Jellyfin Forum
Extra Nginx Configurations - Printable Version

+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+--- Thread: Extra Nginx Configurations (/t-extra-nginx-configurations)

Extra Nginx Configurations - Anders - 2024-05-30

I am running Jellyfin in a docker from LinuxServer.IO that is installed through an addon repository from LibreELEC.
I am also running SWAG from LinuxServer.IO that is installed in the same manner as Jellyfin is. 

Everything works fine, except for maybe two things. The primary thing is a path question regarding the FAQ/Howto hosted at jellyfin. 
This in specific  Nginx | Jellyfin 
Quote:#Must be inside server block
#Insert into all servers where you want filtering (e.g HTTP + HTTPS block)
access_log /var/log/nginx/access.log stripsecrets;

The path for the access_log, what should that one be?
I have tried with /config/log/nginx/access.log but without any luck.
The full path to the config is /storage/.kodi/userdata/addon_data/docker.linuxserver.swag/config/log/nginx/access.log but since this is running in a docker, i assume it cannot read outside the docker home path? Which should be  ~/.kodi/userdata/addon_data/docker.linuxserver.swag/

RE: Extra Nginx Configurations - Anders - 2024-05-30

Beside the access_log path, where is this configuration snippet about censor api_key supposed to reside?

RE: Extra Nginx Configurations - TheDreadPirate - 2024-05-30

The api_key censoring config is supposed to get inside the "server" block, which is where all your other configs for Jellyfin reside.

Code:
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name DOMAIN_NAME;

ANYWHERE IN HERE
......

    location /jellyfin/ {
        # Proxy main Jellyfin traffic

        proxy_pass http://$jellyfin:8096;
...
     }
ANYWHERE IN HERE
}

You have to make sure that the log path is correct. You can open a bash session for your SWAG container and find the container path for the log file and then provide that in config to strip secrets.

RE: Extra Nginx Configurations - niels - 2024-05-30

I would advise against using that snippet as it is wrong. There are currently two ways to send an API key or access token via query parameter and this filter only removes one of them from logs. The ApiKey (note the missing underscore) parameter would still show up.