Emby server with Apache reverse proxy

[mbo 12]

How would that work. I am confused ... emby does not have a real document root, does it?

 

 

If you setup a separate site, you don't need any extra base URL as it all works on the server name.

 

My entire config that works.

...

Edited April 15, 2017 by mbo

[mbo 12]

After removing all ws proxies it still works on the desktop app but not on the mobile apps - there doesnt seem to be a difference. Still no video in the mobile apps. Login/Browsing etc. works like a charm ...

[bigeyez 7]

Hi

 

I am trying to set up apache reverse proxy on debian wheezy. I tested bunch of stuff from these forum posts but none is working for me ;( Can someone post a working reverse proxy setting please? However I do not want to run emby as the root of the proxy server I need to to run from /emby if I can otherwise I will need to setup new port and I do not want to do that thanks.

Edited October 13, 2017 by bigeyez

[Luke 37012]

@@bigeyez i think it will be easier for others to offer advice if you can describe exactly what issue you're having. thanks !

[Kezine 16]

Emby server is accessible to https://exemple.com/emby/  with this configuration. Do not forget the tailing  '/' when you try to acess your server.

<VirtualHost *:443>
        ServerAdmin webmaster@[member="Localhost"]
        DocumentRoot /var/www/html
		<Proxy *>
				Order deny,allow
				Allow from all
		</Proxy>
		SetEnv proxy-nokeepalive 1
		SetEnv proxy-sendchunked 1

		ProxyRequests     Off
		ProxyPreserveHost On

		Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
		Header        set        Connection "Upgrade"
		RequestHeader setifempty Connection "Upgrade"
		Header        set        Upgrade "websocket"
		RequestHeader setifempty Upgrade "websocket"
		
		# /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\
		#For websocket tunelling the module  proxy_wstunnel MUST be enabled
		#Available from apache 2.4 for older versions it's a bit more complicated
		#=> sudo a2enmod proxy_wstunnel
		#=> sudo service apache2 restart
		# /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\ /!\
		
		# Compatibility for old version of emby
		<Location /emby/socket >
				ProxyPass        ws://internal_emby_ip:8096/emby/socket
				ProxyPassReverse ws://internal_emby_ip:8096/emby/socket
		</location>
		
		# For current version
		<Location /embywebsocket>
				ProxyPass        ws://internal_emby_ip:8096/emby
				ProxyPassReverse ws://internal_emby_ip:8096/emby
		</location>
		
		<Location /emby >
				ProxyPass        http://internal_emby_ip:8096
				ProxyPassReverse http://internal_emby_ip:8096
		</location>

		<Location /emby/emby >
				ProxyPass        http://internal_emby_ip:8096/emby
				ProxyPassReverse http://internal_emby_ip:8096/emby
		</location>

		SSLCertificateFile /etc/letsencrypt/live/exemple.com/fullchain.pem
		SSLCertificateKeyFile /etc/letsencrypt/live/exemple.com/privkey.pem
		Include /etc/letsencrypt/options-ssl-apache.conf
		ServerName exemple.com
</VirtualHost>
</IfModule>

Edited October 16, 2017 by Kezine

[bigeyez 7]

@@Kezine

 

 

Thanks for your config.

 

What does "Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" do?

[Kezine 16]

@@Kezine

 

 

Thanks for your config.

 

What does "Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" do?

It's used to force the browser to use HTTPS, but not really usefull in this case. 

[jcbdrs 0]

Thank you for your reply!

 

If I replace both /emby and /emby/emby location by /, will it work?

 

I want to access the server using site.com/ not site.com/emby/.

 

Thanks!

[jcbdrs 0]

I tested the config and it's not working for me...

 

I tried to change few things such as putting a trail after or modifying the url.

 

I checked in my Apache config and I disabled all custom config.

 

I am still getting the exact same thing. I don't know if it's because I am using TLS 1.3?

 

Thanks for your help guys!

[mbo 12]

I switched to haproxy. This will forward the https:// to a local emby listening at 127.0.0.1:18096

 

Pretty easy:

"haproxy.cfg"
global
 user haproxy
 group haproxy
 log 127.0.0.1:514 local0 info
 chroot /var/lib/haproxy
 daemon
 quiet
 stats socket /var/run/haproxy.sock user haproxy group haproxy level admin
 maxconn 32768
 pidfile /var/run/haproxy.pid
 ca-base /etc/ssl/certs
 crt-base /etc/ssl/private

defaults
 timeout connect 5s
 timeout client 50s
 timeout server 50s
 mode http
 log global
 option    httplog
 balance roundrobin
 option httplog
 option dontlognull
 option redispatch
 option tcplog

frontend emby_public
 option forwardfor
# option forwardfor header X-Client
 default_backend emby
 bind emby.yourdomain.com:443 ssl crt /etc/haproxy/certs/emby.yourdomain.com.pem
 maxconn 32768

backend emby
 mode http
 server localemby 127.0.0.1:18096
 balance roundrobin

Edited August 5, 2019 by mbo

[Animosity022 6]

I've moved to Caddy quite some time ago, much much simpler than all of that.

 

https://github.com/caddyserver/caddy

 

I use cloudflare for DNS so it auto registers my domain name and automatically handles the cert process with just these lines in the config:

 

 

emby.domain.us {
gzip
realip cloudflare
log /opt/caddy/logs/emby.log
tls {
        dns cloudflare
}
proxy / 127.0.0.1:8096 {
        transparent
        websocket
        timeout 1h
        }
}

 

 

Possibly the easiest thing I've used and much less lines of config than any other solution I've seen.

Edited August 9, 2019 by Animosity022

[africano 0]

anyone, please, 

How to setup reverse proxy with apache on wampserver? Step by step.

[Luke 37012]

3 hours ago, africano said:

anyone, please, 

How to setup reverse proxy with apache on wampserver? Step by step.

HI there, what have you done so far?

[africano 0]

still nothing