Hi all, I have a problem with authelia-swag and docker, I think it will be a very long post, I am not an expert in reverse-proxy, please bear with me
Let’s start with the configuration:
- I use a DDNS with https://dynv6.com/ where I have configured the following fields in my Zones
- On the router, I forwarded ports 81 and 444 to the respective ports 80 and 443 on my server
- Then I downloaded and installed the authelia-swag docker and this is the configuration docker
networks:
net:
driver: 'bridge'
services:
swag:
container_name: 'swag'
image: 'lscr.io/linuxserver/swag'
restart: 'unless-stopped'
networks:
net:
aliases: []
ports:
- '81:80'
- '444:443'
volumes:
- '${DOCKER_APPDATA}/autelia-swag/swag:/config'
- '${DOCKER_APPDATA}/autelia-swag/swag/log/letsencrypt:/var/log/letsencrypt'
## Uncomment the line below if you want to use the Authelia configuration snippets.
#- '${PWD}/data/nginx/snippets:/snippets'
environment:
PUID: '${PUID}'
PGID: '${PGID}'
TZ: '${TZ}'
URL: 'MYDOMAIN.dynv6.net'
SUBDOMAINS: 'www,whoami,auth,organizr'
VALIDATION: 'http'
CERTPROVIDER: 'zerossl'
ONLY_SUBDOMAINS: 'false'
STAGING: 'true'
EMAIL: '***@gmail.com'
cap_add:
- 'NET_ADMIN'
authelia:
container_name: 'authelia'
image: 'authelia/authelia'
restart: 'unless-stopped'
networks:
net:
aliases: []
expose:
- 9091
volumes:
- '${DOCKER_APPDATA}/autelia-swag/authelia/config:/config'
environment:
TZ: '${TZ}'
organizr:
container_name: 'organizr'
image: 'organizr/organizr'
restart: 'unless-stopped'
networks:
net:
aliases: []
expose:
- 81
volumes:
- '${DOCKER_APPDATA}/autelia-swag/organizr/config:/config'
environment:
PUID: '${PUID}'
PGID: '${PGID}'
TZ: '${TZ}'
whoami:
container_name: 'whoami'
image: 'traefik/whoami'
restart: 'unless-stopped'
command:
- --port=2001
networks:
net:
aliases: []
expose:
- 81
environment:
TZ: '${TZ}'
So I started configuring everything, it took me days but now, for example, Sonarr, Bazarr, etc., work via remote access, so something small I managed to do
However, I can’t get Plex to work! I would like to access it remotely since the plex site is blocked at work, so I can watch Plex on a monitor rather than on a cell phone during my lunch break.
I tried this configuration:
## Version 2024/07/16
# make sure that your plex container is named plex
# make sure that your dns has a cname set for plex
# if plex is running in bridge mode and the container is named "plex", the below config should work as is
# if not, replace the line "set $upstream_app plex;" with "set $upstream_app <containername>;"
# or "set $upstream_app <HOSTIP>;" for host mode, HOSTIP being the IP address of plex
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://plex.MYDOMAIN.dynv6.net:443")
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name plex.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
proxy_redirect off;
proxy_buffering off;
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app MYDOMAIN.dynv6.net;
set $upstream_port 32400;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
proxy_set_header X-Plex-Device $http_x_plex_device;
proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;
proxy_set_header X-Plex-Platform $http_x_plex_platform;
proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
proxy_set_header X-Plex-Product $http_x_plex_product;
proxy_set_header X-Plex-Token $http_x_plex_token;
proxy_set_header X-Plex-Version $http_x_plex_version;
proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
proxy_set_header X-Plex-Provides $http_x_plex_provides;
proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
proxy_set_header X-Plex-Model $http_x_plex_model;
}
}
And I set up Plex like this
Custom server access URLs
https://plex.MYDOMAIN.dynv6.net:443
But I don’t know if I need to enable Relay, I tried enabling it but nothing changes
Every time I made a change to the Authelia-Swag configuration file, I restarted the docker, while URL changes in Plex were made without a server restart
How can I understand or provide you with more data/logs to understand where the problem is?
I don’t think I can do it without help
Thank you