Differences

This shows you the differences between two versions of the page.

--- portainer:dockers:swag [2024/07/28 14:25] – created dirk
+++ portainer:dockers:swag [2024/07/28 14:26] (current) – dirk
@@ Line 45: / Line 45: @@
   * restart swag
-===== appdata/swag/nginx/proxy-confs/ =====
-==== bazarr.subdomain.conf ====
-<code># make sure that your dns has a cname set for bazarr and that your bazarr container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name bazarr.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app bazarr;
-        set $upstream_port 6767;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== deluge.subdomain.conf ====
-<code># make sure that your dns has a cname set for deluge and that your deluge container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name deluge.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app delugevpn;
-        set $upstream_port 8112;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== dokuwiki.subdomain.conf ====
-<code># First complete the setup by appending install.php to URL.
-# Make sure that your dns has a cname set for dokuwiki
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name wiki.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    #enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        #enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        #enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /ldaplogin;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app dokuwiki;
-        set $upstream_port 80;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== edge.subdomain.conf ====
-<code>server {
-        listen 80;
-        server_name edge.*;
-        return 301 https://$host$request_uri;
-}
-upstream edge {
-        server 192.168.1.1;
-        keepalive 32;
-}
-server {
-        listen 443 ssl http2;
-        server_name edge.*;
-        client_max_body_size 512m;
-        location / {
-                proxy_pass https://192.168.1.1;
-                proxy_http_version 1.1;
-                proxy_buffering off;
-                proxy_set_header Upgrade $http_upgrade;
-                proxy_set_header Connection "Upgrade";
-                proxy_set_header Host $host;
-                proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
-        }
-}
-</code>
-==== games.subdomain.conf ====
-<code># Make sure that your dns has a cname set for games
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name games.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    #enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        #enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        #enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /ldaplogin;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app games;
-        set $upstream_port 8080;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}</code>
-==== home.subdomain.conf ====
-  * only works if hoobs is installed on a vm
-<code>
-# make sure that your dns has a cname set for home
-server {
-  listen 443 ssl http2;
- server_name home.*;
- server_tokens off;
-#access_log /var/log/nginx/SUBDOMAIN.SITE.access.log;
-#error_log /var/log/nginx/SUBDOMAIN.SITE.error.log error;
-#
-# ssl on;
-#
-# ssl_certificate /etc/letsencrypt/live/SITE/fullchain.pem;
-# ssl_certificate_key /etc/letsencrypt/SITE/privkey.pem;
- location /{
-  proxy_pass http://192.168.1.7;
-#  proxy_redirect off;
-  proxy_redirect http:// https://;
-#added line below
-  proxy_http_version 1.1;
-  proxy_set_header Host $http_host;
-  proxy_set_header X-Real-IP $remote_addr;
-  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  proxy_set_header X-Forwarded-Proto $scheme;
-  proxy_set_header X-Forwarded-Protocol $scheme;
-  proxy_set_header X-Url-Scheme $scheme;
-#added these 2 lines below
-  proxy_set_header Upgrade $http_upgrade;
-  proxy_set_header Connection "upgrade";
- }
-}
-</code>
-==== nextcloud.subdomain.conf ====
-  * extra steps found below and on youtube
-<code># make sure that your dns has a cname set for nextcloud
-# assuming this container is called "swag", edit your nextcloud container's config
-# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
-#  'trusted_proxies' => ['swag'],
-#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
-#  'overwritehost' => 'nextcloud.your-domain.com',
-#  'overwriteprotocol' => 'https',
-#
-# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
-#  array (
-#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
-#    1 => 'nextcloud.your-domain.com',
-#  ),
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name cloud.*;
-    include /config/nginx/ssl.conf;
-    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
-    client_max_body_size 0;
-    location / {
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app 192.168.1.3;
-        set $upstream_port 444;
-        set $upstream_proto https;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-        proxy_max_temp_file_size 2048m;
-    }
-}
-</code>
-==== pi.subdomain.conf ====
-  * only works if pihole is installed on vm
-<code>
-## Version 2020/12/09
-# make sure that your dns has a cname set for pihole and that your pihole container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name pi.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /ldaplogin;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app 192.168.1.2;
-        set $upstream_port 80;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-        proxy_hide_header X-Frame-Options;
-    }
-    location /admin {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /ldaplogin;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app 192.168.1.2;
-        set $upstream_port 80;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-        proxy_hide_header X-Frame-Options;
-    }
-}
-</code>
-==== plex.subdomain.conf ====
-<code># make sure that your dns has a cname set for plex
-# if plex is running in bridge mode and the container is named "plex", the below config should work as is
-# if not, replace the line "set $upstream_app plex;" with "set $upstream_app <containername>;"
-# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of plex
-# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://plex.yourdomain.url:443")
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name plex.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    proxy_redirect off;
-    proxy_buffering off;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app 192.168.1.3;
-        set $upstream_port 32400;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
-        proxy_set_header X-Plex-Device $http_x_plex_device;
-        proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;
-        proxy_set_header X-Plex-Platform $http_x_plex_platform;
-        proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
-        proxy_set_header X-Plex-Product $http_x_plex_product;
-        proxy_set_header X-Plex-Token $http_x_plex_token;
-        proxy_set_header X-Plex-Version $http_x_plex_version;
-        proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
-        proxy_set_header X-Plex-Provides $http_x_plex_provides;
-        proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
-        proxy_set_header X-Plex-Model $http_x_plex_model;
-    }
-}
-</code>
-==== radarr.subdomain.conf ====
-<code># make sure that your dns has a cname set for radarr and that your radarr container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name movies.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app radarr;
-        set $upstream_port 7878;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-    location ~ (/radarr)?/api {
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app radarr;
-        set $upstream_port 7878;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== sabnzbd.subdomain.conf ====
-<code># make sure that your dns has a cname set for sabnzbd
-# edit the sabnzbd.ini host_whitelist to avoid hostname verification issues. This format:
-# host_whitelist = sabnzbd.domain.com, www.sabnzbd.domain.com
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name sabnzbd.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app sabnzbdvpn;
-        set $upstream_port 8080;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-    location ~ (/sabnzbd)?/api {
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app sabnzbdvpn;
-        set $upstream_port 8080;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== sonarr.subdomain.conf ====
-<code># make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name tv.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app sonarr;
-        set $upstream_port 8989;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-    location ~ (/sonarr)?/api {
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app sonarr;
-        set $upstream_port 8989;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-   }
-}
-</code>
-==== tautulli.subdomain.conf ====
-<code># make sure that your dns has a cname set for tautulli and that your tautulli container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name tautulli.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app tautulli;
-        set $upstream_port 8181;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-    location ~ (/tautulli)?/api {
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app tautulli;
-        set $upstream_port 8181;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== unifi-controller.subdomain.conf ====
-<code># make sure that your dns has a cname set for unifi and that your unifi-controller container is not using a base url
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name unifi.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    # enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app unifi-controller;
-        set $upstream_port 8443;
-        set $upstream_proto https;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-    location /wss {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /login;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app unifi-controller;
-        set $upstream_port 8443;
-        set $upstream_proto https;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-        proxy_buffering off;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "Upgrade";
-        proxy_ssl_verify off;
-    }
-}
-</code>
-==== www.subdomain.conf docker version ====
-<code># Make sure that your dns has a cname set for www
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    server_name www.*;
-    include /config/nginx/ssl.conf;
-    client_max_body_size 0;
-    #enable for ldap auth, fill in ldap details in ldap.conf
-    #include /config/nginx/ldap.conf;
-    # enable for Authelia
-    #include /config/nginx/authelia-server.conf;
-    location / {
-        #enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-        #enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /ldaplogin;
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
-        set $upstream_app website;
-        set $upstream_port 8080;
-        set $upstream_proto http;
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-    }
-}
-</code>
-==== www.subdomain.conf OLD version ====
-<code># make sure that your dns has a cname set for www
-server {
-  listen 443 ssl http2;
- server_name www.*;
- server_tokens off;
-#access_log /var/log/nginx/SUBDOMAIN.SITE.access.log;
-#error_log /var/log/nginx/SUBDOMAIN.SITE.error.log error;
-#
-# ssl on;
-#
-# ssl_certificate /etc/letsencrypt/live/SITE/fullchain.pem;
-# ssl_certificate_key /etc/letsencrypt/SITE/privkey.pem;
- location /{
-  proxy_pass http://192.168.1.5:8080;
-#  proxy_redirect off;
-  proxy_redirect http:// https://;
-#added line below
-  proxy_http_version 1.1;
-  proxy_set_header Host $http_host;
-  proxy_set_header X-Real-IP $remote_addr;
-  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  proxy_set_header X-Forwarded-Proto $scheme;
-  proxy_set_header X-Forwarded-Protocol $scheme;
-  proxy_set_header X-Url-Scheme $scheme;
-#added these 2 lines below
-  proxy_set_header Upgrade $http_upgrade;
-  proxy_set_header Connection "upgrade";
- }
-}
-</code>

brimble.com

User Tools

Site Tools

Differences

Page Tools