avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-06-16 04:19:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update ingress.conf

Browse Source
This commit is contained in:
Alexandre
2026-04-14 10:36:01 +02:00
committed by GitHub
parent 1297d55ae2
commit 9ba36fe780
1 changed files with 19 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
seerr/rootfs/etc/nginx/servers/ingress.conf
View File

@@ -7,37 +7,43 @@ server {
gzip_static off; gzip_static off;
client_max_body_size 0; client_max_body_size 0;
# Based on https://github.com/seerr-team/seerr/blob/develop/docs/extending-seerr/reverse-proxy.mdx
location ^~ / { location ^~ / {
set $app '%%ingress_entry%%'; set $app '%%ingress_entry%%';
# HA Supervisor strips the ingress entry prefix, so no rewrite is needed. # Forward the raw request URI exactly as received by this nginx.
# Avoiding rewrite ensures proxy_pass uses the raw $request_uri, # This is the safest way to preserve query-string encoding.
# which preserves URL encoding (e.g. spaces as + in query strings). proxy_pass http://127.0.0.1:5055$request_uri;
proxy_pass http://127.0.0.1:5055;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Referer $http_referer;
proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host;
proxy_hide_header X-Powered-By;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Forwarded-Host $host:$remote_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Encoding "";
proxy_hide_header X-Powered-By;
proxy_read_timeout 90; proxy_read_timeout 90;
add_header X-Frame-Options "SAMEORIGIN"; add_header X-Frame-Options "SAMEORIGIN";
add_header 'Referrer-Policy' 'no-referrer'; add_header Referrer-Policy "no-referrer";
# Redirect location headers
absolute_redirect off; absolute_redirect off;
proxy_redirect ^ $app; proxy_redirect ^ $app;
proxy_redirect /setup $app/setup; proxy_redirect /setup $app/setup;
proxy_redirect /login $app/login; proxy_redirect /login $app/login;
# Sub filters to replace hardcoded paths
sub_filter_once off; sub_filter_once off;
sub_filter_types *;
# Do not rewrite every response type blindly.
sub_filter_types text/html application/javascript text/javascript application/json;
sub_filter 'href="/"' 'href="$app"'; sub_filter 'href="/"' 'href="$app"';
sub_filter 'href="/login"' 'href="$app/login"'; sub_filter 'href="/login"' 'href="$app/login"';
sub_filter 'href:"/"' 'href:"$app"'; sub_filter 'href:"/"' 'href:"$app"';