services: migrate to linuxerserver-letsencrypt
This commit is contained in:
parent
8a22864b83
commit
e24dfd031c
9
.gitignore
vendored
9
.gitignore
vendored
|
@ -18,3 +18,12 @@
|
|||
/emby
|
||||
embystat
|
||||
/airsonic
|
||||
|
||||
/letsencrypt/*
|
||||
!/letsencrypt/nginx/
|
||||
|
||||
/letsencrypt/nginx/*
|
||||
!/letsencrypt/nginx/proxy-confs/
|
||||
|
||||
/letsencrypt/nginx/proxy-confs/*.sample
|
||||
/letsencrypt/nginx/proxy-confs/README.md
|
||||
|
|
|
@ -1,69 +1,48 @@
|
|||
version: "2"
|
||||
|
||||
services:
|
||||
|
||||
proxy:
|
||||
image: jwilder/nginx-proxy
|
||||
container_name: proxy
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/tmp/docker.sock:ro
|
||||
- certs:/etc/nginx/certs:rw
|
||||
- vhost.d:/etc/nginx/vhost.d
|
||||
- html:/usr/share/nginx/html
|
||||
- ./uploadsize.conf:/etc/nginx/conf.d/uploadsize.conf:ro
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
proxy-letsencrypt:
|
||||
image: jrcs/letsencrypt-nginx-proxy-companion
|
||||
letsencrypt:
|
||||
image: linuxserver/letsencrypt
|
||||
container_name: letsencrypt
|
||||
restart: unless-stopped
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
environment:
|
||||
- NGINX_PROXY_CONTAINER=proxy
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
- URL=belanyi.fr
|
||||
- SUBDOMAINS=wildcard
|
||||
- VALIDATION=dns
|
||||
- DNSPLUGIN=gandi #optional
|
||||
- EMAIL=brunobelanyi@gmail.com #optional
|
||||
- DHLEVEL=2048 #optional
|
||||
- ONLY_SUBDOMAINS=false #optional
|
||||
- EXTRA_DOMAINS= #optional
|
||||
- STAGING=false #optional
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
volumes_from:
|
||||
- "proxy"
|
||||
depends_on:
|
||||
- "proxy"
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
- ./letsencrypt:/config
|
||||
ports:
|
||||
- 443:443
|
||||
- 80:80 #optional
|
||||
|
||||
freshrss:
|
||||
image: linuxserver/freshrss
|
||||
container_name: freshrss
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=feed.belanyi.fr
|
||||
- LETSENCRYPT_HOST=feed.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PGID=1001
|
||||
- PUID=1000
|
||||
volumes:
|
||||
- ./freshrss:/config
|
||||
ports:
|
||||
- "667:80"
|
||||
networks:
|
||||
- "proxy-tier"
|
||||
- "default"
|
||||
|
||||
calibre:
|
||||
image: linuxserver/calibre
|
||||
container_name: calibre
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=calibre.belanyi.fr
|
||||
- LETSENCRYPT_HOST=calibre.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- VIRTUAL_PORT=8080
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -75,18 +54,12 @@ services:
|
|||
ports:
|
||||
- "8080:8080"
|
||||
#- "8081:8081"
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
calibre-web:
|
||||
image: linuxserver/calibre-web
|
||||
container_name: calibre-web
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=library.belanyi.fr
|
||||
- LETSENCRYPT_HOST=library.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -96,19 +69,12 @@ services:
|
|||
- ./library:/books
|
||||
ports:
|
||||
- "8083:8083"
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
pyload:
|
||||
image: linuxserver/pyload
|
||||
container_name: pyload
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=pyload.belanyi.fr
|
||||
- LETSENCRYPT_HOST=pyload.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- VIRTUAL_PORT=8000
|
||||
- TZ=Europe/Paris
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
|
@ -118,19 +84,12 @@ services:
|
|||
ports:
|
||||
- 8000:8000
|
||||
- 7227:7227 #optional
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
transmission:
|
||||
image: linuxserver/transmission
|
||||
container_name: transmission
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=transmission.belanyi.fr
|
||||
- LETSENCRYPT_HOST=transmission.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- VIRTUAL_PORT=9091
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -146,18 +105,12 @@ services:
|
|||
- 9091:9091
|
||||
- 51413:51413
|
||||
- 51413:51413/udp
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
jackett:
|
||||
image: linuxserver/jackett
|
||||
container_name: jackett
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=jackett.belanyi.fr
|
||||
- LETSENCRYPT_HOST=jackett.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -166,18 +119,12 @@ services:
|
|||
- ~/downloads/blackhole:/downloads
|
||||
ports:
|
||||
- 9117:9117
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
sonarr:
|
||||
image: linuxserver/sonarr
|
||||
container_name: sonarr
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=sonarr.belanyi.fr
|
||||
- LETSENCRYPT_HOST=sonarr.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -188,18 +135,12 @@ services:
|
|||
- ~/downloads:/downloads
|
||||
ports:
|
||||
- 8989:8989
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
radarr:
|
||||
image: linuxserver/radarr
|
||||
container_name: radarr
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=radarr.belanyi.fr
|
||||
- LETSENCRYPT_HOST=radarr.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -210,18 +151,12 @@ services:
|
|||
- ~/downloads:/downloads
|
||||
ports:
|
||||
- 7878:7878
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
bazarr:
|
||||
image: linuxserver/bazarr
|
||||
container_name: bazarr
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=bazarr.belanyi.fr
|
||||
- LETSENCRYPT_HOST=bazarr.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -232,18 +167,12 @@ services:
|
|||
- ~/videos/shows:/tv
|
||||
ports:
|
||||
- 6767:6767
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
lidarr:
|
||||
image: linuxserver/lidarr
|
||||
container_name: lidarr
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=lidarr.belanyi.fr
|
||||
- LETSENCRYPT_HOST=lidarr.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -254,19 +183,12 @@ services:
|
|||
- ~/downloads:/downloads
|
||||
ports:
|
||||
- 8686:8686
|
||||
networks:
|
||||
- "default"
|
||||
- "proxy-tier"
|
||||
|
||||
quassel-core:
|
||||
image: linuxserver/quassel-core
|
||||
container_name: quassel-core
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=quassel.belanyi.fr
|
||||
- LETSENCRYPT_HOST=quassel.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- VIRTUAL_PORT=4242
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -284,10 +206,6 @@ services:
|
|||
container_name: emby
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=emby.belanyi.fr
|
||||
- LETSENCRYPT_HOST=emby.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- VIRTUAL_PORT=8096
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -305,9 +223,6 @@ services:
|
|||
container_name: airsonic
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- VIRTUAL_HOST=airsonic.belanyi.fr
|
||||
- LETSENCRYPT_HOST=airsonic.belanyi.fr
|
||||
- LETSENCRYPT_EMAIL=brunobelanyi@gmail.com
|
||||
- PUID=1000
|
||||
- PGID=1000
|
||||
- TZ=Europe/Paris
|
||||
|
@ -319,11 +234,3 @@ services:
|
|||
- ~/playlists:/playlists
|
||||
ports:
|
||||
- 4040:4040
|
||||
|
||||
volumes:
|
||||
certs:
|
||||
vhost.d:
|
||||
html:
|
||||
|
||||
networks:
|
||||
proxy-tier:
|
||||
|
|
33
letsencrypt/nginx/proxy-confs/airsonic.subdomain.conf
Normal file
33
letsencrypt/nginx/proxy-confs/airsonic.subdomain.conf
Normal file
|
@ -0,0 +1,33 @@
|
|||
# make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name airsonic.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app airsonic;
|
||||
set $upstream_port 4040;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
33
letsencrypt/nginx/proxy-confs/bazarr.subdomain.conf
Normal file
33
letsencrypt/nginx/proxy-confs/bazarr.subdomain.conf
Normal file
|
@ -0,0 +1,33 @@
|
|||
# make sure that your dns has a cname set for bazarr and that your bazarr container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name bazarr.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app bazarr;
|
||||
set $upstream_port 6767;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
35
letsencrypt/nginx/proxy-confs/calibre-web.subdomain.conf
Normal file
35
letsencrypt/nginx/proxy-confs/calibre-web.subdomain.conf
Normal file
|
@ -0,0 +1,35 @@
|
|||
# make sure that your dns has a cname set for calibre-web
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name library.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app calibre-web;
|
||||
set $upstream_port 8083;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
}
|
||||
}
|
35
letsencrypt/nginx/proxy-confs/calibre.subdomain.conf
Normal file
35
letsencrypt/nginx/proxy-confs/calibre.subdomain.conf
Normal file
|
@ -0,0 +1,35 @@
|
|||
# make sure that your dns has a cname set for calibre
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name calibre.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app calibre;
|
||||
set $upstream_port 8080;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
}
|
||||
}
|
32
letsencrypt/nginx/proxy-confs/emby.subdomain.conf
Normal file
32
letsencrypt/nginx/proxy-confs/emby.subdomain.conf
Normal file
|
@ -0,0 +1,32 @@
|
|||
# make sure that your dns has a cname set for emby and that your emby container is not using a base url
|
||||
# if emby is running in bridge mode and the container is named "emby", the below config should work as is
|
||||
# if not, replace the line "set $upstream_app emby;" with "set $upstream_app <containername>;"
|
||||
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of emby
|
||||
# in emby settings, under "Advanced" change the public https port to 443, leave the local ports as is, set the "external domain" to your url,
|
||||
# and set the "Secure connection mode" to "Handled by reverse proxy"
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name emby.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
location / {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app emby;
|
||||
set $upstream_port 8096;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_set_header Range $http_range;
|
||||
proxy_set_header If-Range $http_if_range;
|
||||
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
}
|
||||
}
|
40
letsencrypt/nginx/proxy-confs/freshrss.subdomain.conf
Normal file
40
letsencrypt/nginx/proxy-confs/freshrss.subdomain.conf
Normal file
|
@ -0,0 +1,40 @@
|
|||
# make sure that your dns has a cname set for freshrss
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name feed.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app freshrss;
|
||||
set $upstream_port 80;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_redirect off;
|
||||
proxy_buffering off;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Port $server_port;
|
||||
proxy_cookie_path / "/; HTTPOnly; Secure";
|
||||
proxy_set_header Authorization $http_authorization;
|
||||
proxy_pass_header Authorization;
|
||||
}
|
||||
}
|
53
letsencrypt/nginx/proxy-confs/jackett.subdomain.conf
Normal file
53
letsencrypt/nginx/proxy-confs/jackett.subdomain.conf
Normal file
|
@ -0,0 +1,53 @@
|
|||
# make sure that your dns has a cname set for jackett and that your jackett container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name jackett.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/jackett)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/jackett)?/dl {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app jackett;
|
||||
set $upstream_port 9117;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
43
letsencrypt/nginx/proxy-confs/lidarr.subdomain.conf
Normal file
43
letsencrypt/nginx/proxy-confs/lidarr.subdomain.conf
Normal file
|
@ -0,0 +1,43 @@
|
|||
# make sure that your dns has a cname set for lidarr and that your lidarr container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name lidarr.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app lidarr;
|
||||
set $upstream_port 8686;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/lidarr)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app lidarr;
|
||||
set $upstream_port 8686;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
33
letsencrypt/nginx/proxy-confs/pyload.subdomain.conf
Normal file
33
letsencrypt/nginx/proxy-confs/pyload.subdomain.conf
Normal file
|
@ -0,0 +1,33 @@
|
|||
# make sure that your dns has a cname set for pyload and that your pyload container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name pyload.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app pyload;
|
||||
set $upstream_port 8000;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
43
letsencrypt/nginx/proxy-confs/radarr.subdomain.conf
Normal file
43
letsencrypt/nginx/proxy-confs/radarr.subdomain.conf
Normal file
|
@ -0,0 +1,43 @@
|
|||
# make sure that your dns has a cname set for radarr and that your radarr container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name radarr.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app radarr;
|
||||
set $upstream_port 7878;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/radarr)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app radarr;
|
||||
set $upstream_port 7878;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
43
letsencrypt/nginx/proxy-confs/sonarr.subdomain.conf
Normal file
43
letsencrypt/nginx/proxy-confs/sonarr.subdomain.conf
Normal file
|
@ -0,0 +1,43 @@
|
|||
# make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name sonarr.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app sonarr;
|
||||
set $upstream_port 8989;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
|
||||
location ~ (/sonarr)?/api {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app sonarr;
|
||||
set $upstream_port 8989;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
44
letsencrypt/nginx/proxy-confs/transmission.subdomain.conf
Normal file
44
letsencrypt/nginx/proxy-confs/transmission.subdomain.conf
Normal file
|
@ -0,0 +1,44 @@
|
|||
# make sure that your dns has a cname set for transmission
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
server_name transmission.*;
|
||||
|
||||
include /config/nginx/ssl.conf;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
# enable for ldap auth, fill in ldap details in ldap.conf
|
||||
#include /config/nginx/ldap.conf;
|
||||
|
||||
location / {
|
||||
# enable the next two lines for http auth
|
||||
#auth_basic "Restricted";
|
||||
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||
|
||||
# enable the next two lines for ldap auth
|
||||
#auth_request /auth;
|
||||
#error_page 401 =200 /login;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app transmission;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
proxy_pass_header X-Transmission-Session-Id;
|
||||
}
|
||||
|
||||
location ~ (/transmission)?/rpc {
|
||||
include /config/nginx/proxy.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $upstream_app transmission;
|
||||
set $upstream_port 9091;
|
||||
set $upstream_proto http;
|
||||
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
||||
|
||||
}
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
client_max_body_size 1g;
|
Reference in a new issue