Untitled

server {

  listen 80 default_server;
  listen [::]:80 default_server;

  server_name example.domain;

#  error_page 400 401 402 403 404 /error.php?error=$status;
  return 301 https://$host$request_uri;
}

#upstream plex-upstream {
#  server 192.168.1.150:32400;
#}


server {
  listen 443 ssl default_server;
  listen [::]:443 ssl default_server;

  ssl_certificate /etc/letsencrypt/live/example.domain/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.domain/privkey.pem;

  include snippets/ssl-params.conf;
  include snippets/proxy.conf;

  server_name example.domain ;
  root /var/www/html;

  index index.html index.htm index.nginx-debian.html index.php;

  location / {
    proxy_pass http://192.168.1.241:8081;
#    try_files $uri $uri/ =404;
  }

  location ~ /auth-(.*) {
    proxy_pass http://192.168.1.241:8081/api/?v1/auth&group=$1;
    proxy_pass_request_body off;
    proxy_set_header Content-Length "";
 }

  location /sonarr {
    auth_request /auth-0; #=Admin;
    proxy_pass http://192.168.1.241:8989;
    add_header X-Frame-Options "SAMEORIGIN";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade              $http_upgrade;
    proxy_set_header Connection           "upgrade";
   }


  location /tautulli {
    auth_request /auth-0; #=Admin;
    proxy_pass http://192.168.1.241:8181/tautulli/;
    add_header X-Frame-Options "SAMEORIGIN";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarder-Ssl on;
  }

  location /plexpy {
    auth_request /auth-0; #=Admin;
    proxy_pass http://192.168.1.241:8182/plexpy/;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }

  location /web {
#    auth_request /auth-4; #=User;
    proxy_pass http://192.168.1.150:32400;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto  $scheme;
    proxy_set_header X-Forwarded-Ssl on;
  }

  location /plex {
  auth_request /auth-4; #=User;
  proxy_pass https://192.168.1.150:32400/web/;
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_redirect off;
  proxy_buffering off;
  access_log off;
#  if ($http_referer ~* /plex/) {
#       rewrite ^/web/(.*) /plex/web/$1? redirect;
#          }

 }

  location /radarr {
    auth_request /auth-0; #=Admin;
    proxy_pass http://192.168.1.241:7878;
    add_header X-Frame-Options "SAMEORIGIN";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }


  location /ombi {
    auth_request /auth-4; #=User;
    proxy_pass http://192.168.1.241:5000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }

  location /jackett/ {
    rewrite /jackett/(.*) /$1 break;
    proxy_bind $server_addr;
    auth_request /auth-0; #=Admin;
    proxy_pass http://192.168.1.241:9117;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }

  location /portainer/ {
    auth_request /auth-0; #=Admin;
    proxy_http_version 1.1;
    proxy_set_header Connection "";
    proxy_pass http://192.168.1.241:9000/;
  }

  location /portainer/api/websocket/ {
    auth_request /auth-0; #=Admin;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_http_version 1.1;
    proxy_pass http://192.168.1.241:9000/api/websocket/;
  }


}

server {
  listen *:443 ssl;
  server_name example2.domain;


  ssl_certificate /etc/letsencrypt/live/example2.domain/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example2.domain/privkey.pem;

  return 301 https://example.domain$request_uri;
}