Hello,
I have dietpi 6.30 installed on my rpi4.
I have installed Nextloud from software optimised and jellyfin manually. I use nginx as webserver.
I have setup noip and lets encrypt. I am able to access nextcloud from the url https://mydomain.net/nextcloud . But I can’t acces jellyfin.
Following the jellyfin doc, I have to use a reverse proxy : https://jellyfin.org/docs/general/networking/nginx.html . WIth that, I can access jellyfin over the internet but not Nextcloud.
Do you have any idea on how I can access both over the internet?
Thank you in advance
Hi,
many thanks for your request. Would it be possible to share your revers proxy config file? I guess you would need to forward the subpath with Nginx only and not the entire traffic that is arriving on port 80.
Another option would be to connect directly to Jellyfin (http://YOUR_ADDRESS:8096/) without using a revers proxy
Hi,
My reverse config file is almost the same as the first one here : https://jellyfin.org/docs/general/networking/nginx.html
server {
listen 80;
server_name DOMAIN_NAME;
# Uncomment to redirect HTTP to HTTPS
return 301 https://$host$request_uri;
}
# Uncomment this section after you have acquired a SSL Certificate
server {
listen 443 ssl http2;
server_name DOMAIN_NAME;
ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_trusted_certificate /etc/letsencrypt/live/DOMAIN_NAME/chain.pem;
ssl_stapling on;
ssl_stapling_verify on;
# # Security / XSS Mitigation Headers
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
# Content Security Policy
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
# Enforces https content and restricts JS/CSS to origin
# External Javascript (such as cast_sender.js for Chromecast or YouTube embed JS for external trailers) must be whitelisted.
add_header Content-Security-Policy "default-src https: data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com/cv/js/sender/v1/cast_sender.js https://www.youtube.com/iframe_api https://s.ytimg.com; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'";
location /jellyfin/ {
# Proxy main Jellyfin traffic
proxy_pass http://SERVER_IP_ADDRESS:8096/jellyfin/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
location jellyfin/socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://SERVER_IP_ADDRESS:8096/jellyfin/socket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
}
If I use this file, I can access jellyfin through www.mydomain.net/jellyfin with https. But I can’t acess nextcloud anymore…
I have the idea to put jellyfin and nextcloud in two dockers, would it be better?
ok I found a working solution. It’s quite simple. Forget about the Jellyfin docs as it will break DietPi configurations. Pls remove the jellyfin.conf file you created.
We will create our own conf file like this
nano /etc/nginx/sites-dietpi/jellyfin.conf
pls copy the following inside the file
# Jellyfin
location /jellyfin {
return 302 $scheme://$host/jellyfin/;
}
location /jellyfin/ {
# Proxy main Jellyfin traffic
# The / at the end is significant.
# https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/
proxy_pass http://localhost:8097/jellyfin/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
save the file and restart nginx
systemctl restart nginx.service
2 Likes
I just tried.
And it’s working! Thank you
Does this still work? I’ve tried this but it doesn’t seem to work for me when i do dnsdomain.com/jellyfin
Jappe
29 March 2023 15:19
7
Do you use also nginx as Web Server?
Yeah, set up with Nextcloud
Can you share your web server configuration you created to enable Jellyfin
I don’t quite understand what you mean.
If you refer to the jellyfin.conf file I created, it’s copy and pasted from the one you shared here.
And in with folder you created the file? Did you activate configuration?
This is the directory i created the file in. I didn’t do anything other than creating the file, so I’m not sure how I should activate configuration…
Did you restarted the web server or whole system?
I did both “systemctl restart nginx.service” and “reboot”
ok 2 thinks to verify
inside etc/nginx/sites-dietpi/jellyfin.conf
, Jellyfin port needs to be 8097. They changed somewhere the last years.
proxy_pass http://localhost:8097/jellyfin/;
did you activate the correct base URL inside Jellyfin admin interface?
Another thing to note, if I exclude jellyfin from starting up when dietpi boots up, when I type the “jellyfin” command this error pops up
[16:08:24] [ERR] [1] Main: The server is expected to host the web client, but the provided content directory is either invalid or empty: /usr/lib/jellyfin/bin/jellyfin-web. If you do not want to host the web client with the server, you may set the '--nowebclient' command line flag, or set'hostwebclient=false' in your config settings.
I created the “jellyfin.conf” file pasting what you put here. I believe that the port there is 8097.
ok I found a working solution. It’s quite simple. Forget about the Jellyfin docs as it will break DietPi configurations. Pls remove the jellyfin.conf file you created.
We will create our own conf file like this
nano /etc/nginx/sites-dietpi/jellyfin.conf
pls copy the following inside the file
# Jellyfin
location /jellyfin {
return 302 $scheme://$host/jellyfin/;
}
location /jellyfin/ {
# Proxy main Jellyfin traffic
# The / at the end is significa…
However, all of a sudden it works. I have no idea how I made it work but it now works. Still, thanks for all the help! You’re amazing.
I adjusted my post yesterday as the port was incorrect. It was port 8096 before. Now it is port 8097.
We changed port a year ago to resolve some conflicts DietPi-Software | Jellyfin: Change default port to 8097 to resolve conflict with Emby by Joulinar · Pull Request #5220 · MichaIng/DietPi · GitHub
But the config code above was 3 years old. Therefore, it was not up-to-date. Anyway, it’s changed now above.
1 Like
Ohhhhhh I might have copied and pasted it again and I didn’t realize you had edited your comment.
Thanks for everything.