Add https on jellyfin

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
2025-06-22 18:33:35 +02:00 · 2022-11-28 13:43:48 +01:00
parent 5299ab2013
commit d9b5638732
6 changed files with 74 additions and 31 deletions
--- a/nginx-conf/jellyfin.conf
+++ b/nginx-conf/jellyfin.conf
@ -9,33 +9,40 @@ upstream jellyfin_server {
        # server jellyfin:8096 weight=1 max_fails=3 fail_timeout=30s;
 }

-#server {
-#        listen 80;
-#        listen [::]:80;
-#        server_name jellyfin.bensuperpc.org www.jellyfin.bensuperpc.org;
-
-        # Uncomment to redirect HTTP to HTTPS
-        # return 301 https://$host$request_uri;
-#}
-
+# Redirect all http requests to the main server wordpress_server
 server {
-        # listen 443 ssl http2;
-        # listen [::]:443 ssl http2;
        listen 80;
        listen [::]:80;
+
        server_name jellyfin.bensuperpc.org www.jellyfin.bensuperpc.org;

-        client_max_body_size 20M;
-        set $jellyfin jellyfin;
-        resolver 127.0.0.1 valid=30;
+        location ~ /.well-known/acme-challenge {
+                allow all;
+                root /var/www/jellyfin;
+        }

-        #ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem;
-        #ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem;
+        location / {
+                return 301 https://$host$request_uri;
+        }
+}
+
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+        server_name jellyfin.bensuperpc.org www.jellyfin.bensuperpc.org;
+
+        #client_max_body_size 20M;
+        set $jellyfin jellyfin;
+        resolver 8.8.8.8 valid=30;
+
+        # All things related to SSL
+        ssl_certificate /etc/letsencrypt/live/bensuperpc.org/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/bensuperpc.org/privkey.pem;
+        ssl_trusted_certificate /etc/letsencrypt/live/bensuperpc.org/chain.pem;
        #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
        #add_header Strict-Transport-Security "max-age=31536000" always;
-        #ssl_trusted_certificate /etc/letsencrypt/live/DOMAIN_NAME/chain.pem;
-        
-        # include /etc/nginx/conf.d/sub/options-ssl-nginx.conf;
+
+        include /etc/nginx/conf.d/sub/options-ssl-nginx.conf;

        # Security / XSS Mitigation Headers
        # NOTE: X-Frame-Options may cause issues with the webOS app
--- a/nginx-conf/wordpress.conf
+++ b/nginx-conf/wordpress.conf
@ -81,9 +81,9 @@ server {
        include /etc/nginx/conf.d/sub/gzip.conf;
        
        # All things related to SSL
-        ssl_certificate /etc/letsencrypt/live/www.bensuperpc.org/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/www.bensuperpc.org/privkey.pem;
-        ssl_trusted_certificate /etc/letsencrypt/live/www.bensuperpc.org/chain.pem;
+        ssl_certificate /etc/letsencrypt/live/bensuperpc.org/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/bensuperpc.org/privkey.pem;
+        ssl_trusted_certificate /etc/letsencrypt/live/bensuperpc.org/chain.pem;

        include /etc/nginx/conf.d/sub/options-ssl-nginx.conf;