Jump to content

Recommended Posts

crusher11
Posted
31 minutes ago, vdatanet said:

Forget what you had before, it didn't work, you had it set up Emby - Cloudflare.

It worked at some point... 

vdatanet
Posted
2 minutes ago, crusher11 said:

It worked at some point... 

Maybe yes, but in your last configuration the ports were forwarded directly to the Emby server and the SSL certificate path was incorrect. 

vdatanet
Posted (edited)
12 minutes ago, crusher11 said:

It worked at some point... 

Nginx was not involved in anything:

ports.png.4420a33964931da70bfd58ac2d04ad22.png

We left the system as you had it and now we are trying to configure nginx.

Edited by vdatanet
vdatanet
Posted
10 minutes ago, crusher11 said:

No change. Instant "192.168.0.2 refused to connect" on port 8080, and a long load time before NGINX throws a 502 error on 4343.

Did you change the router port forwarding (80-> 8080 and 43-> 4343)? Do this and try again using the domain.

crusher11
Posted
1 hour ago, vdatanet said:

Did you change the router port forwarding (80-> 8080 and 43-> 4343)? Do this and try again using the domain.

CloudFlare 521 errors.

vdatanet
Posted
2 minutes ago, crusher11 said:

CloudFlare 521 errors.

Undo the port forwarding changes and post the current Nginx configuration file.

crusher11
Posted
1 minute ago, vdatanet said:

Undo the port forwarding changes and post the current Nginx configuration file.

Quote

worker_processes  auto;

error_log  logs/error.log;

events {
    worker_connections  8192;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    server_names_hash_bucket_size 64;
    server_tokens off;

    ## The below will create a separate log file for your emby server which includes
    ## userId's and other emby specific info, handy for external log viewers.
    log_format  emby  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" $request_time $server_port "$http_x_emby_authorization"';

    log_format default '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" $request_time $server_port';

    sendfile        off;  ## Sendfile not used in a proxy environment.

    gzip on;   ## Compresses the content to the client, speeds up client browsing.
    gzip_disable "msie6";

    gzip_comp_level 6;
    gzip_min_length 1100;
    gzip_buffers 16 8k;
    gzip_proxied any;
    gzip_types
        text/plain
        text/css
        text/js
        text/xml
        text/javascript
        application/javascript
        application/x-javascript
        application/json
        application/xml
        application/rss+xml
        image/svg+xml;

    proxy_connect_timeout 1h;
    proxy_send_timeout 1h;
    proxy_read_timeout 1h;
    tcp_nodelay on;  ## Sends data as fast as it can not buffering large chunks, saves about 200ms per request.

server {
    listen [::]:8080;           ## Listens on port 80 IPv6
    listen 8080;             ## Listens on port 80 IPv4
    listen [::]:4343 ssl http2;    ## Listens on port 443 IPv6 with http2 and ssl enabled
    listen 4343 ssl http2;    ## Listens on port 443 IPv4 with http2 and ssl enabled

    server_name [domain];    ## enter your service name and domain name here example emby.domainname.com

    access_log  logs/emby.log  emby;  ## Creates a log file with this name and the log info above.

     ## SSL SETTINGS ##
        ssl_session_timeout 30m;
        ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_certificate      /etc/nginx/cert.pem;  ## Location of your public PEM file.
    ssl_certificate_key  /etc/nginx/private.key;  ## Location of your private PEM file.
        ssl_session_cache shared:SSL:10m;

     location ^~ /swagger {   ## Disables access to swagger interface
        return 404;
}

     location / {
        proxy_pass http://192.168.0.2:8096;  ## Enter the IP and port of the backend emby server here.

    proxy_hide_header X-Powered-By;     ## Hides nginx server version from bad guys.
    proxy_set_header Range $http_range;  ## Allows specific chunks of a file to be requested.
    proxy_set_header If-Range $http_if_range;  ## Allows specific chunks of a file to be requested.
    proxy_set_header X-Real-IP $remote_addr;  ## Passes the real client IP to the backend server.
        proxy_set_header Host $host;  ## Passes the requested domain name to the backend server.
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  ## Adds forwarded IP to the list of IPs that were forwarded to the backend server.

     ## ADDITIONAL SECURITY SETTINGS ##
     ## Optional settings to improve security ##
     ## add these after you have completed your testing and ssl setup ##
     ## NOTICE: For the Strict-Transport-Security setting below, I would recommend ramping up to this value ##
     ##         See https://hstspreload.org/ read through the "Deployment Recommendations" section first!   ##
    add_header 'Referrer-Policy' 'origin-when-cross-origin';
    add_header Strict-Transport-Security "max-age=10" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;

     ## WEBSOCKET SETTINGS ## Used to pass two way real time info to and from emby and the client.
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
    }
}
}

 

rodainas
Posted
4 minutes ago, crusher11 said:

 

Cloudfare is unable to communicate with nginx

The problem seems to be on your router forwarding rules, could you post a screenshot of that?

crusher11
Posted
3 minutes ago, rodainas said:

Cloudfare is unable to communicate with nginx

The problem seems to be on your router forwarding rules, could you post a screenshot of that?

 

Screenshot 2021-07-12 21.08.04.png

rodainas
Posted (edited)
4 minutes ago, crusher11 said:

 

Screenshot 2021-07-12 21.08.04.png

And your real domain name is set here right?

server_name [domain];    ## enter your service name and domain name here example emby.domainname.com

 

Edited by rodainas
rodainas
Posted
12 minutes ago, crusher11 said:

 

Also change this to 127.0.0.1:8096

     location / {
        proxy_pass http://192.168.0.2:8096;  ## Enter the IP and port of the backend emby server here.

  • Like 1
vdatanet
Posted

I would disable cloudflare for now, first we have to confirm that nginx is working.

crusher11
Posted
4 minutes ago, rodainas said:

And your real domaing name is set here right?

server_name [domain];    ## enter your service name and domain name here example emby.domainname.com

 

Yes.

 

3 minutes ago, rodainas said:

Also change this to 127.0.0.1:8096

     location / {
        proxy_pass http://192.168.0.2:8096;  ## Enter the IP and port of the backend emby server here.

No change. 192.168.0.2 is the NAS, which is where NGINX and the server are, so that seems to make sense? But changing it to 127.0.0.1 makes no difference.

rodainas
Posted
1 minute ago, vdatanet said:

I would disable cloudflare for now, first we have to confirm that nginx is working.

I dont think that cloudfare is the problem, it is just pointing the domain name to his wan ip, the problem originates the moment it reaches router

rodainas
Posted

But yes, try it without cloudfare, at this point is nothing to lose

vdatanet
Posted
Just now, rodainas said:

I dont think that cloudfare is the problem, it is just pointing the domain name to his wan ip, the problem originates the moment it reaches router

When cloudflare connects to Emby it works, but when it connects to Nginx it's not working. I think the problem is with Nginx.

vdatanet
Posted
1 minute ago, rodainas said:

But yes, try it without cloudfare, at this point is nothing to lose

Just to make sure Nginx is working.

rodainas
Posted
Just now, vdatanet said:

When cloudflare connects to Emby it works, but when it connects to Nginx it's not working. I think the problem is with Nginx.

Fair enough.

Crusher

Try this command

systemctl restart nginx

crusher11
Posted
1 minute ago, rodainas said:

Fair enough.

Crusher

Try this command

systemctl restart nginx

Where do I try that and what is it doing that restarting NGINX isn't doing?

rodainas
Posted

When you make changes to nginx config, you need to restart or reload nginx in order to apply them, if there is a problem with config nginx will let you know there

Is a terminal command.

crusher11
Posted
2 minutes ago, rodainas said:

When you make changes to nginx config, you need to restart or reload nginx in order to apply them, if there is a problem with config nginx will let you know there

Is a terminal command.

Yes, I've been restarting it every time I make config changes. But just through Docker, rather than a terminal command. Does it make a difference?

rodainas
Posted
1 minute ago, crusher11 said:

Yes, I've been restarting it every time I make config changes. But just through Docker, rather than a terminal command. Does it make a difference?

I don't use docker so I couldn't tell, I just use terminal on my remote ubuntu server machine.

rodainas
Posted

So you get error when you do http://192.168.0.2:8080 ?

crusher11
Posted
3 minutes ago, rodainas said:

So you get error when you do http://192.168.0.2:8080 ?

Yes, connection refused.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...