Jellyfin Forum
Local direct play when connecting to reverse proxy - Printable Version

+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: General Questions (https://forum.jellyfin.org/f-general-questions)
+--- Thread: Local direct play when connecting to reverse proxy (/t-local-direct-play-when-connecting-to-reverse-proxy)

Pages: 1 2


Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-07

I have my Jellyfin server setup on my local network, but have a cloud server with an Nginx reverse proxy set up for remote access. (I used this example: https://jellyfin.org/docs/general/networking/nginx/ ).  I have my Jellyfin app connected to the reverse proxy server hostname and it works as expected while remote. However when I stream content from inside my home network it will still act as if I am outside the network and send the traffic over the proxy. Is there any way to get Jellyfin to detect the device is on the local network and stream directly?


RE: Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-07

I do have the LAN network set in the settings, but these connections are treated as coming from my WAN IP.


RE: Local direct play when connecting to reverse proxy - TheDreadPirate - 2023-12-07

This is the expected behavior if your reverse proxy is remote. I can't think of a way around it.

If you are on the same LAN use the local IP.

Backing up a bit, why is your reverse proxy remote and not local? Your proxy doesn't NEED to be hosted remotely to be able to access Jellyfin remotely. Does your ISP use CGNAT or something?


RE: Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-07

(2023-12-07, 02:27 PM)TheDreadPirate Wrote: This is the expected behavior if your reverse proxy is remote.  I can't think of a way around it.

If you are on the same LAN use the local IP.

Backing up a bit, why is your reverse proxy remote and not local?  Your proxy doesn't NEED to be hosted remotely to be able to access Jellyfin remotely.  Does your ISP use CGNAT or something?

I made the reverse proxy remote as I already have a webserver running on that remote server to many other services in my network. It was easier to add an additional endpoint here than getting another domain and setting up another webserver internally. This also came with the added benefit of not sharing my real IP address with remote clients. I guess it doesn't have to be remote but that would complicate things on my setup.

I can manage with the local IP on most devices, but was hoping to able to use the proxy locally too (for example, how app.plex.tv will local stream with plex)


RE: Local direct play when connecting to reverse proxy - TheDreadPirate - 2023-12-07

Sure. But Plex's infrastructure, which acts as the reverse proxy, is tightly integrated with their server software. So they can do some programming wizardry to make that work. Jellyfin does not have that kind of integration with any reverse proxy.

If you're using a subdomain for your jellyfin reverse proxy, perhaps you could do some DNS wizardry on your home network to have that subdomain resolve to your local Jellyfin IP.


RE: Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-07

(2023-12-07, 06:49 PM)TheDreadPirate Wrote: Sure.  But Plex's infrastructure, which acts as the reverse proxy, is tightly integrated with their server software.  So they can do some programming wizardry to make that work.  Jellyfin does not have that kind of integration with any reverse proxy.

If you're using a subdomain for your jellyfin reverse proxy, perhaps you could do some DNS wizardry on your home network to have that subdomain resolve to your local Jellyfin IP.

Thanks for the idea, looking into this. Not sure if I can get the subdomain to resolve from port 443 to 8096 internally, but might be able to just make jellyfin run on 443 so it matches.


RE: Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-07

I have configured a DNS override on my local network to point that subdomain to the local address. I also configured Jellyfin to listen on locally for HTTPS on 443. I setup a script on my Jellyfin server to regularly pull the Certbot cert from my proxy server, and package that into a p12 for Jellyfin. This seems to achieve the behavior I was looking for. Thanks so much for the idea!


RE: Local direct play when connecting to reverse proxy - TheDreadPirate - 2023-12-08

Honestly, you should write a tutorial for what you did. I know for a fact there are people with remote reverse proxies that want to do something similar.

https://forum.jellyfin.org/f-guides-walkthroughs-tutorials


RE: Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-10

(2023-12-08, 12:42 AM)TheDreadPirate Wrote: Honestly, you should write a tutorial for what you did.  I know for a fact there are people with remote reverse proxies that want to do something similar.

https://forum.jellyfin.org/f-guides-walkthroughs-tutorials

Yeah, I could do that. I'm still working out some kinks and not everything is working properly. For now, the only thing that still seems to be broken is casting support from inside the network. The google cast devices are not shown in the app at all (using android). I was assuming this has something to do with the casting device using its own DNS but haven't been able to figure that out yet. I forced local DNS on all devices on my network, and it still doesn't list any devices.


RE: Local direct play when connecting to reverse proxy - Pamphlet6795 - 2023-12-10

I found this comment on the Jellyfin reddit explaining how the Chromecast connection works. https://www.reddit.com/r/jellyfin/comments/ev2nvc/comment/fftf3zs/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button

It seems like there is probably no way around this since the Chromecast will not trust a local https url with a domain certificate. Am I correct in assuming this would also not work externally with a proxy? Does this work with normal reverse proxies? When I hit the API described in the post I can only get the local address. So would an external client over a standard reverse proxy try to connect to the local address for casting?

EDIT: Made some progress in this. In my nginx proxy, I have created a location which just returns the same body from that API call but with the local address swapped out for the proxy hostname. I think this should be enough to get Chromecast to work on remote clients, but I have no idea how I would do the same thing locally without a second local reverse proxy.
FOR ANYONE READING IN THE FUTURE - Do not handle this with the proxy. Under the server networking settings, Firewall and Proxy Settings -> Published Server URIs, set it to "all=YOUR_HOSTNAME". This will force the API to return the proxy hostname.

EDIT 2: Chromecast does not work remote with this setup.