Apache
非官方测试版翻译
本页面由 PageTurner AI 翻译(测试版)。未经项目官方认可。 发现错误? 报告问题 →
"Apache HTTP Server 项目致力于为现代操作系统(包括 UNIX 和 Windows)开发和维护开源的 HTTP 服务器。该项目的目标是提供安全、高效且可扩展的服务器,使其 HTTP 服务符合当前 HTTP 标准。"
<VirtualHost *:80>
ServerName DOMAIN_NAME
# Comment to prevent HTTP to HTTPS redirect
Redirect permanent / https://DOMAIN_NAME/
ErrorLog /var/log/apache2/DOMAIN_NAME-error.log
CustomLog /var/log/apache2/DOMAIN_NAME-access.log combined
</VirtualHost>
# If you are not using a SSL certificate, replace the 'redirect'
# line above with all lines below starting with 'Proxy'
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName DOMAIN_NAME
# This folder exists just for certbot (You may have to create it, chown and chmod it to give apache permission to read it)
DocumentRoot /var/www/html/jellyfin/public_html
ProxyPreserveHost On
# Letsencrypt's certbot will place a file in this folder when updating/verifying certs
# This line will tell apache to not to use the proxy for this folder.
ProxyPass "/.well-known/" "!"
# Tell Jellyfin to forward requests that came from TLS connections
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
# Apache should be able to know when to change protocols (between WebSocket and HTTP)
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket
RewriteRule /(.*) ws://SERVER_IP_ADDRESS:8096/socket/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket
RewriteRule /(.*) http://SERVER_IP_ADDRESS:8096/$1 [P,L]
# Sometimes, Jellyfin requires clients to empty their cache to display and function correctly.
# This header tells clients not to keep any cache and is quite strict on that.
# This might also fix some syncplay issues (#5485 and #8140 @ https://github.com/jellyfin/jellyfin-web/issues/)
# Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0"
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/DOMAIN_NAME/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem
Protocols h2 http/1.1
# Enable only strong encryption ciphers and prefer versions with Forward Secrecy
SSLCipherSuite HIGH:RC4-SHA:AES128-SHA:!aNULL:!MD5
SSLHonorCipherOrder on
# Disable insecure SSL and TLS versions
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
ErrorLog /var/log/apache2/DOMAIN_NAME-error.log
CustomLog /var/log/apache2/DOMAIN_NAME-access.log combined
</VirtualHost>
</IfModule>
如果遇到错误,可能需要手动启用 mod_proxy、mod_ssl、proxy_wstunnel、http2、headers 和 remoteip 支持模块。
sudo a2enmod proxy proxy_http ssl proxy_wstunnel remoteip http2 headers
带子路径的 Apache 配置 (example.org/jellyfin)
在客户端应用程序连接服务器时,请在地址栏输入 http(s)://DOMAIN_NAME/jellyfin。
在 Jellyfin 服务器中设置基础 URL 字段:通过网页客户端进入 管理控制台 -> 网络 -> 基础 URL,在输入框�中填写 /jellyfin 并点击保存。需重启服务器使更改生效。
注意
HTTP 协议存在安全风险。以下配置仅为便捷使用提供。若需将服务器暴露在公网,请务必启用 HTTPS。Let's Encrypt 提供免费 TLS 证书,可通过 certbot 轻松安装。
以下配置可保存至 /etc/httpd/conf/extra/jellyfin.conf 并包含在虚拟主机配置中。
# Jellyfin hosted on http(s)://DOMAIN_NAME/jellyfin
<Location /jellyfin/socket>
ProxyPreserveHost On
ProxyPass "ws://127.0.0.1:8096/jellyfin/socket"
ProxyPassReverse "ws://127.0.0.1:8096/jellyfin/socket"
</Location>
<Location /jellyfin>
ProxyPass "http://127.0.0.1:8096/jellyfin"
ProxyPassReverse "http://127.0.0.1:8096/jellyfin"
</Location>