1 files changed, 41 insertions, 0 deletions
diff --git a/data/photoprism/photoprism.conf b/data/photoprism/photoprism.conf
new file mode 100644
index 0000000..415bc1d
--- /dev/null
+++ b/data/photoprism/photoprism.conf
@@ -0,0 +1,41 @@
+server {
+        listen 443 ssl;
+        server_name photos.chudnick.com;
+    ssl_certificate /etc/letsencrypt/live/chudnick.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/chudnick.com/privkey.pem;
+    add_header Strict-Transport-Security "max-age=31536000" always;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    # Security / XSS Mitigation Headers
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Content-Type-Options "nosniff";
+        client_max_body_size    500M;
+        # authelia
+        include /etc/nginx/snippets/authelia-location.conf;
+    location / {
+                #authelia
+                include /etc/nginx/snippets/proxy.conf;
+        include /etc/nginx/snippets/authelia-authrequest.conf;
+        proxy_pass http://127.0.0.1:8006/;
+                # websockets
+                proxy_buffering off;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "upgrade";
+    }
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name photos.chudnick.com;
+        return 301 https://$host$request_uri;
+}

diff --git a/data/photoprism/photoprism.conf b/data/photoprism/photoprism.conf new file mode 100644 index 0000000..415bc1d --- /dev/null +++ b/data/photoprism/photoprism.conf
@@ -0,0 +1,41 @@
	1	server {
	2	listen 443 ssl;
	3	server_name photos.chudnick.com;
	4
	5	ssl_certificate /etc/letsencrypt/live/chudnick.com/fullchain.pem;
	6	ssl_certificate_key /etc/letsencrypt/live/chudnick.com/privkey.pem;
	7	add_header Strict-Transport-Security "max-age=31536000" always;
	8	ssl_stapling on;
	9	ssl_stapling_verify on;
	10
	11	# Security / XSS Mitigation Headers
	12	add_header X-Frame-Options "SAMEORIGIN";
	13	add_header X-XSS-Protection "1; mode=block";
	14	add_header X-Content-Type-Options "nosniff";
	15
	16	client_max_body_size 500M;
	17
	18	# authelia
	19	include /etc/nginx/snippets/authelia-location.conf;
	20
	21	location / {
	22	#authelia
	23	include /etc/nginx/snippets/proxy.conf;
	24	include /etc/nginx/snippets/authelia-authrequest.conf;
	25
	26	proxy_pass http://127.0.0.1:8006/;
	27
	28	# websockets
	29	proxy_buffering off;
	30	proxy_set_header Upgrade $http_upgrade;
	31	proxy_set_header Connection "upgrade";
	32	}
	33
	34	}
	35
	36	server {
	37	listen 80;
	38	listen [::]:80;
	39	server_name photos.chudnick.com;
	40	return 301 https://$host$request_uri;
	41	}