Letsencrypt w/ nginx

I’ve read the articles, but I feel like I’m missing something.

This is through openmediavault with docker.

Currently I’m using letsencrypt which has nginx already built in (i didn’t install nginx separately). I am currently using the supplied recommendation for nginx in their jellyfin.subdomain.conf.sample. I tried to follow the documentation on about reverse proxies, but it produces the same results.

On my local network I am able to access the jellyfin server. When I disconnect and attempt LTE over my phone, or to connect from work I just get forbidden.

I registered a domain and the domain works on my local network like I said, just not elsewhere.

My booksonic works just fine, so I’m not sure what I’m missing.

# make sure that your dns has a cname set for jellyfin
# if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is
# if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app <containername>;"
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of jellyfin
# in jellyfin settings, under "Advanced/Networking" change the public https port to 443, leave the local ports as is,
# and set the "Secure connection mode" to "Handled by reverse proxy"

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name vault.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

   location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app jellyfin;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

  		proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
    }

    location ~ (/jellyfin)?/socket {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app jellyfin;
        set $upstream_port 8096;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

	}
}

This is the current code.

And please forgive me. I started this with little knowledge and originally just planned to do it locally and saw the possibilities and have started to run with it.

Any helps would be much appreciated. And I know I can access most things, I just don’t always know how and have to google, so it may be a bit before I can answer. Thanks again!