flof 0 Posted July 1, 2020 Share Posted July 1, 2020 (edited) Hello, So I have a super annyoing problem. Here's my setup: I have a server at home running emby in a docker container, in a docker-compose "services" stack. In another stack, I have an Nginx container, which has access to the "services" stack network, as well as the host's network through the docker "bridge" network. That way, all the services are reverse-proxied inside the docker network stack, and no other ports than 443 need to be open on the host. I have a Let's Encrypt certificate on the machine, signed to the external domain name. So far so good, I can access emby on my home network with no problem by going to https://emby.localhostname.lan with the only caveat that the browser says "Invalid certificate" since it is signed for externalhostname.com, but no biggie. I also have a WireGuard tunnel on another machine, which allows me to access all the local resources securely when I'm away: with this too, emby works just fine in the browser (both desktop and Android). However, things get messy with the Android app: - If I set up the server with https://emby.externalhostname.com in the app, it sees it no problem, connects just fine, and I can browse all my libraries. BUT video files won't play (the thingy stays spinning forever), and music files are just skipped immediately (the whole album is "played" in a split second). By looking at the "Activity" section on the desktop, emby does register the songs skipped as "played". In the browser, all works fine. - If I set up the server with https://emby.localhostname.lan in the app, it works fine in the android app, but of course I can't access anything as soon as I leave my WiFi. My workaround for now is to have my WireGuard tunnel enabled all the time, that way I can use the emby.localhostname.lan all the time, but that's not how it should be done... I suspected the firewall on the server but even after flushing iptables, the problem is still there. What could it be? Thank you!!! Edited July 6, 2020 by flof a typo Link to comment Share on other sites More sharing options...
Luke 37049 Posted July 5, 2020 Share Posted July 5, 2020 Hi there, what version of the android app are you running? Link to comment Share on other sites More sharing options...
flof 0 Posted July 6, 2020 Author Share Posted July 6, 2020 Hi, It's the latest available, version 3.1.23 Link to comment Share on other sites More sharing options...
Carlo 4330 Posted July 9, 2020 Share Posted July 9, 2020 Have you tried this setup without the Nginx involved? You have a lot of "external" things going on which could make this a bit complex to diagnose. Link to comment Share on other sites More sharing options...
flof 0 Posted July 20, 2020 Author Share Posted July 20, 2020 Hi, sorry for the late reply. I can try later today without Nginx, and report back. Link to comment Share on other sites More sharing options...
Carlo 4330 Posted July 20, 2020 Share Posted July 20, 2020 Sounds good, looking forward to your results. Link to comment Share on other sites More sharing options...
flof 0 Posted July 20, 2020 Author Share Posted July 20, 2020 (edited) Okay so I tried opening the 8096 port on my router and connect with my external IP, thus bypassing the SSL part and Nginx, and indeed it worked. So I suppose there's a problem either on my Nginx configuration (but then why would it work when accessing the very same server through https://emby.localhostname.lan ?), on in the Cloudflare proxy... I don't get it Edited July 20, 2020 by flof Link to comment Share on other sites More sharing options...
Carlo 4330 Posted July 20, 2020 Share Posted July 20, 2020 Depending on your needs you could generate your Cert and use that directly in Emby with port 8920 opened on your router. At worst case this would be another valid test to try and make sure your Cert is valid. Link to comment Share on other sites More sharing options...
flof 0 Posted July 22, 2020 Author Share Posted July 22, 2020 You mean a cert pointing to my home IP and not a hostname ? Yeah, I could try that. But that would not be optimal as a permanent solution, as it requires the 8920 port to be open in addition to the 443 Link to comment Share on other sites More sharing options...
Carlo 4330 Posted July 22, 2020 Share Posted July 22, 2020 You can just use 443 vs 8920. That's what I use since it's the expected port in browsers for encryption. Link to comment Share on other sites More sharing options...
Luke 37049 Posted July 23, 2020 Share Posted July 23, 2020 On 7/20/2020 at 10:07 AM, flof said: Okay so I tried opening the 8096 port on my router and connect with my external IP, thus bypassing the SSL part and Nginx, and indeed it worked. So I suppose there's a problem either on my Nginx configuration (but then why would it work when accessing the very same server through https://emby.localhostname.lan ?), on in the Cloudflare proxy... I don't get it I would suggest comparing your nginx configuration to that of @pir8radio Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now