Current state

2025-09-01 19:01:24 -05:00
parent e2ccb3810f
commit f2948074d9
20 changed files with 661 additions and 79 deletions
--- a/nginx/sites-enabled/servarr
+++ b/nginx/sites-enabled/servarr
@@ -0,0 +1,76 @@
+
+server {
+    # Nginx versions 1.25+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    http2 on;
+
+    server_name servarr.loadingm.xyz;
+
+    include /etc/nginx/snippets/letsencrypt.conf;
+    include /etc/nginx/snippets/authelia-location.conf;
+
+    location /qbt/ {
+        # include /etc/nginx/snippets/proxy.conf;
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        proxy_pass http://qbittorrent:8080/;
+        proxy_http_version 1.1;
+        proxy_set_header   Host               $proxy_host;
+        proxy_set_header   X-Forwarded-For    $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Host   $http_host;
+        proxy_set_header   X-Forwarded-Proto  $scheme;
+        proxy_cookie_path  /                  "/; Secure";
+    }
+
+    location ^~ /sonarr {
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        proxy_pass http://sonarr:8989/sonarr;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_redirect off;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $http_connection;
+    }
+    # Allow the API External Access via NGINX
+    location ^~ /sonarr/api {
+        auth_basic off;
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        proxy_pass http://sonarr:8989/sonarr/api;
+    }
+
+    location ^~ /radarr {
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        proxy_pass http://radarr:7878/radarr;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_redirect off;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $http_connection;
+    }
+    # Allow the API External Access via NGINX
+    location ^~ /radarr/api {
+        auth_basic off;
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        proxy_pass http://radarr:7878/radarr/api;
+    }
+
+    location ^~ /jackett/ {
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        add_header Content-Security-Policy "default-src https: data: blob: ; img-src 'self' https://* ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'; font-src 'self'";
+        proxy_pass http://jackett:9117;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_redirect off;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $http_connection;
+    }
+}