Jump to content


Photo

Emby with nginx reverse proxy + lets encrypt and nextcloud docker

nginx lets encrypt nextcloud emby ubunu server docker

  • Please log in to reply
9 replies to this topic

#1 leon123456789 OFFLINE  

leon123456789

    Member

  • Members
  • 17 posts
  • Local time: 07:21 PM

Posted 27 February 2018 - 02:02 PM

Hey Guys.

 

I want to add Emby to my current setup with a nginx reverse proxy, lets encrypt and nextcloud.

I already tried some things but it didnt worked so I hope you can help me.

 

docker-compose.yml:

version: '2'

services:
  proxy:
    image: jwilder/nginx-proxy
    container_name: proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./proxy/conf.d:/etc/nginx/conf.d
      - ./uploadlimit.conf:/etc/nginx/conf.d/uploadlimit.conf:ro
      - ./proxy/vhost.d:/etc/nginx/vhost.d
      - ./proxy/html:/usr/share/nginx/html
      - ./proxy/certs:/etc/nginx/certs:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - proxy-tier
    restart: always

  letsencrypt-companion:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: letsencrypt-companion
    volumes_from:
      - proxy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./proxy/certs:/etc/nginx/certs:rw
    restart: always

  web:
    image: nginx
    container_name: nextcloud_webserver
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    links:
      - app
    volumes_from:
      - app
    environment:
      - VIRTUAL_HOST=nextcloud.mydomain.de, alternative.domain.de
      - VIRTUAL_NETWORK=nginx-proxy
      - VIRTUAL_PORT=80
      - LETSENCRYPT_HOST=nextcloud.mydomain.de, alternative.domain.de
      - LETSENCRYPT_EMAIL=my@email.de
    networks:
    restart: always

  app:
    image: nextcloud:fpm
    container_name: nextcloud_fpm
    links:
      - db
    volumes:
      - ./nextcloud/apps:/var/www/html/apps
      - ./nextcloud/config:/var/www/html/config
      - /mainstorage/nextcloud/data:/var/www/html/data
    networks:
      - proxy-tier
    restart: always

  db:
    image: mariadb
    container_name: db
    volumes:
      - /mainstorage/nextcloud/db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=securepw
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=user
      - MYSQL_PASSWORD=anothersecurepw
    networks:
      - proxy-tier
    restart: always

networks:
  proxy-tier:
    external:
      name: nginx-proxy

nginx.conf:

user www-data;

events {
  worker_connections 768;
}

http {
  upstream backend {
      server app:9000;
  }

  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  server {
    listen 80;

    # Add headers to serve security related headers
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    root /var/www/html;
    client_max_body_size 10G; # 0=unlimited - set max upload size
    fastcgi_buffers 64 4K;

    gzip off;

    index index.php;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
    rewrite ^/.well-known/caldav /remote.php/dav/ permanent;

    location = /robots.txt {
      allow all;
      log_not_found off;
      access_log off;
    }

    location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
      deny all;
    }

    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
      deny all;
    }

    location / {
      rewrite ^/remote/(.*) /remote.php last;
      rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
      try_files $uri $uri/ =404;
    }

    location ~ \.php(?:$|/) {
      fastcgi_split_path_info ^(.+\.php)(/.+)$;
      include fastcgi_params;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_param PATH_INFO $fastcgi_path_info;
      fastcgi_param HTTPS on;
      fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
      fastcgi_pass backend;
      fastcgi_intercept_errors on;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the location ~ \.php(?:$|/) { block
    location ~* \.(?:css|js)$ {
      add_header Cache-Control "public, max-age=7200";
      # Add headers to serve security related headers
      add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
      add_header X-Content-Type-Options nosniff;
      add_header X-Frame-Options "SAMEORIGIN";
      add_header X-XSS-Protection "1; mode=block";
      add_header X-Robots-Tag none;
      add_header X-Download-Options noopen;
      add_header X-Permitted-Cross-Domain-Policies none;
      # Optional: Don't log access to assets
      access_log off;
    }

    # Optional: Don't log access to other assets
    location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
      access_log off;
    }
  }
}

I already tried something like adding

  emby:
    image: emby/embyserver
    container_name: emby
    volumes:
      - /mainstorage/emby/config:/config
      - /mainstorage/nextcloud/data/user1/files/:/mnt/share1
      - /mainstorage/nextcloud/data/user2/files/:/mnt/share2
    devices:
      - /dev/dri/renderD128
    networks:
      - proxy-tier
    restart: always

to the docker-compose file but it didnt work.

My Goal is to be able to access emby from a different subdomain than my nextcloud.

Like nextcloud access is under nextcloud.mydomain.de and emby is emby.mydomain.de.

 

I hope someone can help me :)



#2 mastrmind11 OFFLINE  

mastrmind11

    Advanced Member

  • Members
  • 3004 posts
  • Local time: 01:21 PM
  • LocationLong Island, NY

Posted 27 February 2018 - 04:58 PM

why are you messing with compose and not just installing the container straight up and managing the redirected ports in emby/nginx?  I have no issues doing it that way.



#3 leon123456789 OFFLINE  

leon123456789

    Member

  • Members
  • 17 posts
  • Local time: 07:21 PM

Posted 28 February 2018 - 06:15 AM

Im new to docker and found an explanation what uses this docker-compose. It was simple to set up but now its hard to edit these containers. I understand the basics but I dont know what do you mean.

 

Should I redirect the ports directly to emby container like

  emby:
    image: emby/embyserver
    container_name: emby
    volumes:
      - /mainstorage/emby/config:/config
      - /mainstorage/nextcloud/data/user1/files/:/mnt/share1
      - /mainstorage/nextcloud/data/user2/files/:/mnt/share2
    devices:
      - /dev/dri/renderD128
    ports:
      - 8096:8096
    restart: always

that didnt worked.

 

Do I have to change something in the nginx.conf or in the nginx container?



#4 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 152595 posts
  • Local time: 01:21 PM

Posted 28 February 2018 - 01:17 PM

@pir8radio may have some tips.

#5 pir8radio OFFLINE  

pir8radio

    NGINX

  • Members
  • 3371 posts
  • Local time: 12:21 PM
  • LocationChicago

Posted 01 March 2018 - 07:46 PM

I don't see anything in your nginx config for emby?



#6 leon123456789 OFFLINE  

leon123456789

    Member

  • Members
  • 17 posts
  • Local time: 07:21 PM

Posted 02 March 2018 - 04:32 AM

I don't see anything in your nginx config for emby?

 

You are right because I dont know what to write there. I tried some stuff like

location / {
  proxy_pass http://ip_of_local_emby_container:8096
}

but it didnt work.



#7 mastrmind11 OFFLINE  

mastrmind11

    Advanced Member

  • Members
  • 3004 posts
  • Local time: 01:21 PM
  • LocationLong Island, NY

Posted 02 March 2018 - 09:09 AM

The search feature on this forum are pretty effective:

 

https://emby.media/c...e-connectivity/



#8 leon123456789 OFFLINE  

leon123456789

    Member

  • Members
  • 17 posts
  • Local time: 07:21 PM

Posted 05 March 2018 - 11:54 AM

The search feature on this forum are pretty effective:

 

https://emby.media/c...e-connectivity/

I tried this stuff but it didnt work. I think i didnt understand it completly and I am not sure what to do.

I changed the system.xml file. I think I have to change the docker-compose file and/or the nginx.conf but I dont know to what



#9 dcrdev OFFLINE  

dcrdev

    Advanced Member

  • Members
  • 843 posts
  • Local time: 06:21 PM
  • LocationUK

Posted 05 March 2018 - 12:08 PM

I tried this stuff but it didnt work. I think i didnt understand it completly and I am not sure what to do.

I changed the system.xml file. I think I have to change the docker-compose file and/or the nginx.conf but I dont know to what

  • system.xml file ✔
  • nginx.conf / docker-compose ✖

Just specify the options required in the docker run command, if you have to many options to make this practical - specify a DockerFile to be included and specify the options there. Why you are using compose, is a mystery...



#10 leon123456789 OFFLINE  

leon123456789

    Member

  • Members
  • 17 posts
  • Local time: 07:21 PM

Posted 05 March 2018 - 02:50 PM

Whats wrong with using docker-compose?

 

I did it now. I specified in the environment my domain and it worked

  emby:
    image: emby/embyserver
    container_name: emby
    volumes:
      - /mainstorage/emby/config:/config
      - /mainstorage/nextcloud/data/admin/files/Audiobooks:/mnt/audiobooks
      - /mainstorage/nextcloud/data/admin/files/Music:/mnt/music
      - /mainstorage/nextcloud/data/admin/files/Movies:/mnt/movie
    devices:
      - /dev/dri/renderD128
    environment:
      - VIRTUAL_HOST=emby.mydomain.de
      - VIRTUAL_NETWORK=nginx-proxy
      - VIRTUAL_PORT=8096
      - LETSENCRYPT_HOST=emby.mydomain.de
      - LETSENCRYPT_EMAIL=mail@mydomain.de
    networks:
      - proxy-tier
    restart: always

Thanks for the help :)







Also tagged with one or more of these keywords: nginx, lets encrypt, nextcloud, emby, ubunu server, docker

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users