docker-swag/root/defaults/nginx/site-confs/default.conf.sample

## Version 2024/03/06 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample

# redirect all traffic to https
server {
    listen 80 default_server;
    listen [::]:80 default_server;

    location / {
        return 301 https://$host$request_uri;
    }
}

# main server block
server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;

    server_name _;

    include /config/nginx/ssl.conf;

    root /config/www;
    index index.html index.htm index.php;

    # enable subfolder method reverse proxy confs
    include /config/nginx/proxy-confs/*.subfolder.conf;

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable for basic auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        try_files $uri $uri/ /index.html /index.htm /index.php$is_args$args;
    }

    location ~ ^(.+\.php)(.*)$ {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        fastcgi_split_path_info ^(.+\.php)(.*)$;
        if (!-f $document_root$fastcgi_script_name) { return 404; }
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        include /etc/nginx/fastcgi_params;
    }

    # deny access to .htaccess/.htpasswd files
    location ~ /\.ht {
        deny all;
    }
}

# enable subdomain method reverse proxy confs
include /config/nginx/proxy-confs/*.subdomain.conf;
# enable proxy cache for auth
proxy_cache_path cache/ keys_zone=auth_cache:10m;
Cleanup default site conf (#442) * Cleanup default site conf Signed-off-by: Eric Nemchik <eric@nemchik.com> * update date --------- Signed-off-by: Eric Nemchik <eric@nemchik.com> Co-authored-by: aptalca <541623+aptalca@users.noreply.github.com> 2024-03-06 17:41:52 +00:00			`## Version 2024/03/06 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample`
Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00
			`# redirect all traffic to https`
			`server {`
			`listen 80 default_server;`
			`listen [::]:80 default_server;`

			`location / {`
			`return 301 https://$host$request_uri;`
			`}`
			`}`

			`# main server block`
			`server {`
Add default_server back to default site conf's https listen 2022-10-03 18:13:08 +00:00			`listen 443 ssl http2 default_server;`
			`listen [::]:443 ssl http2 default_server;`
Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00
			`server_name _;`

Move ssl.conf include to default.conf 2023-04-13 16:06:12 +00:00			`include /config/nginx/ssl.conf;`

Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00			`root /config/www;`
			`index index.html index.htm index.php;`

			`# enable subfolder method reverse proxy confs`
			`include /config/nginx/proxy-confs/*.subfolder.conf;`

			`# enable for ldap auth (requires ldap-location.conf in the location block)`
			`#include /config/nginx/ldap-server.conf;`

			`# enable for Authelia (requires authelia-location.conf in the location block)`
			`#include /config/nginx/authelia-server.conf;`

Update default.conf.sample 2023-02-09 21:52:20 +00:00			`# enable for Authentik (requires authentik-location.conf in the location block)`
			`#include /config/nginx/authentik-server.conf;`

Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00			`location / {`
			`# enable for basic auth`
			`#auth_basic "Restricted";`
			`#auth_basic_user_file /config/nginx/.htpasswd;`

			`# enable for ldap auth (requires ldap-server.conf in the server block)`
			`#include /config/nginx/ldap-location.conf;`

			`# enable for Authelia (requires authelia-server.conf in the server block)`
			`#include /config/nginx/authelia-location.conf;`

Update default.conf.sample 2023-02-09 21:52:20 +00:00			`# enable for Authentik (requires authentik-server.conf in the server block)`
			`#include /config/nginx/authentik-location.conf;`

Cleanup default site conf (#442) * Cleanup default site conf Signed-off-by: Eric Nemchik <eric@nemchik.com> * update date --------- Signed-off-by: Eric Nemchik <eric@nemchik.com> Co-authored-by: aptalca <541623+aptalca@users.noreply.github.com> 2024-03-06 17:41:52 +00:00			`try_files $uri $uri/ /index.html /index.htm /index.php$is_args$args;`
Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00			`}`

			`location ~ ^(.+\.php)(.*)$ {`
Add auth comments for php location 2023-06-05 18:37:01 +00:00			`# enable the next two lines for http auth`
			`#auth_basic "Restricted";`
			`#auth_basic_user_file /config/nginx/.htpasswd;`

			`# enable for ldap auth (requires ldap-server.conf in the server block)`
			`#include /config/nginx/ldap-location.conf;`

			`# enable for Authelia (requires authelia-server.conf in the server block)`
			`#include /config/nginx/authelia-location.conf;`

			`# enable for Authentik (requires authentik-server.conf in the server block)`
			`#include /config/nginx/authentik-location.conf;`

Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00			`fastcgi_split_path_info ^(.+\.php)(.*)$;`
Cleanup default site conf (#442) * Cleanup default site conf Signed-off-by: Eric Nemchik <eric@nemchik.com> * update date --------- Signed-off-by: Eric Nemchik <eric@nemchik.com> Co-authored-by: aptalca <541623+aptalca@users.noreply.github.com> 2024-03-06 17:41:52 +00:00			`if (!-f $document_root$fastcgi_script_name) { return 404; }`
Use standard nginx.conf from lsio alpine nginx base image 2021-10-14 19:01:48 +00:00			`fastcgi_pass 127.0.0.1:9000;`
			`fastcgi_index index.php;`
			`include /etc/nginx/fastcgi_params;`
			`}`

			`# deny access to .htaccess/.htpasswd files`
			`location ~ /\.ht {`
			`deny all;`
			`}`
			`}`

			`# enable subdomain method reverse proxy confs`
			`include /config/nginx/proxy-confs/*.subdomain.conf;`
			`# enable proxy cache for auth`
			`proxy_cache_path cache/ keys_zone=auth_cache:10m;`