Can't access Server via Nginx/DuckDNS - 502

[annoyedbeginner]

Hello,

I would like to be able to access my Jellyfin server from outside the local network securely via HTTPS, So I set up Nginx Proxy Manager in TrueNAS SCALE, and I have a DuckDNS Address.

I managed to set up a Proxy host using the local Jellyfin address using 192.168.#.#:30013 (non https, according to TNS settings, https port is 30014), with an SSL certificate, have the Proxy using a DuckDNS address (the "current IP" field is populated with the local IP 192.168.#.#). I followed the Jellyfin Nginx Proxy Manager set up instructions, checked all the required boxes.

When I click the link or enter the address, I get a 502 error.

How can I proceed to fix the 502 error?
Will that set-up allow me to use https to connect to the site if the local port is not the https one?

Attached is a pic of the Jellyfin config page in TNS

Regards,
AB


As a small aside, I saw somewhere that TailScale is a way to access the server securely without opening it to the public, is that worth the extra work? (for now)

[TheDreadPirate]

Can you share screenshots of Nginx Proxy Manager? All the tabs for the Jellyfin proxy. Censor your domain name.

[annoyedbeginner]

See attached.

[Duvel]

in NPM on the Proxy Hosts tab, your destinations are https:192.168.x.x:3013 and https:192.168.x.x:80

This is wrong.

The goal of your reverse proxy is to handle the htpps encryption and decryption using the certs. Its all the traffic from and to the internet on your npm that is encrypted and using https, everything between NPM and your LAN is not.
The reverse proxy destinations on your LAN should therefore use http and not https.

The jellyfin config looks fine as you didnt activate the "enable https". So Jellyfin is only listening on http port 8096.
But then you should have on your NPM destination for jellyfin soemthing like

Code:

http://192.168.x.x:8096

[TheDreadPirate]

What Duvel said. Also make sure you don't have "cache assets" enabled for the proxy.

[annoyedbeginner]

Ok, so that kind of worked, but not with 8096, 30013 with HTTP did. However when trying to connect to the domain outside the LAN (on my phone with the wifi off, for example) the page does not load. So that means I still can't access it from outside the house. I had a friend try the domain, the page did not load.

is the DuckDNS current IP supposed to be set to the LAN address?

See attached.

[Duvel]

It makes no sense that it worked with 30013 instead of 8096 . Following your first screenshots, your jellyfin server is exposed on 8096 and nothing else. Also you say that wen you try outside the LAN it doesnt work... But then explain what "working" means on the first step???

Its a bit hard to help you more with your explanations

[annoyedbeginner]

So if you look at the first screenshot, TNS has somehow decided that the port for Jellyfin is 30013. so typing in 192.168.x.x:30013 opens up the Jellyfin page, within the LAN.
Now what I want to do is to access Jellyfin from outside the LAN, like when I'm in another city. So I got a domain via DuckDNS and using Nginx, I assume it will allow me to use the DuckDNS domain to connect to my Jellyfin server from outside the LAN. So Right now, with the current set up, if I type in the domain name (XXX.duckdns.org), I cannot connect to my Jellyfin server outside the LAN (but within the LAN, it works).
Does that make sense?