nixos-configs/devices/nos/modules/jellyfin/nginx.conf

events {
	worker_connections 1024;
}

http {
	# Must be in HTTP block
	# Set in-memory cache-metadata size in keys_zone, size of video caching and how many days a cached object should persist
	proxy_cache_path /var/cache/nginx/jellyfin-videos levels=1:2 keys_zone=jellyfin-videos:100m inactive=90d max_size=35000m;
	map $request_uri $h264Level {
		~(h264-level=)(.+?)& $2;
	}
	map $request_uri $h264Profile {
		~(h264-profile=)(.+?)& $2;
	}

	server {
		listen 8097;
		listen [::]:8097;
		server_name jelly.nelim.org;

		## The default `client_max_body_size` is 1M, this might not be enough for some posters, etc.
		client_max_body_size 20M;

		location = / {
			return 302 https://$host/web/;
		}

		location / {
			# Proxy main Jellyfin traffic
			proxy_pass http://localhost:8096;
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header X-Forwarded-Protocol $scheme;
			proxy_set_header X-Forwarded-Host $http_host;

			# Disable buffering when the nginx proxy gets very resource heavy upon streaming
			proxy_buffering off;
		}

		# location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
		location = /web/ {
			# Proxy main Jellyfin traffic
			proxy_pass http://localhost:8096/web/index.html;
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header X-Forwarded-Protocol $scheme;
			proxy_set_header X-Forwarded-Host $http_host;
		}

		location /socket {
			# Proxy Jellyfin Websockets traffic
			proxy_pass http://localhost:8096;
			proxy_http_version 1.1;
			proxy_set_header Upgrade $http_upgrade;
			proxy_set_header Connection "upgrade";
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header X-Forwarded-Protocol $scheme;
			proxy_set_header X-Forwarded-Host $http_host;
		}

		location /accounts {
			# No longer necessary on versions after v0.3.0
			# rewrite ^/accounts/(.*) /$1 break;

			# Remove the CSP header set for Jellyfin
			proxy_hide_header Content-Security-Policy;
			add_header Content-Security-Policy "";

			proxy_pass http://localhost:8056/accounts; # Change as you need

			# For versions <= v0.3.0
			#proxy_pass http://localhost:8056; # Change as you need

			http2_push_preload on;

			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header X-Forwarded-Protocol $scheme;
			proxy_set_header X-Forwarded-Host $http_host;
			proxy_buffering off;
		}

	}
}