Reverse proxy with Nginx stuck on videos

Plex Media Server Desktops & Laptops
, ,
1

Hi fellow plexians,
I am trying to setup Nginx SSL termination for my existing plex server.

The setup works for metadata. Posters are returned correctly from my domain with https. But when playing back video, all I get is 404. Video playback does not start.

Any idea what wrong with these configs?

Remote access: disabled
Network> Secure connections: disabled
Network> Custom server access URLs: https://plex.mydomain.com

The nginx proxy config is adapted from https://github.com/toomuchio/plex-nginx-reverseproxy/blob/master/nginx.conf

upstream plex_backend {
    server <pms internal ip>:32400;
    keepalive 32;
}

server {
        listen 443 ssl http2;
        server_name plex.mydomain.com;
        send_timeout 100m;
        resolver 1.1.1.1 8.8.8.8 valid=300s;
        resolver_timeout 10s;
        client_max_body_size 100M;
        
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_dhparam /config/nginx/dhparams.pem;
        ssl_certificate /config/keys/letsencrypt/fullchain.pem;
        ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        
        gzip on;
        gzip_vary on;
        gzip_min_length 1000;
        gzip_proxied any;
        gzip_types text/plain text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml;
        gzip_disable "MSIE [1-6]\.";

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions;
        proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key;
        proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_redirect off;
        proxy_buffering off;
        
        location / {
                proxy_pass http://plex_backend;
        }
}

nginx.conf

...
http {
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    variables_hash_max_size 2048;
    server_tokens off;
    client_body_buffer_size  1k;
    client_header_buffer_size 1k;
    client_max_body_size 1k;
    large_client_header_buffers 4 8k;
    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    ...
}

Reverse proxy: docker image linuxserver/letsencrypt:0.34.2-ls30 on rpi3
Server Version#: 1.14.1.5488 on Ubuntu 14.04.6 LTS
Player Version#: Web client 3.102.0 on Chrome

NGINX reverse proxy - Host unreachable
2

Things I have already tried:

  1. Enable remote access and manually specify public port to 443
  2. Setting Network> Secure connections to Preferred and Required
  3. Disabling gzip on proxy
  4. Removing request limits and leaving these settings to the nginx default
client_body_buffer_size  1k;
client_header_buffer_size 1k;
client_max_body_size 1k;
large_client_header_buffers 4 8k;
  1. Disabling HSTS
  2. Disabling these headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
  1. Turning it off and on again

None of these seem to work.

3

Nvm, figured it out

4

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.