## Version 2018/12/05 - Changelog: https://github.com/linuxserver/docker-letsenc

1. ## Version 2018/12/05 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/default
2.  
3. # listening on port 80 disabled by default, remove the "#" signs to enable
4. # redirect all traffic to https
5. server {
6. listen 80;
7. listen [::]:80;
8. server_name _;
9. return 301 https://$host$request_uri;
10. }
11.  
12. # main server block
13. server {
14. listen 443 ssl http2 default_server;
15. listen [::]:443 ssl http2 default_server;
16.  
17. root /config/www;
18. index index.html index.htm index.php;
19.  
20. server_name _;
21.  
22. # enable subfolder method reverse proxy confs
23. include /config/nginx/proxy-confs/*.subfolder.conf;
24.  
25. # all ssl related config moved to ssl.conf
26. include /config/nginx/ssl.conf;
27.  
28. # enable for ldap auth
29. #include /config/nginx/ldap.conf;
30.  
31. client_max_body_size 0;
32.  
33. location / {
34. try_files $uri $uri/ /index.html /index.php?$args =404;
35. }
36.  
37. location ~ \.php$ {
38. fastcgi_split_path_info ^(.+\.php)(/.+)$;
39. fastcgi_pass 127.0.0.1:9000;
40. fastcgi_index index.php;
41. include /etc/nginx/fastcgi_params;
42. }
43.  
44. # sample reverse proxy config for password protected couchpotato running at IP 192.168.1.50 port 5050 with base url "cp"
45. # notice this is within the same server block as the base
46. # don't forget to generate the .htpasswd file as described on docker hub
47. # location ^~ /cp {
48. # auth_basic "Restricted";
49. # auth_basic_user_file /config/nginx/.htpasswd;
50. # include /config/nginx/proxy.conf;
51. # proxy_pass http://192.168.1.50:5050/cp;
52. # }
53.  
54. }
55.  
56. # sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above
57. # notice this is a new server block, you need a new server block for each subdomain
58. #server {
59. # listen 443 ssl http2;
60. # listen [::]:443 ssl http2;
61. #
62. # root /config/www;
63. # index index.html index.htm index.php;
64. #
65. # server_name cp.*;
66. #
67. # include /config/nginx/ssl.conf;
68. #
69. # client_max_body_size 0;
70. #
71. # location / {
72. # auth_basic "Restricted";
73. # auth_basic_user_file /config/nginx/.htpasswd;
74. # include /config/nginx/proxy.conf;
75. # proxy_pass http://192.168.1.50:5050;
76. # }
77. #}
78.  
79. # sample reverse proxy config for "heimdall" via subdomain, with ldap authentication
80. # ldap-auth container has to be running and the /config/nginx/ldap.conf file should be filled with ldap info
81. # notice this is a new server block, you need a new server block for each subdomain
82. #server {
83. # listen 443 ssl http2;
84. # listen [::]:443 ssl http2;
85. #
86. # root /config/www;
87. # index index.html index.htm index.php;
88. #
89. # server_name heimdall.*;
90. #
91. # include /config/nginx/ssl.conf;
92. #
93. # include /config/nginx/ldap.conf;
94. #
95. # client_max_body_size 0;
96. #
97. # location / {
98. # # the next two lines will enable ldap auth along with the included ldap.conf in the server block
99. # auth_request /auth;
100. # error_page 401 =200 /login;
101. #
102. # include /config/nginx/proxy.conf;
103. # resolver 127.0.0.11 valid=30s;
104. # set $upstream_heimdall heimdall;
105. # proxy_pass https://$upstream_heimdall:443;
106. # }
107. #}
108.  
109. # enable subdomain method reverse proxy confs
110. include /config/nginx/proxy-confs/*.subdomain.conf;
111. # enable proxy cache for auth
112. proxy_cache_path cache/ keys_zone=auth_cache:10m;