This proxies requests to Plex's /library/metadata endpoints, and adds in subtitle and audio track information. The logic for actually changing this is based off Ian Walton's userscript (Thanks Ian!)
-
Download the latest version of metaproxy for your OS/arch, and unzip it somewhere.
-
Grab your Plex servers
*.<hash>.plex.directcertificate- That's inside the main app data directory on Windows & Linux (see this Plex support article for more information)
- On macOS, it's in the regular library caches (
~/Library/Caches/PlexMediaServer/certificate.p12) - Thanks to Plex for providing me with this information!
-
Decrypt your certificate
- The key to this is equal to the SHA512 hash of the string
plex<MACHINE ID>, where<MACHINE ID>is equal to the value ofProcessedMachineIdentifierfrom your servers advanced settings, see this Plex support article for more information- So, if my machine ID was
deadbeef, the string to hash would beplexdeadbeef.
- So, if my machine ID was
- The key is lowercase, as is the string to hash. Example commands to decrypt the certificate:
- The key to this is equal to the SHA512 hash of the string
openssl pkcs12 -in certificate.p12 -out plex.cert -clcerts -nokeys -passin "pass:<that hash>"
openssl pkcs12 -in certificate.p12 -out plex.key -nocerts -nodes -passin "pass:<that hash>"
where <that hash> is your hash.
- Configure your Plex server Currently I've only been able to get this working on Docker, as with that, I can map a port on the container to a port on my server.
My container is ran as so:
docker run -e ADVERTISE_IP="http://<local ip>:32400/" -e ALLOWED_NETWORKS=<local netmask> \
-d --restart=always \
--name plex \
-p 32401:32400 \
-e TZ="<timezone>" \
-v <redacted>:/config \
-v <redacted>:/media:ro \
plexinc/pms-docker
(If there is something I am configuring wrong here, please open an issue, PR, or post on the Plex forum thread. Thanks!)
- For now, until I can figure out a solution, you'll also need to set your server to *require* secure connections.
- Configure your reverse proxy
- I use Caddy, but feel free to use what you want!
My configuration is as so (note the *):
*.<subdomain>.plex.direct:32400 {
proxy /library/metadata localhost:3213 {
transparent
}
proxy / https://localhost:32401 {
transparent
websocket
insecure_skip_verify
}
log logs/plex.log
tls plex.cert plex.key
}
where <subdomain> is equal to the value found at the top of the certificate you decrypted. Example:
subject=/C=US/ST=California/L=Los Gatos/O=Plex, Inc./CN=*.<subdomain>.plex.direct
- Configure metaproxy
Congrats! We're at the last step. Configuration options are as follows (you can also see this by running
metaproxy -h):
Usage of ./metaproxy:
-addr string
the address to bind to (default "127.0.0.1:3213")
-plex-host string
the host + port that your plex server is running on (default "localhost:32401")
-secure
use https to connect to your plex server (will increase loading times) (needed if Secure Connections is set to Required)
The default options work fine for the setup that we've configured in this guide, but make sure to change anything accordingly!
Important: If your server is set to require secure connections, you need to pass -secure.
Congrats, you're done!
If you run into any issues, please post in the Plex forum thread, or open an issue here.