include /local/security.conf; client_max_body_size 100M; location / { # Proxy main Jellyfin traffic # The / at the end is significant. # https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/ proxy_pass http://jellyfin/; proxy_pass_request_headers on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; # Disable buffering when the nginx proxy gets very resource heavy upon streaming proxy_buffering off; }