2024-10-27, 02:45 PM
(This post was last modified: 2024-10-27, 04:59 PM by Raúl Casado Piqueras. Edited 1 time in total.)
I've solved it! Eureka!
When I started to deploy the services with containers, as there were several of them on the same server, I started to have problems because I was trying to use ports that were already busy. I published the Jellyfin https service on port 8444 because I had a local nginx server using port 443.
When I was able to generate the ssl certificate I made sure to route port 443 from the street to 8444 and everything started working great. But it only worked from the street inwards. Then I had an idea: create an entry in pihole's DNS and set up a rule in the server's firewall so that requests to port 443 would be redirected to 8444, but without configuring the source. A few days later I removed the local server that had occupied port 443 by integrating the rules in the dockerised nginx server I had in jellyfin. I didn't remember this rule anymore and as everything worked I decided not to touch anything.
I continued adding material to Jellyfin and I discovered that the information of what I was adding was not visible (metadata) and that's when I found the error in the certificate.
Why was this happening? Because from jellyfin's private network a request was made to port 443 and when it reached the host, due to the firewall rule it was sent to 8444 and therefore back to the nginx that publishes jellyfin. In fact, I had an error of too many redirections.
It was the command ‘curl -vvv https://image.tmdb.org/t/p/original/uqIV...xiyY4z.jpg -o /tmp/futurama.jpg -k’ that helped me to trace and reconstruct the port forwarding.
I removed the rule (metadata download started working instantly) and configured the port to listen on 443 instead of 8444. I updated the port forwarding on the router and voila, everything is working.
Thank you very much for your time and especially for recommending me to do a curl from the jellyfin server.
When I started to deploy the services with containers, as there were several of them on the same server, I started to have problems because I was trying to use ports that were already busy. I published the Jellyfin https service on port 8444 because I had a local nginx server using port 443.
When I was able to generate the ssl certificate I made sure to route port 443 from the street to 8444 and everything started working great. But it only worked from the street inwards. Then I had an idea: create an entry in pihole's DNS and set up a rule in the server's firewall so that requests to port 443 would be redirected to 8444, but without configuring the source. A few days later I removed the local server that had occupied port 443 by integrating the rules in the dockerised nginx server I had in jellyfin. I didn't remember this rule anymore and as everything worked I decided not to touch anything.
I continued adding material to Jellyfin and I discovered that the information of what I was adding was not visible (metadata) and that's when I found the error in the certificate.
Why was this happening? Because from jellyfin's private network a request was made to port 443 and when it reached the host, due to the firewall rule it was sent to 8444 and therefore back to the nginx that publishes jellyfin. In fact, I had an error of too many redirections.
It was the command ‘curl -vvv https://image.tmdb.org/t/p/original/uqIV...xiyY4z.jpg -o /tmp/futurama.jpg -k’ that helped me to trace and reconstruct the port forwarding.
I removed the rule (metadata download started working instantly) and configured the port to listen on 443 instead of 8444. I updated the port forwarding on the router and voila, everything is working.
Thank you very much for your time and especially for recommending me to do a curl from the jellyfin server.
