-
Notifications
You must be signed in to change notification settings - Fork 0
/
organizr.conf
142 lines (122 loc) · 3.83 KB
/
organizr.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
####################################################
# filename /etc/nginx/conf.d/organizr.conf #
####################################################
server {
listen 80 default_server;
server_name www.yourdomain.com;
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_redirect off;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2 default_server;
server_name www.yourdomain.com;
root /var/www/Organizr/;
access_log /var/log/nginx/organizr.access.log main;
error_log /var/log/nginx/organizr.error.log warn;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
##############################################################################################################
# Optional GeoIP blocking / comment this out if your Nginx is not compiled with GeoIP module #
##############################################################################################################
if ($allowed_country = yes) {
set $exclusions 1;
}
if ($exclusions = "0") {
return 403;
}
#####################################################################
# Server Authentication will allow you to secure location blocks #
#####################################################################
location /auth-admin {
internal;
proxy_pass https://www.your.domain.com/auth.php?user;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
##############################
# Organizr Error pages #
##############################
error_page 400 401 402 403 404 /error.php?error=$status;
##############################
# Organizr server block #
##############################
client_max_body_size 1M;
location ^~ /{
index index.php;
try_files $uri $uri/ =404;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_index index.php;
include fastcgi_params;
include php_optimization.conf;
fastcgi_pass php-handler;
fastcgi_param HTTPS on;
access_log off;
}
location ~ \.(log|json|db|check)$ {
deny all;
}
location ^~ /check.php {
}
###################
# Torrent #
###################
location /transmission {
auth_request /auth-admin;
proxy_pass http://127.0.0.1:9091;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_buffering off;
access_log off;
}
##########
# Plex #
##########
location ^~ /web {
auth_request /auth-admin;
proxy_pass https://127.0.0.1:32400;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_buffering off;
access_log off;
}
############
# Plexpy #
############
location ^~ /plexpy{
auth_request /auth-admin;
proxy_pass http://127.0.0.1:8181;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect off;
proxy_buffering off;
access_log off;
}
}
}