NGINX reverse proxy issue - can't play media

[johnross2007 0]

Update: Everything works now, but I did not change anything. Hopefully the dark magic does not turn on me again. I'll update if I start having problems again.

 

Thanks in advance for any help. Let me know if this belongs in the Linux forum -- I post it here because NGINX is cross-platform and this is the "general" forum.

 

I just set up an emby LXC container in Proxmox. I used my NGINX LXC container as a reverse proxy with let's encrypt to give me remote access over port 443.

 

My issue:

I can access emby remotely and schedule recordings and change settings through emby.redacted.io. However, when I attempt to play media, it hangs both on my mac and my iphone.

 

I relied on many articles in this forum, but I can't find them at the moment. They were all for Windows and seem to use one massive config file. My setup involves separate config files for each and every server. For example, I have an emby.conf and a nextcloud.conf. Thus, I was reluctant to make changes to the main config file for fear that it would mess up my other servers.

 

The guide: https://emby.media/community/index.php?/topic/47508-how-to-nginx-reverse-proxy/

I varied from the aforementioned guide in two ways:

(1) I did not include the following code:

worker_processes  2;

events {
    worker_connections  8192;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    server_tokens off;

    sendfile        off;

gzip on;
gzip_disable "msie6";

gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
image/svg+xml;

tcp_nodelay on;

    server_names_hash_bucket_size 128;
    map_hash_bucket_size 64;

## Start: Timeouts ##
    client_body_timeout   10;
    client_header_timeout 10;
    keepalive_timeout     30;
    send_timeout          10;
    keepalive_requests    10;
## End: Timeouts ##


}

(2) I did not include any code that involved SSL stuff because I rely on the Let's Encrypt Certbot and do not know what might mess up the certbot's autoconfiguration.

 

My config file: /etc/nginx/conf.d/emby.conf

server {

  server_name emby.redacted.com;

  location / {
        proxy_pass http://10.0.0.3:8096;

        proxy_hide_header X-Powered-By;  ## Hides nginx server version from bad guys.
        proxy_set_header Range $http_range;  ## Allows specific chunks of a file to be requested.
        proxy_set_header If-Range $http_if_range;  ## Allows specific chunks of a file to be requested.
        proxy_set_header X-Real-IP $remote_addr;  ## Passes the real client IP to the backend server.
        proxy_set_header Host $host;  ## Passes the requested domain name to the backend server.
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  ## Adds forwarded IP to the list of IPs that were forwarded to the backend server.

        #Next three lines allow websockets
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
}


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/emby.redacted.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/emby.redacted.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = emby.redacted.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot



  server_name emby.redacted.com;
    listen 80;
    return 404; # managed by Certbot


}

As for variant (1): how can I include that code without it disrupting my other servers? Can I somehow include it in the emby.conf file instead of the main conf file? Also, is that missing code causing my issue?

 

As for variant (2): is my SSL config somehow inappropriate? What, if any, should I incorporate from the guide or otherwise?

Edited October 24, 2018 by johnross2007

[Luke 37247]

@@pir8radio, can you link him to your config so that he can compare? thanks !

[johnross2007 0]

Update: Everything works now, but I did not change anything. Hopefully the dark magic does not turn on me again. I'll update if I start having problems again.

[Luke 37247]

Thanks for the feedback.

[pir8radio 1293]

Update: Everything works now, but I did not change anything. Hopefully the dark magic does not turn on me again. I'll update if I start having problems again.

 

Looks like my config from the forum for the most part...  also looks correct.. But yea, post back if you have issues again. 

[radioactivesqrl 0]

If it's of any help, I had similar symptoms while trying to harden my nginx configuration. I found that when I attempted to limit the size of client requests (as outline in this article) I could do anything except play media. The web interface would just get the loading spinner and never stop.