debian13+apache+jellyfin

[bitmap]

Code:

server {
    listen 443 ssl;
    http2 on;

    server_name jellyfin.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 60M;

    set $jellyfin 192.168.1.3;
    
    add_header X-XSS-Protection "0"; # Do NOT enable. This is obsolete/dangerous
    add_header Origin-Agent-Cluster "?1" always;

    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.1.3;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;

        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
        proxy_buffering off;
    }
    

    location ~ (/jellyfin)?/socket {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.1.3;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

    location /Users/ForgotPassword {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.1.3;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port/Users/ForgotPassword;
        
        proxy_set_header X-Forwarded-For 192.168.1.199;
    }

    location /Users/ForgotPassword/Pin {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.1.3;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port/Users/ForgotPassword/Pin;
        
        proxy_set_header X-Forwarded-For 192.168.1.199;
    }
}

server {
    listen 80;
    listen [::]:80;
    server_name jellyfin.bitmapserv.org;
    return 301 https://$host$request_uri;
}

This is my full nginx config. A 302 is a temporary redirect AFAIK, which you should not be getting.