Yesterday, 07:45 AM
> What's the point of manually listening on every IP?
That's because this nginx server is running on a machine that has NICs to the public internet and has other
> And what is the point of binding to local host only (in jellyfin)?
Same idea as above. Since nginx is running on the same machine, there also seemed to be no real point to to bind addresses outside of what's strictly necessary for the reverse proxy to access jellyfin. That said I do have a firewall and I can try pointing TV directly at jellyfin without going through nginx middleman.
---
So here are the things I tried:
1. Bind
2. Have
3. Have
The certificate is from LetsEncrypt and is valid. The TV also understands this certificate, seeing that it works fine when used in the regular browser.
For now using
That's because this nginx server is running on a machine that has NICs to the public internet and has other
server
blocks that are serving content to the public internet. Binding 0.0.0.0/:: would expose jellyfin to "out there" which is something I definitely don't want to do.> And what is the point of binding to local host only (in jellyfin)?
Same idea as above. Since nginx is running on the same machine, there also seemed to be no real point to to bind addresses outside of what's strictly necessary for the reverse proxy to access jellyfin. That said I do have a firewall and I can try pointing TV directly at jellyfin without going through nginx middleman.
---
So here are the things I tried:
1. Bind
jellyfin
to 0.0.0.0, and have webOS
connect directly to http://192.168.130.1:8096
==> playback works correctly;2. Have
webOS
connect to http://jellyfin.my.tld
proxying through nginx ==> playback works correctly;3. Have
webOS
connect to https://jellyfin.my.tld
proxying through nginx ==> playback does not work.The certificate is from LetsEncrypt and is valid. The TV also understands this certificate, seeing that it works fine when used in the regular browser.
For now using
http
as a workaround is sufficient to me, but I still have a suspicion that this has something to do with how iframe security contexts work...