mirror of
https://github.com/advplyr/audiobookshelf.git
synced 2025-07-31 13:51:30 +02:00
Merge 7e61ba513d into f273eee807
This commit is contained in:
Torstein Eide
GitHub
commit
937d46412e
267
readme.md
267
readme.md
@ -80,273 +80,6 @@ See [documentation](https://audiobookshelf.org/docs#book-directory-structure) fo
|
||||
See [install docs](https://www.audiobookshelf.org/docs)
|
||||
|
||||
<br />
|
||||
|
||||
# Reverse Proxy Set Up
|
||||
|
||||
#### Important! Audiobookshelf requires a websocket connection.
|
||||
|
||||
#### Note: Using a subfolder is supported with no additional changes but the path must be `/audiobookshelf` (this is not changeable). See [discussion](https://github.com/advplyr/audiobookshelf/discussions/3535)
|
||||
|
||||
### NGINX Proxy Manager
|
||||
|
||||
Toggle websockets support.
|
||||
|
||||
<img alt="NGINX Web socket" src="https://user-images.githubusercontent.com/67830747/153679106-b2a7f5b9-0702-48c6-9740-b26b401986e9.png" />
|
||||
|
||||
### NGINX Reverse Proxy
|
||||
|
||||
Add this to the site config file on your nginx server after you have changed the relevant parts in the <> brackets, and inserted your certificate paths.
|
||||
|
||||
```bash
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name <sub>.<domain>.<tld>;
|
||||
|
||||
access_log /var/log/nginx/audiobookshelf.access.log;
|
||||
error_log /var/log/nginx/audiobookshelf.error.log;
|
||||
|
||||
ssl_certificate /path/to/certificate;
|
||||
ssl_certificate_key /path/to/key;
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
|
||||
proxy_http_version 1.1;
|
||||
|
||||
proxy_pass http://<URL_to_forward_to>;
|
||||
proxy_redirect http:// https://;
|
||||
|
||||
# Prevent 413 Request Entity Too Large error
|
||||
# by increasing the maximum allowed size of the client request body
|
||||
# For example, set it to 10 GiB
|
||||
client_max_body_size 10240M;
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
### Apache Reverse Proxy
|
||||
|
||||
Add this to the site config file on your Apache server after you have changed the relevant parts in the <> brackets, and inserted your certificate paths.
|
||||
|
||||
For this to work you must enable at least the following mods using `a2enmod`:
|
||||
|
||||
- `ssl`
|
||||
- `proxy`
|
||||
- `proxy_http`
|
||||
- `proxy_balancer`
|
||||
- `proxy_wstunnel`
|
||||
- `rewrite`
|
||||
|
||||
```bash
|
||||
<IfModule mod_ssl.c>
|
||||
<VirtualHost *:443>
|
||||
ServerName <sub>.<domain>.<tld>
|
||||
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
|
||||
ProxyPreserveHost On
|
||||
ProxyPass / http://localhost:<audiobookshelf_port>/
|
||||
RewriteEngine on
|
||||
RewriteCond %{HTTP:Upgrade} websocket [NC]
|
||||
RewriteCond %{HTTP:Connection} upgrade [NC]
|
||||
RewriteRule ^/?(.*) "ws://localhost:<audiobookshelf_port>/$1" [P,L]
|
||||
|
||||
# unless you're doing something special this should be generated by a
|
||||
# tool like certbot by let's encrypt
|
||||
SSLCertificateFile /path/to/cert/file
|
||||
SSLCertificateKeyFile /path/to/key/file
|
||||
</VirtualHost>
|
||||
</IfModule>
|
||||
```
|
||||
|
||||
If using Apache >= 2.4.47 you can use the following, without having to use any of the `RewriteEngine`, `RewriteCond`, or `RewriteRule` directives. For example:
|
||||
|
||||
```xml
|
||||
<Location /audiobookshelf>
|
||||
ProxyPreserveHost on
|
||||
ProxyPass http://localhost:<audiobookshelf_port>/audiobookshelf upgrade=websocket
|
||||
ProxyPassReverse http://localhost:<audiobookshelf_port>/audiobookshelf
|
||||
</Location>
|
||||
```
|
||||
|
||||
Some SSL certificates like those signed by Let's Encrypt require ACME validation. To allow Let's Encrypt to write and confirm the ACME challenge, edit your VirtualHost definition to prevent proxying traffic that queries `/.well-known` and instead serve that directly:
|
||||
|
||||
```bash
|
||||
<VirtualHost *:443>
|
||||
# ...
|
||||
|
||||
# create the directory structure /.well-known/acme-challenges
|
||||
# within DocumentRoot and give the HTTP user recursive write
|
||||
# access to it.
|
||||
DocumentRoot /path/to/local/directory
|
||||
|
||||
ProxyPreserveHost On
|
||||
ProxyPass /.well-known !
|
||||
ProxyPass / http://localhost:<audiobookshelf_port>/
|
||||
|
||||
# ...
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
### SWAG Reverse Proxy
|
||||
|
||||
[See LinuxServer.io config sample](https://github.com/linuxserver/reverse-proxy-confs/blob/master/audiobookshelf.subdomain.conf.sample)
|
||||
|
||||
### Synology NAS Reverse Proxy Setup (DSM 7+/Quickconnect)
|
||||
|
||||
1. **Open Control Panel**
|
||||
|
||||
- Navigate to `Login Portal > Advanced`.
|
||||
|
||||
2. **General Tab**
|
||||
|
||||
- Click `Reverse Proxy` > `Create`.
|
||||
|
||||
| Setting | Value |
|
||||
| ------------------ | -------------- |
|
||||
| Reverse Proxy Name | audiobookshelf |
|
||||
|
||||
3. **Source Configuration**
|
||||
|
||||
| Setting | Value |
|
||||
| ---------------------- | ---------------------------------------- |
|
||||
| Protocol | HTTPS |
|
||||
| Hostname | `<sub>.<quickconnectdomain>.synology.me` |
|
||||
| Port | 443 |
|
||||
| Access Control Profile | Leave as is |
|
||||
|
||||
- Example Hostname: `audiobookshelf.mydomain.synology.me`
|
||||
|
||||
4. **Destination Configuration**
|
||||
|
||||
| Setting | Value |
|
||||
| -------- | ----------- |
|
||||
| Protocol | HTTP |
|
||||
| Hostname | Your NAS IP |
|
||||
| Port | 13378 |
|
||||
|
||||
5. **Custom Header Tab**
|
||||
|
||||
- Go to `Create > Websocket`.
|
||||
- Configure Headers (leave as is):
|
||||
|
||||
| Header Name | Value |
|
||||
| ----------- | --------------------- |
|
||||
| Upgrade | `$http_upgrade` |
|
||||
| Connection | `$connection_upgrade` |
|
||||
|
||||
6. **Advanced Settings Tab**
|
||||
- Leave as is.
|
||||
|
||||
### [Traefik Reverse Proxy](https://doc.traefik.io/traefik/)
|
||||
|
||||
Middleware relating to CORS will cause the app to report Unknown Error when logging in. To prevent this don't apply any of the following headers to the router for this site:
|
||||
|
||||
<ul>
|
||||
<li>accessControlAllowMethods</li>
|
||||
<li>accessControlAllowOriginList</li>
|
||||
<li>accessControlMaxAge</li>
|
||||
</ul>
|
||||
|
||||
From [@Dondochaka](https://discord.com/channels/942908292873723984/942914154254176257/945074590374318170) and [@BeastleeUK](https://discord.com/channels/942908292873723984/942914154254176257/970366039294611506) <br />
|
||||
|
||||
### Example Caddyfile - [Caddy Reverse Proxy](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy)
|
||||
|
||||
```
|
||||
subdomain.domain.com {
|
||||
encode gzip zstd
|
||||
reverse_proxy <LOCAL_IP>:<PORT>
|
||||
}
|
||||
```
|
||||
|
||||
### HAProxy
|
||||
|
||||
Below is a generic HAProxy config, using `audiobookshelf.YOUR_DOMAIN.COM`.
|
||||
|
||||
To use `http2`, `ssl` is needed.
|
||||
|
||||
```make
|
||||
global
|
||||
# ... (your global settings go here)
|
||||
|
||||
defaults
|
||||
mode http
|
||||
# ... (your default settings go here)
|
||||
|
||||
frontend my_frontend
|
||||
# Bind to port 443, enable SSL, and specify the certificate list file
|
||||
bind :443 name :443 ssl crt-list /path/to/cert.crt_list alpn h2,http/1.1
|
||||
mode http
|
||||
|
||||
# Define an ACL for subdomains starting with "audiobookshelf"
|
||||
acl is_audiobookshelf hdr_beg(host) -i audiobookshelf
|
||||
|
||||
# Use the ACL to route traffic to audiobookshelf_backend if the condition is met,
|
||||
# otherwise, use the default_backend
|
||||
use_backend audiobookshelf_backend if is_audiobookshelf
|
||||
default_backend default_backend
|
||||
|
||||
backend audiobookshelf_backend
|
||||
mode http
|
||||
# ... (backend settings for audiobookshelf go here)
|
||||
|
||||
# Define the server for the audiobookshelf backend
|
||||
server audiobookshelf_server 127.0.0.99:13378
|
||||
|
||||
backend default_backend
|
||||
mode http
|
||||
# ... (default backend settings go here)
|
||||
|
||||
# Define the server for the default backend
|
||||
server default_server 127.0.0.123:8081
|
||||
|
||||
```
|
||||
|
||||
### pfSense and HAProxy
|
||||
|
||||
For pfSense the inputs are graphical, and `Health checking` is enabled.
|
||||
|
||||
#### Frontend, Default backend, access control lists and actions
|
||||
|
||||
##### Access Control lists
|
||||
|
||||
| Name | Expression | CS | Not | Value |
|
||||
| :------------: | :---------------: | :-: | :-: | :-------------: |
|
||||
| audiobookshelf | Host starts with: | | | audiobookshelf. |
|
||||
|
||||
##### Actions
|
||||
|
||||
The `condition acl names` needs to match the name above `audiobookshelf`.
|
||||
|
||||
| Action | Parameters | Condition acl names |
|
||||
| :-----------: | :------------: | :-----------------: |
|
||||
| `Use Backend` | audiobookshelf | audiobookshelf |
|
||||
|
||||
#### Backend
|
||||
|
||||
The `Name` needs to match the `Parameters` above `audiobookshelf`.
|
||||
|
||||
| Name | audiobookshelf |
|
||||
| ---- | -------------- |
|
||||
|
||||
##### Server list:
|
||||
|
||||
| Name | Expression | CS | Not | Value |
|
||||
| :------------: | :---------------: | :-: | :-: | :-------------: |
|
||||
| audiobookshelf | Host starts with: | | | audiobookshelf. |
|
||||
|
||||
##### Health checking:
|
||||
|
||||
Health checking is enabled by default. `Http check method` of `OPTIONS` is not supported on Audiobookshelf. If Health check fails, data will not be forwared. Need to do one of following:
|
||||
|
||||
- To disable: Change `Health check method` to `none`.
|
||||
- To make Health checking function: Change `Http check method` to `HEAD` or `GET`.
|
||||
|
||||
# Run from source
|
||||
|
||||
# Contributing
|
||||
|
||||
Loading…
Reference in New Issue
Block a user