hoborg/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2cd1d874a8970b0166514bcc93f937e5c8f99f37
homelab/config/nginx/homelab.conf
Arpad Krejczinger 2cd1d874a8 Update nginx configuration with SSL and WebDAV support 
- Add SSL certificate configuration from Let's Encrypt
- Include WebDAV headers for copyparty upload support (Depth, Destination, Overwrite, If)
- Configure HTTP to HTTPS redirect for all services
- Add SSL security settings managed by certbot
- Enable proxy_request_buffering off for WebDAV compatibility

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-18 19:22:17 +02:00

114 lines
3.7 KiB
Plaintext
Raw Blame History

# DEPLOYMENT LOCATION: /etc/nginx/sites-available/homelab
# Deploy with: sudo cp nginx-homelab.conf /etc/nginx/sites-available/homelab
# Enable with: sudo ln -s /etc/nginx/sites-available/homelab /etc/nginx/sites-enabled/homelab
server {
server_name ak-homelab.duckdns.org;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
# Main landing page
location / {
root /var/www/homelab;
index index.html index.htm;
try_files $uri $uri/ =404;
}
# Gitea reverse proxy
location /gitea/ {
proxy_pass http://127.0.0.1:3000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Handle websockets for live updates
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Increase timeout for large repos
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# Copyparty file server
location /files/ {
proxy_pass http://127.0.0.1:8082/files/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebDAV specific headers
proxy_set_header Depth $http_depth;
proxy_set_header Destination $http_destination;
proxy_set_header Overwrite $http_overwrite;
proxy_set_header If $http_if;
# Handle websockets for live updates
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Increase timeouts for large file uploads
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
# Increase client max body size for file uploads
client_max_body_size 10G;
# Allow WebDAV methods
proxy_request_buffering off;
}
# Jellyfin media server
location /media/ {
proxy_pass http://127.0.0.1:8096/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Handle websockets for real-time updates
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Jellyfin specific headers
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
# Increase timeouts for streaming
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
# Large file support for video streaming
client_max_body_size 0;
proxy_buffering off;
proxy_request_buffering off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ak-homelab.duckdns.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ak-homelab.duckdns.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ak-homelab.duckdns.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name ak-homelab.duckdns.org;
return 404; # managed by Certbot
}
Reference in New Issue View Git Blame Copy Permalink