You need to enable the setting "PROXY protocol & X-Forwarded For"
|
||||
# in the tvheadend web interface. This setting can be found in
|
||||
# "Configuration" -> "General" -> "Base" in the "HTTP Server Settings" Group.
|
||||
# You need to set the View level to Expert to see it. Once activated, you may need to
|
||||
# restart your tvheadend container. When testing this config, please be reminded
|
||||
# that the tvheadend docker can take a very long time to start (>10mins).
|
||||
#
|
||||
# For the subfolder to work you also need to edit your tvheadend docker compose / cli config
|
||||
# and set http_root in RUN_OPTS to tvheadend, e.g. in docker compose:
|
||||
# - RUN_OPTS= --http_root /tvheadend
|
||||
|
||||
location /tvheadend {
|
||||
return 301 $scheme://$host/tvheadend/;
|
||||
}
|
||||
|
||||
location /tvheadend/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
|
||||
set $upstream_app tvheadend;
|
||||
set $upstream_port 9981;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
@@ -1,84 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your ubooquity container is named ubooquity
|
||||
# make sure that your dns has a cname set for ubooquity
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name ubooquity.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ubooquity;
|
||||
set $upstream_port 2202;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /admin {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ubooquity;
|
||||
set $upstream_port 2203;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /admin-res {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ubooquity;
|
||||
set $upstream_port 2203;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location /admin-api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ubooquity;
|
||||
set $upstream_port 2203;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your ubooquity container is named ubooquity
|
||||
# make sure that ubooquity is set to work with the base url /ubooquity/
|
||||
# set the reverse proxy prefix in the admin gui to ubooquity.
|
||||
|
||||
location ^~ /ubooquity {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ubooquity;
|
||||
set $upstream_port 2202;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ^~ /ubooquity/admin {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app ubooquity;
|
||||
set $upstream_port 2203;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,64 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your uptime-kuma container is named uptime-kuma
|
||||
# make sure that your dns has a cname set for uptime-kuma
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name uptime-kuma.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app uptime-kuma;
|
||||
set $upstream_port 3001;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /(status|assets|icon.svg) {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app uptime-kuma;
|
||||
set $upstream_port 3001;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,111 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your vaultwarden container is named vaultwarden
|
||||
# make sure that your dns has a cname set for vaultwarden
|
||||
# if you are using bitwarden (the official image), use the bitwarden conf
|
||||
# if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf
|
||||
#
|
||||
# vaultwarden defaults to port 80 and can be changed using the environment variable ROCKET_PORT on the vaultwarden container
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name vaultwarden.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 128M;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ ^(/vaultwarden)?/admin {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
# if you enable admin page via ADMIN_TOKEN env variable
|
||||
# consider restricting access to LAN only via uncommenting the following lines
|
||||
#allow 10.0.0.0/8;
|
||||
#allow 172.16.0.0/12;
|
||||
#allow 192.168.0.0/16;
|
||||
#deny all;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/vaultwarden)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/vaultwarden)?/notifications/hub {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,87 +0,0 @@
|
||||
## Version 2023/11/12
|
||||
# make sure that your vaultwarden container is named vaultwarden
|
||||
# make sure that vaultwarden is set to work with the base url /vaultwarden/
|
||||
# if you are using bitwarden (the official image), use the bitwarden conf
|
||||
# if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf
|
||||
#
|
||||
# vaultwarden defaults to port 80 and can be changed using the environment variable ROCKET_PORT on the vaultwarden container
|
||||
#
|
||||
# Environmental Variable DOMAIN=https://<DOMAIN>/vaultwarden must be set in vaultwarden container including subfolder.
|
||||
|
||||
location /vaultwarden {
|
||||
return 301 $scheme://$host/vaultwarden/;
|
||||
}
|
||||
|
||||
location ^~ /vaultwarden/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ ^(/vaultwarden)?/admin {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# if you enable admin page via ADMIN_TOKEN env variable
|
||||
# consider restricting access to LAN only via uncommenting the following lines
|
||||
#allow 10.0.0.0/8;
|
||||
#allow 172.16.0.0/12;
|
||||
#allow 192.168.0.0/16;
|
||||
#deny all;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/vaultwarden)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/vaultwarden)?/notifications/hub {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app vaultwarden;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
@@ -1,66 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your radarr container is named watchstate
|
||||
# make sure that your dns has a cname set for watchstate
|
||||
# the api endpoint is not behind auth, so please make sure to enable
|
||||
# "Webhook match backend id" in backend settings
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name watchstate.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app watchstate;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ /v1/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app watchstate;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,64 +0,0 @@
|
||||
## Version 2025/07/18
|
||||
# make sure that your wikijs container is named wikijs
|
||||
# make sure that your dns has a cname set for wikijs
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# listen 443 quic;
|
||||
listen [::]:443 ssl;
|
||||
# listen [::]:443 quic;
|
||||
|
||||
server_name wikijs.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth (requires ldap-location.conf in the location block)
|
||||
#include /config/nginx/ldap-server.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-location.conf in the location block)
|
||||
#include /config/nginx/authelia-server.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-location.conf in the location block)
|
||||
#include /config/nginx/authentik-server.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-location.conf in the location block)
|
||||
#include /config/nginx/tinyauth-server.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
# enable for Tinyauth (requires tinyauth-server.conf in the server block)
|
||||
#include /config/nginx/tinyauth-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app wikijs;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/wikijs)?/graphql {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app wikijs;
|
||||
set $upstream_port 3000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your wordpress container is named wordpress
|
||||
# make sure that wordpress is set to work with the base url /wordpress/
|
||||
# In order to use this location block you need to edit the default file one folder up and comment out the / location as well as the "~ \.php$" location
|
||||
# tested with the official wordpress docker image
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app wordpress;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
## Version 2023/02/05
|
||||
# make sure that your youtube-dl-server container is named youtube-dl-server
|
||||
# youtube-dl-server does not require a base url setting
|
||||
# Works with this youtube-dl Fork: https://github.com/nbr23/youtube-dl-server
|
||||
|
||||
location /youtube-dl {
|
||||
return 301 $scheme://$host/youtube-dl/;
|
||||
}
|
||||
|
||||
location ^~ /youtube-dl/ {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app youtube-dl-server;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header Referer '';
|
||||
# next line doesn't work with the latest version of: https://github.com/nbr23/youtube-dl-server
|
||||
# proxy_set_header Host $upstream_app:8080;
|
||||
rewrite /youtube-dl(.*) $1 break;
|
||||
}
|
||||
@@ -42,7 +42,6 @@ def generate_configs():
|
||||
lstrip_blocks=True
|
||||
)
|
||||
subdomain_template = env.get_template('subdomain.conf.j2')
|
||||
subfolder_template = env.get_template('subfolder.conf.j2')
|
||||
print("Jinja2 templates loaded successfully.")
|
||||
except Exception as e:
|
||||
print(f"ERROR: Failed to load Jinja2 templates from '{TEMPLATE_DIR}': {e}. Exiting.")
|
||||
@@ -59,17 +58,6 @@ def generate_configs():
|
||||
f.write(rendered_content)
|
||||
print(f" [OK] Generated {filename}")
|
||||
|
||||
# Generate templated subfolder configs
|
||||
print("\n--- Generating Templated Subfolder Configs ---")
|
||||
subfolder_items = data.get('subfolders', [])
|
||||
for item in subfolder_items:
|
||||
filename = f"{item['name']}.subfolder.conf.sample"
|
||||
output_path = os.path.join(OUTPUT_DIR, filename)
|
||||
rendered_content = subfolder_template.render(item=item)
|
||||
with open(output_path, 'w') as f:
|
||||
f.write(rendered_content)
|
||||
print(f" [OK] Generated {filename}")
|
||||
|
||||
# Copy custom configs
|
||||
print("\n--- Copying Custom Configs ---")
|
||||
if not os.path.isdir(CUSTOM_DIR):
|
||||
@@ -86,17 +74,6 @@ def generate_configs():
|
||||
else:
|
||||
print(f" [!!] WARNING: Custom config file not found: {source_path}")
|
||||
|
||||
# Process custom subfolders
|
||||
for app_name in data.get('custom', {}).get('subfolders', []):
|
||||
filename = f"{app_name}.subfolder.conf.sample"
|
||||
source_path = os.path.join(CUSTOM_DIR, filename)
|
||||
dest_path = os.path.join(OUTPUT_DIR, filename)
|
||||
if os.path.exists(source_path):
|
||||
shutil.copy(source_path, dest_path)
|
||||
print(f" [OK] Copied {filename}")
|
||||
else:
|
||||
print(f" [!!] WARNING: Custom config file not found: {source_path}")
|
||||
|
||||
print("\n--- Generation Complete ---")
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
||||
@@ -68,6 +68,39 @@ server {
|
||||
{% endif %}
|
||||
{% if item.set_x_scheme %}
|
||||
proxy_set_header X-Scheme https;
|
||||
{% endif %}
|
||||
{% if item.websockets %}
|
||||
proxy_buffering off;
|
||||
proxy_socket_keepalive on;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
|
||||
proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
|
||||
proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;
|
||||
{% endif %}
|
||||
{% if item.proxy_pass_headers %}
|
||||
{% for header in item.proxy_pass_headers %}
|
||||
proxy_pass_header {{ header }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if item.proxy_set_headers %}
|
||||
{% for header in item.proxy_set_headers %}
|
||||
proxy_set_header {{ header.key }} {{ header.value }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if item.proxy_hide_headers %}
|
||||
{% for header in item.proxy_hide_headers %}
|
||||
proxy_hide_header {{ header }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if item.add_headers %}
|
||||
{% for header in item.add_headers %}
|
||||
add_header {{ header.key }} "{{ header.value }}";
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if item.custom_directives %}
|
||||
{% for directive in item.custom_directives %}
|
||||
{{ directive }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
}
|
||||
{% if item.api %}
|
||||
@@ -80,4 +113,31 @@ server {
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
{% endif %}
|
||||
{% if item.extra_locations %}
|
||||
{% for loc in item.extra_locations %}
|
||||
location ~ (?:/{{ item.name }})?{{ loc.path }} {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app {{ loc.app | default(item.name) }};
|
||||
set $upstream_port {{ loc.port | default(item.port) }};
|
||||
set $upstream_proto {% if loc.https %}https{% elif item.https and loc.https is not defined %}https{% else %}http{% endif %};
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port{% if loc.proxy_pass_path %}{{ loc.proxy_pass_path }}{% endif %};
|
||||
{% if loc.proxy_set_headers %}
|
||||
{% for header in loc.proxy_set_headers %}
|
||||
proxy_set_header {{ header.key }} {{ header.value }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if loc.proxy_hide_headers %}
|
||||
{% for header in loc.proxy_hide_headers %}
|
||||
proxy_hide_header {{ header }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if loc.custom_directives %}
|
||||
{% for directive in loc.custom_directives %}
|
||||
{{ directive }};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
@@ -1,49 +0,0 @@
|
||||
## Version 2025/08/28
|
||||
# make sure that your {{ item.name }} container is named {{ item.name }}
|
||||
# make sure that {{ item.name }} is set to work with the base url /{{ item.name }}/
|
||||
|
||||
{% if item.redirect %}
|
||||
location /{{ item.name }} {
|
||||
return 301 $scheme://$host/{{ item.name }}/;
|
||||
}
|
||||
|
||||
location ^~ /{{ item.name }}/ {
|
||||
{% else %}
|
||||
location ^~ /{{ item.name }} {
|
||||
{% endif %}
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||
#include /config/nginx/ldap-location.conf;
|
||||
|
||||
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||
#include /config/nginx/authelia-location.conf;
|
||||
|
||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||
#include /config/nginx/authentik-location.conf;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app {{ item.name }};
|
||||
set $upstream_port {{ item.port }};
|
||||
set $upstream_proto {% if item.https %}https{% else %}http{% endif %};
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
{% if item.rewrite %}
|
||||
rewrite /{{ item.name }}(.*) $1 break;
|
||||
{% endif %}
|
||||
{% if item.buffering_off %}
|
||||
proxy_buffering off;
|
||||
{% endif %}
|
||||
}
|
||||
{% if item.api %}
|
||||
location ^~ /{{ item.name }}/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_app {{ item.name }};
|
||||
set $upstream_port {{ item.port }};
|
||||
set $upstream_proto {% if item.https %}https{% else %}http{% endif %};
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
}
|
||||
{% endif %}
|
||||
Reference in New Issue
Block a user