nginx_proxy_manager
location ~* ^/$ { allow 100.100.69.0/24; allow 172.22.0.0/16; deny all; } access_log off;
# ------------------------------------------------------------
# *.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme https;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name *.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
client_max_body_size 1024M;
more_set_headers 'Server: CuteKitten';
add_header Access-Control-Allow-Credentials "true";
sub_filter '</body>' '<style>#logout-btn{position:fixed;top:10px;right:10px;z-index:9999;padding:10px 15px;background:#e63946;color:#fff;border:none;border-radius:4px;cursor:pointer;font-size:14px;box-shadow:0 2px 6px rgba(0,0,0,0.2);}#logout-btn:hover{background:#d62828;}</style><button id="logout-btn">Logout</button><script>document.getElementById("logout-btn").addEventListener("click",()=>{window.location.href="https://notflix.pknw1.co.uk/api/oidc/end-session";});</script></body>';
sub_filter_once off;
location / {
proxy_set_header Accept-Encoding "";
sub_filter
'</head>'
'<script async src="https://www.googletagmanager.com/gtag/js?id=G-YGH6L7VY6H"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag("js", new Date());
gtag("config", "G-YGH6L7VY6H");
</script>
</head>';
sub_filter_once on;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# search.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name search.pknw1.co.uk;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location /torrents {
proxy_set_header Accept-Encoding "";
sub_filter
'</head>'
'<style> body {display: none !important;}
</style>
</head>';
sub_filter_once on;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
location /torrents/search/ {
proxy_set_header Accept-Encoding "";
sub_filter
'</head>'
'<style>
.PageSidebar-sidebarContainer-aQa5n { display: none}
.PageToolbar-toolbar-YMl38 {display: none}
element {
}
.IndexerSearchInput-wrapper-Omh8X {
display: none;
align-items: center;}
.SearchFooter-indexerContainer-BM5oB {
display: none;}
.IndexerSearchInput-wrapper-Omh8X {
display: none;
align-items: center;
}
element {
}
.PageHeader-header-yG8lh {
display: none !important;
}
</style>
</head>';
sub_filter_once on;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
location / {
return 302 https://search.pknw1.co.uk/torrents/search;
proxy_set_header Accept-Encoding "";
sub_filter
'</head>'
'<style> body {display: none !important;}
</style>
</head>';
sub_filter_once on;
rewrite ^/$ /torrents/search permanent;
rewrite ^/ /torrents/search permanent;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# webmin.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.20.1";
set $port 10000;
listen 80;
listen 443 ssl;
server_name webmin.pknw1.co.uk;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location / {
proxy_set_header Accept-Encoding "";
more_set_headers 'Server: IIS 1.0';
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy same-origin;
add_header Content-Security-Policy "default-src 'self';" always;
add_header Cache-Control no-store;
add_header Pragma no-cache;
add_header Expires 0;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
# Authorization
auth_basic "Authorization required";
auth_basic_user_file /data/access/1;
# Access Rules: 1 total
allow 0.0.0.0/0;
deny all;
# Access checks must...
satisfy all;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# Download.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name Download.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# jackett.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.22.1";
set $port 9117;
listen 80;
listen 443 ssl;
server_name jackett.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location ~ ^/api/v2.0/indexers/.*/results/torznab/ {
proxy_pass http://172.22.22.1:9117/api/v2.0/indexers/all/results/torznab/$is_args$args;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# accounts.pknw1.co.uk, my.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "jellyseerr-admin";
set $port 8056;
listen 80;
listen 443 ssl;
server_name accounts.pknw1.co.uk my.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location / {
proxy_set_header Accept-Encoding "";
sub_filter
'</head>'
'<style>
body {font-family:Roboto,sans-serif;padding-top:4em;background: url("https://help.pknw1.co.uk/assets/images/jellyfin-bg-2000x1125.png");color: #ff0000;}
html.dark .wall{
background-color:var(--bg-dark);
background: url("https://static.pknw1.co.uk/images/bg-dimmed.png");
}
</style>
</head>';
sub_filter 'Create Account' 'Create Notflix Account';
sub_filter_once off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://jellyseerr-admin:8056;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# check.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name check.pknw1.co.uk;
location / {
return 302 https://stats.uptimerobot.com/zv1PktoDMZ;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
}
}
# ------------------------------------------------------------
# jf.pknw1.co.uk, notflix.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "jellyfin";
set $port 8096;
listen 80;
listen 443 ssl;
server_name jf.pknw1.co.uk notflix.pknw1.co.uk;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
add_header Access-Control-Allow-Credentials "true";
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
proxy_set_header Accept-Encoding ""; # required for sub_filter to work
sub_filter_types *;
sub_filter_once off;
#sub_filter 'src="baba78f2a106d9baee83.png"' 'src="https://help.pknw1.co.uk/assets/images/notflix-logo-telegram-128x72.png"';
#sub_filter '../../assets/img/banner-light.png' 'https://help.pknw1.co.uk/assets/images/notflix-logo-telegram-128x72.png';
location /api/oidc/end-session {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://pocket-id:1411;
# Block Exploits
include conf.d/include/block-exploits.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# requests.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name requests.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location ^~ /login {
proxy_pass http://jellyseerr:5055/login; # NO TRAILING SLASH
proxy_set_header Accept-Encoding "";
sub_filter_once off;
sub_filter_types *;
sub_filter '</h2>' '<img src="https://i.imgur.com/QLke6eL.png" /></h2>';
}
location / {
proxy_set_header Accept-Encoding "";
sub_filter
'</head>'
'<link rel="stylesheet" type="text/css" href="https://theme-park.dev/css/base/overseerr/dark.css">
</head>';
sub_filter_once on;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://internal_proxy:80;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# tv.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "caddy";
set $port 80;
listen 80;
listen 443 ssl;
server_name tv.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# 404.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name 404.pknw1.co.uk;
error_page 404 /errors/404.html;
location ^~ /errors/ {
internal;
root /app/templates;
}
location / {
}
}
# ------------------------------------------------------------
# reddit_webhook.pknw1.co.uk, webhook.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "149.202.72.112";
set $port 8000;
listen 80;
listen 443 ssl;
server_name reddit_webhook.pknw1.co.uk webhook.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# vue.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name vue.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# userform.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "ks5.pknw1.co.uk";
set $port 3000;
listen 80;
listen 443 ssl;
server_name userform.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# auth.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "pocket-id";
set $port 1411;
listen 80;
listen 443 ssl;
server_name auth.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# static.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.20.1";
set $port 8889;
listen 80;
listen 443 ssl;
server_name static.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# metube.pknw1.co.uk, ntfy.pknw1.co.uk, youtube.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "internal_proxy";
set $port 80;
listen 80;
listen 443 ssl;
server_name metube.pknw1.co.uk ntfy.pknw1.co.uk youtube.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
proxy_set_header Accept-Encoding ""; # required for sub_filter to work
add_header Access-Control-Allow-Credentials "true";
sub_filter "</body>" "<script> const myBtn = document.querySelector('body > section > div > form > button'); myBtn.click(); </script></body>";
sub_filter_once off;
sub_filter_types *;
location /api/oidc/end-session {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://pocket-id:1411;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# bb.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.17.0.3";
set $port 5000;
listen 80;
listen 443 ssl;
server_name bb.pknw1.co.uk;
location / {
}
}
# ------------------------------------------------------------
# mm.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "149.202.72.112";
set $port 3000;
listen 80;
listen 443 ssl;
server_name mm.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location /api/ {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://149.202.72.112:8800;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# mmapi.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.20.1";
set $port 3000;
listen 80;
listen 443 ssl;
server_name mmapi.pknw1.co.uk;
add_header 'Access-Control-Allow-Origin' '*' always;
location / {
}
}
# ------------------------------------------------------------
# jftest.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "jellyfin";
set $port 8096;
listen 80;
listen 443 ssl;
server_name jftest.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
add_header Access-Control-Allow-Credentials "true";
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
proxy_set_header Accept-Encoding ""; # required for sub_filter to work
sub_filter_types '*';
sub_filter_once off;
sub_filter 'src="baba78f2a106d9baee83.png"' 'src="https://help.pknw1.co.uk/assets/images/notflix-logo-telegram-128x72.png"';
sub_filter '../../assets/img/banner-light.png' 'https://help.pknw1.co.uk/assets/images/notflix-logo-telegram-128x72.png';
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# signup.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.20.1";
set $port 3333;
listen 80;
listen 443 ssl;
server_name signup.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# *.streaming-from.cloud
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.20.1";
set $port 8890;
listen 80;
listen 443 ssl;
server_name *.streaming-from.cloud;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}
# ------------------------------------------------------------
# aphrodite.pknw1.co.uk
# ------------------------------------------------------------
}
server {
set $forward_scheme http;
set $server "172.22.20.1";
set $port 8000;
listen 80;
listen 443 ssl;
server_name aphrodite.pknw1.co.uk;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}
}