How do I do "add_header" to access Jellyfin via LG WebOS?

bktchrwsulhwrdmkiq · December 12, 2024, 1:25pm

Hi. I would kindly request support to access Jellyfin via WebOS.

Thanks!

1. The problem I’m having:

I would like to access Jellyfin via the Internet from an LG WebOS Jellyfin app. With NGINX, it had these add_header workarounds: Nginx | Jellyfin

Thus, I assume I simply need to add these headers.

3. Caddy version:

v2.7.6 h1

4. How I installed and ran Caddy:

Docker compose, 1:1 following GitHub - lucaslorentz/caddy-docker-proxy: Caddy as a reverse proxy for Docker

a. System environment:

Artix Linux 6.12.0-zen1-1-zen, Docker version 27.3.1, build ce1223035a

c. Service/unit/compose file:

version: "3.7"
services:
  caddy:
    image: lucaslorentz/caddy-docker-proxy:ci-alpine
    ports:
      - 80:80
      - 443:443
    environment:
      TZ: Europe/Paris
      CADDY_INGRESS_NETWORKS: caddy
      CADDY_GLOBAL_DEFAULT_ROUTE: |
        :80, :443 {
          redir https://${DOMAINNAME}
        }
    networks:
      - caddy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - caddy_data:/data
    restart: unless-stopped
    labels:
      caddy.email: abuse@${DOMAINNAME}
      caddy.acme_ca: https://acme.zerossl.com/v2/DV90
networks:
  caddy:
    external: true
volumes:
  caddy_data: {}

Jellyfin deployment:

version: "3.9"
services:
  jellyfin:
    image: jellyfin/jellyfin
    container_name: jellyfin
    user: ${UID}:${GID}
    #network_mode: 'host'
    volumes:
      - /${CONFIGS}/jellyfin:/config
      - type: bind
        source: ${SOURCE_MEDIA}
        target: /media
    restart: 'unless-stopped'
    networks:
      - caddy
    labels:
      caddy: jellyfin.${DOMAINNAME}
      caddy.reverse_proxy: "{{upstreams 8096}}"
      #caddy.reverse_proxy.header.X-Frame-Options: SAMEORIGIN
      #caddy.reverse_proxy.header.X-XSS-Protection: "0"
      #caddy.reverse_proxy.header.X-Content-Type-Options: nosniff
networks:
  caddy:
    external: true

timelordx · December 13, 2024, 1:19am

Not sure what you’re trying to achieve here, I’m only guessing you’re trying to manipulate HTTP response headers. If that’s the case, you need to use the header directive.

For example, if I want Caddy to send the following HTTP response headers:

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "0"
X-Content-Type-Options: nosniff

I would do this:

header {
  X-Frame-Options "SAMEORIGIN"
  X-XSS-Protection "0"
  X-Content-Type-Options "nosniff"
}

For how to do it so that the lucaslorentz/caddy-docker-proxy container can recognize that, you would need to reach out to the author of that Docker image.

timelordx · December 13, 2024, 1:34am

I’m looking at the lucaslorentz/caddy-docker-proxy examples, and I think it might be like this:

    labels:
      caddy: jellyfin.${DOMAINNAME}
      caddy.reverse_proxy: "{{upstreams 8096}}"
      caddy.header.X-Frame-Options: "SAMEORIGIN"
      caddy.header.X-XSS-Protection: "0"
      caddy.header.X-Content-Type-Options: "nosniff"

But I do not use lucaslorentz/caddy-docker-proxy, so I’m just guessing here, sorry.

davuinds · December 14, 2024, 2:40pm

Thanks forr sharing. It helps me a lot.