A reverse proxy is a secure method of remotely accessing services on your home media server. Using nginx on any Linux based system (Ubuntu, Debian, Raspbian) you can access Headphones without having to remember the port number inside your home network. With a free dynamic dns address (guides: Linux) you can manage Headphones away from home using a custom address like htpcguides.crabdance.com/headphones. It is very convenient and easy to set up once you know how, it will add that extra bit of polish to your HTPC media server. This guide was tested on Minibian for the Raspberry Pi but should work on any Linux (Ubuntu, Debian and others) based system. I assume you know what your IP address is and how to SSH in to your Linux box.
Configure Headphones Reverse Proxy nginx Linux
Enable Reverse Proxy in Headphones
Stop your headphones service
sudo service headphones stop
Change the headphones configuration http_root, you will need to find it first
find / -name config.ini
I got this output
/opt/headphones/config.ini
/opt/Mylar/config.ini
So I opened the headphones file since I am not interested in changing Mylar right now
nano /opt/headphones/config.ini
Find the line http_root = / under [General] and change it to your desired location
You will use this location in nginx later and they must match
http_root = /headphones
Ctrl+X, Y and Enter to save
Now start Headphones
sudo service headphones start
Configure Headphones Reverse Proxy nginx Linux
Install nginx
sudo apt-get install nginx -y
Create a new nginx site
sudo nano /etc/nginx/sites-available/reverse
Add these lines, adjust your dynamic dns address (mine is htpcguides.crabdance.com) and local IP address (mine is 192.168.40.105. If you changed your default Headphones port change 127.0.0.1:8181 to reflect your port. If you already have some reverse proxy locations set up, you do not need to add the server block, only the location /headphones section including the blue curly brackets.
You must use the same location you set the http_root to above (e.g. /headphones)
server {
listen 80;
server_name htpcguides.crabdance.com 192.168.40.105;
location /headphones {
proxy_pass http://127.0.0.1:8181;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Ctrl+X, Y and enter to save and exit
Disable the default nginx site if this is a fresh nginx installation
sudo unlink /etc/nginx/sites-enabled/default
Enable the reverse proxy site with headphones enabled
sudo ln -s /etc/nginx/sites-available/reverse /etc/nginx/sites-enabled/reverse
Restart the nginx service
sudo service nginx restart
You can now access Headphones locally within your home network at http://ip.address/headphones.
If you have a dynamic DNS addresss you can access Headphones outside your home network at http://yourdns.address/headphones
To access it outside the home network you will need to forward port 80 in your router to the machine hosting nginx.
If you get a 502 Bad gateway error it may be because you are on a Raspberry Pi or slow machine, give it a few minutes to load the Headphones web interface. If you get a 400 Bad Request Request Header Or Cookie Too Large then try another browser, this error is typical in Google Chrome and requires flushing cache to fix.
Enjoy your safe, secure nginx reverse proxy for Headphones. You can now close port 8181 on your router if you had it forwarded before.
If you want reverse proxy brute force protection using fail2ban see this guide.