Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Send all HTTP to HTTPS
- server {
- listen 80 default_server;
- server_name 127.0.0.1 192.168.1.XXX DOMAIN.com www.DOMAIN.com deluge.DOMAIN.com radarr.DOMAIN.com sonarr.DOMAIN.com music.DOMAIN.com plexpy.DOMAIN.com plex.DOMAIN.com stats.DOMAIN.com comics.DOMAIN.com;
- location / {
- #return 301 https://$server_name$request_uri;
- return 301 https://$host$request_uri;
- }
- }
- ssl_session_cache shared:SSL:10m;
- ssl_session_timeout 10m;
- #####################
- # SSL
- #####################
- server {
- listen 443 ssl http2 default_server;
- server_name DOMAIN.com www.DOMAIN.com;
- root /var/www/html;
- index index.php index.html index.htm index.nginx-debian.html;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- error_log /var/log/nginx/error.log notice;
- proxy_http_version 1.1;
- proxy_buffers 16 16k;
- proxy_buffer_size 16k;
- include snippets/ssl-params.conf;
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- #try_files $uri =404;
- #fastcgi_split_path_info ^(.+\.php)(/.+)$;
- #fastcgi_pass unix:/var/run/php7.0-fpm.sock;
- #fastcgi_index index.php;
- #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- include fastcgi_params;
- }
- location / {
- auth_basic "Restricted Content";
- auth_basic_user_file /etc/nginx/.htpasswd;
- #proxy_pass http://192.168.1.205$request_uri;
- #proxy_redirect http:// https://;
- #proxy_set_header Host $host;
- #proxy_set_header X-Real-IP $remote_addr;
- #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- #proxy_set_header X-Forwarded-Proto "https";
- }
- location /tfs {
- proxy_pass http://192.168.1.205:8080/tfs;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
- #####################
- # Radar
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:7878 radarr.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- proxy_pass http://127.0.0.1:7878;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
- #####################
- # Sonarr
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:8989 sonarr.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- proxy_pass http://127.0.0.1:8989;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
- #####################
- # Plexpy
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:8181 plexpy.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- proxy_pass http://127.0.0.1:8181;
- #proxy_set_header Host $host;
- #proxy_set_header X-Real-IP $remote_addr;
- #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- #proxy_set_header X-Forwarded-Host $server_name;
- #proxy_set_header X-Forwarded-Proto $scheme;
- #proxy_set_header X-Forwarded-Ssl on;
- }
- }
- #####################
- # Music
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:4040 music.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- proxy_pass http://127.0.0.1:4040/;
- error_log /var/log/nginx/music_log.log notice;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host $host;
- proxy_redirect http:// https://;
- }
- }
- #####################
- # Deluge
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:8112 deluge.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- proxy_pass http://192.168.1.205:8112/;
- proxy_set_header X-Deluge-Base "/";
- add_header X-Frame-Options SAMEORIGIN;
- }
- }
- #####################
- # Stats
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:19999 stats.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- error_log /var/log/nginx/stats_log.log notice;
- auth_basic "Restricted Content";
- auth_basic_user_file /etc/nginx/.htpasswd;
- proxy_pass http://127.0.0.1:19999/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
- #####################
- # Comics
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:2202 comics.DOMAIN.com;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- location / {
- #error_log /var/log/nginx/stats_log.log notice;
- #auth_basic "Restricted Content";
- #auth_basic_user_file /etc/nginx/.htpasswd;
- proxy_pass http://127.0.0.1:2202/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location /admin {
- rewrite ^/admin/(.*) /$1 break;
- proxy_pass http://127.0.0.1:2022/admin;
- #proxy_set_header Host $host;
- #proxy_set_header X-Real-IP $remote_addr;
- #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
- #####################
- # Plex
- #####################
- server {
- listen 443 ssl http2;
- server_name 192.168.1.XXX:32400 plex.DOMAIN.com;
- send_timeout 100m;
- resolver 8.8.4.4 8.8.8.8 valid=300s;
- resolver_timeout 10s;
- ssl_certificate /etc/letsencrypt/live/DOMAIN.com-0002/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/DOMAIN.com-0002/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- ssl_stapling on;
- ssl_stapling_verify on;
- gzip on;
- gzip_vary on;
- gzip_min_length 1000;
- gzip_proxied any;
- gzip_types text/plain text/html text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml;
- gzip_disable "MSIE [1-6]\.";
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_redirect off;
- proxy_buffering off;
- location / {
- # if ($http_x_plex_device_name = '') {
- # rewrite ^/$ http://$http_host/web/index.html;
- # }
- proxy_pass http://192.168.1.205:32400/;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement