Disabling the default SWAG website

LSIO Discussion Container Support
1

Hello,

I’ve been using SWAG for a while now and have it configured to route a number of sub-domains that I operate to the appropriate back-end systems.

However, right now if you specify a non-configured sub-domain (for example fake.mydomain.duckdns.org) then it still routes to the default SWAG website without prompting for any sort of auth (all other sub-domains are configured to use Authelia).

I don’t actually want the NGINX instance contained in SWAG to serve the default site because I don’t have a need for it. So, can anyone please tell me how to:

  1. Disable the site entirely so you can only route to configured sub-domains.
    or 2. At least force it so that Authelia auth is used when routing to the default site.

Grateful for any help that can be offered.

Thanks

Pete

2

You can edit the default server block in the site conf to serve a 404 or deny access

3

That’s great. Can you give me a bit more of an idea as to how to do that please?

Below is what I have in my default config. Then all the other services are defined in additional files which sit in the same folder.

## Version 2021/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/default

error_page 502 /502.html;

# redirect all traffic to https
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

# main server block
server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;

    root /config/www;
    index index.html index.htm index.php;

    #set_real_ip_from 172.0.0.0/8;
    #real_ip_header X-Forwarded-For;

    server_name _;

    # enable subfolder method reverse proxy confs
    include /config/nginx/proxy-confs/*.subfolder.conf;

    # all ssl related config moved to ssl.conf
    include /config/nginx/ssl.conf;

    # enable for ldap auth
    #include /config/nginx/ldap.conf;

    # enable for Authelia
    include /config/nginx/authelia-server.conf;

    # enable for geo blocking
    # See /config/nginx/geoip2.conf for more information.
    #if ($allowed_country = no) {
    #return 444;
    #}

    client_max_body_size 0;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /ldaplogin;

        # enable for Authelia
        include /config/nginx/authelia-location.conf;

        try_files $uri $uri/ /index.html /index.php?$args =404;
    }

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        include /etc/nginx/fastcgi_params;
    }
}

# enable subdomain method reverse proxy confs
include /config/nginx/proxy-confs/*.subdomain.conf;

# enable proxy cache for auth
proxy_cache_path cache/ keys_zone=auth_cache:10m;
4

Hi @wiredworm @aptalca

Can you tell me how you got this?

Thanks!!