Schleudertrauma 4 Posted August 4, 2022 Share Posted August 4, 2022 Hey Freunde, ich bräuchte mal eure Hilfe und zwar kann ich mich außerhalb des LAN nicht per Emby App auf dem Server einloggen. In der App wird mir immer angezeigt, dass Nutzername oder Passwort nicht korrekt seien. Die sind aber definitiv korrekt. Ein Einloggen per mobilem Browser über LTE funktioniert ohne Probleme, warum nicht in der App? Der Server wird in der App ja auch gefunden, nur ist ein Login hier nicht möglich (zumindest von außerhalb des Netzwerkes). Innerhalb des LAN funktioniert der Login auch in der App. Meine Konfiguration sieht wie folgt aus: Server 1 (Ubuntu-Server 20.04): Nginx Reverse Proxy server { server_name emby.domain.de; proxy_hide_header X-Powered-By; add_header X-Xss-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Strict-Transport-Security "max-age=2592000; includeSubdomains" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header 'Referrer-Policy' 'no-referrer'; location / { proxy_pass http://192.168.xxx.xx:8096; proxy_hide_header X-Powered-By; proxy_set_header Range $http_range; proxy_set_header If-Range $http_if_range; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } client_max_body_size 0; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/emby.domain.de/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/emby.domain.de/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = emby.domain.de) { return 301 https://$host$request_uri; } # managed by Certbot server_name emby.domain.de; listen 80; return 404; # managed by Certbot } Server 2 (Ubuntu-Server 20.04): Emby-Server (Version 4.7.6.0) - Ports sind auf Standard (8096 und 8920), Remoteverbindungen sind aktiviert, sicherer Verbindungsmodus ist deaktiviert, das Feld "externe Domain" ist leer, im Prinzip ist alles recht original eingestellt Ich hoffe ihr könnt mir da weiterhelfen, bin leider nicht der beste in Sachen Linux. Grüße Schleudi Link to comment Share on other sites More sharing options...
Luke 37095 Posted August 4, 2022 Share Posted August 4, 2022 Hi, have you compared your nginx configuration to this? 1 Link to comment Share on other sites More sharing options...
Schleudertrauma 4 Posted August 5, 2022 Author Share Posted August 5, 2022 I compared it today and changed my configuration of nginx and now it works fine. Thank you :D Link to comment Share on other sites More sharing options...
Luke 37095 Posted August 5, 2022 Share Posted August 5, 2022 5 minutes ago, Schleudertrauma said: I compared it today and changed my configuration of nginx and now it works fine. Thank you Great. What was the solution? Link to comment Share on other sites More sharing options...
Solution Schleudertrauma 4 Posted August 5, 2022 Author Solution Share Posted August 5, 2022 1 minute ago, Luke said: Great. What was the solution? The solution was that my config was build in /sites-available and then linked to /sites-enabled. The nginx config in /nginx/nginx.conf was on original values from the installation. So i copied the nginx.conf from your your linked post, changed the values to my needs and quotet out every line in the config file made in /sites-available (luckily it was the only one). I didn´t unlink the file yet. After failed tests with "nginx -t" i had to create the log directory with "mkdir /usr/share/nginx/logs/" and i had to quote out the SSL section because i have no own certificates to implement. So i had to get the Let´s Encrypt Certs to work. Now my config looks like below. After the last test everything was ok. I reloaded with "systemctl restart nginx.service" and tried to login via browser (worked fine) and via Emby App on Android (also fine). Now everything seems to work properly. ## Start of actual server blocks server { ## listen [::]:443 ssl http2; ## listen 443 ssl http2; proxy_buffering off; server_name emby.domain.de; (Domain changed because nobody needs to know ) access_log logs/emby.log emby; ## Creates a log file with this name and the log info above. ## SSL SETTINGS ## ## ssl_session_timeout 30m; ## ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ## ssl_certificate ssl/pub.pem; ## Location of your public PEM file. ## ssl_certificate_key ssl/pvt.pem; ## Location of your private PEM file. ## ssl_session_cache shared:SSL:10m; listen 443 ssl; ssl_certificate /etc/letsencrypt/live/emby.domain.de/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/emby.domain.de/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; Thats was the magic Greetings Schleudi 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now