nase
/
gateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
gateway/nginx-proxy/conf.d/jellyfin.conf

75 lines
2.1 KiB
Plaintext
Raw Blame History

server {
listen 80;
server_name video.atomic6.net;
# Let's Encrypt challenge path
location /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
try_files $uri =404;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
http2 on;
server_name video.atomic6.net;
# SSL Configuration
ssl_certificate /etc/letsencrypt/live/home.seanowiecki.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/home.seanowiecki.com/privkey.pem;
# SSL Settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# Media server proxy configuration
location / {
proxy_pass http://192.168.1.131:8096;
# Essential headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port 443;
# Disable SSL verification for backend
proxy_ssl_verify off;
proxy_ssl_server_name on;
# WebSocket support
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Timeouts for media streaming
proxy_connect_timeout 30s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
proxy_buffering off;
# Allow large file uploads/downloads
client_max_body_size 0;
}
# Explicit WebSocket endpoint
location /ws {
proxy_pass http://192.168.1.131:8096/ws;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_read_timeout 86400s;
}
# Security headers
add_header X-Frame-Options SAMEORIGIN;
add_header Referrer-Policy same-origin;
}
Reference in New Issue View Git Blame Copy Permalink