From e5007748e61bc5992cf151115b9b74e6070e8d9c Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Thu, 8 Mar 2018 00:46:29 -0500
Subject: [PATCH] Update default

---
 root/defaults/default | 78 +++++++++++++++++++++++++++++--------------
 1 file changed, 53 insertions(+), 25 deletions(-)

diff --git a/root/defaults/default b/root/defaults/default
index fcf9351..a9694b4 100644
--- a/root/defaults/default
+++ b/root/defaults/default
@@ -1,43 +1,71 @@
-## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
+## Version 2018/03/08 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
 
+# listening on port 80 disabled by default, remove the "#" signs to enable
+# redirect all traffic to https
+#server {
+#	listen 80;
+#	server_name _;
+#	return 301 https://$host$request_uri;
+#}
+
+# main server block
 server {
-	listen 80 default_server;
-
-	listen 443 ssl;
+	listen 443 ssl default_server;
 
 	root /var/www/localhost/heimdall/public;
-	index index.php index.html index.htm;
+	index index.html index.htm index.php;
 
 	server_name _;
 
-	ssl_certificate /config/keys/cert.crt;
-	ssl_certificate_key /config/keys/cert.key;
+	# all ssl related config moved to ssl.conf
+	include /config/nginx/ssl.conf;
 
 	client_max_body_size 0;
-	
-        error_page 599 = @noauth;
 
-        location / {
-                if (!-f /config/nginx/.htpasswd) {
-                        return 599;
-                }
-                auth_basic "Restricted";
-                auth_basic_user_file /config/nginx/.htpasswd;
-                try_files $uri $uri/ /index.php?$args;
-        }
-
-        location @noauth {
-                try_files $uri $uri/ /index.php?$args;
-        }
+	location / {
+		try_files $uri $uri/ /index.php?$args;
+	}
 
 	location ~ \.php$ {
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;
-		# With php5-cgi alone:
+		# With php7-cgi alone:
 		fastcgi_pass 127.0.0.1:9000;
-		# With php5-fpm:
-		#fastcgi_pass unix:/var/run/php5-fpm.sock;
+		# With php7-fpm:
+		#fastcgi_pass unix:/var/run/php7-fpm.sock;
 		fastcgi_index index.php;
 		include /etc/nginx/fastcgi_params;
-
 	}
+
+# sample reverse proxy config for password protected couchpotato running at IP 192.168.1.50 port 5050 with base url "cp"
+# notice this is within the same server block as the base
+# don't forget to generate the .htpasswd file as described on docker hub
+#	location ^~ /cp {
+#		auth_basic "Restricted";
+#		auth_basic_user_file /config/nginx/.htpasswd;
+#		include /config/nginx/proxy.conf;
+#		proxy_pass http://192.168.1.50:5050/cp;
+#	}
+
 }
+
+# sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above
+# notice this is a new server block, you need a new server block for each subdomain
+#server {
+#	listen 443 ssl;
+#
+#	root /config/www;
+#	index index.html index.htm index.php;
+#
+#	server_name cp.*;
+#
+#	include /config/nginx/ssl.conf;
+#
+#	client_max_body_size 0;
+#
+#	location / {
+#		auth_basic "Restricted";
+#		auth_basic_user_file /config/nginx/.htpasswd;
+#		include /config/nginx/proxy.conf;
+#		proxy_pass http://192.168.1.50:5050;	
+#	}
+#}