2023-04-01

home/nginx/applications/filebrowser.conf

@@ -0,0 +1,14 @@
+client_max_body_size                    2048m;
+proxy_read_timeout                      86400s;
+proxy_send_timeout                      86400s;
+proxy_set_header                        X-Forwarded-Host $host;
+proxy_set_header                        X-Forwarded-Server $host;
+proxy_set_header                        X-Real-IP $remote_addr;
+proxy_set_header                        Host $host;
+proxy_set_header                        X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_http_version                      1.1;
+proxy_redirect                          off;
+proxy_set_header                        Upgrade $http_upgrade;
+proxy_set_header                        Connection "upgrade";
+
+proxy_pass http://filebrowser/filebrowser/;

home/nginx/applications/foundry.conf

@@ -0,0 +1,17 @@
+location ~ ^/foundry/$ {
+		return 301 /foundry/game/;
+	}
+
+# Set proxy headers
+proxy_set_header Host $host;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $scheme;
+
+# These are important to support WebSockets
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection "Upgrade";
+#  may need to set
+#    auth_request_set $auth_resp_x_vouch_user $upstream_http_x_vouch_user;
+#  in this bock as per https://github.com/vouch/vouch-proxy/issues/26#issuecomment-425215810
+# set user header (usually an email)
+proxy_pass http://foundry/foundry/; 

home/nginx/applications/podcast.conf

@@ -0,0 +1,57 @@
+location ~ ^/podcast/feed.xml$ {
+			return 301 /podcast/01sw;
+		}
+		
+		#/podcast/media/2022-03-09-ep42.mp3
+location ~* /podcast/media/(?:.*)-(?<season_2>s02)?(?<episode_label>ep\d+)(\.mp3) {
+			if ($season_2 = "s02") {
+				return 301 /dir2cast/02ram/$season_2$episode_label.mp3;
+			}
+			
+			return 301 /dir2cast/01sw/$episode_label.mp3;
+		}
+		
+#location /podcast/dir2cast.php {
+#	rewrite /podcast/(dir2cast.php) /dir2cast/$1;
+#}	
+
+
+location /podcast/ {
+			alias /var/www/dir2cast/;
+			autoindex on;
+				
+			if ( $arg_name) { 
+				return 301 /podcast/media/$arg_name;
+			}
+			
+			location ~* /podcast/(?<dir>.*)/feed {
+#				return 501;
+				rewrite /podcast/ /dir2cast/dir2cast.php?dir=$dir;
+			}
+
+			location ~ (\.php|\.ini)$ {
+				return 403;
+			}
+		}
+
+location /dir2cast/ {
+	root /var/www;
+	
+	
+	
+	location ~ ^/dir2cast/dir2cast.php {
+#		return 501;
+		include fastcgi_params;
+		fastcgi_pass php:9000;
+		add_header x-test "$args" always;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	}
+	
+	location ~ (\.php|\.ini)$ {
+		return 403;
+	}
+	
+	
+	
+	}
+

home/nginx/applications/vouch.conf

@@ -0,0 +1,22 @@
+# https://github.com/vouch/vouch-proxy#vouch-proxy-in-a-path
+
+location /vouch {
+      proxy_pass http://vouch; # must not! have a slash at the end
+      proxy_set_header Host $http_host;
+      proxy_pass_request_body off;
+      proxy_set_header Content-Length "";
+      
+      # optionally add X-Vouch-User as returned by Vouch Proxy along with the request
+      auth_request_set $auth_resp_x_vouch_user $upstream_http_x_vouch_user;
+
+      # these return values are used by the @error401 call
+      auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt;
+      auth_request_set $auth_resp_err $upstream_http_x_vouch_err;
+      auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount;
+}
+
+
+location @error401 {
+        # redirect to Vouch Proxy for login
+        return 302 https://$host/vouch/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err;
+    }

home/nginx/applications/yacht.conf

@@ -0,0 +1,4 @@
+proxy_http_version 1.1;
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection "Upgrade";
+proxy_pass http://yacht/;