pwhodges 1527 Posted April 2, 2023 Share Posted April 2, 2023 The dot at the end of the name in the CNAME record is normal (and required); it indicates that the URL is complete. (sorry, no time to look at the rest at this moment) Paul Link to comment Share on other sites More sharing options...
justinrh 174 Posted April 2, 2023 Share Posted April 2, 2023 @iPhoneMaxProTry changing your media subdomain to an A record and point it to your IP address. This would be similar to your www subdomain. I think either is valid, actually, as long as the mydomain.com DNS info is correctly configured. You might need to look at Google's documentation to make sure you are entering the information correctly. Test your config with an nslookup or some online utility; you don't have to test with Caddy I don't know if SNI is required in Caddy for your case, but I use it: (in the global block) default_sni mydomain.com Link to comment Share on other sites More sharing options...
iPhoneMaxPro 9 Posted April 4, 2023 Share Posted April 4, 2023 GNU nano 5.4 Caddyfile { email myemail@gmail.com http_port 49000 https_port 57000 } media.mydomain.com { reverse_proxy 192.168.0.2:49000 } mydomain.com A 1 ora 000.00.00.000 mydomain.com AAAA 1 ora 0000:000:0000:0:0000:0000:0000:0000 media.mydomain.com A 1 ora 000.00.00.000 www.mydomain.com A 1 ora 000.00.00.000 wwww.mydomain.com AAAA 1 ora 0000:000:0000:0:0000:0000:0000:0000 this is my current setup but i can't can anyone help me please? I've been trying for a week Link to comment Share on other sites More sharing options...
pwhodges 1527 Posted April 4, 2023 Share Posted April 4, 2023 The ACME specification used for automated certificates requires the use of ports 80 and 443. You can get automated certificates another way, for use with different ports. In Caddy, this can be done using "DNS challenge", as I told you previously. For that you will need to download Caddy compiled with the addition of the caddy-dns/googleclouddns plugin, which can be selected on the Caddy download page. The main documentation for using DNS challenge in Caddy is here: https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148 Unless anyone else here is doing this (I am not), then the Caddy forums are the place to get help with it. Alternatively, maybe you could change the ports on your other server and reverse-proxy to it from Caddy; you would only need http (because it's internal) so the other server would not need its own certificate - Caddy would deal with that on its behalf. You'd need the other server and Emby to use different domain names, so that Caddy could separate out the traffic. Paul 1 Link to comment Share on other sites More sharing options...
rbjtech 4256 Posted April 4, 2023 Share Posted April 4, 2023 (edited) 58 minutes ago, iPhoneMaxPro said: GNU nano 5.4 Caddyfile { email myemail@gmail.com http_port 49000 https_port 57000 } media.mydomain.com { reverse_proxy 192.168.0.2:49000 } mydomain.com A 1 ora 000.00.00.000 mydomain.com AAAA 1 ora 0000:000:0000:0:0000:0000:0000:0000 media.mydomain.com A 1 ora 000.00.00.000 www.mydomain.com A 1 ora 000.00.00.000 wwww.mydomain.com AAAA 1 ora 0000:000:0000:0:0000:0000:0000:0000 this is my current setup but i can't can anyone help me please? I've been trying for a week I don't know caddy - but if you are using subdomains - then one of the primary reasons to use a RP is to redirect the sub domain to the correct end point using standard ports externally, and whatever you want internally. so in the above example - mydomain.com - could be re-directed to http(80) or https(443) to lets say to 192.168.0.2 (port 80 and 443) media.mydomain.com - could be re-directed to http(80) or https(443) to lets say 192.168.0.2 (port 8096 and 8920) emby.mydomain.com - could be re-directed to http(80) or https(443) to lets say 192.168.0.2 (port 8080 and 8443) - or another internal IP on 80/443 again. Edited April 4, 2023 by rbjtech Link to comment Share on other sites More sharing options...
smernt 9 Posted December 28, 2023 Share Posted December 28, 2023 I'm just wondering if I have this set up correctly: On router I have ports 80 & 443 open and ties to the local IP of my Synology NAS. I have reverse proxy running on my NAS like this: emby.mydomain.com:443 to 192.168.x.xx:8096 internal IP I then have Emby set up with: Public http port: 80 Public https port: 443 external domain: emby.mydomain.com secure connection mode: handled by proxy It seems to be working fine, but I did read somewhere that having 443 as the port for emby would mean you can't use 443 for other things? If so, how does that negatively impact the likes of the Synology reverse proxy stuff, where every subdomain I'm using for a reverse proxy is using 443 https? Link to comment Share on other sites More sharing options...
pwhodges 1527 Posted December 28, 2023 Share Posted December 28, 2023 (edited) You can serve multiple http(s) sites on the same port so long as they have different names. The reverse proxy can separate them and proxy them to different servers. Obviously only one reverse proxy can be used on one port, but just adding Emby to the list of proxied websites is not a complication. In the early days of SSL this could not be done for secure sites (so very out-of-date web pages about it might say this), but later developments made it possible and indeed routine. Of course, if you try to connect 443 to Emby (running HTTPS itself) directly, without a proxy, you will block any other usage of it on the same machine - this might be the meaning of what you read. Paul Edited December 28, 2023 by pwhodges 2 Link to comment Share on other sites More sharing options...
rbjtech 4256 Posted December 29, 2023 Share Posted December 29, 2023 (edited) To add a little more clarity on what Paul previously replied - there are two ways for the reverse proxy to know 'how' to direct the the traffic - 1) is using a DNS subdomain. In this case 'emby' is a subdomain of mydomain.com. If you own the main domain (mydomain.com) then you can have as many subdomains as your domain provider will allow - and each one can be re-directed to a local host/service. From an https perspective (certificate) - these could all be covered by a wilcard cert (covering all *.mydomain.com sites) or an individual cert for each subdomain site. You can also use DNS CNAME's to redirect requests using different DNS names - so it's very flexible. 2) is using the URL via a subfolder. ie mydomain.com/emby This is generally less supported, so as a preference, try and use the subdomain method. Edited December 29, 2023 by rbjtech Link to comment Share on other sites More sharing options...
darkassassin07 423 Posted December 29, 2023 Share Posted December 29, 2023 4 hours ago, rbjtech said: 2) is using the URL via a subfolder. ie mydomain.com/emby This is generally less supported, so as a preference, try and use the subdomain method. Pretty much any web application can be put in a subdomain (subdomain.example.com), but to put an application in a subfolder (example.com/subfolder/) that application must explicitly support this behaviour, usually by specifying an 'external path'/'base url' or similar in their settings. Otherwise every url they generate for the client to follow is wrong, missing your added subfolder. Emby server does not support this. 1 Link to comment Share on other sites More sharing options...
pwhodges 1527 Posted December 29, 2023 Share Posted December 29, 2023 In some proxies it is also possible to rewrite addresses contained in a reply to enable unsupported apps to run in a subfolder. I have one site I proxy like this (the design makes it impossible to avoid), but it's highly NOT recommended. Paul Link to comment Share on other sites More sharing options...
js28194 14 Posted December 29, 2023 Share Posted December 29, 2023 Keep it Simple.... port 80 and 443 forward to server... Caddy runs a service in win 7 x64 - caddy service = c:\caddy\caddy.exe -run Caddy file below: { email myemail@gmail.com } emby.mydomain.com { log { output file C:\caddy\logs\emby_access.log { roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } reverse_proxy http://localhost:8096 } webmin.mydomain.com { log { output file C:\caddy\logs\webmin_access.log { roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } reverse_proxy http://192.168.1.3:10000 #Disable SSL in Webmin } nextpvr.mydomain.com { log { output file C:\caddy\logs\nextpvr_access.log { roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } reverse_proxy http://localhost:8866 } hw.mydomain.com { log { output file C:\caddy\logs\openhardwaremonitor_access.log { roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } reverse_proxy http://192.168.1.241:8085 } garage.mydomain.com { log { output file C:\caddy\logs\garage_access.log { roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } reverse_proxy http://192.168.1.243:8080 } nextcloud.mydomain.com { log { output file C:\caddy\logs\nextcloud_access.log { roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301 redir /.well-known/webfinger /index.php/.well-known/webfinger redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo reverse_proxy http://192.168.1.3 } 1 Link to comment Share on other sites More sharing options...
justinrh 174 Posted December 29, 2023 Share Posted December 29, 2023 Keep it simple ... would be to define a logging function so you don't have to repeat 4 LOC for each subdomain Link to comment Share on other sites More sharing options...
js28194 14 Posted December 29, 2023 Share Posted December 29, 2023 4 minutes ago, justinrh said: Keep it simple ... would be to define a logging function so you don't have to repeat 4 LOC for each subdomain Meh... non-programmers who just need a simple solution... mere n00bs world that I live in. Loggin function? How about a stored procedure? Assembly maybe? Jebuz, not everyone is programmer, and spoken like a true programmer. ChatGPT didn't spit out the loggin function you so call "keepin it simple" Got a solution, be happy to listen. Link to comment Share on other sites More sharing options...
justinrh 174 Posted December 29, 2023 Share Posted December 29, 2023 Right, maybe Caddy calls them procedures. Here's an example. #log file procedure (logging) { log { output file "C:\caddy\logs\{args[0]}.log" roll_size 5MiB # Set max size 5 MB roll_keep 2 # Keep at most 2 log files roll_keep_for 96h # Keep log files for 4 days } } #emby server emby.mydomain.com { import logging emby_access reverse_proxy :8096 } 1 Link to comment Share on other sites More sharing options...
js28194 14 Posted December 29, 2023 Share Posted December 29, 2023 I shall test this .... problem is in a year I will forget what this all does so having everthing in a "clean" manner works for me. Effiency for the sake of effiency is no longer an issue for me personally. Yeah back in the day when you only had 256k of memory then sure. Now I got 32GB so having extra clean line items is not an issue But I appreicate your input and cleansiness. Everyong on the Caddy website just say's "read the docs" with no clear examples for no programmers. SO I thank you. Link to comment Share on other sites More sharing options...
arrbee99 1559 Posted December 29, 2023 Share Posted December 29, 2023 It takes you a year to forget ? lucky. Think I'm more towards the 10 minute end of the spectrum... 1 Link to comment Share on other sites More sharing options...
js28194 14 Posted December 29, 2023 Share Posted December 29, 2023 Well, you know, set it and forget it mental. If it ain't broke, don't fix it type of mind set. If it is working and you unplug then very hard to retrace. Link to comment Share on other sites More sharing options...
smernt 9 Posted January 2 Share Posted January 2 (edited) Ok, so I'm doing this correctly: On router I have ports 80 & 443 open and ties to the local IP of my Synology NAS. I have reverse proxy running on my NAS like this: emby.mydomain.com:443 to 192.168.x.xx:8096 internal IP I then have Emby set up with: Public http port: 80 Public https port: 443 external domain: emby.mydomain.com secure connection mode: handled by proxy but it seems to be working for some, but for others it's not. Everyone I shared with are logging in with emby connect on a TV. Some can just get straight in. But others, while they see the server, they're seeing it with my local ip address and the local http port... I can't figure out why this is happening. I've had them delete the server from their side, I've removed emby connect from their profile on my end, re-added it, logged into their emby connect myself on a mobile connection and that worked fine, but then on their TV they can't connect. Anyone come across this issue? Edited January 2 by smernt Link to comment Share on other sites More sharing options...
smernt 9 Posted January 3 Share Posted January 3 Figured it out! It was due to an LG TV, with old firmware not supporting the let's encrypt SSL certificate. 1 Link to comment Share on other sites More sharing options...
rbjtech 4256 Posted January 3 Share Posted January 3 1 hour ago, smernt said: Figured it out! It was due to an LG TV, with old firmware not supporting the let's encrypt SSL certificate. I think there are some fixes for this online by updating the root certificate on the TV. I've never done this, as my sons LG TV doesn't appear to have an issue with my RP cert, but from the instructions it's certainly not something you can expect a non technical person to do .. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now