Created
August 7, 2022 18:26
-
-
Save SiddharthManthan/8741523174cca8303531fa8d5532c811 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Version 2021/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/default | |
| error_page 502 /502.html; | |
| # redirect all traffic to https | |
| server { | |
| listen 80 default_server; | |
| listen [::]:80 default_server; | |
| server_name _; | |
| return 301 https://$host$request_uri; | |
| } | |
| # main server block | |
| server { | |
| listen 443 ssl http2 default_server; | |
| listen [::]:443 ssl http2 default_server; | |
| root /config/www; | |
| index index.html index.htm index.php; | |
| server_name _; | |
| # enable subfolder method reverse proxy confs | |
| include /config/nginx/proxy-confs/*.subfolder.conf; | |
| # all ssl related config moved to ssl.conf | |
| include /config/nginx/ssl.conf; | |
| # enable for ldap auth | |
| #include /config/nginx/ldap.conf; | |
| # enable for Authelia | |
| #include /config/nginx/authelia-server.conf; | |
| client_max_body_size 0; | |
| # location / { | |
| # enable the next two lines for http auth | |
| #auth_basic "Restricted"; | |
| #auth_basic_user_file /config/nginx/.htpasswd; | |
| # enable the next two lines for ldap auth | |
| #auth_request /auth; | |
| #error_page 401 =200 /ldaplogin; | |
| # enable for Authelia | |
| #include /config/nginx/authelia-location.conf; | |
| # try_files $uri $uri/ /index.html /index.php?$args =404; | |
| # } | |
| location ~ \.php$ { | |
| fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
| fastcgi_pass 127.0.0.1:9000; | |
| fastcgi_index index.php; | |
| include /etc/nginx/fastcgi_params; | |
| } | |
| # sample reverse proxy config for password protected couchpotato running at IP 192.168.1.50 port 5050 with base url "cp" | |
| # notice this is within the same server block as the base | |
| # don't forget to generate the .htpasswd file as described on docker hub | |
| # location ^~ /cp { | |
| # auth_basic "Restricted"; | |
| # auth_basic_user_file /config/nginx/.htpasswd; | |
| # include /config/nginx/proxy.conf; | |
| # proxy_pass http://192.168.1.50:5050/cp; | |
| # } | |
| } | |
| # sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above | |
| # notice this is a new server block, you need a new server block for each subdomain | |
| #server { | |
| # listen 443 ssl http2; | |
| # listen [::]:443 ssl http2; | |
| # | |
| # root /config/www; | |
| # index index.html index.htm index.php; | |
| # | |
| # server_name cp.*; | |
| # | |
| # include /config/nginx/ssl.conf; | |
| # | |
| # client_max_body_size 0; | |
| # | |
| # location / { | |
| # auth_basic "Restricted"; | |
| # auth_basic_user_file /config/nginx/.htpasswd; | |
| # include /config/nginx/proxy.conf; | |
| # proxy_pass http://192.168.1.50:5050; | |
| # } | |
| #} | |
| # sample reverse proxy config for "heimdall" via subdomain, with ldap authentication | |
| # ldap-auth container has to be running and the /config/nginx/ldap.conf file should be filled with ldap info | |
| # notice this is a new server block, you need a new server block for each subdomain | |
| #server { | |
| # listen 443 ssl http2; | |
| # listen [::]:443 ssl http2; | |
| # | |
| # root /config/www; | |
| # index index.html index.htm index.php; | |
| # | |
| # server_name heimdall.*; | |
| # | |
| # include /config/nginx/ssl.conf; | |
| # | |
| # include /config/nginx/ldap.conf; | |
| # | |
| # client_max_body_size 0; | |
| # | |
| # location / { | |
| # # the next two lines will enable ldap auth along with the included ldap.conf in the server block | |
| # auth_request /auth; | |
| # error_page 401 =200 /ldaplogin; | |
| # | |
| # include /config/nginx/proxy.conf; | |
| # resolver 127.0.0.11 valid=30s; | |
| # set $upstream_app heimdall; | |
| # set $upstream_port 443; | |
| # set $upstream_proto https; | |
| # proxy_pass $upstream_proto://$upstream_app:$upstream_port; | |
| # } | |
| #} | |
| # sample reverse proxy config for "heimdall" via subdomain, with Authelia | |
| # Authelia container has to be running in the same user defined bridge network, with container name "authelia", and with 'path: "authelia"' set in its configuration.yml | |
| # notice this is a new server block, you need a new server block for each subdomain | |
| #server { | |
| # listen 443 ssl http2; | |
| # listen [::]:443 ssl http2; | |
| # | |
| # root /config/www; | |
| # index index.html index.htm index.php; | |
| # | |
| # server_name heimdall.*; | |
| # | |
| # include /config/nginx/ssl.conf; | |
| # | |
| # include /config/nginx/authelia-server.conf; | |
| # | |
| # client_max_body_size 0; | |
| # | |
| # location / { | |
| # # the next line will enable Authelia along with the included authelia-server.conf in the server block | |
| # include /config/nginx/authelia-location.conf; | |
| # | |
| # include /config/nginx/proxy.conf; | |
| # resolver 127.0.0.11 valid=30s; | |
| # set $upstream_app heimdall; | |
| # set $upstream_port 443; | |
| # set $upstream_proto https; | |
| # proxy_pass $upstream_proto://$upstream_app:$upstream_port; | |
| # } | |
| #} | |
| # enable subdomain method reverse proxy confs | |
| include /config/nginx/proxy-confs/*.subdomain.conf; | |
| # enable proxy cache for auth | |
| proxy_cache_path cache/ keys_zone=auth_cache:10m; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment