xd003 7 Posted September 27, 2020 Posted September 27, 2020 (edited) Hello everyone I have hosted my emby server on a vps and currently using caddy reverse proxy with cloudfare .Being pretty new to media servers , I don't really have any good knowledge in this regard. I hope people who use reverse proxy with cloudfare for long time can help me. In Cloudfare DNS Settings , i have added "A" record which points to my vps external ip and a "CNAME" record to add the subdomain and both the records are proxied , i have also changed to cloudfare nameservers and my domain is active . The Caddyfile which i am currently using in my vps is shown below : subdomain.domain.xyz { reverse_proxy 127.0.0.1:8096 } 1) What would you recommend among caddy and nginx for better performance 2) Also please drop some config where i can replace my domain and get going I am just looking for possible improvements by choosing the better service and config ( if possible ). i feel the response is bit delayed .Like lets say when i go to settings and tap any option then it has 1,2 second delay in displaying the requested page .Also i feel the image loading speed should be bit faster .I am aiming to improve overall performance and fix the peering issues as much as possible because the vps server location is in finland and I am from India I am looking forward for some suggestions Edited September 27, 2020 by xd003
chef 3810 Posted September 27, 2020 Posted September 27, 2020 HI there, I use Caddy. Maybe some of this might help DOMAIN.XYZ, http://192.168.2.126:2015 www.domain.xyz { tls my@email.com timeouts none gzip # Optional security headers header / { -Server Strict-Transport-Security "max-age=31536000;" Cache-Control "public, max-age=31536000" Referrer-Policy "strict-origin" X-XSS-Protection "1; mode=block" X-Content-Type-Options "nosniff" X-Frame-Options "DENY" } errors { 404 /redir-target/NoSignal404.html 320 /redir-target/NoSignal404.html } nobots "https://blog.haschek.at/tools/bomb.php" { "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "Googlebot/2.1 (+http://www.google.com/bot.html)" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "Googlebot-News" "Googlebot-Image/1.0" "Googlebot-Video/1.0" "compatible; Mediapartners-Google/2.1; +http://www.google.com/bot.html" "Mediapartners-Google" "AdsBot-Google (+http://www.google.com/adsbot.html)" "AdsBot-Google-Mobile-Apps" "APIs-Google (+https://developers.google.com/webmasters/APIs-Google.html)" regexp "Googlebot" public "^/public" public "^/[a-z]{,5}/public" } # Optional logging log home.log } subdomainWherEmbyLives.domain.xyz http://192.168.2.126:2022 { tls my@email.com timeouts none gzip cors / { origin * origin http://ask-ifr-download.s3.amazonaws.com https://ask-ifr-download.s3.amazonaws.com methods GET allowed_headers * } proxy / localhost:8096 { websocket transparent } header / { -Server Access-Control-Allow-Origin * Access-Control-Allow-Methods "GET, POST, OPTIONS" Strict-Transport-Security "max-age=31536000;" Cache-Control "public, max-age=31536000" Referrer-Policy "strict-origin" X-XSS-Protection "1; mode=block" X-Content-Type-Options "nosniff" X-Frame-Options "DENY" } errors { 404 /redir-target/NoSignal404.html 320 /redir-target/NoSignal404.html } nobots "https://blog.haschek.at/tools/bomb.php" { "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "Googlebot/2.1 (+http://www.google.com/bot.html)" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "Googlebot-News" "Googlebot-Image/1.0" "Googlebot-Video/1.0" "compatible; Mediapartners-Google/2.1; +http://www.google.com/bot.html" "Mediapartners-Google" "AdsBot-Google (+http://www.google.com/adsbot.html)" "AdsBot-Google-Mobile-Apps" "APIs-Google (+https://developers.google.com/webmasters/APIs-Google.html)" regexp "Googlebot" public "^/public" public "^/[a-z]{,5}/public" } # Optional logging log emby.log } Those redirects for 400 errors just point to a page that says "GO away hacker!" LOL! 1
xd003 7 Posted September 27, 2020 Author Posted September 27, 2020 @chef thanks for the config , i will definitely try it out . Just one question , in the above config given by you, apart from the domain in line 1 and once in middle , do i need to change anything else ? Especially http://192.168.2.126:2015 & http://192.168.2.126:2022 , do i have to keep them as it is ?
chef 3810 Posted September 28, 2020 Posted September 28, 2020 4 hours ago, xd003 said: @chef thanks for the config , i will definitely try it out . Just one question , in the above config given by you, apart from the domain in line 1 and once in middle , do i need to change anything else ? Especially http://192.168.2.126:2015 & http://192.168.2.126:2022 , do i have to keep them as it is ? 192.168.2.126 is the IP of the computer caddy is running on in my LAN. Port 2015 is the default port for Caddy. Port 2022 is the port for the revse proxy. It also leads back to emby which is actually running on port 8096. I added port 2022 (it can be what ever port you want that is not in use) so I could test the proxy and make sure it was leading back to the proper service. let me know how it goes!
xd003 7 Posted September 28, 2020 Author Posted September 28, 2020 15 minutes ago, chef said: 192.168.2.126 is the IP of the computer caddy is running on in my LAN. Port 2015 is the default port for Caddy. Port 2022 is the port for the revse proxy. It also leads back to emby which is actually running on port 8096. I added port 2022 (it can be what ever port you want that is not in use) so I could test the proxy and make sure it was leading back to the proper service. let me know how it goes! Thanks for claryfying , actually the thing is in my vps the internal and external ip ( ie lan and wan ) both are exactly same . i will just replace that common IP over 192.168.2.126 and let you know how it goes . i was only confused between whether i should use this common ip or 127.0.0.1 like i have in my original 3 liner caddyfile
chef 3810 Posted September 28, 2020 Posted September 28, 2020 2 minutes ago, xd003 said: Thanks for claryfying , actually the thing is in my vps the internal and external ip ( ie lan and wan ) both are exactly same . i will just replace that common IP over 192.168.2.126 and let you know how it goes . i was only confused between whether i should use this common ip or 127.0.0.1 like i have in my original 3 liner caddyfile It should be okay to use that, or localhost. I'm interested in how you get on with it. I don't know too many other people who are using Caddy, so if you ever find any new and cool information out, I'd love to know.
xd003 7 Posted September 28, 2020 Author Posted September 28, 2020 (edited) @chef So i had Caddyfile in my home dir , i just replaced the 3 lines with your config ( also changed the ips and domain ofc ) After saving file , i ran caddy start to enable caddy server but i got the following error root@xd003:~# caddy start 2020/09/28 02:02:07.567 INFO using adjacent Caddyfile run: adapting config using caddyfile: parsing caddyfile tokens for 'tls': Caddyfile:3 - Error during parsing: Wrong argument count or unexpected line ending after 'gzip' start: caddy process exited with error: exit status 1 root@xd003:~# Edited September 28, 2020 by xd003
chef 3810 Posted September 28, 2020 Posted September 28, 2020 2 minutes ago, xd003 said: @chef So i had Caddyfile in my home dir , i just replaced the 3 lines with your config ( also changed the ips and domain ofc ) After saving file , i ran caddy start to enable caddy server but i got the following error root@xd003:~# caddy start 2020/09/28 02:02:07.567 INFO using adjacent Caddyfile run: adapting config using caddyfile: parsing caddyfile tokens for 'tls': Caddyfile:3 - Error during parsing: Wrong argument count or unexpected line ending after 'gzip' start: caddy process exited with error: exit status 1 root@xd003:~# Would you want to PM me, because then we wouldn't have to worry about WAN addresses and domains posted publicly, and we could figure something out? 1
chef 3810 Posted September 28, 2020 Posted September 28, 2020 I may have missed a curl brace somewhere too "}"
xd003 7 Posted September 28, 2020 Author Posted September 28, 2020 (edited) 9 minutes ago, chef said: Would you want to PM me, because then we wouldn't have to worry about WAN addresses and domains posted publicly, and we could figure something out? Sure , i have sent one Edited September 28, 2020 by xd003
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now