Marco Janssen

Jellyseerr is a free and open source software application for managing requests for your media library. It is a a fork of Overseerr built to bring support for Jellyfin & Emby media servers! Follow this link for more info.

Docker

Docker-compose.yml

version: '3'
services:
    jellyseerr:
       image: fallenbagel/jellyseerr:latest
       container_name: jellyseerr
       environment:
            - TZ=Europe/Amsterdam
            - JELLYFIN_TYPE=emby
       ports:
            - 5055:5055
       volumes:
            - /path/to/dir/config:/app/config
       restart: unless-stopped

docker-compose -p "jellyseerr" -f /path/to/file/docker-compose.yml up -d --remove-orphans

Swag

NGINX - jellyseerr.subdomain.conf

The following code should be included in file at the following location: /path/to/dir/swag/config/nginx/proxy-confs/jellyseerr.subdomain.conf

The trick is to copy the jellyseerr.subdomain.conf.sample file to jellyseerr.subdomain.conf. You can create a new file from scratch, but the Swag startup could complain the file does not have to correct timestamp. This is a warning not a “showstopper”.

## Version 2022/09/08
# make sure that your dns has a cname set for jellyseerr and that your jellyseerr container is named jellyseerr

server {
    listen 80;
    server_name jellyseerr.*;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name jellyseerr.*;
        server_name jellyseerr.yourdomain.com;
        resolver 1.1.1.1 1.0.0.1 valid=300s;
        resolver_timeout 10s;
        gzip on;
        gzip_vary on;
        gzip_min_length 1000;
        gzip_proxied any;
        gzip_types text/plain text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml;
        gzip_disable "MSIE [1-6]\.";
        
    location / {
            proxy_pass http://192.168.1.1:5055;
            proxy_read_timeout    90;
            proxy_connect_timeout 90;
            proxy_redirect        off;
            proxy_set_header      Host $host;
            proxy_set_header      X-Real-IP $remote_addr;
            proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header      Proxy "";
        }
        
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme; 
}

fail2ban - jail.local

Add the configuration below to the file: /path/to/dir/swag/config/fail2ban/jail.local

The path /jellyseerr_log/ should be added to your docker-compose.yml of SWAG.

This config let the intruder try 3 times, if failed within 10 minutes they’re blocked for 1 hour. IP’s from 192.168.1.0/24 are ignored.

[jellyseerr]

enabled		= true
filter		= jellyseerr
port		= http,https
logpath		= /jellyseerr_log/overseerr-*.log
maxretry	= 3
findtime	= 10m
bantime		= 1h
ignoreip	= 192.168.1.0/24

fail2ban - jellyseerr.conf

Add the following config to /path/to/dir/swag/config/fail2ban/filter.d/jellyseerr.conf

# Fail2Ban for jellyseerr
#
#


[Definition]

failregex = \[info\]\[Auth\]: Failed login attempt from user with incorrect Jellyfin credentials \{"account":\{"ip":"<HOST>","email":".*","password":"__REDACTED__"\}\}
ignoreregex =