Jump to content

Organizr v1.0 Released

causefx

By causefx
in Tools and Utilities

 Share

Recommended Posts

Spaceboy

Spaceboy 2565

Posted
Posted

 Either 443 if you use https or 80 if you use http only (which is then automatically turned into a secure connection).

When you say this, is the choice dependent on whether you have caddy proxy-ed to the http or the https port?

pünktchen

pünktchen 1350

Posted
Posted

When you say this, is the choice dependent on whether you have caddy proxy-ed to the http or the https port?

No it's independent of this, because we are talking about the external port caddy listens to, not about the internal proxied ports.

You can test it with your smartphone. Just open the http version of your site and the secure version is returned.

Anyway you should forward Caddy to Emby's http port, otherwise Emby's own self sign certificate could make problems.

  • Like 1
Swynol

Swynol 375

Posted
Posted

@@Spaceboy

 

i've never been able to get any tabs or homepage to work if i point them to http://locahost or http://localhost:8096. I have always had to use the external domain name i.e. https://emby.mydomain.com.

 

we could try something completely different and see if it works. Rather than using https://mydomain.com/emby   we could try https://emby.mydomain.com (using subdomains). This is how mine is set. 

Just had a thought now. i'm wondering if caddy and organizr are conflicting each other. in caddy if you have https://mydomain.com/emby point to your emby server and then you set up a tab in organizr called emby, then the url will be the same https://mydomain.com/emby - wondering if is causing a weird conflict.

 

what happens then is that you will get a certificate for each service.I have no issues with organizr or any of the tabs. albeit i dont use headphones.

 

wouldnt take much to change it. below is my caddyfile

 

 

 
##Emby##


emby.mydomain.com {
proxy / 127.0.0.1:8096 {
transparent
websocket
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}


}


gzip
log /Caddy/log/emby.log


header / {
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "SAMEORIGIN"
Strict-Transport-Security "max-age=31536000;"
-server
Referrer-Policy "strict-origin"
}
}


##Organizr##


organizr.mydomain.com {
ext .html .htm .php
gzip
log /caddy/log/organizr.log
root /caddy/www/organizr
startup /caddy/php/php-cgi -b 127.0.0.1:9000 &
fastcgi / localhost:9000 php




header / {
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "SAMEORIGIN"
Strict-Transport-Security "max-age=31536000;"
-server
Referrer-Policy "strict-origin"
}
}
Spaceboy

Spaceboy 2565

Posted
Posted

got the fire tv to connect using http:\\mydomain.com and port 443. i stumbled across this tbf. i think punktchen did give me this a while ago. just for my knowledge, how does caddy know this needs forwarding to emby?

 

thanks for this but. will take another look at organizr too

Spaceboy

Spaceboy 2565

Posted
Posted

 

@@Spaceboy

 

i've never been able to get any tabs or homepage to work if i point them to http://locahost or http://localhost:8096. I have always had to use the external domain name i.e. https://emby.mydomain.com.

 

we could try something completely different and see if it works. Rather than using https://mydomain.com/emby   we could try https://emby.mydomain.com (using subdomains). This is how mine is set. 

Just had a thought now. i'm wondering if caddy and organizr are conflicting each other. in caddy if you have https://mydomain.com/emby point to your emby server and then you set up a tab in organizr called emby, then the url will be the same https://mydomain.com/emby - wondering if is causing a weird conflict.

 

what happens then is that you will get a certificate for each service.I have no issues with organizr or any of the tabs. albeit i dont use headphones.

 

wouldnt take much to change it. below is my caddyfile

 

 

 
##Emby##


emby.mydomain.com {
proxy / 127.0.0.1:8096 {
transparent
websocket
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}


}


gzip
log /Caddy/log/emby.log


header / {
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "SAMEORIGIN"
Strict-Transport-Security "max-age=31536000;"
-server
Referrer-Policy "strict-origin"
}
}


##Organizr##


organizr.mydomain.com {
ext .html .htm .php
gzip
log /caddy/log/organizr.log
root /caddy/www/organizr
startup /caddy/php/php-cgi -b 127.0.0.1:9000 &
fastcgi / localhost:9000 php




header / {
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "SAMEORIGIN"
Strict-Transport-Security "max-age=31536000;"
-server
Referrer-Policy "strict-origin"
}
}

 

thanks Swynol, now looking at this again. isnt the real problem displaying headphones and sab within the iFrame of Organizr? if disable iFrames everything works fine. Every other tab works within the iFrame so isnt this pointing towards the security headers in Caddy?

Swynol

Swynol 375

Posted
Posted

ah ok makes sense now. Ye I had issues with some things not working with iFrame. usually adding the header X-Frame-Options "SAMEORIGIN" would fix it. are you still using the https://mydomain.com/emby or https://emby.mydomain.com?

 

might be worth adding the header directly in the headphones block

 

proxy /headphones localhost:8181 {
transparent
websocket
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}

X-Frame-Options "SAMEORIGIN"

}

  • Like 1
leorassi

leorassi 0

Posted
Posted

Did you update to 1.10? I did today in the morning and I had no errors...

 

 

Enviado do meu iPhone usando Tapatalk

Spaceboy

Spaceboy 2565

Posted
Posted

ah ok makes sense now. Ye I had issues with some things not working with iFrame. usually adding the header X-Frame-Options "SAMEORIGIN" would fix it. are you still using the https://mydomain.com/emby or https://emby.mydomain.com?

 

might be worth adding the header directly in the headphones block

 

proxy /headphones localhost:8181 {

transparent

websocket

header_upstream Host {host}

header_upstream X-Real-IP {remote}

header_upstream X-Forwarded-For {remote}

header_upstream X-Forwarded-Proto {scheme}

X-Frame-Options "SAMEORIGIN"

}

caddy doesnt start with that additional line. X-Frame_options is an unknown property apparently

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...