Jump to content
hurricanehrndz

New Emby Docker

433 posts in this topic Last Reply

Recommended Posts

Hi,

Switched to Emby from Plex. I like their design concepts a little better, Plex has been a little glitchy as of late. I already bought a lifetime license a few years ago., so going to try again.  The issue I have is I would like to offer Emby remotely to a couple people.  What is the easiest way to get SSL working with it? I have Let's Encrypt on the server for local network connections. Anyway to incorporate that into Emby? 

 

Thanks

Share this post


Link to post

Sure, if you're using LSIO's let's encrypt container which also has nginx you could just reverse proxy emby. All you need is either an own domain name or a free dynamic DNS service like duckdns. It's pretty easy to set up.

 

Or you can also check out the new container by @Djoss nginx proxy manager which is supposed to be even easier to set up. If you're not comfortable with reverse proxy there is a way to set up just SSL with your LE certificate, but I couldn't tell you how to do it. I know I've seen it somewhere on google though.

Share this post


Link to post
3 minutes ago, strike said:

Sure, if you're using LSIO's let's encrypt container which also has nginx you could just reverse proxy emby. All you need is either an own domain name or a free dynamic DNS service like duckdns. It's pretty easy to set up.

 

Or you can also check out the new container by @Djoss nginx proxy manager which is supposed to be even easier to set up. If you're not comfortable with reverse proxy there is a way to set up just SSL with your LE certificate, but I couldn't tell you how to do it. I know I've seen it somewhere on google though.

I have the linuxserver/letsencrypt docker of Let's Encrypt.  I was just reading about the nginx proxy manager. It suppose to be pretty easy. Might give that ago. Thanks for the reply, much appreciated!

Share this post


Link to post
17 hours ago, Badboy said:
I have the linuxserver/letsencrypt docker of Let's Encrypt.  I was just reading about the nginx proxy manager. It suppose to be pretty easy. Might give that ago. Thanks for the reply, much appreciated!

I just forward port 8920 to my let's encrypt docker and added this to the nginx default site

### Emby Server Configuration

server {
        listen 8920 ssl http2;
        server_name dynamic_server.com;

        ssl on;

        ssl_certificate /config/keys/letsencrypt/fullchain.pem;
        ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
        ssl_dhparam /config/nginx/dhparams.pem;

        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
        ssl_prefer_server_ciphers on;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 5m;
        add_header Strict-Transport-Security "max-age=31536000" always;

        server_tokens off;

        proxy_ssl_verify off;
        proxy_ssl_session_reuse on;
        proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        proxy_cache off;
        proxy_store off;

        location / {
            proxy_pass https://emby_ip_address:8920;
            include /config/nginx/proxy.conf;
            # proxy_set_header Host $host;
            # proxy_set_header X-Forwarded-Proto $scheme;
            proxy_intercept_errors  on;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
        }
}

### End Emby Server Configuration
 


I added the path /mnt/cache/appdata/letsencrypt/keys/letsencrypt/ to /keys in the Emby docker and under Advanced settings/custom ssl certificate I added /keys/privkey.pfx. I also added the Emby logs path to the letsencrypt docker, then added a filter to fail2ban for Emby

Edited by dmacias

Share this post


Link to post
3 minutes ago, dmacias said:

I just forward port 8920 to my let's encrypt docker and added this to the nginx default site


### Emby Server Configurationserver {       listen 8920 ssl http2;       server_name father.onthewifi.com;       ssl on;       ssl_certificate /config/keys/letsencrypt/fullchain.pem;       ssl_certificate_key /config/keys/letsencrypt/privkey.pem;       ssl_dhparam /config/nginx/dhparams.pem;       ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;       ssl_prefer_server_ciphers on;       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;       ssl_session_cache shared:SSL:10m;       ssl_session_timeout 5m;       add_header Strict-Transport-Security "max-age=31536000" always;       server_tokens off;       proxy_ssl_verify off;       proxy_ssl_session_reuse on;       proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;       proxy_cache off;       proxy_store off;       location / {           proxy_pass https://192.168.60.86:8920;           include /config/nginx/proxy.conf;           # proxy_set_header Host $host;           # proxy_set_header X-Forwarded-Proto $scheme;           proxy_intercept_errors  on;           proxy_set_header Upgrade $http_upgrade;           proxy_set_header Connection "Upgrade";       }}### End Emby Server Configuration
 


I added the path /mnt/cache/appdata/letsencrypt/keys/letsencrypt/ to /keys in the Emby docker and under Advanced settings/custom ssl certificate I added /keys/privkey.pfx. I also added the Emby logs path to the letsencrypt docker, then added a filter to fail2ban for Emby

Thank you, go grab a domain and give it a go.

Share this post


Link to post

If anyone needed help with hardware transcode, i have a guide here:

 

 

Share this post


Link to post

Just for documentation:

after updating my instance, it immediately stopped itself after successful start with error

Failed to initialize CoreCLR, HRESULT: 0x80004005

Running Docker Safe New Perms fixed this

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now