nginx reverse proxy for sickbeard, couchpotato etc.
ssl on;
ssl_certificate /etc/ssl/server.cer;
ssl_certificate_key /etc/ssl/server.key;
#ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SH$
ssl_prefer_server_ciphers on;
server {
listen 443;
include ssl.conf;
include services.conf;
}
location /monit {
rewrite ^/monit$ https://example.net/monit/ permanent;
rewrite ^/monit/(.*) /$1 break;
proxy_pass http://localhost:2812/;
include proxy-control.conf;
include auth-basic.conf;
}
location /sickbeard {
proxy_pass http://localhost:8081/sickbeard;
include proxy-control.conf;
include auth-basic.conf;
}
location /sabnzbd {
proxy_pass http://localhost:8080/sabnzbd;
include proxy-control.conf;
include auth-basic.conf;
}
location /couchpotato {
proxy_pass http://localhost:5050/couchpotato;
include proxy-control.conf;
include auth-basic.conf;
proxy_set_header Host localhost:5050;
proxy_redirect default;
}
location /headphones {
proxy_pass http://localhost:8181/headphones;
include proxy-control.conf;
include auth-basic.conf;
}
location /deluge {
proxy_pass http://127.0.0.1:8112/;
proxy_set_header X-Deluge-Base "/deluge/";
include proxy-control.conf;
include auth-basic.conf;
}
proxy_connect_timeout 59s;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_buffer_size 64k;
proxy_buffers 16 32k;
proxy_pass_header Set-Cookie;
proxy_hide_header Vary;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_set_header Accept-Encoding '';
proxy_ignore_headers Cache-Control Expires;
proxy_set_header Referer $http_referer;
proxy_set_header Host $host;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Port '443';
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Authorization '';
#proxy_buffering off;
#proxy_redirect off;
#proxy_redirect default;
proxy_redirect http://example.net/ /;
proxy_redirect https://example.net/ /;
#proxy_redirect http://$host/ /;
#proxy_redirect http:// https://;
#more_clear_headers 'referer';
#RequestHeader unset referer
#proxy_hide_header referer;
#proxy_ignore_headers referer;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;