Synology Jellyfin + docker + Reverse proxy sur Synology

Oyo95 · 7 Mai 2021

Hello tous le monde,

J'ai suivi le tuto dans ce lien : viewtopic.php?f=56&t=13215
D'ailleurs je tiens à te remercier @EVOTK, c'est ce que je recherchais depuis quelques temps !

Cependant j'ai un petit soucis, je ne sais pas à quel niveau, mais quand un client se connecte, je n'ai pas l'ip réel mais celle de la gateway du subnet

Dans les logs, je n'ai rien d'interessant...
Mon pavé de conf sur la partie nginx dockerisé (un pâle copié collé du tuto ^^) :

Code:

server {
  listen 8080;
  server_name jellyfin.nomdedomaine.fr;
 
    location / {
        # Proxy main Jellyfin traffic
        proxy_pass http://MyIp:8096;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;

        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
        proxy_buffering off;
    }
    location /socket {
        # Proxy Jellyfin Websockets traffic
        proxy_pass http://MyIp:8096/socket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }
}

Sur le reverse proxy embarqué de Synology :

Quelques screen de la partie configuration réseau de l'appli :

Suis-je le seul dans ce cas là ?
Est-ce que l'un d'entre vous pourrait m'aiguiller ?

Un grand merci par avance de l'aide que vous pourrez m'apporter

Oyo95

EVO · 7 Mai 2021

Salut,
C-est une réaction normal quand on utilise un reverse extérieur a celui du syno.
Jai eu des retour me disant que avec uniquement le reverse du syno jellyfin avait un comportement normal (ce qui n-était pas mon cas a l'epoque ).
Si tu veut l'ip réelle il te faut

3 solutions )

1/Essayer de te passer du conteneur ngnix et d'utiliser unqiuement le reverse de dsm.
2/ placer ton reverse proxy sur un autre peripherique que le syno
3/ placer le conteneur nginx en macvlan, et créé une ip virtuel pour lui, de cette façon l'ip réel sera remonté dans jellyfin.
4/ il semblerai qu'il soit possible de modifier dans les fichiers de configuration de dsm pour palier a ce soucis, mais je ne serais t'aider sur ce point, et je te deconseil fortement de modifier les fichiers système de DSM

Oyo95 · 7 Mai 2021

Hello !

Yes je vois merci !

J'ai tenté la 3em solution

3/ placer le conteneur nginx en macvlan, et créé une ip virtuel pour lui, de cette façon l'ip réel sera remonté dans jellyfin.

J'ai également le même soucis, je vois la gateway du routeur cette fois !

1/Essayer de te passer du conteneur ngnix et d'utiliser unqiuement le reverse de dsm.

Honnêtement je voudrais bien, mais quand je lis des fichiers lourd (HEVC 10 bit ou H265 par exemple), l'application finit par s'arrêter et à revenir au menu principal

Code:

[2021-05-07 20:25:40.346 +02:00] [INF] [33] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:25:56.093 +02:00] [WRN] [37] Jellyfin.Server.Middleware.ResponseTimeMiddleware: Slow HTTP Response from "https://jelly.an***nplex.fr/Sessions/Playing/Progress" to "192.168.1.254" in 0:00:00.5804821 with Status Code 204
[2021-05-07 20:26:00.025 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: session.RemoteEndPoint : "192.168.1.254"
[2021-05-07 20:26:00.026 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : event_playing_id     = "ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:00.027 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : event_user_id        = "c17864ef8ddf48caa673a388538d58fd"
[2021-05-07 20:26:00.027 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : event_user_id_int    = 2
[2021-05-07 20:26:00.027 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : session_playing_id   = "ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : session_user_id      = "c17864ef8ddf48caa673a388538d58fd"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : play_method          = "DirectStream"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : e.ClientName         = "AndroidTV"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : e.DeviceName         = "SHIELD"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : ItemName             = "Nom du film"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : ItemId               = "ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:00.028 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : ItemType             = "Movie"
[2021-05-07 20:26:00.029 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : All matches, playback registered
[2021-05-07 20:26:00.030 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Playback tracker found, adding playback info : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:00.030 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Saving playback tracking activity in DB
[2021-05-07 20:26:00.192 +02:00] [INF] [11] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: StartPlaybackTimer : Exited
[2021-05-07 20:26:00.951 +02:00] [INF] [14] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:21.037 +02:00] [INF] [27] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:41.130 +02:00] [INF] [14] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:26:41.222 +02:00] [WRN] [14] Jellyfin.Server.Middleware.ResponseTimeMiddleware: Slow HTTP Response from "https://jelly.an***nplex.fr/Sessions/Playing/Progress" to "192.168.1.254" in 0:00:00.6577105 with Status Code 204
[2021-05-07 20:27:01.699 +02:00] [INF] [36] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:27:01.798 +02:00] [WRN] [36] Jellyfin.Server.Middleware.ResponseTimeMiddleware: Slow HTTP Response from "https://jelly.an***nplex.fr/Sessions/Playing/Progress" to "192.168.1.254" in 0:00:00.5088922 with Status Code 204
[2021-05-07 20:27:22.102 +02:00] [INF] [14] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:27:42.965 +02:00] [INF] [24] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:28:02.966 +02:00] [INF] [30] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:28:22.966 +02:00] [INF] [30] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:28:43.966 +02:00] [INF] [38] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:29:04.966 +02:00] [INF] [34] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:29:25.966 +02:00] [INF] [24] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:29:46.966 +02:00] [INF] [24] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:30:07.966 +02:00] [INF] [24] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"
[2021-05-07 20:30:22.765 +02:00] [INF] [34] Emby.Server.Implementations.HttpServer.WebSocketManager: WS "192.168.1.254" request
[2021-05-07 20:30:24.036 +02:00] [INF] [40] Emby.Server.Implementations.HttpServer.WebSocketManager: WS "192.168.1.254" closed
[2021-05-07 20:30:24.090 +02:00] [INF] [34] Emby.Server.Implementations.HttpServer.WebSocketManager: WS "192.168.1.254" request
[2021-05-07 20:30:27.969 +02:00] [INF] [38] Jellyfin.Plugin.PlaybackReporting.EventMonitorEntryPoint: Processing playback tracker : "060a1cc1549429c6-c17864ef8ddf48caa673a388538d58fd-ac3fb44c1d901632dfb852174ebc6014"

Je voulais remplacer Plex mais j'ai l'impression que ce sera pas pour tout de suite :'(

EVO · 7 Mai 2021

Salut,

Oyo95 a dit:
J'ai tenté la 3em solution
J'ai également le même soucis, je vois la gateway du routeur cette fois !

As-tu bien créer une ip virtuel , ... car sans cela l'ip réel ne remonte pas !
Tu trouvera ici un tuto bien fait, qui explique la procédure de création du macvlan + ip virtuel pour un reverse proxy sur DSM.

Oyo95 a dit:
Honnêtement je voudrais bien, mais quand je lis des fichiers lourd (HEVC 10 bit ou H265 par exemple), l'application finit par s'arrêter et à revenir au menu principal

Donc surement le meme soucis que celui que j'avais au debut avec le reverse de DSM du websocket qui "périme" alors que la lecture est toujours en cours.

Oyo95 · 7 Mai 2021

Hello !

Yes mais je suis passé par portainer pour le créer puis j’ai ajouté une route statique pour router le subnet 192.168.1.0/24 par la Gateway du routeur. Mais Je tenterais en passant par le tuto dans le week end !

Donc surement le meme soucis que celui que j'avais au debut avec le reverse de DSM du websocket qui "périme" alors que la lecture est toujours en cours.

Tu as réussi à résoudre le problème de quel manière ? En passant par le nginx dockerisé ?
Je viens d’effectuer le test mais sans succès.

Par contre pas de soucis pour le h264 !

EVO · 7 Mai 2021

Oui c'est pour cela que j'avais rajouté le docker nginx, mais en contre parti pas de remonté d'ip réelle dans les logs de jellyfin.
Maintenant, je fonctionne différament, et j'ai mon reverse proxy en VM sous Debian, virtualisé sur cette machine : https://www.cachem.fr/mini-pc-industriel-serveur-polyvalent/

Oyo95 · 8 Mai 2021

Ah oui belle bête ! J'y songerais si jamais je trouve pas de solution.
Tu t'en sers uniquement comme reverse ?

Du coup j'ai voulu me passer du reverse proxy du Synology, j'ai dockerisé un nginx :

Code:

version: "3" 

services:
  nginx:
    image: nginx:latest
    container_name: Nginx_Reverse_Proxy
    restart: unless-stopped
    mac_address: 02:42:ac:11:00:02
    networks:
      JellyfinMac:
        # Define a static ip for the container. The containter can be accessible by others devices on the LAN network with this IP.
        ipv4_address: 192.168.1.162
    volumes:
      - /volume1/docker/application/nginx/nginx.conf:/etc/nginx/conf.d/nginx.conf
      - /volume1/docker/application/nginx/certificat/:/etc/nginx/certificat/
      - /volume1/docker/application/nginx/log:/var/log/nginx/
    ports:
      - "443:443"
      
networks:
  JellyfinMac:
    external: true

Le fichier nginx.conf :

Code:

  server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }
  
  server {
    listen 7878 default_server;
    listen [::]:7878 default_server;
    server_name radarr.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }

  server {
    listen 10443 default_server;
    listen [::]:10443 default_server;
    server_name drive.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }

  server {
    listen 10444 default_server;
    listen [::]:10444 default_server;
    server_name picture.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }
  
  server {
    listen 10445 default_server;
    listen [::]:10445 default_server;
    server_name mail.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }

  server {
    listen 8096 default_server;
    listen [::]:8096 default_server;
    server_name jelly.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }
  
  server {
    listen 8511 default_server;
    listen [::]:8511 default_server;
    server_name nyasi.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }

  server {
    listen 8989 default_server;
    listen [::]:8989 default_server;
    server_name sonarr.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }
  
  server {
    listen 9000 default_server;
    listen [::]:9000 default_server;
    server_name docker.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }

  server {
    listen 8112 default_server;
    listen [::]:8112 default_server;
    server_name deluge.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }
  
  server {
    listen 9117 default_server;
    listen [::]:9117 default_server;
    server_name jackett.NOMDEDOMAINE.com;
    return 301 https://$host$request_uri;
    access_log  /var/log/nginx/redirect_access.log;
    error_log  /var/log/nginx/redirect_error.log warn;
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name sonarr.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/sonarr_access.log;
    error_log   /var/log/nginx/sonarr_error.log warn;

    location / {
      proxy_pass http://sonarr.NOMDEDOMAINE.com:8989;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header Host $host;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name nyasidrive.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/nyasidrive_access.log;
    error_log   /var/log/nginx/nyasidrive_error.log warn;

    location / {
      proxy_pass https://nyasidrive.NOMDEDOMAINE.com:10443;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name mail.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/mail_access.log;
    error_log   /var/log/nginx/mail_error.log warn;

    location / {
      proxy_pass https://mail.NOMDEDOMAINE.com:10445;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }
  
  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name picture.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/picture_access.log;
    error_log   /var/log/nginx/picture_error.log warn;

    location / {
      proxy_pass https://picture.NOMDEDOMAINE.com:10444;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name nyasi.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/nyasi_access.log;
    error_log   /var/log/nginx/nyasi_error.log warn;

    location / {
      proxy_pass https://nyasi.NOMDEDOMAINE.com:8511;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header Host $host;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }
  
  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name radarr.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/radarr_access.log;
    error_log   /var/log/nginx/radarr_error.log warn;

    location / {
      proxy_pass http://radarr.NOMDEDOMAINE.com:7878;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header Host $host;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
	server_name jackett.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;              
    access_log  /var/log/nginx/jackett_access.log;
    error_log   /var/log/nginx/jackett_error.log warn;
	
    location / {
      proxy_pass http://jackett.NOMDEDOMAINE.com:9117;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header Host $host;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }
 
  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
	server_name plex.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;              
    access_log  /var/log/nginx/plex_access.log;
    error_log   /var/log/nginx/plex_error.log warn;
	
    location / {
      proxy_pass http://plex.NOMDEDOMAINE.com:32400;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header Host $host;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering off;
	  client_max_body_size 50000m;
	}
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
	server_name jelly.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;              

    access_log  /var/log/nginx/jelly_access.log;
    error_log   /var/log/nginx/jelly_error.log warn;
	
    location / {
      # Proxy main Jellyfin traffic
      proxy_pass http://192.168.1.161:8096;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Protocol $scheme;
      proxy_set_header X-Forwarded-Host $http_host;

	  # Disable buffering when the nginx proxy gets very resource heavy upon streaming
      proxy_buffering off;
	}
	
	location /socket {
      # Proxy Jellyfin Websockets traffic
      proxy_pass http://192.168.1.161:8096;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Protocol $scheme;
      proxy_set_header X-Forwarded-Host $http_host;
    }
  }
  
  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name deluge.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/deluge_access.log;   
    error_log   /var/log/nginx/deluge_error.log warn;	

	location / {
      proxy_pass http://deluge.NOMDEDOMAINE.com:8112;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header Host $host;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name docker.NOMDEDOMAINE.com;
	ssl_certificate         /etc/nginx/certificat/cert.pem;
	ssl_certificate_key     /etc/nginx/certificat/privkey.pem;
	ssl_trusted_certificate /etc/nginx/certificat/chain.pem;
	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers             ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;             
    access_log  /var/log/nginx/docker_access.log;
    error_log   /var/log/nginx/docker_error.log warn;

    location / {
      proxy_pass http://docker.NOMDEDOMAINE.com:9000;
	  proxy_http_version 1.1;
	  proxy_redirect off;
	  proxy_set_header Upgrade $http_upgrade;
	  proxy_set_header Connection $http_connection;
	  proxy_set_header X-Real-IP $remote_addr;
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  proxy_set_header X-Forwarded-Proto $scheme;
	  proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Port $server_port;
	  proxy_hide_header X-Powered-By;
	  proxy_buffering on;
	  client_max_body_size 50000m;
	}
  }

J'ai l'impression que tous fonctionne correctement ! Je vois même les IP externes des clients ! (D'ailleurs petite astuce… dans le panel Réseau/Proxies connus, j'ai ajouté le(s) proxy + les gateway et tous remonte)

Par contre, Je ne peux plus me connecter sur ma nvidia shield tv pro, ni même sur un Android tous court... Aucun soucis par le web ou sur mon iphone.
et Je n'ai strictement rien qui remonte dans les logs.

Est-ce que tu as déjà eu ce genre de problème ?

Encore merci pour ton temps !

Oyo95

EVO · 8 Mai 2021

Salut,
Je suis plutôt surpris que cela fonctionne pour toi ainsi, sasn ip virtuelle impossible pour moi de remonter la vrai ip dans Jellyfin ou autre appli d'ailleurs ( bitwarden, .. )
Mais tant mieux

Pour ce soucis de connexion sur android, ... non je n'ai aps rencontré ce genre de soucis.
Les soucis que j'avais :
- Ip local du proxy remonté et non l'ip externe ( résolu via un proxy en macvlan + ip virtuelle OU un proxy externe )
- Coupure du flux video depuis une connexion eterne ( perte du Web socket ) > résolu via l'utilisation d'un autre proxy que le reverse de DSM

Pour le minipc, j'en possède 2,
- un me sert avec Proxmox : de reverse proxy, serveur vpn, et aussi quelques VM "de test"
- le deuxième de sert de serveur NAS "de backup" sous OMV

Oyo95 · 9 Mai 2021

EVOTk a dit:
Salut,
Je suis plutôt surpris que cela fonctionne pour toi ainsi, sasn ip virtuelle impossible pour moi de remonter la vrai ip dans Jellyfin ou autre appli d'ailleurs ( bitwarden, .. )
Mais tant mieux

En fait, je suis passé par l'interface de portainer pour la créer.
https://support.portainer.io/kb/art...nd-use-macvlan-with-docker-swarm-in-portainer

Puis j'ai crée une route statique au niveau du DSM

EVOTk a dit:
Pour ce soucis de connexion sur android, ... non je n'ai aps rencontré ce genre de soucis.

Concernant mon soucis sur Android, j'ai ouvert un case (J'ai créer un nouveau reverse proxy pour l'enlever de tous le reste des appli).
On verra si j'ai un retour !
Si jamais tu veux y jeter un coup d'oeil

https://github.com/jellyfin/jellyfin-androidtv/issues/868

EVOTk a dit:
Pour le minipc, j'en possède 2,
- un me sert avec Proxmox : de reverse proxy, serveur vpn, et aussi quelques VM "de test"
- le deuxième de sert de serveur NAS "de backup" sous OMV

Je garde la référence en tête, il se peut que je m'en prenne un pour faire joujou !

Rechercher

Rechercher

Synology Jellyfin + docker + Reverse proxy sur Synology

Oyo95

Nouveau membre

EVO

Administreur

Oyo95

Nouveau membre

EVO

Administreur

Oyo95

Nouveau membre

EVO

Administreur

Oyo95

Nouveau membre

EVO

Administreur

Oyo95

Nouveau membre