diff --git a/Reverse-Proxying.md b/Reverse-Proxying.md new file mode 100644 index 0000000..bdabd49 --- /dev/null +++ b/Reverse-Proxying.md @@ -0,0 +1,62 @@ +Reverse proxying should be really easy. +* If you're proxying to a subdomain, a `proxy_pass` or equivalent is enough. +* Proxying to a subfolder is only supported for versions > 0.2.2. Make sure to set the URL base in Settings > General (`ui > url_base` in config.ini). If you're placing it under the same subdomain as Jellyfin, make sure no CSP header is set for jfa-go's subfolder (see example below for NGINX). + +Below are some simple examples of reverse proxy configs. + +**NGINX (Subdomain)** +``` +server { + listen 80; + server_name accounts.your.domain; + return 301 https://accounts.your.domain/; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name accounts.your.domain; + + # put your SSL config here + + location / { + proxy_pass http://localhost:8056; # change as you need + } +} +``` + +**NGINX (Subfolder on `/accounts` Jellyfin subdomain)** + +credit to [IngwiePhoenix](https://github.com/IngwiePhoenix). +``` +server { + listen 80; + server_name jellyfin jellyfin.your.domain; + return 301 https://jellyfin.your.domain/; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name jellyfin.your.domain; + + # rest of your own config + + location ~ ^/accounts(.*)$ { + rewrite ^/accounts/(.*) /$1 break; + + # Remove the CSP header set for Jellyfin + proxy_hide_header Content-Security-Policy; + add_header Content-Security-Policy ""; + + proxy_pass http://localhost:8056; # Change as you need + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Protocol $scheme; + proxy_set_header X-Forwarded-Host $http_host; + # Disable buffering when the nginx proxy gets very resource heavy upon streaming + proxy_buffering off; + } +} +``` \ No newline at end of file