Update nginx configuration with SSL and WebDAV support

- Add SSL certificate configuration from Let's Encrypt - Include WebDAV headers for copyparty upload support (Depth, Destination, Overwrite, If) - Configure HTTP to HTTPS redirect for all services - Add SSL security settings managed by certbot - Enable proxy_request_buffering off for WebDAV compatibility 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-18 19:22:17 +02:00
parent e26a30e4e4
commit 2cd1d874a8
1 changed files with 29 additions and 1 deletions
--- a/config/nginx/homelab.conf
+++ b/config/nginx/homelab.conf
@@ -3,7 +3,6 @@
 # Enable with: sudo ln -s /etc/nginx/sites-available/homelab /etc/nginx/sites-enabled/homelab

 server {
-    listen 80;
    server_name ak-homelab.duckdns.org;

    # Security headers
@@ -44,6 +43,12 @@ server {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        
+        # WebDAV specific headers
+        proxy_set_header Depth $http_depth;
+        proxy_set_header Destination $http_destination;
+        proxy_set_header Overwrite $http_overwrite;
+        proxy_set_header If $http_if;
+        
        # Handle websockets for live updates
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
@@ -55,6 +60,9 @@ server {
        
        # Increase client max body size for file uploads
        client_max_body_size 10G;
+        
+        # Allow WebDAV methods
+        proxy_request_buffering off;
    }
    
    # Jellyfin media server
@@ -83,4 +91,24 @@ server {
        proxy_buffering off;
        proxy_request_buffering off;
    }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/ak-homelab.duckdns.org/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/ak-homelab.duckdns.org/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+
+server {
+    if ($host = ak-homelab.duckdns.org) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    listen 80;
+    server_name ak-homelab.duckdns.org;
+    return 404; # managed by Certbot
+
+
 }