## Version 2025/05/18 # make sure that your jellyfin container is named jellyfin # make sure that your dns has a cname set for jellyfin # if jellyfin is running in bridge mode and the container is named "jellyfin", the below config should work as is # if not, replace the line "set $upstream_app jellyfin;" with "set $upstream_app ;" # or "set $upstream_app ;" for host mode, HOSTIP being the IP address of jellyfin # in jellyfin settings, under "Advanced/Networking" add subdomain.mydomain.tld as a known proxy server { listen 443 ssl; listen [::]:443 ssl; server_name jellyfin.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jellyfin; set $upstream_port 8096; set $upstream_proto http; if ($http_user_agent ~ Web0S) { add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; } proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Range $http_range; proxy_set_header If-Range $http_if_range; } location ~ (/jellyfin)?/socket { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jellyfin; set $upstream_port 8096; set $upstream_proto http; if ($http_user_agent ~ Web0S) { add_header Access-Control-Allow-Origin "luna://com.webos.service.config" always; } proxy_pass $upstream_proto://$upstream_app:$upstream_port; } # Restrict access to /metrics # https://jellyfin.org/docs/general/networking/monitoring/#prometheus-metrics location /metrics { allow 192.168.0.0/16; allow 10.0.0.0/8; allow 172.16.0.0/12; allow 127.0.0.0/8; deny all; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app jellyfin; set $upstream_port 8096; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } }