Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx Documentation Re-work #1277

Merged
merged 5 commits into from
Jan 27, 2025
Merged

Nginx Documentation Re-work #1277

merged 5 commits into from
Jan 27, 2025

Conversation

solidsnake1298
Copy link
Member

@solidsnake1298 solidsnake1298 commented Jan 25, 2025
edited by felix920506
Loading

Fixes #1275

@solidsnake1298 solidsnake1298 marked this pull request as ready for review January 26, 2025 00:03
felix920506
felix920506 approved these changes Jan 26, 2025
View reviewed changes
Copy link
Member

@felix920506 felix920506 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Someone familiar with nginx should double check

@felix920506 felix920506 requested a review from JPVenson January 26, 2025 00:07
@nielsvanvelzen
Copy link
Member

If we really want to simplify this page I'd suggest some additional removals:

  • Remove SSL config (rely on default options)
  • Remove X-Content-Type-Options header
  • Remove permission policy header
  • Remove CSP header
  • Remove "nginx with subpath" part, just focus on a normal install with dedicated subdomain
  • Remove image cache example, the server already caches images
  • Remove download rate limiting!! This should've never been added in the first place as clients do NOT expect this

@solidsnake1298
Copy link
Member Author

If we really want to simplify this page I'd suggest some additional removals:

  • Remove SSL config (rely on default options)
  • Remove X-Content-Type-Options header
  • Remove permission policy header
  • Remove CSP header
  • Remove "nginx with subpath" part, just focus on a normal install with dedicated subdomain
  • Remove image cache example, the server already caches images
  • Remove download rate limiting!! This should've never been added in the first place as clients do NOT expect this

The goal isn't to simplify down to the absolute minimum for a working HTTPS proxy. I want this to be the minimum secure config that doesn't break 99.999% of user clients. The exception is super super old clients, which I mention for the ssl_protocols line, which would compromise security unnecessarily if that was not configured.

Subpaths are pretty common for users that don't want wildcard certs or multiple subdomain certs.

The image cache is useful for proxies not located on the same host as Jellyfin. A common use case to provide an example for, but clearly labeled as optional. Same with download limiting for users with limited upload speed.

However, my download limit testing was flawed and it does not work as documented. Will remove that for now.

@jellyfin-bot
Copy link

Cloudflare Pages deployment

Latest commit c2d077431cf28671fa6343359ead36707dd806e1
Status ✅ Deployed!
Preview URL https://37f4a6b7.jellyfin-org.pages.dev
Type 🔀 Preview

@solidsnake1298 solidsnake1298 merged commit 47c7b1d into master Jan 27, 2025
8 checks passed
@solidsnake1298 solidsnake1298 deleted the tdp-nginx-rework branch January 27, 2025 18:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joshuaboniface joshuaboniface joshuaboniface approved these changes

@felix920506 felix920506 felix920506 approved these changes

@JPVenson JPVenson Awaiting requested review from JPVenson

@sevenrats sevenrats Awaiting requested review from sevenrats

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cannot get fonts using nginx example
5 participants
@solidsnake1298 @nielsvanvelzen @jellyfin-bot @joshuaboniface @felix920506