horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 I used custom ports before which worked without problems. checked with netstat if something's using 80/443, but there's nothing
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 (edited) Ubuntu (headless) 16.04 Linux does not allow non-root users to bind to low level ports ( below 1024). You can either run Emby as root or create an IP tables rule to direct traffic from 443 to 8920. https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux Edited October 25, 2017 by Jdiesel 1
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 Linux does not allow non-root users to bind to low level ports ( below 1024). You can either run Emby as root or create an IP tables rule to direct traffic from 443 to 8920. thank you, just came to my mind that cf also supports other ports, will try them at first.
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 I was originally using an iptables rule like this: iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8920 but have since gotten lazy and now run Emby as root 2
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 ok one step forwar I was originally using an iptables rule like this: iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8920 but have since gotten lazy and now run Emby as root why not just simply use one of the other ports supported by cf? Ok http is half working, I'm getting a black screen, login doesn't show up. Guess now I have to dig into cloudflare's settings
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 ok one step forwar why not just simply use one of the other ports supported by cf? Ok http is half working, I'm getting a black screen, login doesn't show up. Guess now I have to dig into cloudflare's settings Honestly it is because I would rather type https://mydomain.com rather than http://mydomain.com:8443 1
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 @@Jdiesel maybe you have the command written down somewhere to convert the pem/key certificate files provided by cf into pfx needed by Emby server?
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 @@Jdiesel maybe you have the command written down somewhere to convert the pem/key certificate files provided by cf into pfx needed by Emby server? I'm not sure if I follow completely. Do you mean the pem/key from letsencrypt? openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem 1
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 I'm not sure if I follow completely. Do you mean the pem/key from letsencrypt? openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem exactly, thank you very much. I remember it was quite a headache for me finding out the correct commands the last time I had to do this :-)
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 (edited) mhh okay I added the certificate and now neither https nor http is working over cloudflare. I'm quite confused how to check what's going wrong. When trying to access the site cf says 502 bad gateway. Edit: cf says bad gateway when entering http(s)://mydomain.com When entering http(s)://mydomain.com:8443 it says 521 Web server is down Edited October 25, 2017 by horstepipe
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 mhh okay I added the certificate and now neither https nor http is working over cloudflare. I'm quite confused how to check what's going wrong. When trying to access the site cf says 502 bad gateway. Edit: cf says bad gateway when entering http(s)://mydomain.com When entering http(s)://mydomain.com:8443 it says 521 Web server is down Even if the cert needs some hours to become active, the plain http should still work, shouldn't it?
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 Even if the cert needs some hours to become active, the plain http should still work, shouldn't it? First step is to make sure you can connect to your server via https before Cloudflare is enabled. Once you are able to do so you can enable Cloudflare and update your nameservers at which point the transition should be seamless.
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 First step is to make sure you can connect to your server via https before Cloudflare is enabled. Once you are able to do so you can enable Cloudflare and update your nameservers at which point the transition should be seamless. my server is reachable via https when using its origin IP address (it says connection is not safe, but I guess this is because the cert is for the domain name used with cloudflare)
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 my server is reachable via https when using its origin IP address (it says connection is not safe, but I guess this is because the cert is for the domain name used with cloudflare) What do you have entered in your external domain field? https://mydomain.com
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 What do you have entered in your external domain field? https://mydomain.com You mean in Emby server advanced settings? just mydomain.com without http/https
Jdiesel 1328 Posted October 25, 2017 Posted October 25, 2017 You mean in Emby server advanced settings? just mydomain.com without http/https Yes, try adding the https://
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 (edited) Yes, try adding the https:// Still, error 521 comes up. Edited October 25, 2017 by horstepipe
horstepipe 377 Posted October 25, 2017 Posted October 25, 2017 (edited) ok looks like it just needs some more time whyever. Now the plain http site sometimes is reachable, sometimes 521 comes up. Edited October 25, 2017 by horstepipe
horstepipe 377 Posted October 26, 2017 Posted October 26, 2017 (edited) Problem is solved, there was simply a second A-record which shouldn’t have been there, sorry for wasting your time on that. Now I‘m facing the same problem as the OP: The websockets don’t keep alive. I am not using nginx, only Cloudflare. So for the guys who do not have this problem, could we please clarify if you’re on Cloudflare‘s free or pro Plan? I could imagine that this is a limitation of the free plan. @@graphixmaker Have you already been able to solve the problem? Edited October 26, 2017 by horstepipe
horstepipe 377 Posted October 26, 2017 Posted October 26, 2017 (edited) @@Luke @@Angelblue05 Is there anything you can do about it? Cloudflare closes websockets after 100s of inactivity. So a ping every 60 seconds from server to client or vice versa would be a possible solution. Edited October 26, 2017 by horstepipe
dcrdev 254 Posted October 26, 2017 Posted October 26, 2017 Problem is solved, there was simply a second A-record which shouldn’t have been there, sorry for wasting your time on that. Now I‘m facing the same problem as the OP: The websockets don’t keep alive. I am not using nginx, only Cloudflare. So for the guys who do not have this problem, could we please clarify if you’re on Cloudflare‘s free or pro Plan? I could imagine that this is a limitation of the free plan. @@graphixmaker Have you already been able to solve the problem? I'm on the free plan, Up until about a year ago websockets weren't supported at all, now they are an advertised feature - I can assure you that if they were limited to 100s then they would be considered unsupported because it would defeat the purpose of websockets in the first place. I have had no such issues with my configuration (albeit using Apache) - so I would suggest looking at your configuration again. 1
horstepipe 377 Posted October 26, 2017 Posted October 26, 2017 I'm on the free plan, Up until about a year ago websockets weren't supported at all, now they are an advertised feature - I can assure you that if they were limited to 100s then they would be considered unsupported because it would defeat the purpose of websockets in the first place. I have had no such issues with my configuration (albeit using Apache) - so I would suggest looking at your configuration again. Thanks, I'll do. I'm running into another problem now. My site is not reachable via cf, I'm getting "Too many open files" when trying to open it.
horstepipe 377 Posted October 26, 2017 Posted October 26, 2017 @@dcrdev I‘ll try to adopt your page rules and see if this helps.
pir8radio 1305 Posted October 26, 2017 Posted October 26, 2017 Problem is solved, there was simply a second A-record which shouldn’t have been there, sorry for wasting your time on that. Now I‘m facing the same problem as the OP: The websockets don’t keep alive. I am not using nginx, only Cloudflare. So for the guys who do not have this problem, could we please clarify if you’re on Cloudflare‘s free or pro Plan? I could imagine that this is a limitation of the free plan. @@graphixmaker Have you already been able to solve the problem? @@Luke @@Angelblue05 Is there anything you can do about it? Cloudflare closes websockets after 100s of inactivity. So a ping every 60 seconds from server to client or vice versa would be a possible solution. I have the free plan and no websocket issues. I don't think there's anything the emby/kodi developers can do about it, we will have to find the issue in your setup.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now