Jellyfin Reverse Proxy using Caddy

1. # place this file in it's own folder and in that folder execute 'docker compose up -d' without the quotes as root to set up everything. You can tear it all down (stop and delete the containers) with 'docker compose down'
2.  
3. volumes:
4.   jellyfin:
5.   caddy-data:
6.   caddy-config:
7.   caddy-logs:
9. # run 'docker create network internal; docker create network web' (without the quotes) before executing this or it will complain that the networks don't exist!
10.  
11. networks:
12.   web:
13.     external: true
14.   internal:
15.     external: true
16.  
17. services:
18.   caddy:
19.     image: homeall/caddy-reverse-proxy-cloudflare:latest
20.     container_name: caddy
21.     ports:
22.      - your.servers.LAN.ip:80:80
23.       - your.servers.LAN.ip:443:443
24.     environment:
25.      - TZ=America/New_York #change to your timezone
26.       - CLOUDFLARE_EMAIL=Your_Cloudflare_Account_Name
27.       - CLOUDFLARE_API_TOKEN=Your_API_Token
28.       - ACME_TRUE=true
29.     labels:
30.       caddy.log.format: console
31.       caddy.log.output: stdout
32.       caddy.log.level: info
33.       #caddy.acme_ca: https://acme-staging-v02.api.letsencrypt.org/directory #uncomment for testing, it won't generate a valid SSL cert but it will let you know that everything is working correctly (it acts like it's attempting to generate a valid cert), if you don't use the 'staging' environment while testing it will rate limit you after a certain amount of attempts and block you for like 24-48 hours, invalidating your tests and make you bash your head against the wall while trying to figure out why it won't work correctly
34.       #if it refuses to issue certs stating that it can't find the zone for your domain. make sure /etc/resolv.conf is set to 1.1.1.1 (or your authoritative DNS server)
35.     networks:
36.      - web
37.     restart: always
38.     cap_add:
39.      - NET_ADMIN
40.     volumes:
41.      - /var/run/docker.sock:/var/run/docker.sock
42.       - caddy-data:/data/caddy
43.       - caddy-config:/config/caddy
44.       - caddy-logs:/logs
45.  
46.   jellyfin:
47.     image: jellyfin/jellyfin
48.     container_name: jellyfin
49.     user: 1000:1000 (this is probably a different UID for you, check your UID with the 'id <username>' CLI command replacing  <username> with your username
50.     networks:
51.     - internal
52.      - web
53.     ports:
54.      - your.servers.lan.ip:8096:8096
55.     labels:
56.       caddy: jellyfin.yourdomain.com
57.       caddy.reverse_proxy: your.servers.LAN.ip:8096
58.       caddy.tls.dns: cloudflare Paste_Your_API_Key_here #don't delete the word cloudflare!
59.       caddy.log.output: file /logs/jellyfin.log
60.       caddy.log.level: info #debug can also be useful
61.     volumes:
62.      - jellyfin:/config
63.       - /path/to/media/on/your/server:/media
64.     restart: always
65.     environment:
66.      - JELLYFIN_PublishedServerUrl=https://jellyfin.yourdomain.com
67.       - HEALTHCHECK_URL=http://your.servers.LAN.ip:8096/health
68.