Nginx Proxy Manager: Custom locations don't work

[Iacov]

hey

currently i have no custom locations defined in my nginx proxy manager - and per se everything is working fine
yet i'm sure that there is a reason, why there is a tutorial on nginx proxy manager that specifically tell you to add two custom locations
Nginx | Jellyfin

i have added the custom location like in the screenshot below - the proxy host immediately turns from green (online) to red (offline)
no matter if i add "/" or "/socket"

- what am i doing wrong in adding the locations?
- are those custom locations actually needed?
- what are they needed for?

(if it matters, i only use npm for "nice" fqdn's within my lan, no wan exposure)

[niels]

Never used Nginx Proxy Manager but it feels like you need to remove that first line that says LOCATION: /

[TheDreadPirate]

Do you have "Cache assets" enabled? If so, disable it.

[Iacov]

Never used Nginx Proxy Manager but it feels like you need to remove that first line that says LOCATION: /

i tried, but there's no difference, unfortunately

Do you have "Cache assets" enabled?  If so, disable it.

yes, it's enabled per the linked guide
normally i never activate it with my proxy hosts - why should i disable it with jellyin? (vs the documentation stating to activate it)

[TheDreadPirate]

Along the same line of thinking as Niel, did you completely copy and paste that section from the guide? Both for / and /socket? First, remove "LOCATION: /" and "LOCATION: /socket"

Click on "Add location" named /socket and copy the appropriate section from our doc.

Cache assets can cause weird transcoding issues. Specifically if you set a maximum bit rate for remote clients, it won't be honored when caching is enabled. It can sometimes cause the transcode bit rate to be stupid high, which can break some encoders and cause massive quality issues.

[Iacov]

Along the same line of thinking as Niel, did you completely copy and paste that section from the guide?  Both for / and /socket? First, remove "LOCATION: /" and "LOCATION: /socket"

Click on "Add location" named /socket and copy the appropriate section from our doc.

Cache assets can cause weird transcoding issues.  Specifically if you set a maximum bit rate for remote clients, it won't be honored when caching is enabled.  It can sometimes cause the transcode bit rate to be stupid high, which can break some encoders and cause massive quality issues.

i've added "/socket" and only copied the rest of the code block in there...but still the proxy client changes to red/offline

should the code block actually go into the custom location config or should it go into "advanced"?

[TheDreadPirate]

Can you show us the Details page? Censor the domain. Also, your LAN IP is not sensitive so you don't need to censor that.

[Iacov]

i have asked bing chat/copilot to translate the code snippets into code for the "advanced" tab...i unfortunately lack the skill to a) assess if the code is correct and b) the knowledge to verify wether the code works
the proxy client is green/online though

Code:

location /socket {
    # Proxy Jellyfin Websockets traffic
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Protocol $scheme;
    proxy_set_header X-Forwarded-Host $http_host;
   
    # Security / XSS Mitigation Headers
    # NOTE: X-Frame-Options may cause issues with the webOS app
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "0";
    add_header X-Content-Type-Options "nosniff";

    # Content Security Policy
    # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
    # Enforces https content and restricts JS/CSS to origin
    # External Javascript (such as cast_sender.js for Chromecast) must be whitelisted.
    # NOTE: The default CSP headers may cause issues with the webOS app
    #add_header Content-Security-Policy "default-src https: data: blob: http://image.tmdb.org; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com/cv/js/sender/v1/cast_sender.js https://www.gstatic.com/eureka/clank/95/cast_sender.js https://www.gstatic.com/eureka/clank/96/cast_sender.js https://www.gstatic.com/eureka/clank/97/cast_sender.js https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'";
}
location / {
    # Proxy main Jellyfin traffic
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Protocol $scheme;
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_headers_hash_max_size 2048;
    proxy_headers_hash_bucket_size 128;
   
    # Security / XSS Mitigation Headers
    # NOTE: X-Frame-Options may cause issues with the webOS app
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "0";
    add_header X-Content-Type-Options "nosniff";

    # Content Security Policy
    # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
    # Enforces https content and restricts JS/CSS to origin
    # External Javascript (such as cast_sender.js for Chromecast) must be whitelisted.
    # NOTE: The default CSP headers may cause issues with the webOS app
    #add_header Content-Security-Policy "default-src https: data: blob: http://image.tmdb.org; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com/cv/js/sender/v1/cast_sender.js https://www.gstatic.com/eureka/clank/95/cast_sender.js https://www.gstatic.com/eureka/clank/96/cast_sender.js https://www.gstatic.com/eureka/clank/97/cast_sender.js https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'";
}

will edit with a picture of the detail page
detail site is attached - but i don't think that i messed up there, as using jellyfin and streaming a movie worked

btw, why are the custom locations for / and /socket needed?

edit2: the "rewritten" custom location does not work...the client is online, but i end up on the "welcome to openresty" page

[TheDreadPirate]

Just so we're clear, the code block in your last post. You don't have that entire thing in BOTH / and /socket, right?

[Iacov]

Just so we're clear, the code block in your last post.  You don't have that entire thing in BOTH / and /socket, right?

no, of course not xD
i did enter it in the "advanced" tab, where you can manually define a custom location (i did have to solve it similarily for my pihole)

when posting the individual code blocks (as per the linked guide) into the configuration for the custom location (in the "custom location" tab), i get the offline client

so the furthest i've come:
- posting official config into custom location tab -> offline proxy client
- adapting official config with bing chat for "advanced"-tab syntax and posting it in there -> online proxy client, but wrong forwarding (ending up on "welcome to openresty" page)

i still don't understand why i need the "/" and "/socket" custom location, but as it is in the documentation, i want to abide to it