Jellyfin over the internet

⁨232⁩ ⁨likes⁩

Submitted ⁨⁨11⁩ ⁨hours⁩ ago⁩ by ⁨TribblesBestFriend@startrek.website⁩ to ⁨selfhosted@lemmy.world⁩

https://startrek.website/pictrs/image/6d04a3f3-79ec-44cb-9f2e-926280a658f4.png

What’s your go too (secure) method for casting over the internet with a Jellyfin server.

I’m wondering what to use and I’m pretty beginner at this

source

Comments

Sort:hotnew top

Alk@sh.itjust.works ⁨10⁩ ⁨hours⁩ ago
SWAG reverse proxy with a custom domain+subdomain, protected by authentik and fail2ban. Easy access from anywhere once it’s set up. No vpn required, just type in the short subdomain.domain.com and sign in (or the app keeps me signed in)

source
- iAmTheTot@sh.itjust.works ⁨9⁩ ⁨hours⁩ ago
  What’s the point of authentik when Jellyfin already has authentication?
  
  source
  - Alk@sh.itjust.works ⁨7⁩ ⁨hours⁩ ago
    While technically not strictly necessary, it adds more robust authentication methods, and makes it easier to build out other apps if you want to in the future without having to re-do the sign-in process for all of your users. You can have things like 2fa and other things that make it harder for bots to get in and easier for users to stay in. It also makes it easier to keep track of login attempts and notice compromised accounts.
    
    source
    -> View More Comments
- TribblesBestFriend@startrek.website ⁨10⁩ ⁨hours⁩ ago
  That’s probably this type of setup I would want but I miss the technical know how, so if you have a cool beginner guide
  
  source
  - Alk@sh.itjust.works ⁨7⁩ ⁨hours⁩ ago
    Here is the video I followed for SWAG. Note that this (and most of IBRACORP’s guides, which are all fantastic) uses Unraid as the OS, which automates a lot of the processes.
    
    youtu.be/N7FlsvhpVGE
    
    And here is a written guide by the same group to go with or replace the video if this is more your speed: docs.ibracorp.io/swag-2/
    
    source
  - Alk@sh.itjust.works ⁨9⁩ ⁨hours⁩ ago
    I used several separate guides plus help from a friend. Check out space invader one’s YouTube channel. I’m not at my pc right now but I can gather some of the tutorials I used when I get back.
    
    source
HeyJoe@lemmy.world ⁨10⁩ ⁨hours⁩ ago
Synology with Emby (do not use the connect service they offer) running behind my fortinet firewall. DDNS with my own domain name and ssl cert. Open 1 custom port (not 443) for it, and that’s it. Geoblock every country but my own, which basically eliminated all random traffic that was hitting hit. I’ve been running it this way for 5 years now and have no issues to report.

source
- AMillionMonkeys@lemmy.world ⁨9⁩ ⁨hours⁩ ago
  How are you geoblocking?
  
  source
  - HeyJoe@lemmy.world ⁨8⁩ ⁨hours⁩ ago
    Sadly, it may not be an option for a lot of people, but on the fortinet firewall you can make policies and set up geoblocking.
    
    source
dataprolet@lemmy.dbzer0.com ⁨10⁩ ⁨hours⁩ ago
I’m using a cheap VPS that connects over Tailscale to my home server. The VPS runs Nginx Proxy Manager, has a firewall and the provider offers DDOS protection and that’s it.

source
cloudless@piefed.social ⁨10⁩ ⁨hours⁩ ago
Unifi teleport. A zero configuration VPN to my home network.

source
- TribblesBestFriend@startrek.website ⁨10⁩ ⁨hours⁩ ago
  I’m fidgeting with Tailscale but I find this solution some what lacking
  
  source
Bruhh@lemmy.world ⁨8⁩ ⁨hours⁩ ago
I’m trying to self host navidrome in docker with a cloudflare domain and reverse proxy on the same network. Still fiddling myself since I keep getting a 403 cloudflare no access error.

Essentially, using cert provided by cloudflare where they proxy to my ip. From there the reverse proxy routes to my service. If I’m understanding it right, anyone with my domain would only see cloudflare ip instead of my own. Someone correct me if I’m wrong. I’m still learning this stuff as well.

Prior to this, I was using tailscale which worked fine but I’d have to connect via tailscale everytime and some instances, it wouldn’t connect properly at all.

source
lycanrising@lemmy.world ⁨9⁩ ⁨hours⁩ ago
no idea how safe or secure but i use cloudflare tunnel to point my jellyfin port on my computer

source
- StopSpazzing@lemmy.world ⁨9⁩ ⁨hours⁩ ago
  Someone mentioned above that cloudflare will ban you for streaming through their tunnel. Just be warned.
  
  source
bjoern_tantau@swg-empire.de ⁨10⁩ ⁨hours⁩ ago
My router has a VPN server built-in. I usually use that.

source
johannes@lemmy.jhjacobs.nl ⁨10⁩ ⁨hours⁩ ago
With wireguard i set up an easy VPN, then vpn to the home network and use jellyfin.

If i cant use vpn, i have Jellyfin behind a caddy server with automatic https and some security settings.

source
KingThrillgore@lemmy.ml ⁨10⁩ ⁨hours⁩ ago
Set up a VPN, use PiVPN

source
- TribblesBestFriend@startrek.website ⁨10⁩ ⁨hours⁩ ago
  I’ll try looking into that
  
  source
  - KingThrillgore@lemmy.ml ⁨10⁩ ⁨hours⁩ ago
    Just remember to test with something better than your phone, T-Mobile aggressively filters VPNs. Try a coffee shop.
    
    source
    -> View More Comments
a@91268476.xyz ⁨10⁩ ⁨hours⁩ ago
@TribblesBestFriend @selfhosted Tailscale. I also use a reverse proxy because I like nice names
source
- TribblesBestFriend@startrek.website ⁨10⁩ ⁨hours⁩ ago
  I’m using Tailscale right now but so far no luck on my friend AppleTV. But like I said elsewhere it’s probably a operator error
  
  source
  - a@91268476.xyz ⁨10⁩ ⁨hours⁩ ago
    @TribblesBestFriend @selfhosted I don’t use appletv but a workaround could be using airplay maybe?
    source
    -> View More Comments
rastacalavera@lemmy.world ⁨10⁩ ⁨hours⁩ ago
I use LSIO container stack so SWAG for the proxy. They have really good documentation and active discord docs.linuxserver.io

source
rando@lemmy.ml ⁨8⁩ ⁨hours⁩ ago
Headscale server on cheap vps with tailscale clients.

source
comrade_twisty@feddit.org ⁨10⁩ ⁨hours⁩ ago
Pangolin with Newt on a VPS hosted in Europe, domain registered through cloudflare.

source