Hey,
I’ll preface this by confirming I’m a total noob when it comes to configuring proxies and stuff.
I’m trying to put the Ardour docker provided by linuxserver.io behind SWAG using a subfolder, but I get a 500 internal server error (I don’t have this issue with the other dockers).
Could someone please help?
I did put /ardour/ in the subfolder variable in the docker setup, and here is what I put on the ardour.subfolder.conf (no sample was available)
location /ardour {
# Enable HTTP Basic Authentication
auth_basic "Restricted Area";
auth_basic_user_file /config/nginx/.htpasswd;
# GEOBLOCK
if ($lan-ip = yes) { set $geo-whitelist yes; }
if ($geo-whitelist = no) { return 404; }
# Add security headers to enforce HTTPS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# Enable proxy_cache_bypass for better user experience with dynamic content
proxy_cache_bypass $cookie_session;
# Remove /ardour prefix when forwarding to backend
rewrite /ardour(.*) $1 break;
# Forward to backend server (adjust to your actual internal service URL)
proxy_pass http://<ip address>:3000;
# HTTP headers for proxying
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; # Explicitly set protocol to HTTPS
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port 443; # Explicitly set port to 443 (HTTPS)
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Adjust timeout settings
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
# Additional security headers
proxy_hide_header X-Powered-By;
proxy_hide_header Server;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "upgrade-insecure-requests;";
# Fix potential redirects - ensures redirects maintain the /ardour path
proxy_redirect off;
}
# Deny direct access to sensitive files
location /ardour/config {
deny all;
return 403;
}