2024-09-01, 07:48 AM
So I am using Ubuntu server to run Jellyfin with Nginx, LetsEncrypt and DuckDNS. I got it fully working in Ubuntu server 22.04 and when I upgraded it to 24.04, it broke Nginx (same http2 config file issue) so I reinstalled my OS as well as the other services, yet face the same issue.
When I try to connect to my DuckDNS URL, I get a 502 bad gateway page from Nginx.
When I run sudo nginx -t it says
When I disable that line it reads below, but it still is a bad gateway.
when I don't use the sudo in front of it it reads (but this is not an issue right?)
I used the documentation for the jellyfin.conf file at https://jellyfin.org/docs/general/networking/nginx
here is my jellyfin.conf file
Any help would be greatly appreciated! I have been at this for hours
When I try to connect to my DuckDNS URL, I get a 502 bad gateway page from Nginx.
When I run sudo nginx -t it says
Code:
2024/09/01 07:34:45 [warn] 1725#1725: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1
2024/09/01 07:34:45 [emerg] 1725#1725: unknown directive "http2" in /etc/nginx/conf.d/jellyfin.conf:12
nginx: configuration file /etc/nginx/nginx.conf test failedWhen I disable that line it reads below, but it still is a bad gateway.
Code:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfulwhen I don't use the sudo in front of it it reads (but this is not an issue right?)
Code:
2024/09/01 07:36:04 [warn] 1741#1741: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1
2024/09/01 07:36:04 [emerg] 1741#1741: cannot load certificate "/etc/letsencrypt/live/REDACTED.duckdns.org/fullchain.pem": BIO_new_file() failed (SSL: error:8000000D:system library::Permission denied:calling fopen(/etc/letsencrypt/live/ REDACTED.duckdns.org/fullchain.pem, r) error:10080002:BIO routines::system lib)
nginx: configuration file /etc/nginx/nginx.conf test failedI used the documentation for the jellyfin.conf file at https://jellyfin.org/docs/general/networking/nginx
here is my jellyfin.conf file
Quote:server {
server_name REDACTED.duckdns.org;
# Uncomment to redirect HTTP to HTTPS
# return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
server_name REDACTED.duckdns.org;
## The defaultclient_max_body_sizeis 1M, this might not be enough for some posters, etc.
client_max_body_size 20M;
# Uncomment next line to Disable TLS 1.0 and 1.1 (Might break older devices)
# ssl_protocols TLSv1.3 TLSv1.2;
# use a variable to store the upstream proxy
# in this example we are using a hostname which is resolved via DNS
# (if you aren't using DNS remove the resolver line and change the variable to point to an IP address e.gset $jellyfin 127.0.0.1)
set $jellyfin jellyfin;
resolver 127.0.0.1 valid=30s;
ssl_certificate /etc/letsencrypt/live/ REDACTED.duckdns.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ REDACTED.duckdns.org/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_trusted_certificate /etc/letsencrypt/live/ REDACTED.duckdns.org/chain.pem;
ssl_stapling on;
ssl_stapling_verify on;
# Security / XSS Mitigation Headers
# NOTE: X-Frame-Options may cause issues with the webOS app
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
# COOP/COEP. Disable if you use external plugins/images/assets
add_header Cross-Origin-Opener-Policy "same-origin" always;
add_header Cross-Origin-Embedder-Policy "require-corp" always;
add_header Cross-Origin-Resource-Policy "same-origin" always;
location = / {
#return 302 http://$host/web/;
return 302 https://$host/web/;
}
location / {
# Proxy main Jellyfin traffic
proxy_pass http://$jellyfin:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://$jellyfin:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
}
Any help would be greatly appreciated! I have been at this for hours