Oof, that’s bad… And lazy
Comment on Jellyfin docker outside of lan.
doeknius_gloek@feddit.de 11 months agoI love Jellyfin but I would absolutely not make it accessible over the public internet. A VPN is the way to go.
eluvatar@programming.dev 11 months ago
PulsarSkate@lemmy.sdf.org 11 months ago
Unfortunately a lot of these issues are architectural issues inherited from Emby
Gooey0210@sh.itjust.works 11 months ago
Why “absolutely” not?
doeknius_gloek@feddit.de 11 months ago
Have you seen the link?
Gooey0210@sh.itjust.works 11 months ago
Oh, sorry, sorry, sorry, i didn’t think this is a link 😅😅😅
doeknius_gloek@feddit.de 11 months ago
Haha, no problem!
iHUNTcriminals@lemm.ee 11 months ago
Yeah I’m thinking maybe just have family sign up for tailscale.
manwichmakesameal@lemmy.world 11 months ago
Why not just run your own WireGuard instance? I have a pivpn vm for it and it works great. You could also just put jellyfin behind a TLS terminating reverse proxy.
dinosaurdynasty@lemmy.world 11 months ago
Sounds like a pain to get non technical family members to use. If you’re willing to break the non web app you could always put it behind an authenticating proxy (which is what I do for myself outside of VPN, setting up a VPN on a phone is obnoxious and I only look at metadata anyway on my phone)
kratoz29@lemm.ee 11 months ago
CGNAT is a big reason.
Gooey0210@sh.itjust.works 11 months ago
Or headscale, works like a charm
SuddenlyBlowGreen@lemmy.world 11 months ago
Yep, that way you can set ACLs, you they can only access the jellyfin ports + the ports you allow them to.
Also, tailacale DNS.