diff --git a/_template.subdomain.conf.sample b/_template.subdomain.conf.sample index 004626823..53024a528 100644 --- a/_template.subdomain.conf.sample +++ b/_template.subdomain.conf.sample @@ -1,8 +1,9 @@ -## Version 2022/09/08 +## Version 2023/02/05 # REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template. # REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for and replace them. Review other sample files to see how things are done. # REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as DNS or app settings. -# make sure that your dns has a cname set for and that your container is not using a base url +# make sure that your container is named +# make sure that your dns has a cname set for server { listen 443 ssl; @@ -20,6 +21,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +35,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ; diff --git a/_template.subfolder.conf.sample b/_template.subfolder.conf.sample index 46be8cc8f..2f8eff6be 100644 --- a/_template.subfolder.conf.sample +++ b/_template.subfolder.conf.sample @@ -1,8 +1,10 @@ -## Version 2022/09/08 +## Version 2023/02/05 # REMOVE THIS LINE BEFORE SUBMITTING: The structure of the file (all of the existing lines) should be kept as close as possible to this template. # REMOVE THIS LINE BEFORE SUBMITTING: Look through this file for and replace them. Review other sample files to see how things are done. # REMOVE THIS LINE BEFORE SUBMITTING: The comment lines at the top of the file (below this line) should explain any prerequisites for using the proxy such as DNS or app settings. -# first go into settings, under "General" set the URL Base to // and restart the container +# make sure that your container is named +# make sure that is set to work with the base url // + location / { return 301 $scheme://$host//; @@ -19,6 +21,9 @@ location ^~ // { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ; diff --git a/adguard.subdomain.conf.sample b/adguard.subdomain.conf.sample index 73ea6f3fc..b0e22a4f0 100644 --- a/adguard.subdomain.conf.sample +++ b/adguard.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for adguard and that your adguard container is named adguard +## Version 2023/02/05 +# make sure that your adguard container is named adguard +# make sure that your dns has a cname set for adguard server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app adguard; diff --git a/adminer.subfolder.conf.sample b/adminer.subfolder.conf.sample index c9b0ee0af..e8b02243d 100644 --- a/adminer.subfolder.conf.sample +++ b/adminer.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# adminer does not require a base url setting, but the container needs to be named adminer +## Version 2023/02/05 +# make sure that your adminer container is named adminer +# adminer does not require a base url setting location /adminer { return 301 $scheme://$host/adminer/; @@ -16,6 +17,9 @@ location ^~ /adminer/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app adminer; diff --git a/adminmongo.subdomain.conf.sample b/adminmongo.subdomain.conf.sample index 509a6614f..8dfb8e856 100644 --- a/adminmongo.subdomain.conf.sample +++ b/adminmongo.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for adminmongo and that your adminmongo container is not using a base url +## Version 2023/02/05 +# make sure that your adminmongo container is named adminmongo +# make sure that your dns has a cname set for adminmongo server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app adminmongo; diff --git a/airsonic.subdomain.conf.sample b/airsonic.subdomain.conf.sample index 197bc7fb9..c44939bc2 100644 --- a/airsonic.subdomain.conf.sample +++ b/airsonic.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url +## Version 2023/02/05 +# make sure that your airsonic container is named airsonic +# make sure that your dns has a cname set for airsonic # add `server.use-forward-headers=true` to `/config/application.properties` to ensure logs contain real source IP server { @@ -18,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app airsonic; diff --git a/airsonic.subfolder.conf.sample b/airsonic.subfolder.conf.sample index aa97b1897..54b4f88d8 100644 --- a/airsonic.subfolder.conf.sample +++ b/airsonic.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your airsonic container is named airsonic +# make sure that airsonic is set to work with the base url /airsonic/ # set the CONTEXT_PATH variable to /airsonic in airsonic container. location ^~ /airsonic { @@ -12,6 +14,9 @@ location ^~ /airsonic { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app airsonic; diff --git a/apprise-api.subdomain.conf.sample b/apprise-api.subdomain.conf.sample index a5fd3a955..8ab68f3f8 100644 --- a/apprise-api.subdomain.conf.sample +++ b/apprise-api.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/08/16 -# make sure that your dns has a cname set for apprise-api and that your apprise-api container is not using a base url +## Version 2023/02/05 +# make sure that your apprise-api container is named apprise-api +# make sure that your dns has a cname set for apprise-api server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app apprise-api; diff --git a/archisteamfarm.subdomain.conf.sample b/archisteamfarm.subdomain.conf.sample index 7d5d589a2..334378318 100644 --- a/archisteamfarm.subdomain.conf.sample +++ b/archisteamfarm.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your archisteamfarm container is named archisteamfarm # make sure that your dns has a cname set for archisteamfarm server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app archisteamfarm; diff --git a/aria2-with-webui.subdomain.conf.sample b/aria2-with-webui.subdomain.conf.sample index 5223f6b04..b0b531339 100644 --- a/aria2-with-webui.subdomain.conf.sample +++ b/aria2-with-webui.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# Make sure that your dns has a cname set for aria2 and that your aria2-with-webui container is not using a base url +## Version 2023/02/05 +# make sure that your aria2 container is named aria2-with-webui +# make sure that your dns has a cname set for aria2 # # The RPC port will need to be changed to 443 in the AriaNg/WebUI-Aria2 settings or by using the AriaNg command api # e.g. https://aria2.example.com/#!/settings/rpc/set/https/aria2.example.com/443/jsonrpc @@ -21,6 +22,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -32,6 +36,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app aria2-with-webui; diff --git a/audiobookshelf.subdomain.conf.sample b/audiobookshelf.subdomain.conf.sample index 1e2c2869e..133819138 100644 --- a/audiobookshelf.subdomain.conf.sample +++ b/audiobookshelf.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for audiobookshelf and that your audiobookshelf container is not using a base url +## Version 2023/02/05 +# make sure that your audiobookshelf container is named audiobookshelf +# make sure that your dns has a cname set for audiobookshelf server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app audiobookshelf; diff --git a/audiobookshelf.subfolder.conf.sample b/audiobookshelf.subfolder.conf.sample index 94d1a5d9b..f97b5c33a 100644 --- a/audiobookshelf.subfolder.conf.sample +++ b/audiobookshelf.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your audiobookshelf container is named audiobookshelf +# make sure that audiobookshelf is set to work with the base url /audiobookshelf/ # set the CONTEXT_PATH variable to /audiobookshelf in audiobookshelf container. location ^~ /audiobookshelf { @@ -12,6 +14,9 @@ location ^~ /audiobookshelf { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app audiobookshelf; diff --git a/authelia.subdomain.conf.sample b/authelia.subdomain.conf.sample index 004920b38..af80d73ff 100644 --- a/authelia.subdomain.conf.sample +++ b/authelia.subdomain.conf.sample @@ -1,9 +1,10 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your authelia container is named authelia # make sure that your dns has a cname set for authelia -# the default authelia-server and authelia-location confs included with letsencrypt rely on -# subfolder proxy at "/authelia" and enabling of this proxy conf is not necessary. -# But if you'd like to use authelia via subdomain, you can enable this proxy and set up your own -# authelia-server and authelia-location confs as described in authelia docs. +# the default authelia-server and authelia-location confs included with swag rely on +# a built-in subfolder proxy at "/authelia" and enabling this proxy conf is not necessary. +# But if you'd like to use authelia via subdomain, you can enable this proxy and set +# the $authelia_backed variable in the authelia-server.conf. server { listen 443 ssl; diff --git a/authentik.subdomain.conf.sample b/authentik.subdomain.conf.sample new file mode 100644 index 000000000..1d4be05d0 --- /dev/null +++ b/authentik.subdomain.conf.sample @@ -0,0 +1,26 @@ +## Version 2023/02/05 +# make sure that your authentik container is named authentik-server +# make sure that your dns has a cname set for authentik + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name authentik.*; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + location / { + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app authentik-server; + set $upstream_port 9443; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + + proxy_set_header Host $host; + } +} diff --git a/babybuddy.subdomain.conf.sample b/babybuddy.subdomain.conf.sample index 1e0c21efa..f45810e8d 100644 --- a/babybuddy.subdomain.conf.sample +++ b/babybuddy.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your babybuddy container is named babybuddy # make sure that your dns has a cname set for babybuddy server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app babybuddy; diff --git a/bazarr.subdomain.conf.sample b/bazarr.subdomain.conf.sample index 61dc9c7bf..213bf1d6d 100644 --- a/bazarr.subdomain.conf.sample +++ b/bazarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for bazarr and that your bazarr container is not using a base url +## Version 2023/02/05 +# make sure that your bazarr container is named bazarr +# make sure that your dns has a cname set for bazarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bazarr; diff --git a/bazarr.subfolder.conf.sample b/bazarr.subfolder.conf.sample index 3b654476c..eede1dd1f 100644 --- a/bazarr.subfolder.conf.sample +++ b/bazarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into bazarr settings, under "General" set the URL Base to /bazarr/ and restart the bazarr container +## Version 2023/02/05 +# make sure that your bazarr container is named bazarr +# make sure that bazarr is set to work with the base url /bazarr/ location /bazarr { return 301 $scheme://$host/bazarr/; @@ -16,6 +17,9 @@ location ^~ /bazarr/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bazarr; diff --git a/beets.subdomain.conf.sample b/beets.subdomain.conf.sample index 80f953b6b..f48d62ba8 100644 --- a/beets.subdomain.conf.sample +++ b/beets.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your beets container is named beets +# make sure that your dns has a cname set for beets #First edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container. -#Make sure that your dns has a cname set for beets and that your beets container is not using a base url server { listen 443 ssl; @@ -18,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app beets; diff --git a/beets.subfolder.conf.sample b/beets.subfolder.conf.sample index fa47d93d6..7a19a0b9c 100644 --- a/beets.subfolder.conf.sample +++ b/beets.subfolder.conf.sample @@ -1,5 +1,7 @@ -## Version 2022/09/08 -#first edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container +## Version 2023/02/05 +# make sure that your beets container is named beets +# make sure that beets is set to work with the base url /beets/ +# first edit beets.yml and enable the reverse proxy settings, under "web" add "reverse_proxy: true" and restart the beets container location /beets { # enable the next two lines for http auth @@ -12,6 +14,9 @@ location /beets { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app beets; diff --git a/bitwarden.subdomain.conf.sample b/bitwarden.subdomain.conf.sample index 2499f59e1..652175ff8 100644 --- a/bitwarden.subdomain.conf.sample +++ b/bitwarden.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for bitwarden and that your bitwarden container is not using a base url -# make sure your bitwarden container is named "bitwarden" +## Version 2023/02/05 +# make sure that your bitwarden container is named bitwarden +# make sure that your dns has a cname set for bitwarden # set the environment variable WEBSOCKET_ENABLED=true on your bitwarden container server { @@ -19,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; @@ -50,6 +56,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; diff --git a/bitwarden.subfolder.conf.sample b/bitwarden.subfolder.conf.sample index 4817457ef..6794b9698 100644 --- a/bitwarden.subfolder.conf.sample +++ b/bitwarden.subfolder.conf.sample @@ -1,6 +1,9 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your bitwarden container is named bitwarden +# make sure that bitwarden is set to work with the base url /bitwarden/ ## Environmental Variable DOMAIN=https:///bitwarden must be set in bitwarden container including subfolder. ## This is using ports 80 and 3012 + location /bitwarden { return 301 $scheme://$host/bitwarden/; } @@ -16,6 +19,9 @@ location ^~ /bitwarden/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; @@ -36,6 +42,9 @@ location ~ (/bitwarden)?/admin { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bitwarden; diff --git a/boinc.subdomain.conf.sample b/boinc.subdomain.conf.sample index b97d195d1..406acbc92 100644 --- a/boinc.subdomain.conf.sample +++ b/boinc.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your boinc container is named boinc # make sure that your dns has a cname set for boinc server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app boinc; diff --git a/boinc.subfolder.conf.sample b/boinc.subfolder.conf.sample index 42d2be958..34184e1af 100644 --- a/boinc.subfolder.conf.sample +++ b/boinc.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your bionc container is named bionc +# make sure that bionc is set to work with the base url /bionc/ # In boinc docker arguments, set an env variable for SUBFOLDER=/boinc/ location /boinc { @@ -16,6 +18,9 @@ location ^~ /boinc/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app boinc; diff --git a/booksonic.subdomain.conf.sample b/booksonic.subdomain.conf.sample index 11508e6ca..3b854e8b8 100644 --- a/booksonic.subdomain.conf.sample +++ b/booksonic.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for booksonic and that your booksonic container is not using a base url +## Version 2023/02/05 +# make sure that your booksonic container is named booksonic +# make sure that your dns has a cname set for booksonic server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app booksonic; diff --git a/booksonic.subfolder.conf.sample b/booksonic.subfolder.conf.sample index 156d6b86e..37dfdf9cc 100644 --- a/booksonic.subfolder.conf.sample +++ b/booksonic.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your booksonic container is named booksonic +# make sure that booksonic is set to work with the base url /booksonic/ # set the CONTEXT_PATH variable to /booksonic in booksonic container. location ^~ /booksonic { @@ -12,6 +14,9 @@ location ^~ /booksonic { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app booksonic; diff --git a/bookstack.subdomain.conf.sample b/bookstack.subdomain.conf.sample index e61cea501..63ff03477 100644 --- a/bookstack.subdomain.conf.sample +++ b/bookstack.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for bookstack and that your bookstack container is named bookstack +## Version 2023/02/05 +# make sure that your bookstack container is named bookstack +# make sure that your dns has a cname set for bookstack # Ensure you have the APP_URL Environment Variable set correctly in your Docker Run/Compose or in BookStack Env File (/www/.env) # https://github.com/linuxserver/docker-bookstack#docker @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app bookstack; diff --git a/budge.subdomain.conf.sample b/budge.subdomain.conf.sample index ba8f55b13..c58792aff 100644 --- a/budge.subdomain.conf.sample +++ b/budge.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for budge and that your budge container is not using a base url +## Version 2023/02/05 +# make sure that your budge container is named budge +# make sure that your dns has a cname set for budge server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app budge; diff --git a/calibre-web.subdomain.conf.sample b/calibre-web.subdomain.conf.sample index bc7349d5b..54b14181e 100644 --- a/calibre-web.subdomain.conf.sample +++ b/calibre-web.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your calibre-web container is named calibre-web # make sure that your dns has a cname set for calibre-web server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -27,6 +31,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; # To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is # enabled, "Reverse Proxy Header Name" is set to Remote-User, and each Authelia # user also has a corresponding user manually created in Calibre-Web. diff --git a/calibre-web.subfolder.conf.sample b/calibre-web.subfolder.conf.sample index 4e58abeef..e28a272e7 100644 --- a/calibre-web.subfolder.conf.sample +++ b/calibre-web.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your calibre-web container is named calibre-web # calibre-web does not require a base url setting location /calibre-web { @@ -15,6 +16,9 @@ location ^~ /calibre-web/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; # To use Authelia to log in to Calibre-Web, make sure "Reverse Proxy Login" is # enabled, "Reverse Proxy Header Name" is set to Remote-User, and each Authelia # user also has a corresponding user manually created in Calibre-Web. diff --git a/calibre.subdomain.conf.sample b/calibre.subdomain.conf.sample index 6631479b9..4d0637d83 100644 --- a/calibre.subdomain.conf.sample +++ b/calibre.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your calibre container is named calibre # make sure that your dns has a cname set for calibre # for the content server, go into calibre preferences / sharing over the net / advanced and # set the first option for prefix url to '/content-server', save and restart the container @@ -20,6 +21,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +35,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; @@ -56,6 +63,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; diff --git a/calibre.subfolder.conf.sample b/calibre.subfolder.conf.sample index 31582740a..21cc09bba 100644 --- a/calibre.subfolder.conf.sample +++ b/calibre.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your calibre container is named calibre +# make sure that calibre is set to work with the base url /calibre/ # In calibre docker arguments, set an env variable for SUBFOLDER=/calibre/ # for the content server, go into calibre preferences / sharing over the net / advanced and # set the first option for prefix url to '/content-server', save and restart the container @@ -19,6 +21,9 @@ location ^~ /calibre/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; @@ -43,6 +48,9 @@ location ^~ /content-server/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app calibre; diff --git a/castopod.subdomain.conf.sample b/castopod.subdomain.conf.sample index f2a06ee9b..9544a7d22 100644 --- a/castopod.subdomain.conf.sample +++ b/castopod.subdomain.conf.sample @@ -1,5 +1,7 @@ -## Version 2022/10/06 -# make sure that your dns has a cname set for castopod and that your castopod container is not using a base url +## Version 2023/02/05 +# make sure that your castopod container is named castopod +# make sure that your dns has a cname set for castopod + server { listen 443 ssl; listen [::]:443 ssl; @@ -15,6 +17,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; location / { # enable the next two lines for http auth @@ -27,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app castopod; diff --git a/changedetection.subdomain.conf.sample b/changedetection.subdomain.conf.sample index 9058f8881..f9b30715b 100644 --- a/changedetection.subdomain.conf.sample +++ b/changedetection.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for changedetection and that your changedetection container is named changedetection +## Version 2023/02/05 +# make sure that your changedetection container is named changedetection +# make sure that your dns has a cname set for changedetection server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app changedetection; diff --git a/chevereto.subdomain.conf.sample b/chevereto.subdomain.conf.sample index c162bc2a2..6349fab40 100644 --- a/chevereto.subdomain.conf.sample +++ b/chevereto.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for chevereto and that your chevereto container is not using a base url +## Version 2023/02/05 +# make sure that your chevereto container is named chevereto +# make sure that your dns has a cname set for chevereto server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app chevereto; diff --git a/chronograf.subdomain.conf.sample b/chronograf.subdomain.conf.sample index 1d3e1c308..76c6e4c90 100644 --- a/chronograf.subdomain.conf.sample +++ b/chronograf.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# Make sure that your dns has a cname set for chronograf and that your chronograf container is not using a base url +## Version 2023/02/05 +# make sure that your chronograf container is named chronograf +# make sure that your dns has a cname set for chronograf server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app chronograf; diff --git a/chronograf.subfolder.conf.sample b/chronograf.subfolder.conf.sample index 63f57b2c6..0510f341a 100644 --- a/chronograf.subfolder.conf.sample +++ b/chronograf.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your chronograf container is named chronograf +# make sure that chronograf is set to work with the base url /chronograf/ # add BASE_PATH=/chronograf environment variable to your docker compose/run location /chronograf { @@ -16,6 +18,9 @@ location ^~ /chronograf/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app chronograf; diff --git a/cloudbeaver.subdomain.conf.sample b/cloudbeaver.subdomain.conf.sample index 89e860159..fe2944c61 100644 --- a/cloudbeaver.subdomain.conf.sample +++ b/cloudbeaver.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for cloudbeaver and that your cloudbeaver container is not using a base url -# tested using dbeaver/cloudbeaver +## Version 2023/02/05 +# make sure that your cloudbeaver container is named cloudbeaver +# make sure that your dns has a cname set for cloudbeaver server { listen 443 ssl; @@ -20,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app cloudbeaver; diff --git a/code-server.subdomain.conf.sample b/code-server.subdomain.conf.sample index 93a75c156..4c7abcb24 100644 --- a/code-server.subdomain.conf.sample +++ b/code-server.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your code-server container is named code-server # make sure that your dns has a cname set for code-server server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app code-server; diff --git a/codimd.subdomain.conf.sample b/codimd.subdomain.conf.sample index 94c2e9623..2eae937bd 100644 --- a/codimd.subdomain.conf.sample +++ b/codimd.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2022/09/08 +## Version 2023/02/05 # make sure you have added the following environmental variables to your run command/compose file # CMD_DOMAIN=codimd.server.com # CMD_PROTOCOL_USESSL=true @@ -19,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app codimd; diff --git a/collabora.subdomain.conf.sample b/collabora.subdomain.conf.sample index 3d830d3e1..712cfefb3 100644 --- a/collabora.subdomain.conf.sample +++ b/collabora.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for collabora and that your collabora container is named collabora +## Version 2023/02/05 +# make sure that your collabora container is named collabora +# make sure that your dns has a cname set for collabora server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app collabora; diff --git a/commento.subdomain.conf.sample b/commento.subdomain.conf.sample index 452114264..db45f6824 100644 --- a/commento.subdomain.conf.sample +++ b/commento.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for commento and that your commento config is not using a subdirectory. +## Version 2023/02/05 +# make sure that your commento container is named commento +# make sure that your dns has a cname set for commento server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app commento; diff --git a/couchpotato.subdomain.conf.sample b/couchpotato.subdomain.conf.sample index 4ab200f20..07a6671f8 100644 --- a/couchpotato.subdomain.conf.sample +++ b/couchpotato.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for couchpotato and that your couchpotato container is not using a base url +## Version 2023/02/05 +# make sure that your couchpotato container is named couchpotato +# make sure that your dns has a cname set for couchpotato server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app couchpotato; diff --git a/couchpotato.subfolder.conf.sample b/couchpotato.subfolder.conf.sample index 62bb85ff7..e416b1241 100644 --- a/couchpotato.subfolder.conf.sample +++ b/couchpotato.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into couchpotato settings, under "General" set the URL Base to /couchpotato and restart the couchpotato container +## Version 2023/02/05 +# make sure that your couchpotato container is named couchpotato +# make sure that couchpotato is set to work with the base url /couchpotato/ location ^~ /couchpotato { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /couchpotato { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app couchpotato; diff --git a/crontabui.subfolder.conf.sample b/crontabui.subfolder.conf.sample index ba2237173..0398d26b7 100644 --- a/crontabui.subfolder.conf.sample +++ b/crontabui.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your crontabui container is named crontabui # crontabui does not require a base url setting location /crontabui { @@ -16,6 +17,9 @@ location ^~ /crontabui/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app crontabui; diff --git a/crowdsec-dashboard.subdomain.conf.sample b/crowdsec-dashboard.subdomain.conf.sample index 3cc84f17c..61651e92e 100644 --- a/crowdsec-dashboard.subdomain.conf.sample +++ b/crowdsec-dashboard.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for crowdsec-dashboard and that your crowdsec-dashboard container is not using a base url +## Version 2023/02/05 +# make sure that your crowdsec-dashboard container is named crowdsec-dashboard +# make sure that your dns has a cname set for crowdsec-dashboard server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app crowdsec-dashboard; diff --git a/crowdsec.subdomain.conf.sample b/crowdsec.subdomain.conf.sample index 8dbb7a3fd..4274407be 100644 --- a/crowdsec.subdomain.conf.sample +++ b/crowdsec.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/08/26 -# make sure that your dns has a cname set for crowdsec and that your crowdsec container is not using a base url +## Version 2023/02/05 +# make sure that your crowdsec container is named crowdsec +# make sure that your dns has a cname set for crowdsec server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app crowdsec; diff --git a/dashy.subdomain.conf.sample b/dashy.subdomain.conf.sample index a4ffad808..3f136631f 100644 --- a/dashy.subdomain.conf.sample +++ b/dashy.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for dashy and that your dashy container is not using a base url +## Version 2023/02/05 +# make sure that your dashy container is named dashy +# make sure that your dns has a cname set for dashy server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dashy; diff --git a/deluge.subdomain.conf.sample b/deluge.subdomain.conf.sample index 6491d14c3..2f94ccd49 100644 --- a/deluge.subdomain.conf.sample +++ b/deluge.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for deluge and that your deluge container is not using a base url +## Version 2023/02/05 +# make sure that your deluge container is named deluge +# make sure that your dns has a cname set for deluge server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app deluge; diff --git a/deluge.subfolder.conf.sample b/deluge.subfolder.conf.sample index 9ed5e2ed1..74aab629d 100644 --- a/deluge.subfolder.conf.sample +++ b/deluge.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your deluge container is named deluge # deluge does not require a base url setting location /deluge { @@ -16,6 +17,9 @@ location ^~ /deluge/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app deluge; diff --git a/dillinger.subdomain.conf.sample b/dillinger.subdomain.conf.sample index ce04a81a4..081b345eb 100644 --- a/dillinger.subdomain.conf.sample +++ b/dillinger.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your dillinger container is named dillinger # make sure that your dns has a cname set for dillinger server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dillinger; diff --git a/documentserver.subdomain.conf.sample b/documentserver.subdomain.conf.sample index ac81a8e45..428116b40 100644 --- a/documentserver.subdomain.conf.sample +++ b/documentserver.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/09/08 -# Make sure that your dns has a cname set for onlyoffice named "documentserver" -# Make sure that the onlyoffice documentserver container is named "documentserver" +## Version 2023/02/05 +# make sure that your onlyoffice documentserver container is named documentserver +# make sure that your dns has a cname set for documentserver server { listen 443 ssl; @@ -18,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app documentserver; diff --git a/dokuwiki.subdomain.conf.sample b/dokuwiki.subdomain.conf.sample index 3a0995b2a..8e05e128a 100644 --- a/dokuwiki.subdomain.conf.sample +++ b/dokuwiki.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2022/09/08 -# First complete the setup by appending install.php to URL. -# Make sure that your dns has a cname set for dokuwiki +## Version 2023/02/05 +# make sure that your dokuwiki container is named dokuwiki +# make sure that your dns has a cname set for dokuwiki +# complete the setup by appending install.php to URL server { listen 443 ssl; @@ -18,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dokuwiki; diff --git a/dokuwiki.subfolder.conf.sample b/dokuwiki.subfolder.conf.sample index e8cc6a33b..401968fd4 100644 --- a/dokuwiki.subfolder.conf.sample +++ b/dokuwiki.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your dokuwiki container is named dokuwiki +# make sure that dokuwiki is set to work with the base url /dokuwiki/ # first go into dokuwiki settings (Admin on the top left when Logged in), under "Configuration Settings" set the "basedir" to /dokuwiki/ and restart the dokuwiki container location /dokuwiki { @@ -16,6 +18,9 @@ location ^~ /dokuwiki/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dokuwiki; diff --git a/domoticz.subdomain.conf.sample b/domoticz.subdomain.conf.sample index e37ff1f80..3311a045c 100644 --- a/domoticz.subdomain.conf.sample +++ b/domoticz.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# Make sure that your dns has a cname set for domoticz and that your domoticz container is not using a base url +## Version 2023/02/05 +# make sure that your domoticz container is named domoticz +# make sure that your dns has a cname set for domoticz server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app domoticz; diff --git a/domoticz.subfolder.conf.sample b/domoticz.subfolder.conf.sample index 81f1ee6a0..9bca758be 100644 --- a/domoticz.subfolder.conf.sample +++ b/domoticz.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your domoticz container is named domoticz +# make sure that domoticz is set to work with the base url /domoticz/ # set the WEBROOT variable to domoticz for the domoticz container. location ^~ /domoticz/ { @@ -12,6 +14,9 @@ location ^~ /domoticz/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app domoticz; diff --git a/dozzle.subdomain.conf.sample b/dozzle.subdomain.conf.sample index 575e825c6..cc21037e3 100644 --- a/dozzle.subdomain.conf.sample +++ b/dozzle.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for dozzle and that your dozzle container is named dozzle +## Version 2023/02/05 +# make sure that your dozzle container is named dozzle +# make sure that your dns has a cname set for dozzle server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dozzle; diff --git a/dozzle.subfolder.conf.sample b/dozzle.subfolder.conf.sample index 2449c258a..b0cd5bd43 100644 --- a/dozzle.subfolder.conf.sample +++ b/dozzle.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your dozzle container is named dozzle +# make sure that dozzle is set to work with the base url /dozzle/ # First either add "--base /dozzle" or "-e DOZZLE_BASE=/dozzle" to your docker run command, and restart the Dozzle container location /dozzle { @@ -16,6 +18,9 @@ location ^~ /dozzle/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app dozzle; diff --git a/drone.subdomain.conf.sample b/drone.subdomain.conf.sample index e05726740..7d016f2a4 100644 --- a/drone.subdomain.conf.sample +++ b/drone.subdomain.conf.sample @@ -1,4 +1,7 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your drone container is named drone +# make sure that your dns has a cname set for drone + server { listen 443 ssl; listen [::]:443 ssl; @@ -15,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -26,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app drone; diff --git a/duplicati.subdomain.conf.sample b/duplicati.subdomain.conf.sample index 8af8a78db..f33324988 100644 --- a/duplicati.subdomain.conf.sample +++ b/duplicati.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for duplicati and that your duplicati container is not using a base url +## Version 2023/02/05 +# make sure that your duplicati container is named duplicati +# make sure that your dns has a cname set for duplicati server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app duplicati; diff --git a/duplicati.subfolder.conf.sample b/duplicati.subfolder.conf.sample index 77b592eb7..264000604 100644 --- a/duplicati.subfolder.conf.sample +++ b/duplicati.subfolder.conf.sample @@ -1,5 +1,7 @@ -## Version 2022/09/08 -# duplicati does not require a base url setting. DUPLICATI AUTH WILL NOT WORK WITH THIS CONFIG, use the auth options below +## Version 2023/02/05 +# make sure that your duplicati container is named duplicati +# duplicati does not require a base url setting +# DUPLICATI AUTH WILL NOT WORK WITH THIS CONFIG, use the auth options below location /duplicati { return 301 $scheme://$host/duplicati/; @@ -16,6 +18,9 @@ location ^~ /duplicati/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app duplicati; diff --git a/emby.subdomain.conf.sample b/emby.subdomain.conf.sample index 936d10288..b843ad29a 100644 --- a/emby.subdomain.conf.sample +++ b/emby.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for emby and that your emby container is not using a base url +## Version 2023/02/05 +# make sure that your emby container is named emby +# make sure that your dns has a cname set for emby # if emby is running in bridge mode and the container is named "emby", the below config should work as is # if not, replace the line "set $upstream_app emby;" with "set $upstream_app ;" # or "set $upstream_app ;" for host mode, HOSTIP being the IP address of emby diff --git a/emby.subfolder.conf.sample b/emby.subfolder.conf.sample index 0fcc69390..b2295c74a 100644 --- a/emby.subfolder.conf.sample +++ b/emby.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for emby +## Version 2023/02/05 +# make sure that your emby container is named emby +# emby does not require a base url setting # if emby is running in bridge mode and the container is named "emby", the below config should work as is # if not, replace the line "set $upstream_app emby;" with "set $upstream_app ;" # or "set $upstream_app ;" for host mode, HOSTIP being the IP address of emby diff --git a/embystat.subdomain.conf.sample b/embystat.subdomain.conf.sample index 7b78a990a..a738468b5 100644 --- a/embystat.subdomain.conf.sample +++ b/embystat.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your embystat container is named embystat # make sure that your dns has a cname set for embystat server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app embystat; diff --git a/emulatorjs.subdomain.conf.sample b/emulatorjs.subdomain.conf.sample index 32b382479..92b05c28b 100644 --- a/emulatorjs.subdomain.conf.sample +++ b/emulatorjs.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your emulatorjs container is named emulatorjs # make sure that your dns has a cname set for emulatorjs # In emulatorjs docker arguments, set an env variable for SUBFOLDER=/backend/ # The backend interface will be accessible at https://emulatorjs.yourdomain.com/backend/ @@ -20,6 +21,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +35,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app emulatorjs; @@ -54,6 +61,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app emulatorjs; diff --git a/filebot.subdomain.conf.sample b/filebot.subdomain.conf.sample index f8c0d0830..1593399a7 100644 --- a/filebot.subdomain.conf.sample +++ b/filebot.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for filebot and that your filebot container is not using a base url +## Version 2023/02/05 +# make sure that your filebot container is named filebot +# make sure that your dns has a cname set for filebot server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebot; diff --git a/filebot.subfolder.conf.sample b/filebot.subfolder.conf.sample index aaa204d9f..20a743087 100644 --- a/filebot.subfolder.conf.sample +++ b/filebot.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your filebot container is named filebot # filebot does not require a base url setting location /filebot { @@ -16,6 +17,9 @@ location ^~ /filebot/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebot; diff --git a/filebrowser.subdomain.conf.sample b/filebrowser.subdomain.conf.sample index 81c6dbebf..194815fa4 100644 --- a/filebrowser.subdomain.conf.sample +++ b/filebrowser.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for filebrowser and that your filebrowser container is not using a base url +## Version 2023/02/05 +# make sure that your filebrowser container is named filebrowser +# make sure that your dns has a cname set for filebrowser server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebrowser; diff --git a/filebrowser.subfolder.conf.sample b/filebrowser.subfolder.conf.sample index 83018214c..8c7ceaf5d 100644 --- a/filebrowser.subfolder.conf.sample +++ b/filebrowser.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/12/25 +## Version 2023/02/05 +# make sure that your filebrowser container is named filebrowser +# make sure that filebrowser is set to work with the base url /filebrowser/ # set this environment variable on your filebrowser container FB_BASEURL=/filebrowser location /filebrowser { @@ -16,6 +18,9 @@ location ^~ /filebrowser/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app filebrowser; diff --git a/firefly.subdomain.conf.sample b/firefly.subdomain.conf.sample index f06b2f573..b30494c93 100644 --- a/firefly.subdomain.conf.sample +++ b/firefly.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for firefly and that your firefly container is not using a base url +## Version 2023/02/05 +# make sure that your firefly container is named firefly +# make sure that your dns has a cname set for firefly server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app firefly; diff --git a/firefox.subdomain.conf.sample b/firefox.subdomain.conf.sample index 3a9401e04..d12cff624 100644 --- a/firefox.subdomain.conf.sample +++ b/firefox.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for firefox and that your firefox container is not using a base url +## Version 2023/02/05 +# make sure that your firefox container is named firefox +# make sure that your dns has a cname set for firefox server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app firefox; diff --git a/flexget.subdomain.conf.sample b/flexget.subdomain.conf.sample index 9c7b787e9..827ddc86c 100644 --- a/flexget.subdomain.conf.sample +++ b/flexget.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your flexget container is named flexget # make sure that your dns has a cname set for flexget server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app flexget; diff --git a/flexget.subfolder.conf.sample b/flexget.subfolder.conf.sample index 87ff4a0cc..9b0d782f3 100644 --- a/flexget.subfolder.conf.sample +++ b/flexget.subfolder.conf.sample @@ -1,34 +1,45 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your flexget container is named flexget +# make sure that flexget is set to work with the base url /flexget/ # make sure to set 'base_url: /flexget' under your flexget's config.yml web_server block -# + location /flexget { return 301 $scheme://$host/flexget/; } - location ^~ /flexget/ { - # enable the next two lines for http auth - #auth_basic "Restricted"; - #auth_basic_user_file /config/nginx/.htpasswd; - - # enable for ldap auth (requires ldap-server.conf in the server block) - #include /config/nginx/ldap-location.conf; - - # enable for Authelia (requires authelia-server.conf in the server block) - #include /config/nginx/authelia-location.conf; - - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app flexget; - set $upstream_port 5050; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; - } - - location ^~ /flexget/api/ { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app flexget; - set $upstream_port 5050; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; - } +location ^~ /flexget/ { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; + + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + # enable for Authelia (requires authelia-server.conf in the server block) + #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app flexget; + set $upstream_port 5050; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} + +location ^~ /flexget/api/ { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app flexget; + set $upstream_port 5050; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} diff --git a/flood.subdomain.conf.sample b/flood.subdomain.conf.sample index fd5f52eb5..dd5c9061d 100644 --- a/flood.subdomain.conf.sample +++ b/flood.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for flood and that your flood container is not using a base url +## Version 2023/02/05 +# make sure that your flood container is named flood +# make sure that your dns has a cname set for flood server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app flood; diff --git a/flood.subfolder.conf.sample b/flood.subfolder.conf.sample index ec1415eb9..6b16d65b0 100644 --- a/flood.subfolder.conf.sample +++ b/flood.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your flood container is named flood # flood does not require a base url setting location /flood { @@ -16,6 +17,9 @@ location ^~ /flood/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app flood; diff --git a/foldingathome.subdomain.conf.sample b/foldingathome.subdomain.conf.sample index aff5b0956..fe66399b7 100644 --- a/foldingathome.subdomain.conf.sample +++ b/foldingathome.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your foldingathome container is named foldingathome # make sure that your dns has a cname set for foldingathome server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; proxy_buffering off; include /config/nginx/resolver.conf; diff --git a/foundryvtt.subdomain.conf.sample b/foundryvtt.subdomain.conf.sample index af61d2aa2..ea62cb97e 100644 --- a/foundryvtt.subdomain.conf.sample +++ b/foundryvtt.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your foundryvtt container is named foundryvtt # make sure that your dns has a cname set for foundryvtt # Ensure that your Foundry VTT's {userData}/Config/options.json file is configured as follows: # "hostname": "your.hostname.com", @@ -26,6 +27,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -37,6 +41,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app foundryvtt; diff --git a/freshrss.subdomain.conf.sample b/freshrss.subdomain.conf.sample index 34a61eb9e..fa338b1f5 100644 --- a/freshrss.subdomain.conf.sample +++ b/freshrss.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your freshrss container is named freshrss # make sure that your dns has a cname set for freshrss server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app freshrss; diff --git a/freshrss.subfolder.conf.sample b/freshrss.subfolder.conf.sample index 91adef9b4..208d400a2 100644 --- a/freshrss.subfolder.conf.sample +++ b/freshrss.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# freshrss does not have a base url setting +## Version 2023/02/05 +# make sure that your freshrss container is named freshrss +# freshrss does not require a base url setting location /freshrss { return 301 $scheme://$host/freshrss/; @@ -16,6 +17,9 @@ location ^~ /freshrss/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app freshrss; diff --git a/gaps.subdomain.conf.sample b/gaps.subdomain.conf.sample index 7ef603b07..3753a9321 100644 --- a/gaps.subdomain.conf.sample +++ b/gaps.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for gaps and that your gaps container is not using a base url +## Version 2023/02/05 +# make sure that your gaps container is named gaps +# make sure that your dns has a cname set for gaps server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gaps; diff --git a/gaps.subfolder.conf.sample b/gaps.subfolder.conf.sample index ec81bf95e..9f99ff760 100644 --- a/gaps.subfolder.conf.sample +++ b/gaps.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your gaps container is named gaps +# make sure that gaps is set to work with the base url /gaps/ # In your Docker compose (or docker run) add: BASE_URL: /gaps location /gaps { @@ -16,6 +18,9 @@ location ^~ /gaps/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gaps; diff --git a/get_iplayer.subdomain.conf.sample b/get_iplayer.subdomain.conf.sample index d3e698f97..d4a89c9da 100644 --- a/get_iplayer.subdomain.conf.sample +++ b/get_iplayer.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for get_iplayer and that your get_iplayer container is named get_iplayer +## Version 2023/02/05 +# make sure that your get_iplayer container is named get_iplayer +# make sure that your dns has a cname set for get_iplayer server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app get_iplayer; diff --git a/ghost.subdomain.conf.sample b/ghost.subdomain.conf.sample index 4c9c1b7bb..e535a72b3 100644 --- a/ghost.subdomain.conf.sample +++ b/ghost.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for ghost and that your ghost config is not using a subdirectory. +## Version 2023/02/05 +# make sure that your ghost container is named ghost +# make sure that your dns has a cname set for ghost server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ghost; diff --git a/ghost.subfolder.conf.sample b/ghost.subfolder.conf.sample index 482a59046..5673ccc82 100644 --- a/ghost.subfolder.conf.sample +++ b/ghost.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your ghost container is named ghost +# make sure that ghost is set to work with the base url /ghost/ # Make sure you are using a subfolder in your ghost config file. https://ghost.org/docs/concepts/config/#url # Note: /ghost/ is by default used for the admin page. See https://ghost.org/docs/concepts/config/#admin-url @@ -13,6 +15,9 @@ location /blog { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ghost; diff --git a/gitea.subdomain.conf.sample b/gitea.subdomain.conf.sample index d9d33d4e9..c51fa5b82 100644 --- a/gitea.subdomain.conf.sample +++ b/gitea.subdomain.conf.sample @@ -1,5 +1,7 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for gitea and the following parameters in /data/gitea/conf/app.ini are edited +## Version 2023/02/05 +# make sure that your gitea container is named gitea +# make sure that your dns has a cname set for gitea +# edit the following parameters in /data/gitea/conf/app.ini # [server] # SSH_DOMAIN = gitea.server.com # ROOT_URL = https://gitea.server.com/ @@ -21,6 +23,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -32,6 +37,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gitea; diff --git a/gitea.subfolder.conf.sample b/gitea.subfolder.conf.sample index 7f056d415..14f84a7fb 100644 --- a/gitea.subfolder.conf.sample +++ b/gitea.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your gitea container is named gitea +# make sure that gitea is set to work with the base url /gitea/ # The following parameters in /data/gitea/conf/app.ini should be edited to match your setup # [server] # SSH_DOMAIN = example.com:2222 diff --git a/glances.subdomain.conf.sample b/glances.subdomain.conf.sample index a6c63a82e..d0baef0f3 100644 --- a/glances.subdomain.conf.sample +++ b/glances.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for glances and that your glances container is not using a base url +## Version 2023/02/05 +# make sure that your glances container is named glances +# make sure that your dns has a cname set for glances server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app glances; diff --git a/glances.subfolder.conf.sample b/glances.subfolder.conf.sample index 80a2f9d09..b4da5f4cf 100644 --- a/glances.subfolder.conf.sample +++ b/glances.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your glances container is named glances # glances does not require a base url setting location /glances { @@ -16,6 +17,9 @@ location ^~ /glances/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app glances; diff --git a/gotify.subdomain.conf.sample b/gotify.subdomain.conf.sample index e391511d3..b0f24a8cd 100644 --- a/gotify.subdomain.conf.sample +++ b/gotify.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your gotify container is named gotify # make sure that your dns has a cname set for gotify server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gotify; diff --git a/gotify.subfolder.conf.sample b/gotify.subfolder.conf.sample index 5d8118ecf..aae75b850 100644 --- a/gotify.subfolder.conf.sample +++ b/gotify.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# gotify doesn't require a base url +## Version 2023/02/05 +# make sure that your gotify container is named gotify +# gotify does not require a base url setting location /gotify { return 301 $scheme://$host/gotify/; @@ -16,6 +17,9 @@ location /gotify/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app gotify; diff --git a/grafana.subdomain.conf.sample b/grafana.subdomain.conf.sample index 0db34f209..b1346f7e5 100644 --- a/grafana.subdomain.conf.sample +++ b/grafana.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for grafana and that your grafana container is not using a base url +## Version 2023/02/05 +# make sure that your grafana container is named grafana +# make sure that your dns has a cname set for grafana server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app grafana; diff --git a/grafana.subfolder.conf.sample b/grafana.subfolder.conf.sample index f283e1158..7e026af1e 100644 --- a/grafana.subfolder.conf.sample +++ b/grafana.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your grafana container is named grafana +# make sure that grafana is set to work with the base url /grafana/ # grafana requires environment variables set thus: # environment: # - "GF_SERVER_ROOT_URL=https://my.domain.com/grafana" @@ -15,6 +17,9 @@ location ^~ /grafana/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_grafana grafana; diff --git a/graylog.subdomain.conf.sample b/graylog.subdomain.conf.sample index 309fe484d..2b1b4f666 100644 --- a/graylog.subdomain.conf.sample +++ b/graylog.subdomain.conf.sample @@ -1,7 +1,8 @@ -## Version 2022/10/05 +## Version 2023/02/05 +# make sure that your graylog container is named graylog +# make sure that your dns has a cname set for graylog # Ensure the upstream_port matches your GRAYLOG_HTTP_BIND_ADDRESS port # This conf assumes GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:9000 -# make sure that your dns has a cname set for graylog and that your graylog container is not using a base url server { listen 443 ssl; @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app graylog; diff --git a/grocy.subdomain.conf.sample b/grocy.subdomain.conf.sample index 3464be041..736bd9ad2 100644 --- a/grocy.subdomain.conf.sample +++ b/grocy.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your grocy container is named grocy # make sure that your dns has a cname set for grocy server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app grocy; diff --git a/guacamole.subdomain.conf.sample b/guacamole.subdomain.conf.sample index bb717619d..bc5a1ebf8 100644 --- a/guacamole.subdomain.conf.sample +++ b/guacamole.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for guacamole and that your guacamole container is not using a base url +## Version 2023/02/05 +# make sure that your guacamole container is named guacamole +# make sure that your dns has a cname set for guacamole server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app guacamole; diff --git a/guacamole.subfolder.conf.sample b/guacamole.subfolder.conf.sample index 2b139e7b6..b1355f286 100644 --- a/guacamole.subfolder.conf.sample +++ b/guacamole.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your guacamole container is named guacamole # guacamole does not require a base url setting location /guacamole { @@ -16,6 +17,9 @@ location ^~ /guacamole/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app guacamole; diff --git a/hass-configurator.subdomain.conf.sample b/hass-configurator.subdomain.conf.sample index e0afbad4e..1575a42c0 100644 --- a/hass-configurator.subdomain.conf.sample +++ b/hass-configurator.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for hass configurator +## Version 2023/02/05 +# make sure that your hass container is named hass +# make sure that your dns has a cname set for hass # this proxy configuration file is for the hass-configurator-docker container that is used # in the hassos addon store (https://github.com/CausticLab/hass-configurator-docker) @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app hass-configurator; diff --git a/headphones.subdomain.conf.sample b/headphones.subdomain.conf.sample index 8ed64051d..ddee5b363 100644 --- a/headphones.subdomain.conf.sample +++ b/headphones.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your headphones container is named headphones # make sure that your dns has a cname set for headphones server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app headphones; diff --git a/headphones.subfolder.conf.sample b/headphones.subfolder.conf.sample index ab6ecc557..d1dd19880 100644 --- a/headphones.subfolder.conf.sample +++ b/headphones.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your headphones container is named headphones +# make sure that headphones is set to work with the base url /headphones/ # first stop the headphones container and edit the config.ini for headphones and set http_root to /headphones and then start the headphones container location ^~ /headphones { @@ -12,6 +14,9 @@ location ^~ /headphones { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app headphones; diff --git a/healthchecks.subdomain.conf.sample b/healthchecks.subdomain.conf.sample index 31e389f06..10592c3a6 100644 --- a/healthchecks.subdomain.conf.sample +++ b/healthchecks.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for and that your container is not using a base url +## Version 2023/02/05 +# make sure that your healthchecks container is named healthchecks +# make sure that your dns has a cname set for healthchecks # make sure your Healthchecks ALLOWED_HOSTS and SITE_ROOT align with the server_name used in this conf. server { @@ -18,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app healthchecks; diff --git a/hedgedoc.subdomain.conf.sample b/hedgedoc.subdomain.conf.sample index a3da7de9e..69bf395f8 100644 --- a/hedgedoc.subdomain.conf.sample +++ b/hedgedoc.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2022/09/08 +## Version 2023/02/05 # make sure you set the following environment variables in your docker arguments # CMD_DOMAIN=hedgedoc.server.com # CMD_URL_ADDPORT=false @@ -20,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app hedgedoc; diff --git a/heimdall.subdomain.conf.sample b/heimdall.subdomain.conf.sample index 1e94ffb3a..519a7f6aa 100644 --- a/heimdall.subdomain.conf.sample +++ b/heimdall.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your heimdall container is named heimdall # make sure that your dns has a cname set for heimdall server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app heimdall; diff --git a/heimdall.subfolder.conf.sample b/heimdall.subfolder.conf.sample index c4e112068..56e69260c 100644 --- a/heimdall.subfolder.conf.sample +++ b/heimdall.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your heimdall container is named heimdall # In order to use this location block you need to edit the default file one folder up and comment out the / location location / { @@ -12,6 +13,9 @@ location / { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app heimdall; diff --git a/homeassistant.subdomain.conf.sample b/homeassistant.subdomain.conf.sample index 08abac29a..954ba1cfb 100644 --- a/homeassistant.subdomain.conf.sample +++ b/homeassistant.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url +## Version 2023/02/05 +# make sure that your homeassistant container is named homeassistant +# make sure that your dns has a cname set for homeassistant # As of homeassistant 2021.7.0, it is now required to define the network range your proxy resides in, this is done in Homeassitants configuration.yaml # https://www.home-assistant.io/integrations/http/#trusted_proxies @@ -26,6 +27,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -37,6 +41,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app homeassistant; diff --git a/homebridge.subdomain.conf.sample b/homebridge.subdomain.conf.sample index 13b553184..2178828db 100644 --- a/homebridge.subdomain.conf.sample +++ b/homebridge.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for homebridge and that your homebridge container is not using a base url +## Version 2023/02/05 +# make sure that your homebridge container is named homebridge +# make sure that your dns has a cname set for homebridge server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app homebridge; # change to host IP if using host networking mode diff --git a/homer.subdomain.conf.sample b/homer.subdomain.conf.sample index cb078d112..6dd908232 100644 --- a/homer.subdomain.conf.sample +++ b/homer.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for homer and that your homer container is not using a base url +## Version 2023/02/05 +# make sure that your homer container is named homer +# make sure that your dns has a cname set for homer server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app homer; diff --git a/huginn.subdomain.conf.sample b/huginn.subdomain.conf.sample index 698658b0c..ffba571db 100644 --- a/huginn.subdomain.conf.sample +++ b/huginn.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your huginn container is named huginn # make sure that your dns has a cname set for huginn server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app huginn; diff --git a/influxdb.subdomain.conf.sample b/influxdb.subdomain.conf.sample index 915483083..9285c5f31 100644 --- a/influxdb.subdomain.conf.sample +++ b/influxdb.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for influxdb and that your influxdb container is not using a base url +## Version 2023/02/05 +# make sure that your influxdb container is named influxdb +# make sure that your dns has a cname set for influxdb server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app influxdb; diff --git a/jackett.subdomain.conf.sample b/jackett.subdomain.conf.sample index b021b4f78..9c6973dc3 100644 --- a/jackett.subdomain.conf.sample +++ b/jackett.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for jackett and that your jackett container is not using a base url +## Version 2023/02/05 +# make sure that your jackett container is named jackett +# make sure that your dns has a cname set for jackett server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jackett; diff --git a/jackett.subfolder.conf.sample b/jackett.subfolder.conf.sample index ada717e61..030b96cd7 100644 --- a/jackett.subfolder.conf.sample +++ b/jackett.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into jackett settings, set the URL Base to /jackett and restart the jackett container +## Version 2023/02/05 +# make sure that your jackett container is named jackett +# make sure that jackett is set to work with the base url /jackett/ location ^~ /jackett { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /jackett { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jackett; diff --git a/jdownloader.subdomain.conf.sample b/jdownloader.subdomain.conf.sample index 21eaad6b4..797c7914b 100644 --- a/jdownloader.subdomain.conf.sample +++ b/jdownloader.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for jdownloader and that your jdownloader container is not using a base url +## Version 2023/02/05 +# make sure that your jdownloader container is named jdownloader +# make sure that your dns has a cname set for jdownloader server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jdownloader; diff --git a/jellyfin.subdomain.conf.sample b/jellyfin.subdomain.conf.sample index 489f34cbc..5a8dcb489 100644 --- a/jellyfin.subdomain.conf.sample +++ b/jellyfin.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/05/18 +## Version 2023/02/05 +# make sure that your jellyfin container is named jellyfin # make sure that your dns has a cname set for jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app ;" diff --git a/jellyfin.subfolder.conf.sample b/jellyfin.subfolder.conf.sample index fbbc5c297..8c7af8583 100644 --- a/jellyfin.subfolder.conf.sample +++ b/jellyfin.subfolder.conf.sample @@ -1,5 +1,5 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for jellyfin +## Version 2023/02/05 +# make sure that your jellyfin container is named jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app ;" # or "set $upstream_app ;" for host mode, HOSTIP being the IP address of jellyfin diff --git a/jellyseerr.subdomain.conf.sample b/jellyseerr.subdomain.conf.sample index c708e1047..20a75f049 100644 --- a/jellyseerr.subdomain.conf.sample +++ b/jellyseerr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for jellyseerr and that your jellyseerr container is named jellyseerr +## Version 2023/02/05 +# make sure that your jellyseerr container is named jellyseerr +# make sure that your dns has a cname set for jellyseerr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jellyseerr; diff --git a/jenkins.subfolder.conf.sample b/jenkins.subfolder.conf.sample index 357346a58..ac6e7e24d 100644 --- a/jenkins.subfolder.conf.sample +++ b/jenkins.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your jenkins container is named jenkins +# make sure that jenkins is set to work with the base url /jenkins/ # First either add '--prefix=/jenkins' or '-e JENKINS_OPTS="--prefix=/jenkins"' to your docker run command, and restart the Jenkins container. # Also be sure to add '/jenkins/' to your URL under: Jenkins > Configuration > Manage Jenkins > Jenkins URL @@ -17,6 +19,9 @@ location ^~ /jenkins/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jenkins; diff --git a/kanzi.subdomain.conf.sample b/kanzi.subdomain.conf.sample index a883b971a..0a9ad931a 100644 --- a/kanzi.subdomain.conf.sample +++ b/kanzi.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your kanzi container is named kanzi # make sure that your dns has a cname set for kanzi server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app kanzi; diff --git a/kanzi.subfolder.conf.sample b/kanzi.subfolder.conf.sample index 6cd1a6775..5ec965ddc 100644 --- a/kanzi.subfolder.conf.sample +++ b/kanzi.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# kanzi does not have a base url setting +## Version 2023/02/05 +# make sure that your kanzi container is named kanzi +# kanzi does not require a base url setting location /kanzi { return 301 $scheme://$host/kanzi/; @@ -16,6 +17,9 @@ location ^~ /kanzi/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app kanzi; diff --git a/kavita.subdomain.conf.sample b/kavita.subdomain.conf.sample index e69d5c011..207b82df5 100644 --- a/kavita.subdomain.conf.sample +++ b/kavita.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for kavita and that your kavita container is not using a base url +## Version 2023/02/05 +# make sure that your kavita container is named kavita +# make sure that your dns has a cname set for kavita server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app kavita; diff --git a/komga.subdomain.conf.sample b/komga.subdomain.conf.sample index f1b11cfdc..418fd0e75 100644 --- a/komga.subdomain.conf.sample +++ b/komga.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for komga and that your komga container is not using a base url +## Version 2023/02/05 +# make sure that your komga container is named komga +# make sure that your dns has a cname set for komga server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; diff --git a/komga.subfolder.conf.sample b/komga.subfolder.conf.sample index 5e58c16fb..7e6c78031 100644 --- a/komga.subfolder.conf.sample +++ b/komga.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your komga container is named komga +# make sure that komga is set to work with the base url /komga/ # First make sure your Container has set an Baseurl set via docker-compose File "envirnoment: SERVER_SERVLET_CONTEXT_PATH=/komga" and recreate the container. location /komga { @@ -16,6 +18,9 @@ location ^~ /komga/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app komga; diff --git a/lazylibrarian.subdomain.conf.sample b/lazylibrarian.subdomain.conf.sample index 426afc757..342af8352 100644 --- a/lazylibrarian.subdomain.conf.sample +++ b/lazylibrarian.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your lazylibrarian container is named lazylibrarian # make sure that your dns has a cname set for lazylibrarian server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lazylibrarian; diff --git a/lazylibrarian.subfolder.conf.sample b/lazylibrarian.subfolder.conf.sample index 0d233414e..2ba4c2143 100644 --- a/lazylibrarian.subfolder.conf.sample +++ b/lazylibrarian.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into lazylibrarian settings, under "Interface" set the URL Base to /lazylibrarian and restart the lazylibrarian container +## Version 2023/02/05 +# make sure that your lazylibrarian container is named lazylibrarian +# make sure that lazylibrarian is set to work with the base url /lazylibrarian/ location ^~ /lazylibrarian { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /lazylibrarian { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lazylibrarian; diff --git a/librespeed.subdomain.conf.sample b/librespeed.subdomain.conf.sample index 27c4301c9..832844479 100644 --- a/librespeed.subdomain.conf.sample +++ b/librespeed.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your librespeed container is named librespeed # make sure that your dns has a cname set for librespeed server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app librespeed; diff --git a/lidarr.subdomain.conf.sample b/lidarr.subdomain.conf.sample index 0e5e96bdf..ccdfe3675 100644 --- a/lidarr.subdomain.conf.sample +++ b/lidarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for lidarr and that your lidarr container is not using a base url +## Version 2023/02/05 +# make sure that your lidarr container is named lidarr +# make sure that your dns has a cname set for lidarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lidarr; diff --git a/lidarr.subfolder.conf.sample b/lidarr.subfolder.conf.sample index 9868d21c5..dac4f2898 100644 --- a/lidarr.subfolder.conf.sample +++ b/lidarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into lidarr settings, under "General" set the URL Base to /lidarr and restart the lidarr container +## Version 2023/02/05 +# make sure that your lidarr container is named lidarr +# make sure that lidarr is set to work with the base url /lidarr/ location ^~ /lidarr { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /lidarr { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lidarr; diff --git a/lldap.subdomain.conf.sample b/lldap.subdomain.conf.sample index 4c257a2a8..684ee7734 100644 --- a/lldap.subdomain.conf.sample +++ b/lldap.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for lldap and that your lldap container is not using a base url +## Version 2023/02/05 +# make sure that your lldap container is named lldap +# make sure that your dns has a cname set for lldap server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lldap; diff --git a/lychee.subdomain.conf.sample b/lychee.subdomain.conf.sample index e4955ab17..80d326035 100644 --- a/lychee.subdomain.conf.sample +++ b/lychee.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your lychee container is named lychee # make sure that your dns has a cname set for lychee server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lychee; diff --git a/lychee.subfolder.conf.sample b/lychee.subfolder.conf.sample index 2d77c6253..4b8f6adbe 100644 --- a/lychee.subfolder.conf.sample +++ b/lychee.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your lychee container is named lychee # lychee does not require a base url setting location /lychee { @@ -16,6 +17,9 @@ location /lychee/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app lychee; diff --git a/mailu.subdomain.conf.sample b/mailu.subdomain.conf.sample index 49aa84a69..c9af6fdb6 100644 --- a/mailu.subdomain.conf.sample +++ b/mailu.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for mailu and that your mailu front container is named front +## Version 2023/02/05 +# make sure that your mailu container is named front +# make sure that your dns has a cname set for mailu server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app front; diff --git a/mailu.subfolder.conf.sample b/mailu.subfolder.conf.sample index 2f96d1d34..d6c7481c5 100644 --- a/mailu.subfolder.conf.sample +++ b/mailu.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# mailu does not require a base url setting, but the container needs to be named front +## Version 2023/02/05 +# make sure that your mailu container is named mailu +# mailu does not require a base url setting # This config have been tested with "TLS_FLAVOR=mail" # To avoid errors you must change in docker-compose ports: 80 and 443, more info: https://mailu.io/1.7/reverse.html @@ -19,6 +20,9 @@ location ^~ /admin/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app front; @@ -43,6 +47,9 @@ location ^~ /webmail/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app front; diff --git a/mastodon.subdomain.conf.sample b/mastodon.subdomain.conf.sample index 5a3d8f6b8..b816d1dc3 100644 --- a/mastodon.subdomain.conf.sample +++ b/mastodon.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/11/10 +## Version 2023/02/05 +# make sure that your mastodon container is named mastodon # make sure that your dns has a cname set for mastodon # make sure you set `WEB_DOMAIN=mastodon.example.com` env var for the mastodon container # if you set `LOCAL_DOMAIN=example.com` (without the mastodon subdomain), then don't forget to add @@ -21,6 +22,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -32,6 +36,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mastodon; diff --git a/matomo.subdomain.conf.sample b/matomo.subdomain.conf.sample index 57280abc5..772111b5f 100644 --- a/matomo.subdomain.conf.sample +++ b/matomo.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for matomo and that your matomo container is not using a base url +## Version 2023/02/05 +# make sure that your matomo container is named matomo +# make sure that your dns has a cname set for matomo server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app matomo; diff --git a/mattermost.subdomain.conf.sample b/mattermost.subdomain.conf.sample index a31c02056..a5b41af9e 100644 --- a/mattermost.subdomain.conf.sample +++ b/mattermost.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2022/07/29 +## Version 2023/02/05 # Make sure that your DNS has a CNAME record for "mattermost" and your Mattermost container is using the same subdomain # To learn how to deploy Mattermost via Docker, visit https://docs.mattermost.com/install/install-docker.html @@ -12,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mattermost; diff --git a/mealie.subdomain.conf.sample b/mealie.subdomain.conf.sample index 5c2a06d60..dda960b8f 100644 --- a/mealie.subdomain.conf.sample +++ b/mealie.subdomain.conf.sample @@ -1,5 +1,5 @@ -## Version 2022/09/08 -# Ensure your DNS has a CNAME set for mealie and that mealie container is not using a base URL. +## Version 2023/02/05 +# Ensure your DNS has a CNAME set for mealie and that mealie container is named. server { listen 443 ssl; @@ -17,6 +17,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +31,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mealie; diff --git a/medusa.subdomain.conf.sample b/medusa.subdomain.conf.sample index 474628b08..5617b1c00 100644 --- a/medusa.subdomain.conf.sample +++ b/medusa.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your medusa container is named medusa # make sure that your dns has a cname set for medusa server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app medusa; diff --git a/medusa.subfolder.conf.sample b/medusa.subfolder.conf.sample index dcfdc08ac..2e8ed8319 100644 --- a/medusa.subfolder.conf.sample +++ b/medusa.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into medusa settings, under "Interface" set the URL Base to /medusa and restart the medusa container +## Version 2023/02/05 +# make sure that your medusa container is named medusa +# make sure that medusa is set to work with the base url /medusa/ location ^~ /medusa { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /medusa { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app medusa; diff --git a/metube.subdomain.conf.sample b/metube.subdomain.conf.sample index 2e57329e9..88783b16d 100644 --- a/metube.subdomain.conf.sample +++ b/metube.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your metube container is named metube # make sure that your dns has a cname set for metube server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app metube; diff --git a/metube.subfolder.conf.sample b/metube.subfolder.conf.sample index 83c6da8f3..bb10a0183 100644 --- a/metube.subfolder.conf.sample +++ b/metube.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your metube container is named metube +# make sure that metube is set to work with the base url /metube/ # set the URL_PREFIX environment variable for the metube container to "/metube" location /metube { @@ -12,6 +14,9 @@ location /metube { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app metube; diff --git a/miniflux.subdomain.conf.sample b/miniflux.subdomain.conf.sample index 7ba66a375..66197b6e3 100644 --- a/miniflux.subdomain.conf.sample +++ b/miniflux.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your miniflux container is named miniflux # make sure that your dns has a cname set for miniflux server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app miniflux; diff --git a/miniflux.subfolder.conf.sample b/miniflux.subfolder.conf.sample index c8af8e237..9fce1d907 100644 --- a/miniflux.subfolder.conf.sample +++ b/miniflux.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your miniflux container is named miniflux +# make sure that miniflux is set to work with the base url /miniflux/ # set the environment variable "BASE_URL" to "https://yourdomain.url/miniflux/", or follow this guide to create a config file for Miniflux: https://miniflux.app/docs/configuration.html location /miniflux { @@ -16,6 +18,9 @@ location /miniflux/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app miniflux; diff --git a/monica.subdomain.conf.sample b/monica.subdomain.conf.sample index df686b092..70e18781d 100644 --- a/monica.subdomain.conf.sample +++ b/monica.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your monica. container is named monica. # make sure that your dns has a cname set for monica. server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monica; diff --git a/monica.subfolder.conf.sample b/monica.subfolder.conf.sample index 3289a8d12..2e7c84dc2 100644 --- a/monica.subfolder.conf.sample +++ b/monica.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your monica container is named monica +# make sure that monica is set to work with the base url /monica/ # Set the monica Docker container's APP_URL to a fully-qualified domain that ends with /monica/ and restart the container. # Example: https://yourhost.cc/monica/ @@ -17,6 +19,9 @@ location ^~ /monica/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monica; diff --git a/monitorr.subdomain.conf.sample b/monitorr.subdomain.conf.sample index be01c2831..219c46156 100644 --- a/monitorr.subdomain.conf.sample +++ b/monitorr.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your monitorr container is named monitorr # make sure that your dns has a cname set for monitorr server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monitorr; diff --git a/monitorr.subfolder.conf.sample b/monitorr.subfolder.conf.sample index 26820c0fd..a084431d9 100644 --- a/monitorr.subfolder.conf.sample +++ b/monitorr.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your monitorr container is named monitorr # monitorr does not require a base url setting location /monitorr { @@ -16,6 +17,9 @@ location ^~ /monitorr/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app monitorr; diff --git a/mstream.subdomain.conf.sample b/mstream.subdomain.conf.sample index 832cc462b..f95471e27 100644 --- a/mstream.subdomain.conf.sample +++ b/mstream.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for mstream and your container name is mstream and running using http (default) +## Version 2023/02/05 +# make sure that your mstream container is named mstream +# make sure that your dns has a cname set for mstream server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mstream; diff --git a/mylar.subdomain.conf.sample b/mylar.subdomain.conf.sample index 28bc61c23..4d9273137 100644 --- a/mylar.subdomain.conf.sample +++ b/mylar.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your mylar container is named mylar # make sure that your dns has a cname set for mylar server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mylar; diff --git a/mylar.subfolder.conf.sample b/mylar.subfolder.conf.sample index 8e92e8a5f..fe869d665 100644 --- a/mylar.subfolder.conf.sample +++ b/mylar.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your mylar container is named mylar +# make sure that mylar is set to work with the base url /mylar/ # first stop the mylar container and edit the config.ini for mylar and set http_root to /mylar and then start the mylar container location ^~ /mylar { @@ -12,6 +14,9 @@ location ^~ /mylar { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mylar; diff --git a/mytinytodo.subfolder.conf.sample b/mytinytodo.subfolder.conf.sample index 1c7a1fac2..d50b85630 100644 --- a/mytinytodo.subfolder.conf.sample +++ b/mytinytodo.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your mytinytodo container is named mytinytodo +# make sure that mytinytodo is set to work with the base url /todo/ # works with https://github.com/breakall/mytinytodo-docker # set the mtt_url to 'https://your.domain.com/todo/' in db/config.php @@ -18,6 +20,9 @@ location ^~ /todo/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app mytinytodo; diff --git a/n8n.subdomain.conf.sample b/n8n.subdomain.conf.sample index d1327f4e1..73bf79ea5 100644 --- a/n8n.subdomain.conf.sample +++ b/n8n.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for n8n and that your n8n container is not using a base url +## Version 2023/02/05 +# make sure that your n8n container is named n8n +# make sure that your dns has a cname set for n8n # add `server.use-forward-headers=true` to `/config/application.properties` to ensure logs contain real source IP server { @@ -18,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app n8n; diff --git a/navidrome.subdomain.conf.sample b/navidrome.subdomain.conf.sample index 4acd38722..043070fa1 100644 --- a/navidrome.subdomain.conf.sample +++ b/navidrome.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for navidrome and that your navidrome container is not using a base url +## Version 2023/02/05 +# make sure that your navidrome container is named navidrome +# make sure that your dns has a cname set for navidrome server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app navidrome; diff --git a/netboot.subdomain.conf.sample b/netboot.subdomain.conf.sample index 65937250d..3f2601b3f 100644 --- a/netboot.subdomain.conf.sample +++ b/netboot.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your netboot container is named netboot # make sure that your dns has a cname set for netboot server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app netboot; diff --git a/netdata.subdomain.conf.sample b/netdata.subdomain.conf.sample index e1f51868b..cd4bc5680 100644 --- a/netdata.subdomain.conf.sample +++ b/netdata.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your netdata container is named netdata # make sure that your dns has a cname set for netdata server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app netdata; diff --git a/netdata.subfolder.conf.sample b/netdata.subfolder.conf.sample index 7adcdbadf..5cb786126 100644 --- a/netdata.subfolder.conf.sample +++ b/netdata.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your netdata container is named netdata # netdata does not require a base url setting location /netdata { @@ -16,6 +17,9 @@ location ^~ /netdata/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app netdata; diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample index 27c2ea59c..e63d07754 100644 --- a/nextcloud.subdomain.conf.sample +++ b/nextcloud.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/10/28 +## Version 2023/02/05 +# make sure that your nextcloud container is named nextcloud # make sure that your dns has a cname set for nextcloud # assuming this container is called "swag", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": diff --git a/nextcloud.subfolder.conf.sample b/nextcloud.subfolder.conf.sample index 0112163a6..62fa801a1 100644 --- a/nextcloud.subfolder.conf.sample +++ b/nextcloud.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/10/28 +## Version 2023/02/05 +# make sure that your nextcloud container is named nextcloud +# make sure that nextcloud is set to work with the base url /nextcloud/ # Assuming this container is called "swag", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['swag'], @@ -12,16 +14,16 @@ # ), location ^~ /.well-known { - # The rules in this block are an adaptation of the rules - # in the Nextcloud `.htaccess` that concern `/.well-known`. + # The rules in this block are an adaptation of the rules + # in the Nextcloud `.htaccess` that concern `/.well-known`. - location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; } - location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; } + location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; } + location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; } - # Let Nextcloud's API for `/.well-known` URIs handle all other - # requests by passing them to the front-end controller. - return 301 /nextcloud/index.php$request_uri; - } + # Let Nextcloud's API for `/.well-known` URIs handle all other + # requests by passing them to the front-end controller. + return 301 /nextcloud/index.php$request_uri; +} location ^~ /nextcloud/ { include /config/nginx/proxy.conf; diff --git a/ntfy.subdomain.conf.sample b/ntfy.subdomain.conf.sample index a433d6deb..a8c425a47 100644 --- a/ntfy.subdomain.conf.sample +++ b/ntfy.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for ntfy and that your ntfy container is not using a base url +## Version 2023/02/05 +# make sure that your ntfy container is named ntfy +# make sure that your dns has a cname set for ntfy server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ntfy; diff --git a/nzbget.subdomain.conf.sample b/nzbget.subdomain.conf.sample index 0676d51db..578e25d79 100644 --- a/nzbget.subdomain.conf.sample +++ b/nzbget.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your nzbget container is named nzbget # make sure that your dns has a cname set for nzbget server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbget; diff --git a/nzbget.subfolder.conf.sample b/nzbget.subfolder.conf.sample index 5134ef199..2daf48887 100644 --- a/nzbget.subfolder.conf.sample +++ b/nzbget.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your nzbget container is named nzbget +# make sure that nzbget is set to work with the base url /nzbget/ # nzbget does not require a base url setting location /nzbget { @@ -12,6 +14,9 @@ location /nzbget { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbget; diff --git a/nzbhydra.subdomain.conf.sample b/nzbhydra.subdomain.conf.sample index 6d232ed49..aee62eb6d 100644 --- a/nzbhydra.subdomain.conf.sample +++ b/nzbhydra.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for nzbhydra and that your nzbhydra container is not using a base url +## Version 2023/02/05 +# make sure that your nzbhydra container is named nzbhydra2 +# make sure that your dns has a cname set for nzbhydra server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbhydra2; diff --git a/nzbhydra.subfolder.conf.sample b/nzbhydra.subfolder.conf.sample index bdcdc053f..22a721dde 100644 --- a/nzbhydra.subfolder.conf.sample +++ b/nzbhydra.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your nzbhydra container is named nzbhydra2 +# make sure that nzbhydra is set to work with the base url /nzbhydra/ # first go into nzbhydra settings, set the URL Base to /nzbhydra, then disable CSRF protection on the same page and restart the nzbhydra container location ^~ /nzbhydra { @@ -12,6 +14,9 @@ location ^~ /nzbhydra { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app nzbhydra2; diff --git a/octoprint.subdomain.conf.sample b/octoprint.subdomain.conf.sample index 77fd0f381..5da4321e8 100644 --- a/octoprint.subdomain.conf.sample +++ b/octoprint.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for octoprint and that your octoprint container is not using a base url +## Version 2023/02/05 +# make sure that your octoprint container is named octoprint +# make sure that your dns has a cname set for octoprint server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app octoprint; diff --git a/ombi.subdomain.conf.sample b/ombi.subdomain.conf.sample index e0d598cc3..ce90802a4 100644 --- a/ombi.subdomain.conf.sample +++ b/ombi.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for ombi and that your ombi container is not using a base url +## Version 2023/02/05 +# make sure that your ombi container is named ombi +# make sure that your dns has a cname set for ombi server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ombi; diff --git a/ombi.subfolder.conf.sample b/ombi.subfolder.conf.sample index d0e5482e8..a72188a87 100644 --- a/ombi.subfolder.conf.sample +++ b/ombi.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your ombi container is named ombi +# make sure that ombi is set to work with the base url /ombi/ # first go into ombi settings, under the menu "Ombi" set the base url to /ombi and restart the ombi container location /ombi { @@ -16,6 +18,9 @@ location ^~ /ombi/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ombi; diff --git a/openhab.subdomain.conf.sample b/openhab.subdomain.conf.sample index cc0a1c95d..39d98c4e2 100644 --- a/openhab.subdomain.conf.sample +++ b/openhab.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for openhab and that your openhab container is named openhab +## Version 2023/02/05 +# make sure that your openhab container is named openhab +# make sure that your dns has a cname set for openhab server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openhab; diff --git a/openvpn-as.subdomain.conf.sample b/openvpn-as.subdomain.conf.sample index c42b2e4c6..41bd06e74 100644 --- a/openvpn-as.subdomain.conf.sample +++ b/openvpn-as.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for openvpn-as and that your openvpn-as container is not using a base url +## Version 2023/02/05 +# make sure that your openvpn-as container is named openvpn-as +# make sure that your dns has a cname set for openvpn-as server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvpn-as; @@ -48,6 +55,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvpn-as; diff --git a/openvscode-server.subdomain.conf.sample b/openvscode-server.subdomain.conf.sample index 47d9e3e74..f7b5b0cda 100644 --- a/openvscode-server.subdomain.conf.sample +++ b/openvscode-server.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/12/03 +## Version 2023/02/05 +# make sure that your openvscode-server container is named openvscode-server # make sure that your dns has a cname set for openvscode-server # This conf allows accessing internal ports at `PORT` (http) or `PORTs` (https) as subdomain # Access http port 8080 at `https://8080.openvscode-server.domain.url` @@ -20,6 +21,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +35,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvscode-server; @@ -57,6 +64,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -68,6 +78,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvscode-server; @@ -93,6 +106,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -104,6 +120,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app openvscode-server; diff --git a/organizr-auth.subfolder.conf.sample b/organizr-auth.subfolder.conf.sample index 9d46e6a3f..cb55d384f 100644 --- a/organizr-auth.subfolder.conf.sample +++ b/organizr-auth.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2021/10/05 +## Version 2023/02/05 +# make sure that your organizr container is named organizr # To use config this with subfolder proxies: # Rename this file to organizr-auth.subfolder.conf # Add one of the auth_request lines from the comments below diff --git a/organizr.subdomain.conf.sample b/organizr.subdomain.conf.sample index 8f60ed1aa..82cb48b2a 100644 --- a/organizr.subdomain.conf.sample +++ b/organizr.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your organizr container is named organizr # make sure that your dns has a cname set for organizr server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app organizr; diff --git a/organizr.subfolder.conf.sample b/organizr.subfolder.conf.sample index fece12391..aed65c33d 100644 --- a/organizr.subfolder.conf.sample +++ b/organizr.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your organizr container is named organizr # In order to use this location block you need to edit the default file one folder up and comment out the / and ~ \.php$ locations location / { @@ -12,6 +13,9 @@ location / { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app organizr; diff --git a/osticket.subdomain.conf.sample b/osticket.subdomain.conf.sample index e5ba0cc83..63754364c 100644 --- a/osticket.subdomain.conf.sample +++ b/osticket.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for osticket and that your osticket container is named osticket. +## Version 2023/02/05 +# make sure that your osticket container is named osticket +# make sure that your dns has a cname set for osticket server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app osticket; diff --git a/overseerr.subdomain.conf.sample b/overseerr.subdomain.conf.sample index f47d168d0..973a66e64 100644 --- a/overseerr.subdomain.conf.sample +++ b/overseerr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for overseerr and that your overseerr container is not using a base url +## Version 2023/02/05 +# make sure that your overseerr container is named overseerr +# make sure that your dns has a cname set for overseerr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app overseerr; diff --git a/papermerge.subdomain.conf.sample b/papermerge.subdomain.conf.sample index 9d368085a..6aff9fefd 100644 --- a/papermerge.subdomain.conf.sample +++ b/papermerge.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your papermerge container is named papermerge # make sure that your dns has a cname set for papermerge server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app papermerge; diff --git a/petio.subdomain.conf.sample b/petio.subdomain.conf.sample index a05f0ea16..e317e5ff0 100644 --- a/petio.subdomain.conf.sample +++ b/petio.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for petio and that your petio container is not using a base url +## Version 2023/02/05 +# make sure that your petio container is named petio +# make sure that your dns has a cname set for petio server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app petio; diff --git a/petio.subfolder.conf.sample b/petio.subfolder.conf.sample index 3f470bccc..ec382dc3b 100644 --- a/petio.subfolder.conf.sample +++ b/petio.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into petio settings, under "Base path" set the URL Base to /petio and restart the petio container +## Version 2023/02/05 +# make sure that your petio container is named petio +# make sure that petio is set to work with the base url /petio/ location /petio { return 301 $scheme://$host/petio/; @@ -16,6 +17,9 @@ location ^~ /petio/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app petio; diff --git a/pgadmin.subdomain.conf.sample b/pgadmin.subdomain.conf.sample index 50345d2eb..e24807e85 100644 --- a/pgadmin.subdomain.conf.sample +++ b/pgadmin.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for pgadmin and that your pgadmin container is not using a base url +## Version 2023/02/05 +# make sure that your pgadmin container is named pgadmin +# make sure that your dns has a cname set for pgadmin server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pgadmin; diff --git a/photoprism.subdomain.conf.sample b/photoprism.subdomain.conf.sample index 17127f9bd..a0dbf5a95 100644 --- a/photoprism.subdomain.conf.sample +++ b/photoprism.subdomain.conf.sample @@ -1,5 +1,5 @@ -## Version 2022/09/08 -# Ensure your DNS has a CNAME set for Photoprism and that Photoprism container is not using a base URL. +## Version 2023/02/05 +# Ensure your DNS has a CNAME set for Photoprism and that Photoprism container is named. server { listen 443 ssl; @@ -17,6 +17,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +31,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app photoprism; diff --git a/phpmyadmin.subdomain.conf.sample b/phpmyadmin.subdomain.conf.sample index bd9533ac4..d1d00d2bf 100644 --- a/phpmyadmin.subdomain.conf.sample +++ b/phpmyadmin.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for phpmyadmin and that your phpmyadmin container is not using a base url +## Version 2023/02/05 +# make sure that your phpmyadmin container is named phpmyadmin +# make sure that your dns has a cname set for phpmyadmin server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app phpmyadmin; diff --git a/phpmyadmin.subfolder.conf.sample b/phpmyadmin.subfolder.conf.sample index 3c48d2015..046528f61 100644 --- a/phpmyadmin.subfolder.conf.sample +++ b/phpmyadmin.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your phpmyadmin container is named phpmyadmin # phpmyadmin does not require a base url setting location /phpmyadmin { @@ -16,6 +17,9 @@ location ^~ /phpmyadmin/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app phpmyadmin; diff --git a/picard.subfolder.conf.sample b/picard.subfolder.conf.sample index ec6ba79f9..ca819717b 100644 --- a/picard.subfolder.conf.sample +++ b/picard.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your picard container is named picard # picard does not require a base url setting location /picard { @@ -16,6 +17,9 @@ location ^~ /picard/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app picard; diff --git a/pihole.subdomain.conf.sample b/pihole.subdomain.conf.sample index a586dd4c9..6c4e2dffa 100644 --- a/pihole.subdomain.conf.sample +++ b/pihole.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for pihole and that your pihole container is not using a base url +## Version 2023/02/05 +# make sure that your pihole container is named pihole +# make sure that your dns has a cname set for pihole server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; @@ -49,6 +56,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; diff --git a/pihole.subfolder.conf.sample b/pihole.subfolder.conf.sample index dbd156dcd..dbc330e0b 100644 --- a/pihole.subfolder.conf.sample +++ b/pihole.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your pihole container is named pihole # pihole does not require a base url setting location /pihole { @@ -16,6 +17,9 @@ location ^~ /pihole/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; @@ -42,6 +46,9 @@ location ^~ /pihole/admin/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pihole; diff --git a/pinry.subdomain.conf.sample b/pinry.subdomain.conf.sample index 453511f59..8c04401e7 100644 --- a/pinry.subdomain.conf.sample +++ b/pinry.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for pinry and that your pinry container is named pinry +## Version 2023/02/05 +# make sure that your pinry container is named pinry +# make sure that your dns has a cname set for pinry server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pinry; diff --git a/piwigo.subdomain.conf.sample b/piwigo.subdomain.conf.sample index a5a088ace..606e73b73 100644 --- a/piwigo.subdomain.conf.sample +++ b/piwigo.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your piwigo container is named piwigo # make sure that your dns has a cname set for piwigo server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app piwigo; diff --git a/pixelfed.subdomain.conf.sample b/pixelfed.subdomain.conf.sample index 46150c692..46f71dc32 100644 --- a/pixelfed.subdomain.conf.sample +++ b/pixelfed.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for pixelfed and the container is named pixelfed +## Version 2023/02/05 +# make sure that your pixelfed container is named pixelfed +# make sure that your dns has a cname set for pixelfed server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pixelfed; diff --git a/plex.subdomain.conf.sample b/plex.subdomain.conf.sample index abc304fa8..1a99c6e4a 100644 --- a/plex.subdomain.conf.sample +++ b/plex.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your plex container is named plex # make sure that your dns has a cname set for plex # if plex is running in bridge mode and the container is named "plex", the below config should work as is # if not, replace the line "set $upstream_app plex;" with "set $upstream_app ;" @@ -22,6 +23,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -33,6 +37,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/plex.subfolder.conf.sample b/plex.subfolder.conf.sample index b8bb52682..d1e2ef182 100644 --- a/plex.subfolder.conf.sample +++ b/plex.subfolder.conf.sample @@ -1,7 +1,8 @@ -## Version 2022/09/08 +## Version 2023/02/05 #******** This config no longer works as intended. The web app loads, but no direct connection to server is made. ********* #******** PRs welcome for anyone who figures out how to fix it. Use the subdomain config in the meantime. ******* +# make sure that your plex container is named plex # if plex is running in bridge mode and the container is named "plex", the below config should work as is # if not, replace the line "set $upstream_app plex;" with "set $upstream_app ;" # or "set $upstream_app ;" for host mode, HOSTIP being the IP address of plex @@ -22,6 +23,9 @@ location ^~ /plex/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/plexwebtools.subdomain.conf.sample b/plexwebtools.subdomain.conf.sample index c38d1993f..4218d4195 100644 --- a/plexwebtools.subdomain.conf.sample +++ b/plexwebtools.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for plexwebtools and that your plexwebtools container is not using a base url +## Version 2023/02/05 +# make sure that your plex container is named plex +# make sure that your dns has a cname set for plexwebtools server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/plexwebtools.subfolder.conf.sample b/plexwebtools.subfolder.conf.sample index 65cf8e390..617520909 100644 --- a/plexwebtools.subfolder.conf.sample +++ b/plexwebtools.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into plexwebtools settings, set the URL Base to /plexwebtools and restart the plex container +## Version 2023/02/05 +# make sure that your plex container is named plex +# make sure that plexwebtools is set to work with the base url /plexwebtools/ location /plexwebtools { return 301 $scheme://$host/plexwebtools/; @@ -16,6 +17,9 @@ location ^~ /plexwebtools/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app plex; diff --git a/podgrab.subdomain.conf.sample b/podgrab.subdomain.conf.sample index 8916ff3ae..187873430 100644 --- a/podgrab.subdomain.conf.sample +++ b/podgrab.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for podgrab and that your podgrab container is not using a base url +## Version 2023/02/05 +# make sure that your podgrab container is named podgrab +# make sure that your dns has a cname set for podgrab server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app podgrab; diff --git a/portainer.subdomain.conf.sample b/portainer.subdomain.conf.sample index 941fc0f79..68d4a5897 100644 --- a/portainer.subdomain.conf.sample +++ b/portainer.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your portainer container is named portainer # make sure that your dns has a cname set for portainer server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app portainer; @@ -49,6 +56,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app portainer; diff --git a/portainer.subfolder.conf.sample b/portainer.subfolder.conf.sample index 4f9e5d3e5..f06e6cc34 100644 --- a/portainer.subfolder.conf.sample +++ b/portainer.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your portainer container is named portainer # portainer does not require a base url setting location /portainer { @@ -16,6 +17,9 @@ location ^~ /portainer/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app portainer; diff --git a/privatebin.subdomain.conf.sample b/privatebin.subdomain.conf.sample index 9d4d81db9..d68ba0d63 100644 --- a/privatebin.subdomain.conf.sample +++ b/privatebin.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your privatebin container is named privatebin # make sure that your dns has a cname set for privatebin server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app privatebin; diff --git a/prometheus.subdomain.conf.sample b/prometheus.subdomain.conf.sample index e85fe829d..11b7d28c8 100644 --- a/prometheus.subdomain.conf.sample +++ b/prometheus.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for prometheus and that your prometheus container is not using a base url +## Version 2023/02/05 +# make sure that your prometheus container is named prometheus +# make sure that your dns has a cname set for prometheus server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app prometheus; diff --git a/prowlarr.subdomain.conf.sample b/prowlarr.subdomain.conf.sample index e3c2c0e8c..22afae3a0 100644 --- a/prowlarr.subdomain.conf.sample +++ b/prowlarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for prowlarr and that your prowlarr container is not using a base url +## Version 2023/02/05 +# make sure that your prowlarr container is named prowlarr +# make sure that your dns has a cname set for prowlarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app prowlarr; diff --git a/prowlarr.subfolder.conf.sample b/prowlarr.subfolder.conf.sample index 790d734fc..b67d44ed1 100644 --- a/prowlarr.subfolder.conf.sample +++ b/prowlarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into prowlarr settings, under "General" set the URL Base to /prowlarr and restart the prowlarr container +## Version 2023/02/05 +# make sure that your prowlarr container is named prowlarr +# make sure that prowlarr is set to work with the base url /prowlarr/ location /prowlarr { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location /prowlarr { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app prowlarr; diff --git a/pwndrop.subdomain.conf.sample b/pwndrop.subdomain.conf.sample index ecc10c694..e7d591ce6 100644 --- a/pwndrop.subdomain.conf.sample +++ b/pwndrop.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/11/06 +## Version 2023/02/05 +# make sure that your pwndrop container is named pwndrop # make sure that your dns has a cname set for pwndrop server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pwndrop; diff --git a/pydio-cells.subdomain.conf.sample b/pydio-cells.subdomain.conf.sample index f5b6cb429..7414da572 100644 --- a/pydio-cells.subdomain.conf.sample +++ b/pydio-cells.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your pydio-cells container is named pydio-cells # make sure that your dns has a cname set for pydio-cells server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pydio-cells; @@ -48,6 +55,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pydio-cells; diff --git a/pydio.subdomain.conf.sample b/pydio.subdomain.conf.sample index 0e5a4b854..699d2d512 100644 --- a/pydio.subdomain.conf.sample +++ b/pydio.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for pydio and that your pydio container is not using a base url +## Version 2023/02/05 +# make sure that your pydio container is named pydio +# make sure that your dns has a cname set for pydio server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pydio; diff --git a/pyload.subdomain.conf.sample b/pyload.subdomain.conf.sample index bcd5272a8..e5d88db20 100644 --- a/pyload.subdomain.conf.sample +++ b/pyload.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for pyload and that your pyload container is not using a base url +## Version 2023/02/05 +# make sure that your pyload container is named pyload +# make sure that your dns has a cname set for pyload server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pyload; diff --git a/pyload.subfolder.conf.sample b/pyload.subfolder.conf.sample index 39de08537..ba0bec7fa 100644 --- a/pyload.subfolder.conf.sample +++ b/pyload.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your pyload container is named pyload +# make sure that pyload is set to work with the base url /pyload/ # First go into pyload settings, under "Web Interface" set the "Path Prefix" to /pyload and restart the pyload container # Only works with pyload-ng @@ -13,6 +15,9 @@ location ^~ /pyload { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app pyload; diff --git a/qbittorrent.subdomain.conf.sample b/qbittorrent.subdomain.conf.sample index 29fe2e702..ff580c0c2 100644 --- a/qbittorrent.subdomain.conf.sample +++ b/qbittorrent.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/10/25 -# make sure that your dns has a cname set for qbittorrent and that your qbittorrent container is not using a base url +## Version 2023/02/05 +# make sure that your qbittorrent container is named qbittorrent +# make sure that your dns has a cname set for qbittorrent server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app qbittorrent; diff --git a/qbittorrent.subfolder.conf.sample b/qbittorrent.subfolder.conf.sample index dee1cc33b..bd560477b 100644 --- a/qbittorrent.subfolder.conf.sample +++ b/qbittorrent.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/10/25 +## Version 2023/02/05 +# make sure that your qbittorrent container is named qbittorrent # qbittorrent does not require a base url setting location /qbittorrent { @@ -16,6 +17,9 @@ location ^~ /qbittorrent/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app qbittorrent; diff --git a/quassel-web.subdomain.conf.sample b/quassel-web.subdomain.conf.sample index 23b23a481..2ffe5e4ed 100644 --- a/quassel-web.subdomain.conf.sample +++ b/quassel-web.subdomain.conf.sample @@ -1,6 +1,7 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for quassel and make sure Quassel-Web is running on http -# with -e 'HTTPS'='false' or if you're using -e 'ADVANCED'='true' by editing config.json appropriately +## Version 2023/02/05 +# make sure that your quassel container is named quassel-web +# make sure that your dns has a cname set for quassel +# make sure Quassel-Web is running on http with -e 'HTTPS'='false' or if you're using -e 'ADVANCED'='true' by editing config.json appropriately server { listen 443 ssl; @@ -18,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app quassel-web; diff --git a/quassel-web.subfolder.conf.sample b/quassel-web.subfolder.conf.sample index c17e4a1e3..59de63ec9 100644 --- a/quassel-web.subfolder.conf.sample +++ b/quassel-web.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your quassel-web container is named quassel-web +# make sure that quassel-web is set to work with the base url /quassel/ # Set base-url with docker run command env variable -e 'URL_BASE'='/quassel' and make sure Quassel-Web is running on http # with -e 'HTTPS'='false' or if you're using -e 'ADVANCED'='true' by editing config.json appropriately @@ -13,6 +15,9 @@ location ^~ /quassel { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app quassel-web; diff --git a/radarr.subdomain.conf.sample b/radarr.subdomain.conf.sample index b7ef96cf3..e0dcfe162 100644 --- a/radarr.subdomain.conf.sample +++ b/radarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for radarr and that your radarr container is not using a base url +## Version 2023/02/05 +# make sure that your radarr container is named radarr +# make sure that your dns has a cname set for radarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app radarr; diff --git a/radarr.subfolder.conf.sample b/radarr.subfolder.conf.sample index 4acfb6076..eab06dece 100644 --- a/radarr.subfolder.conf.sample +++ b/radarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into radarr settings, under "General" set the URL Base to /radarr and restart the radarr container +## Version 2023/02/05 +# make sure that your radarr container is named radarr +# make sure that radarr is set to work with the base url /radarr/ location ^~ /radarr { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /radarr { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app radarr; diff --git a/raneto.subdomain.conf.sample b/raneto.subdomain.conf.sample index cbbdaa033..b655ff8e9 100644 --- a/raneto.subdomain.conf.sample +++ b/raneto.subdomain.conf.sample @@ -1,5 +1,7 @@ -## Version 2022/09/08 -# Make sure that your dns has a cname set for raneto +## Version 2023/02/05 +# make sure that your raneto container is named raneto +# make sure that your dns has a cname set for raneto + server { listen 443 ssl; listen [::]:443 ssl; @@ -16,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { #enable the next two lines for http auth #auth_basic "Restricted"; @@ -27,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app raneto; diff --git a/rclone.subfolder.conf.sample b/rclone.subfolder.conf.sample index 5e7db7bb4..8f22cd6de 100644 --- a/rclone.subfolder.conf.sample +++ b/rclone.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# rclone does not require a base url +## Version 2023/02/05 +# make sure that your rclone container is named rclone +# rclone does not require a base url setting location /rclone { return 301 $scheme://$host/rclone/; @@ -16,6 +17,9 @@ location ^~ /rclone/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app rclone; diff --git a/readarr.subdomain.conf.sample b/readarr.subdomain.conf.sample index 8ed1a622d..6bdd663e1 100644 --- a/readarr.subdomain.conf.sample +++ b/readarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for readarr and that your readarr container is not using a base url +## Version 2023/02/05 +# make sure that your readarr container is named readarr +# make sure that your dns has a cname set for readarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app readarr; diff --git a/readarr.subfolder.conf.sample b/readarr.subfolder.conf.sample index 6463d244d..1c251520a 100644 --- a/readarr.subfolder.conf.sample +++ b/readarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into readarr settings, under "General" set the URL Base to /readarr and restart the readarr container +## Version 2023/02/05 +# make sure that your readarr container is named readarr +# make sure that readarr is set to work with the base url /readarr/ location ^~ /readarr { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /readarr { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app readarr; diff --git a/recipes.subdomain.conf.sample b/recipes.subdomain.conf.sample index 5de66f8f0..1789acfdb 100644 --- a/recipes.subdomain.conf.sample +++ b/recipes.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your recipes container is named recipes # make sure that your dns has a cname set for recipes # make sure to mount /media/ in your swag container to point to your Recipes Media directory @@ -21,6 +22,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + # serve media files location /media/ { alias /media/; @@ -37,6 +41,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app recipes; diff --git a/requestrr.subdomain.conf.sample b/requestrr.subdomain.conf.sample index 080deb76d..8495f00ef 100644 --- a/requestrr.subdomain.conf.sample +++ b/requestrr.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your requestrr container is named requestrr # make sure that your dns has a cname set for requestrr server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app requestrr; diff --git a/resilio-sync.subdomain.conf.sample b/resilio-sync.subdomain.conf.sample index 835f639b8..e658a7434 100644 --- a/resilio-sync.subdomain.conf.sample +++ b/resilio-sync.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for resilio-sync and that your resilio-sync container is not using a base url +## Version 2023/02/05 +# make sure that your resilio-sync container is named resilio-sync +# make sure that your dns has a cname set for resilio-sync server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app resilio-sync; diff --git a/rutorrent.subdomain.conf.sample b/rutorrent.subdomain.conf.sample index e9cc83c32..5a67f7260 100644 --- a/rutorrent.subdomain.conf.sample +++ b/rutorrent.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your rutorrent container is named rutorrent # make sure that your dns has a cname set for rutorrent server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app rutorrent; @@ -48,6 +55,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # block rpc access by default because it is unprotected # you can comment out the next line to enable remote rpc calls deny all; diff --git a/rutorrent.subfolder.conf.sample b/rutorrent.subfolder.conf.sample index bc64a1f01..bd45a7ae8 100644 --- a/rutorrent.subfolder.conf.sample +++ b/rutorrent.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your rutorrent container is named rutorrent # rutorrent does not require a base url setting location /rutorrent { @@ -16,6 +17,9 @@ location ^~ /rutorrent/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app rutorrent; @@ -37,6 +41,9 @@ location ^~ /rutorrent/RPC2 { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # block rpc access by default because it is unprotected # you can comment out the next line to enable remote rpc calls deny all; diff --git a/sabnzbd.subdomain.conf.sample b/sabnzbd.subdomain.conf.sample index 5038cda6f..462682524 100644 --- a/sabnzbd.subdomain.conf.sample +++ b/sabnzbd.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your sabnzbd container is named sabnzbd # make sure that your dns has a cname set for sabnzbd # edit the sabnzbd.ini host_whitelist to avoid hostname verification issues. This format: # host_whitelist = sabnzbd.domain.com, www.sabnzbd.domain.com @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sabnzbd; diff --git a/sabnzbd.subfolder.conf.sample b/sabnzbd.subfolder.conf.sample index 59e1802c5..f1f79cee7 100644 --- a/sabnzbd.subfolder.conf.sample +++ b/sabnzbd.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your sabnzbd container is named sabnzbd +# make sure that sabnzbd is set to work with the base url /sabnzbd/ # sabnzbd already uses the base url /sabnzbd by default so you don't need to do anything extra location ^~ /sabnzbd { @@ -12,6 +14,9 @@ location ^~ /sabnzbd { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sabnzbd; diff --git a/scope.subfolder.conf.sample b/scope.subfolder.conf.sample index a0e8a6dd6..0a86c3c69 100644 --- a/scope.subfolder.conf.sample +++ b/scope.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# Scope does not require a base url setting +## Version 2023/02/05 +# make sure that your scope container is named scope +# scope does not require a base url setting location /scope { return 301 $scheme://$host/scope/; @@ -16,6 +17,9 @@ location ^~ /scope/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app scope; diff --git a/scrutiny.subdomain.conf.sample b/scrutiny.subdomain.conf.sample index 8dd334e62..d03f03104 100644 --- a/scrutiny.subdomain.conf.sample +++ b/scrutiny.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for scrutiny and that your scrutiny container is not using a base url +## Version 2023/02/05 +# make sure that your scrutiny container is named scrutiny +# make sure that your dns has a cname set for scrutiny server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app scrutiny; diff --git a/shinobi.subdomain.conf.sample b/shinobi.subdomain.conf.sample index 92170e522..9e81b1ce6 100644 --- a/shinobi.subdomain.conf.sample +++ b/shinobi.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for shinobi and that your shinobi config.json is not using a base url +## Version 2023/02/05 +# make sure that your shinobi container is named shinobi +# make sure that your dns has a cname set for shinobi server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app shinobi; diff --git a/shinobi.subfolder.conf.sample b/shinobi.subfolder.conf.sample index 13a79e6c6..9bf1618f3 100644 --- a/shinobi.subfolder.conf.sample +++ b/shinobi.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your shinobi container is named shinobi +# make sure that shinobi is set to work with the base url /shinobi/ # ensure your config.json file has an entry for the base url set to /shinobi, i.e. # "baseurl":"/shinobi" @@ -17,6 +19,9 @@ location ^~ /shinobi/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app shinobi; diff --git a/sickchill.subdomain.conf.sample b/sickchill.subdomain.conf.sample index cc09e2f56..8e01a874e 100644 --- a/sickchill.subdomain.conf.sample +++ b/sickchill.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your sickchill container is named sickchill # make sure that your dns has a cname set for sickchill server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickchill; diff --git a/sickchill.subfolder.conf.sample b/sickchill.subfolder.conf.sample index 1e2a9a69a..f862273d0 100644 --- a/sickchill.subfolder.conf.sample +++ b/sickchill.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your sickchill container is named sickchill +# make sure that sickchill is set to work with the base url /sickchill/ # first stop the sickchill container and edit the config.ini for sickchill and set web_root to /sickchill and then start the sickchill container location ^~ /sickchill { @@ -12,6 +14,9 @@ location ^~ /sickchill { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickchill; diff --git a/sickrage.subdomain.conf.sample b/sickrage.subdomain.conf.sample index ea1b48dda..7edb935d1 100644 --- a/sickrage.subdomain.conf.sample +++ b/sickrage.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your sickrage container is named sickrage # make sure that your dns has a cname set for sickrage server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickrage; diff --git a/sickrage.subfolder.conf.sample b/sickrage.subfolder.conf.sample index 2fd9acabc..72afa683c 100644 --- a/sickrage.subfolder.conf.sample +++ b/sickrage.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your sickrage container is named sickrage +# make sure that sickrage is set to work with the base url /sickrage/ # first stop the sickrage container and edit the config.ini for sickrage and set web_root to /sickrage and then start the sickrage container location ^~ /sickrage { @@ -12,6 +14,9 @@ location ^~ /sickrage { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sickrage; diff --git a/skyhook.subdomain.conf.sample b/skyhook.subdomain.conf.sample index 941936955..a26497e7b 100644 --- a/skyhook.subdomain.conf.sample +++ b/skyhook.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for skyhook and that your skyhook container is not using a base url +## Version 2023/02/05 +# make sure that your skyhook container is named skyhook +# make sure that your dns has a cname set for skyhook server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app skyhook; diff --git a/slskd.subdomain.conf.sample b/slskd.subfolder.conf.sample similarity index 72% rename from slskd.subdomain.conf.sample rename to slskd.subfolder.conf.sample index 832f65577..04159c7e5 100644 --- a/slskd.subdomain.conf.sample +++ b/slskd.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/10/24 +## Version 2023/02/05 +# make sure that your slskd container is named slskd +# make sure that slskd is set to work with the base url /slskd/ # first edit the slskd.yml and set 'url_base: /slskd' and restart the slskd container location ^~ /slskd { @@ -12,6 +14,9 @@ location ^~ /slskd { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app slskd; diff --git a/smokeping.subdomain.conf.sample b/smokeping.subdomain.conf.sample index 8cc1db5dd..6677e4ff9 100644 --- a/smokeping.subdomain.conf.sample +++ b/smokeping.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your smokeping container is named smokeping # make sure that your dns has a cname set for smokeping server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app smokeping; diff --git a/smokeping.subfolder.conf.sample b/smokeping.subfolder.conf.sample index 206673e55..bfdba8023 100644 --- a/smokeping.subfolder.conf.sample +++ b/smokeping.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your smokeping container is named smokeping +# make sure that smokeping is set to work with the base url /smokeping/ # smokeping already uses the base url /smokeping by default so you don't need to do anything extra location ^~ /smokeping { @@ -12,6 +14,9 @@ location ^~ /smokeping { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app smokeping; diff --git a/sonarr.subdomain.conf.sample b/sonarr.subdomain.conf.sample index e583eb16b..44ac17efa 100644 --- a/sonarr.subdomain.conf.sample +++ b/sonarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url +## Version 2023/02/05 +# make sure that your sonarr container is named sonarr +# make sure that your dns has a cname set for sonarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sonarr; diff --git a/sonarr.subfolder.conf.sample b/sonarr.subfolder.conf.sample index 8cb065ca1..54fa3ea22 100644 --- a/sonarr.subfolder.conf.sample +++ b/sonarr.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# first go into sonarr settings, under "General" set the URL Base to /sonarr and restart the sonarr container +## Version 2023/02/05 +# make sure that your sonarr container is named sonarr +# make sure that sonarr is set to work with the base url /sonarr/ location ^~ /sonarr { # enable the next two lines for http auth @@ -12,6 +13,9 @@ location ^~ /sonarr { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app sonarr; diff --git a/statping.subdomain.conf.sample b/statping.subdomain.conf.sample index 68f89a883..f5bc18a05 100644 --- a/statping.subdomain.conf.sample +++ b/statping.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for statping and that your statping container is not using a base url +## Version 2023/02/05 +# make sure that your statping container is named statup +# make sure that your dns has a cname set for statping # If you are using the SSL docker-compose.yml on the statping repo, then the container name will be set to statup. # On other compose examples, it might be named statping. In that case, change $upstream_app statup to $upstream_app statping @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app statup; diff --git a/synapse.subdomain.conf.sample b/synapse.subdomain.conf.sample index 1b437e2c9..9bf06cedb 100644 --- a/synapse.subdomain.conf.sample +++ b/synapse.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2022/10/04 +## Version 2023/02/05 server { listen 443 ssl; @@ -20,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -31,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synapse; diff --git a/synclounge.subdomain.conf.sample b/synclounge.subdomain.conf.sample index e1175aa0f..1455c92b3 100644 --- a/synclounge.subdomain.conf.sample +++ b/synclounge.subdomain.conf.sample @@ -1,7 +1,8 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your synclounge container is named synclounge +# make sure that your dns has a cname set for synclounge # Use this with SyncLounge v3 and up. # Make sure that you do not have HSTS enabled, otherwise http access won't work -# Make sure that your dns has a cname set for synclounge server { listen 443 ssl; @@ -21,6 +22,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -32,6 +36,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synclounge; diff --git a/synclounge.subfolder.conf.sample b/synclounge.subfolder.conf.sample index 10d47b5e0..dc98fb61e 100644 --- a/synclounge.subfolder.conf.sample +++ b/synclounge.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your synclounge container is named synclounge +# make sure that synclounge is set to work with the base url /synclounge/ # Use this with SyncLounge v3 or up # # To allow non-secure connections (http), which is required by some Plex clients, modify the first block in site-confs/default to look something like this: @@ -35,6 +37,9 @@ location /synclounge/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app synclounge; diff --git a/syncthing.subdomain.conf.sample b/syncthing.subdomain.conf.sample index 98e235167..c03e7d1f8 100644 --- a/syncthing.subdomain.conf.sample +++ b/syncthing.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for syncthing and that your syncthing container is not using a base url +## Version 2023/02/05 +# make sure that your syncthing container is named syncthing +# make sure that your dns has a cname set for syncthing server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app syncthing; diff --git a/syncthing.subfolder.conf.sample b/syncthing.subfolder.conf.sample index d58702db3..be5a72fa2 100644 --- a/syncthing.subfolder.conf.sample +++ b/syncthing.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your syncthing container is named syncthing # syncthing does not require a base url setting location /syncthing { @@ -16,6 +17,9 @@ location ^~ /syncthing/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app syncthing; diff --git a/taisun.subdomain.conf.sample b/taisun.subdomain.conf.sample index c435b4133..86c15a707 100644 --- a/taisun.subdomain.conf.sample +++ b/taisun.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your taisun container is named taisun # make sure that your dns has a cname set for taisun server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app taisun; diff --git a/tasmobackup.subdomain.conf.sample b/tasmobackup.subdomain.conf.sample index b8bd11095..177121ca4 100644 --- a/tasmobackup.subdomain.conf.sample +++ b/tasmobackup.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your tasmobackup container is named tasmobackup # make sure that your dns has a cname set for tasmobackup server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tasmobackup; diff --git a/tautulli.subdomain.conf.sample b/tautulli.subdomain.conf.sample index 7df70324f..9f527850a 100644 --- a/tautulli.subdomain.conf.sample +++ b/tautulli.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for tautulli and that your tautulli container is not using a base url +## Version 2023/02/05 +# make sure that your tautulli container is named tautulli +# make sure that your dns has a cname set for tautulli server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tautulli; diff --git a/tautulli.subfolder.conf.sample b/tautulli.subfolder.conf.sample index e21387179..55e9eedca 100644 --- a/tautulli.subfolder.conf.sample +++ b/tautulli.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your tautulli container is named tautulli +# make sure that tautulli is set to work with the base url /tautulli/ # first go into tautulli settings, under "Web Interface", click on show advanced, set the HTTP root to /tautulli and restart the tautulli container location ^~ /tautulli { @@ -12,6 +14,9 @@ location ^~ /tautulli { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tautulli; diff --git a/tdarr.subdomain.conf.sample b/tdarr.subdomain.conf.sample index 3c83664b4..5060d5afd 100644 --- a/tdarr.subdomain.conf.sample +++ b/tdarr.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for tdarr and that your tdarr container is not using a base url +## Version 2023/02/05 +# make sure that your tdarr container is named tdarr +# make sure that your dns has a cname set for tdarr server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app tdarr; diff --git a/thelounge.subdomain.conf.sample b/thelounge.subdomain.conf.sample index c80d5a6fc..eb5370003 100644 --- a/thelounge.subdomain.conf.sample +++ b/thelounge.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your thelounge container is named thelounge # make sure that your dns has a cname set for thelounge server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app thelounge; diff --git a/thelounge.subfolder.conf.sample b/thelounge.subfolder.conf.sample index 5082d9294..dfd59240c 100644 --- a/thelounge.subfolder.conf.sample +++ b/thelounge.subfolder.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your thelounge container is named thelounge # thelounge does not require a base url setting location /thelounge { @@ -16,6 +17,9 @@ location ^~ /thelounge/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app thelounge; diff --git a/themepark.subdomain.conf.sample b/themepark.subdomain.conf.sample index 3a2ba5768..737bf138a 100644 --- a/themepark.subdomain.conf.sample +++ b/themepark.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for theme-park. +## Version 2023/02/05 +# make sure that your theme-park. container is named theme-park. +# make sure that your dns has a cname set for themepark. server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # If you don't want to cache the CSS files you can uncomment the lines below. # add_header Last-Modified $date_gmt; # add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; diff --git a/themepark.subfolder.conf.sample b/themepark.subfolder.conf.sample index 78cebec47..6fff1b3bc 100644 --- a/themepark.subfolder.conf.sample +++ b/themepark.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your theme-park container is named theme-park +# make sure that theme-park is set to work with the base url /theme-park/ # If you want to change the urlbase update the TP_URLBASE env on the theme-park container. location /themepark { @@ -16,6 +18,9 @@ location ^~ /themepark/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + # If you don't want to cache the CSS files you can uncomment the lines below. # add_header Last-Modified $date_gmt; # add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; diff --git a/transmission.subdomain.conf.sample b/transmission.subdomain.conf.sample index d35fabb3a..f8b05423a 100644 --- a/transmission.subdomain.conf.sample +++ b/transmission.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2022/09/08 +## Version 2023/02/05 # Make sure that DNS has a cname set for transmission # # Some Transmission Chrome extensions cannot handle HTTP/2 proxies as they @@ -27,6 +27,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -38,6 +41,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app transmission; diff --git a/transmission.subfolder.conf.sample b/transmission.subfolder.conf.sample index 8e80ecc46..868e9a50a 100644 --- a/transmission.subfolder.conf.sample +++ b/transmission.subfolder.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# Transmission does not require a base url setting +## Version 2023/02/05 +# make sure that your transmission container is named transmission +# transmission does not require a base url setting # # Some Transmission Chrome extensions cannot handle HTTP/2 proxies as they # rely on the HTTP Status Text to determine if they should add the @@ -22,6 +23,9 @@ location ^~ /transmission { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app transmission; diff --git a/tvheadend.subfolder.conf.sample b/tvheadend.subfolder.conf.sample index 347d09a71..644ecbe84 100644 --- a/tvheadend.subfolder.conf.sample +++ b/tvheadend.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/10/01 +## Version 2023/02/05 +# make sure that your tvheadend container is named tvheadend +# make sure that tvheadend is set to work with the base url /tvheadend/ # Before activating this config you need to do two things: # - enable a setting in the tvheadend web interface # - change your RUN_OPTS for tvheadend. @@ -28,6 +30,9 @@ location /tvheadend/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; diff --git a/ubooquity.subdomain.conf.sample b/ubooquity.subdomain.conf.sample index f54c66078..0645993e3 100644 --- a/ubooquity.subdomain.conf.sample +++ b/ubooquity.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# Make sure that your dns has a cname set for ubooquity and that your ubooquity container is not using a base url +## Version 2023/02/05 +# make sure that your ubooquity container is named ubooquity +# make sure that your dns has a cname set for ubooquity server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app ubooquity; diff --git a/ubooquity.subfolder.conf.sample b/ubooquity.subfolder.conf.sample index 335bb8066..b1a6a5bf6 100644 --- a/ubooquity.subfolder.conf.sample +++ b/ubooquity.subfolder.conf.sample @@ -1,10 +1,12 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your ubooquity container is named ubooquity +# make sure that ubooquity is set to work with the base url /ubooquity/ # set the reverse proxy prefix in the admin gui to ubooquity. - location ^~ /ubooquity { - # enable the next two lines for http auth - #auth_basic "Restricted"; - #auth_basic_user_file /config/nginx/.htpasswd; +location ^~ /ubooquity { + # enable the next two lines for http auth + #auth_basic "Restricted"; + #auth_basic_user_file /config/nginx/.htpasswd; # enable for ldap auth (requires ldap-server.conf in the server block) #include /config/nginx/ldap-location.conf; @@ -12,21 +14,24 @@ # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app ubooquity; - set $upstream_port 2202; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; - } + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app ubooquity; + set $upstream_port 2202; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; - location ^~ /ubooquity/admin { - include /config/nginx/proxy.conf; - include /config/nginx/resolver.conf; - set $upstream_app ubooquity; - set $upstream_port 2203; - set $upstream_proto http; - proxy_pass $upstream_proto://$upstream_app:$upstream_port; +} - } +location ^~ /ubooquity/admin { + include /config/nginx/proxy.conf; + include /config/nginx/resolver.conf; + set $upstream_app ubooquity; + set $upstream_port 2203; + set $upstream_proto http; + proxy_pass $upstream_proto://$upstream_app:$upstream_port; + +} diff --git a/unifi-controller.subdomain.conf.sample b/unifi-controller.subdomain.conf.sample index 87a61035c..a4f27b40d 100644 --- a/unifi-controller.subdomain.conf.sample +++ b/unifi-controller.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for unifi and that your unifi-controller container is not using a base url +## Version 2023/02/05 +# make sure that your unifi-controller container is named unifi-controller +# make sure that your dns has a cname set for unifi # NOTE: If you use the proxy_cookie_path setting in proxy.conf you need to remove HTTPOnly; # ex: proxy_cookie_path / "/; Secure"; @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app unifi-controller; diff --git a/uptime-kuma.subdomain.conf.sample b/uptime-kuma.subdomain.conf.sample index fc4b91e91..cb59422c1 100644 --- a/uptime-kuma.subdomain.conf.sample +++ b/uptime-kuma.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for uptime-kuma and that your uptime-kuma container is not using a base url +## Version 2023/02/05 +# make sure that your uptime-kuma container is named uptime-kuma +# make sure that your dns has a cname set for uptime-kuma server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app uptime-kuma; diff --git a/vaultwarden.subdomain.conf.sample b/vaultwarden.subdomain.conf.sample index 12198b4be..9dccea8bf 100644 --- a/vaultwarden.subdomain.conf.sample +++ b/vaultwarden.subdomain.conf.sample @@ -1,6 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for vaultwarden and that your vaultwarden container is not using a base url -# make sure your vaultwarden container is named "vaultwarden" +## Version 2023/02/05 +# make sure that your vaultwarden container is named vaultwarden +# make sure that your dns has a cname set for vaultwarden # set the environment variable WEBSOCKET_ENABLED=true on your vaultwarden container server { @@ -19,6 +19,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +33,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; @@ -50,6 +56,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; diff --git a/vaultwarden.subfolder.conf.sample b/vaultwarden.subfolder.conf.sample index 80669022e..cfc292349 100644 --- a/vaultwarden.subfolder.conf.sample +++ b/vaultwarden.subfolder.conf.sample @@ -1,6 +1,9 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your vaultwarden container is named vaultwarden +# make sure that vaultwarden is set to work with the base url /vaultwarden/ ## Environmental Variable DOMAIN=https:///vaultwarden must be set in vaultwarden container including subfolder. ## This is using ports 80 and 3012 + location /vaultwarden { return 301 $scheme://$host/vaultwarden/; } @@ -16,6 +19,9 @@ location ^~ /vaultwarden/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; @@ -36,6 +42,9 @@ location ~ (/vaultwarden)?/admin { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; diff --git a/viewtube.subdomain.conf.sample b/viewtube.subdomain.conf.sample index c3b520687..6753318aa 100644 --- a/viewtube.subdomain.conf.sample +++ b/viewtube.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for viewtube and that your viewtube container is not using a base url +## Version 2023/02/05 +# make sure that your viewtube container is named viewtube +# make sure that your dns has a cname set for viewtube server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app viewtube; diff --git a/wallabag.subdomain.conf.sample b/wallabag.subdomain.conf.sample index de402d8a7..034b1393c 100644 --- a/wallabag.subdomain.conf.sample +++ b/wallabag.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for wallabag and that your wallabag container is not using a base url. +## Version 2023/02/05 +# make sure that your wallabag container is named wallabag +# make sure that your dns has a cname set for wallabag # also, make sure your env var in your docker run or compose match the full domain, incl. https:// # i.e. - SYMFONY__ENV__DOMAIN_NAME=https://wallabag.yourdomain.com @@ -19,6 +20,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -30,6 +34,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app wallabag; diff --git a/warpgate.subdomain.conf.sample b/warpgate.subdomain.conf.sample index 7ca5dbb16..345ff5548 100644 --- a/warpgate.subdomain.conf.sample +++ b/warpgate.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2021/05/18 -# make sure that your dns has a cname set for warpgate and that your warpgate container is not using a base url +## Version 2023/02/05 +# make sure that your warpgate container is named warpgate +# make sure that your dns has a cname set for warpgate server { listen 443 ssl; @@ -11,24 +12,29 @@ server { client_max_body_size 0; - # enable for ldap auth, fill in ldap details in ldap.conf - #include /config/nginx/ldap.conf; + # enable for ldap auth (requires ldap-location.conf in the location block) + #include /config/nginx/ldap-server.conf; - # enable for Authelia + # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; - # enable the next two lines for ldap auth - #auth_request /auth; - #error_page 401 =200 /ldaplogin; + # enable for ldap auth (requires ldap-server.conf in the server block) + #include /config/nginx/ldap-location.conf; - # enable for Authelia + # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app warpgate; diff --git a/webtop.subdomain.conf.sample b/webtop.subdomain.conf.sample index 133e77f31..098edae79 100644 --- a/webtop.subdomain.conf.sample +++ b/webtop.subdomain.conf.sample @@ -1,4 +1,4 @@ -## Version 2022/09/08 +## Version 2023/02/05 # make sure that you have a cname set for the webtop # set up authentication here, for better security @@ -18,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -29,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app webtop; diff --git a/wordpress.subfolder.conf.sample b/wordpress.subfolder.conf.sample index 6818bd0e9..6b47885e5 100644 --- a/wordpress.subfolder.conf.sample +++ b/wordpress.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your wordpress container is named wordpress +# make sure that wordpress is set to work with the base url /wordpress/ # In order to use this location block you need to edit the default file one folder up and comment out the / location as well as the "~ \.php$" location # tested with the official wordpress docker image @@ -13,6 +15,9 @@ location / { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app wordpress; diff --git a/yacht.subdomain.conf.sample b/yacht.subdomain.conf.sample index f77cc512a..cfaaa5efb 100644 --- a/yacht.subdomain.conf.sample +++ b/yacht.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your yacht container is named yacht # make sure that your dns has a cname set for yacht server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app yacht; diff --git a/youtube-dl-server.subdomain.conf.sample b/youtube-dl-server.subdomain.conf.sample index 9c610e338..981939281 100644 --- a/youtube-dl-server.subdomain.conf.sample +++ b/youtube-dl-server.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/08 -# make sure that your dns has a cname set for youtube-dl-server and that your youtube-dl-server container is not using a base url +## Version 2023/02/05 +# make sure that your youtube-dl-server container is named youtube-dl-server +# make sure that your dns has a cname set for youtube-dl-server server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app youtube-dl-server; diff --git a/youtube-dl.subfolder.conf.sample b/youtube-dl.subfolder.conf.sample index fe5278db5..4c286759c 100644 --- a/youtube-dl.subfolder.conf.sample +++ b/youtube-dl.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your youtube-dl-server container is named youtube-dl-server +# youtube-dl-server does not require a base url setting # Works with this youtube-dl Fork: https://github.com/nbr23/youtube-dl-server location /youtube-dl { @@ -16,6 +18,9 @@ location ^~ /youtube-dl/ { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app youtube-dl-server; diff --git a/zigbee2mqtt.subdomain.conf.sample b/zigbee2mqtt.subdomain.conf.sample index 51f5ec32a..41e5a049c 100644 --- a/zigbee2mqtt.subdomain.conf.sample +++ b/zigbee2mqtt.subdomain.conf.sample @@ -1,5 +1,6 @@ -## Version 2022/09/30 -# make sure that your dns has a cname set for zigbee2mqtt and that your zigbee2mqtt container is not using a base url +## Version 2023/02/05 +# make sure that your zigbee2mqtt container is named zigbee2mqtt +# make sure that your dns has a cname set for zigbee2mqtt server { listen 443 ssl; @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app zigbee2mqtt; diff --git a/znc.subdomain.conf.sample b/znc.subdomain.conf.sample index cf1a138b3..697929738 100644 --- a/znc.subdomain.conf.sample +++ b/znc.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your znc container is named znc # make sure that your dns has a cname set for znc server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app znc; diff --git a/znc.subfolder.conf.sample b/znc.subfolder.conf.sample index a42d6f182..70d261055 100644 --- a/znc.subfolder.conf.sample +++ b/znc.subfolder.conf.sample @@ -1,4 +1,6 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your znc container is named znc +# make sure that znc is set to work with the base url /znc/ # edit /config/configs/znc.conf and add URIPrefix = /znc/ in the line above and restart the znc container location /znc { @@ -12,6 +14,9 @@ location /znc { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app znc; diff --git a/zwavejs2mqtt.subdomain.conf.sample b/zwavejs2mqtt.subdomain.conf.sample index 77f0ef2bc..2aea2beac 100644 --- a/zwavejs2mqtt.subdomain.conf.sample +++ b/zwavejs2mqtt.subdomain.conf.sample @@ -1,4 +1,5 @@ -## Version 2022/09/08 +## Version 2023/02/05 +# make sure that your zwavejs2mqtt container is named zwavejs2mqtt # make sure that your dns has a cname set for zwavejs2mqtt server { @@ -17,6 +18,9 @@ server { # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; + # enable for Authentik (requires authentik-location.conf in the location block) + #include /config/nginx/authentik-server.conf; + location / { # enable the next two lines for http auth #auth_basic "Restricted"; @@ -28,6 +32,9 @@ server { # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; + # enable for Authentik (requires authentik-server.conf in the server block) + #include /config/nginx/authentik-location.conf; + include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app zwavejs2mqtt;