Jellyfin + https + nginx setting up

[fernandog]

Hello. Almost totally noob here.

Rapsberry Pi 4 8GB.

Now I have a setup with nextcloud(https using letsencrypt as per Joulinar guide in this forum) + Sonarr + Radarr + Bazarr + Jackett + qBitTorret + PiVPN + Jellyfin. Everything is working fine.

However, I'd like to access Jellyfin from outside my home.

I ready read forum posts like

viewtopic.php?f=11&t=8120&p=32567&hilit ... tps#p32567
viewtopic.php?f=9&t=8561&p=30808&hilit= ... tps#p30808

and some tutorials, blog posts, etc .

After the research I guess my first step is change my default web server from lighttpd to nginx, but dietpi-software indicates that I can't without unistalling all the web applications.

So, I'm stuck. How should I proceed? Maybe using the ngixproxymanager docker container that Joulinar pointed in his post? Can this get along with my installation?

And, could you please point me to a noob guide to get all this working?

Thank you in advance

[Joulinar]

Hi,

there will be no easy to go like a noob, give me all commands and I will copy them into command line, solutions

There are a couple of decisions to be done. And you would need to decide what will best for you.

Looking to your applications, Sonarr + Radarr + Bazarr + Jackett + qBitTorret, all running own web server and are not depending on Lighttpd or Nginx. Means they are not impacted. If I understood correctly, it's not planned to make them available and accessible from the internet.

PiVPN is not a web server application. It's a VPN server and not impacted at all.

This will left us with Nextcloud and Jellyfin. Depending on the amount of data and configuration already done, it might be a possible way to re-setup both from scratch on Nginx. But this would be up to you to decide.

If it is not possible to reinstall Nextcloud and Jellyfin, you could install Nginx next to Lighttpd. Would be something to test how letsencrypt is behaving if both are installed

NginxProxyManager would be an easy way to mange multiple SSL certificates and sites to be available from internet. It's quite a heavy solution as you need docker + database. It might be a little bit oversized if you like to access Nextcloud + Jellyfin only.

[MichaIng]

A reverse proxy can btw as easily be added with Apache2 or Lighttpd:
E.g. for Apache2 to access via your.IP/jellyfin:

Code: Select all

a2enmod proxy
cat << 'EOF' > /etc/apache2/sites-available/jellyfin.conf
ProxyPass /jellyfin http://127.0.0.1:8096/
ProxyPassReverse /jellyfin http://127.0.0.1:8096/
EOF
a2ensite jellyfin
systemctl restart apache2

Lighttpd:

Code: Select all

lighty-enable-mod proxy
cat << 'EOF' > /etc/lighttpd/conf-available/99-jellyfin.conf
$HTTP["url"] =~ "^/jellyfin" {
    proxy.header = ( "map-urlpath" => ( "/jellyfin" => "/" ) )
    proxy.server = ( "" =>  ( ( "host" => "127.0.0.1", "port" => 8096 ) ) )
}
EOF
lighty-enable-mod jellyfin
systemctl restart lighttpd

We need to add this to our docs : https://github.com/MichaIng/DietPi-Docs/issues/404

[Joulinar]

probably we need a section for all 3 web server on this revers proxy topic.

[MichaIng]

Either that or a reverse proxy tab or each webservers documentation. But actually I like your combined idea more as it can then be easily linked from every web applications section that runs on its own port.

[Joulinar]

yeah but I'm totally noob if it comes down to revers proxy config
Always struggling with it

[MichaIng]

Apache2 makes it very easy and intuitive, as mostly, but on Lighttpd I forgot the need for (and just added) the path mapping so that it's not proxied to 127.0.0.1:8096/jellyfin. While Apache2 was not designed as proxy in the first place, like Nginx, and probably does not achieve same performance on high loads, I love it's very simple and clean syntax .

[Joulinar]

some small corrections related to what @MichaIng proposed

create config file as follow. Path is conf-available and not mods-available

Code: Select all

cat << 'EOF' > /etc/lighttpd/conf-available/99-jellyfin.conf
$HTTP["url"] =~ "^/jellyfin" {
    proxy.header = ( "map-urlpath" => ( "/jellyfin" => "/" ) )
    proxy.server = ( "" =>  ( ( "host" => "127.0.0.1", "port" => 8096 ) ) )
}
EOF

activate setting

Code: Select all

lighty-enable-mod proxy
lighty-enable-mod jellyfin
systemctl restart lighttpd

@MichaIng
I end up with the following. Maybe it is not that simple

[MichaIng]

So the Jellyfin UI is reached at least, but it seems to have internal issues with the proxy. Does it work OOTB with Nginx?

There are some other options: https://redmine.lighttpd.net/projects/l ... s_ModProxy
Probably adding the X-Forwarded-For ans X-Forwarded-Proto helps, which AFAIK is done by default by Nginx and Apache2.
EDIT: Apache2 adds X-Forwarded-Server as well.

[Joulinar]

need to run some test on weekend.