Bunch of updates

2021-12-18 16:52:03 +02:00
parent 6f763726c0
commit 7de9fc645e
7 changed files with 17 additions and 190 deletions
--- a/config/nginx/proxy-confs/code-server.subdomain.conf
+++ b/config/nginx/proxy-confs/code-server.subdomain.conf
@@ -1,40 +0,0 @@
 ## Version 2021/05/18
 # make sure that your dns has a cname set for code-server
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name code.* "~^[0-9]{1,10}\.code-server\..*$";
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;
    # enable for Authelia
    include /config/nginx/authelia-server.conf;
    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;
        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;
        # enable for Authelia
        include /config/nginx/authelia-location.conf;
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app code;
        set $upstream_port 8443;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/config/nginx/proxy-confs/filebrowser.subdomain.conf
+++ b/config/nginx/proxy-confs/filebrowser.subdomain.conf
@@ -5,7 +5,7 @@ server {
    listen 443 ssl;
    listen [::]:443 ssl;
-    server_name files.*;
+    server_name cloud.*;
    include /config/nginx/ssl.conf;
--- a/config/nginx/proxy-confs/jellyfin.subdomain.conf
+++ b/config/nginx/proxy-confs/jellyfin.subdomain.conf
@@ -1,3 +1,4 @@
 ## Version 2021/05/18
 # make sure that your dns has a cname set for jellyfin
 # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
 # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;"
@@ -17,7 +18,7 @@ server {
    location / {
        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
+        include /config/nginx/resolver.conf;
        set $upstream_app jellyfin;
        set $upstream_port 8096;
        set $upstream_proto http;
@@ -29,117 +30,11 @@ server {
    location ~ (/jellyfin)?/socket {
        include /config/nginx/proxy.conf;
-        resolver 127.0.0.11 valid=30s;
+        include /config/nginx/resolver.conf;
        set $upstream_app jellyfin;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    ## Sonarr
    ## Version 2020/12/09
 # first go into sonarr settings, under "General" set the URL Base to /sonarr and restart the sonarr container
 location ^~ /sonarr {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app sonarr;
    set $upstream_port 8989;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /sonarr/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app sonarr;
    set $upstream_port 8989;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 ##Radarr
 ## Version 2020/12/09
 # first go into radarr settings, under "General" set the URL Base to /radarr and restart the radarr container
 location ^~ /radarr {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app radarr;
    set $upstream_port 7878;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /radarr/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app radarr;
    set $upstream_port 7878;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 ##Bazarr
 # Version 2020/12/09
 # first go into bazarr settings, under "General" set the URL Base to /bazarr/ and restart the bazarr container
 location /bazarr {
    return 301 $scheme://$host/bazarr/;
 }
 location ^~ /bazarr/ {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;
    # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
    #auth_request /auth;
    #error_page 401 =200 /ldaplogin;
    # enable for Authelia, also enable authelia-server.conf in the default site config
    #include /config/nginx/authelia-location.conf;
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app bazarr;
    set $upstream_port 6767;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 location ^~ /bazarr/api {
    include /config/nginx/proxy.conf;
    resolver 127.0.0.11 valid=30s;
    set $upstream_app bazarr;
    set $upstream_port 6767;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 }
 }
--- a/config/nginx/proxy-confs/nextcloud.subdomain.conf
+++ b/config/nginx/proxy-confs/nextcloud.subdomain.conf
@@ -1,36 +0,0 @@
 # make sure that your dns has a cname set for nextcloud
 # assuming this container is called "swag", edit your nextcloud container's config
 # located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
 #  'trusted_proxies' => ['swag'],
 #  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
 #  'overwritehost' => 'nextcloud.your-domain.com',
 #  'overwriteprotocol' => 'https',
 #
 # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
 #  array (
 #    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
 #    1 => 'nextcloud.your-domain.com',
 #  ),
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name cloud.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;
    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        #proxy_pass $upstream_proto://cloud:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }
 }
--- a/config/nginx/proxy-confs/photoprism.subdomain.conf
+++ b/config/nginx/proxy-confs/photoprism.subdomain.conf
@@ -37,6 +37,4 @@ server {
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 }
--- a/config/nginx/proxy-confs/wireguard.subdomain.conf
+++ b/config/nginx/proxy-confs/wireguard.subdomain.conf
@@ -4,7 +4,7 @@ server {
    listen 443 ssl;
    listen [::]:443 ssl;
-    server_name vpn.*;
+    server_name secure.*;
    include /config/nginx/ssl.conf;
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,7 +10,7 @@ services:
      - PGID=1000
      - TZ=Asia/Jerusalem
      - URL=pukeko.xyz #optional
-      - SUBDOMAINS=cloud,git,photos,stream,vault,wiki,grocy,torrent,ler,pod,sync,files,tasks,notes,news,vpn
+      - SUBDOMAINS=cloud,git,photos,stream,vault,wiki,grocy,torrent,ler,pod,sync,tasks,notes,news,secure,flight,monitor,tv,movies,subtitles,index,portain
      - VALIDATION=dns
      - DNSPLUGIN=cloudflare #optional
        #- PROPAGATION=100 #optional
@@ -42,9 +42,19 @@ services:
    container_name: authelia
    environment:
      - TZ=Asia/Jerusalem
      - AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE=/run/secrets/private_key
    volumes:
      - ./authelia:/config
    restart: unless-stopped
    secrets:
      - hmac
      - private_key
 secrets:
  hmac:
    file: ./authelia/secrets/hmac
  private_key:
    file: ./authelia/secrets/issuer_private_key
 networks:
  default:
-    name: gerbil_network
+    name: takahe_network