(Grav GitSync) Automatic Commit from RealStickman

This commit is contained in:
RealStickman 2022-05-20 21:16:20 +02:00 committed by GitSync
parent bde8e432a9
commit fd9fc74a2b

View File

@ -0,0 +1,109 @@
---
title: Jellyfin
---
## Container Image
```
# podman run -d --name jellyfin -p 8096:8096 \
-v /mnt/jellyfin/cache:/cache \
-v /mnt/jellyfin/config:/config \
-v /mnt/media:/media \
docker.io/jellyfin/jellyfin:latest
```
## Apt Packate
`# apt install nginx apt-transport-https`
`# wget -O - https://repo.jellyfin.org/jellyfin_team.gpg.key | apt-key add -`
`# echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/$( awk -F'=' '/^ID=/{ print $NF }' /etc/os-release ) $( awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release ) main" | tee /etc/apt/sources.list.d/jellyfin.list`
`# apt update`
`# apt install jellyfin`
## Nginx
Create a new nginx configuration file in `/etc/nginx/sites-available`
*Make sure to replace "DOMAIN\_NAME" with your domain name*
*Replace "IPV4" with an ipv4 address and "IPV6" with an ipv6 address*
```
server {
server_name DOMAIN_NAME;
# use a variable to store the upstream proxy
# in this example we are using a hostname which is resolved via DNS
# (if you aren't using DNS remove the resolver line and change the variable to point to an IP address e.g `set $jellyfin 127.0.0.1`)
set $jellyfin 127.0.0.1;
#resolver 127.0.0.1 valid=30;
# Security / XSS Mitigation Headers
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
location = / {
return 302 https://$host/web/;
}
location / {
# Proxy main Jellyfin traffic
proxy_pass http://$jellyfin:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
# location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
location = /web/ {
# Proxy main Jellyfin traffic
proxy_pass http://$jellyfin:8096/web/index.html;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://$jellyfin:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
listen IPV4:443 ssl; #set ipv4
listen [IPV6]:443 ssl; #set ipv6 address
ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = DOMAIN_NAME) {
return 301 https://$host$request_uri;
}
listen IPV4:80; #set ipv4
listen [IPV6]:80; #set ipv6 address
server_name DOMAIN_NAME;
return 404;
}
```
Enable the config
`$ ln -s /etc/nginx/sites-available/(config) /etc/nginx/sites-enabled/`
Restart nginx
`# systemctl restart nginx`