I have a server behind a reverse proxy that’s fully accessible at a custom domain I control. I have placed the following domain in the “Custom server access URLs”: https://plex.mydomain.tld:443
This works perfectly fine, except when accessing the server in a web browser with the app.plex.tv url as some quirky behavior is exhibited. Essentially I can’t change anything, subtitles, quality, settings. When looking at the JS console I see these errors:
Access to XMLHttpRequest at 'https://plex.mydomain.tld/updater/check?download=0&X-Plex-Product=Plex%20Web&X-Plex-Version=4.103.2&X-Plex-Client-Identifier=XXXXXX&X-Plex-Platform=Chrome&X-Plex-Platform-Version=111.0&X-Plex-Features=external-media%2Cindirect-media%2Chub-style-list&X-Plex-Model=hosted&X-Plex-Device=Windows&X-Plex-Device-Name=Chrome&X-Plex-Device-Screen-Resolution=1920x1049%2C1920x1200&X-Plex-Token=XXXXXX&X-Plex-Language=en' from origin 'https://app.plex.tv' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
PUT https://plex.mydomain.tld/updater/check?download=0&X-Plex-Product=Plex%20Web&X-Plex-Version=4.103.2&X-Plex-Client-Identifier=XXXXXX&X-Plex-Platform=Chrome&X-Plex-Platform-Version=111.0&X-Plex-Features=external-media%2Cindirect-media%2Chub-style-list&X-Plex-Model=hosted&X-Plex-Device=Windows&X-Plex-Device-Name=Chrome&X-Plex-Device-Screen-Resolution=1920x1049%2C1920x1200&X-Plex-Token=XXXXXX&X-Plex-Language=en net::ERR_FAILED
The strange thing is that I have another server with an identical setup involving a reverse proxy and it works completely fine, totally rock solid with no errors. It’s just this new setup I’m making that’s causing problems.
Yes, through further troubleshooting I fully believe it’s the proxy configuration on the new machine. However, it’s unclear how to fix it. The new machine uses traefic while the old one uses nginx, and it’s unclear what is misconfigured.
As far as I can tell tell traefic on my truenas scale server is not adding the correct accessControlAllowOrigin header. With it’s current implementation I don’t think I’m able to diagnose further.
Standard configuration of plex, with an ingress, load balancer service type, no middleware set.
plex.mydomain.tld added in plex network config.
It’s important to realize that If I connect to my server via plex.mydomain.tld it works totally fine. But if I just go to plex.tv (as people who I’ve shared the server with might do), then that results in cors errors.
This same error does not occur when using nginx that I’ve successfully deployed on a different plex server. As a stop gap measure, I adjusted my dns to go to my other server, run through an nginx reverse proxy, and forward that request to my truenas server on the exposed 32400 port. This works ok, no errors, albeit suboptimal. Besides the network hop the remote IP apparently isn’t getting forwarded correctly. Not sure how to fix that at this moment.
I’m not sure of your familiarity with truenas scale but the implementation of traefik is with truecharts and it is missing a substantial amount of control and features of the actual full featured traefik. They have reasonable brute force defaults but I’ve determined I can’t diagnose this further without further implementation of the header middleware. Such as just setting the policy to *.
I have brought this up with the developers of the truecharts traefik and they just weren’t that concerned with it. Adding the header middleware feature set has been on the radar for months but since it’s an open source project we’ll probably have to wait months and maybe years until someone contributes to that.
Unless you have other ideas, to which I’m entirely willing to try.
