Nextcloud + Jellyfin over the internet Topic is solved

Having issues with your DietPi installation, or, found a bug? Post it here.
Post Reply
TomEighty15
Posts: 6
Joined: Mon Jun 01, 2020 3:45 pm

Nextcloud + Jellyfin over the internet

Post by TomEighty15 »

Hello,

I have dietpi 6.30 installed on my rpi4.
I have installed Nextloud from software optimised and jellyfin manually. I use nginx as webserver.

I have setup noip and lets encrypt. I am able to access nextcloud from the url https://mydomain.net/nextcloud. But I can't acces jellyfin.

Following the jellyfin doc, I have to use a reverse proxy : https://jellyfin.org/docs/general/networking/nginx.html. WIth that, I can access jellyfin over the internet but not Nextcloud.

Do you have any idea on how I can access both over the internet?

Thank you in advance :D
User avatar
Joulinar
Posts: 2533
Joined: Sat Nov 16, 2019 12:49 am

Re: Nextcloud + Jellyfin over the internet

Post by Joulinar »

Hi,

many thanks for your request. Would it be possible to share your revers proxy config file? I guess you would need to forward the subpath with Nginx only and not the entire traffic that is arriving on port 80.

Another option would be to connect directly to Jellyfin (http://YOUR_ADDRESS:8096/) without using a revers proxy
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
TomEighty15
Posts: 6
Joined: Mon Jun 01, 2020 3:45 pm

Re: Nextcloud + Jellyfin over the internet

Post by TomEighty15 »

Hi,

My reverse config file is almost the same as the first one here : https://jellyfin.org/docs/general/networking/nginx.html

Code: Select all

server {
    listen 80;
    server_name DOMAIN_NAME;

    # Uncomment to redirect HTTP to HTTPS
     return 301 https://$host$request_uri;
}

# Uncomment this section after you have acquired a SSL Certificate
server {
    listen 443 ssl http2;
    server_name DOMAIN_NAME;
    ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
    add_header Strict-Transport-Security "max-age=31536000" always;
    ssl_trusted_certificate /etc/letsencrypt/live/DOMAIN_NAME/chain.pem;
    ssl_stapling on;
    ssl_stapling_verify on;

#    # Security / XSS Mitigation Headers
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    # Content Security Policy
    # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
    # Enforces https content and restricts JS/CSS to origin
    # External Javascript (such as cast_sender.js for Chromecast or YouTube embed JS for external trailers) must be whitelisted.
    add_header Content-Security-Policy "default-src https: data: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com/cv/js/sender/v1/cast_sender.js https://www.youtube.com/iframe_api https://s.ytimg.com; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'";

    location /jellyfin/ {
        # Proxy main Jellyfin traffic
        proxy_pass http://SERVER_IP_ADDRESS:8096/jellyfin/;
        proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;

        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
        proxy_buffering off;
    }
   
   location jellyfin/socket {
       # Proxy Jellyfin Websockets traffic
        proxy_pass http://SERVER_IP_ADDRESS:8096/jellyfin/socket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
  }
}
If I use this file, I can access jellyfin through www.mydomain.net/jellyfin with https. But I can't acess nextcloud anymore...

I have the idea to put jellyfin and nextcloud in two dockers, would it be better?
User avatar
Joulinar
Posts: 2533
Joined: Sat Nov 16, 2019 12:49 am

Re: Nextcloud + Jellyfin over the internet

Post by Joulinar »

ok I found a working solution. It's quite simple. Forget about the Jellyfin docs as it will break DietPi configurations. Pls remove the jellyfin.conf file you created. ;)

We will create our own conf file like this

Code: Select all

nano /etc/nginx/sites-dietpi/jellyfin.conf
pls copy the following inside the file

Code: Select all

  # Jellyfin
    location /jellyfin {
        return 302 $scheme://$host/jellyfin/;
    }

    location /jellyfin/ {
        # Proxy main Jellyfin traffic

        # The / at the end is significant.
        # https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/

        proxy_pass http://localhost:8096/jellyfin/;

        proxy_pass_request_headers on;

        proxy_set_header Host $host;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $http_host;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
        proxy_buffering off;
    }
save the file and restart nginx

Code: Select all

systemctl restart nginx.service
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
TomEighty15
Posts: 6
Joined: Mon Jun 01, 2020 3:45 pm

Re: Nextcloud + Jellyfin over the internet

Post by TomEighty15 »

I just tried.

And it's working! Thank you :D
Post Reply