1. Posts must be related to the discussion of digital piracy
2. Don’t request invites, trade, sell, or self-promote
3. Don’t request or link to specific pirated titles, including DMs
4. Don’t submit low-quality posts, be entitled, or harass others
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
Does anyone have hypothetical knowledge on how to set up jellyfin at one location for several family members spread out across the country?
It’s easy af, just look up Jellyfin server guide. Basically it’s just forwarding a few ports and setting up usernames/passwords for them and you’re good to go
This is the riskiest way of doing it because you’re exposing ports to the open internet.
It gets more complicated if someone is double-natted (CG/NAT) unfortunately.
add tailscale and you’re golden
one could dyndns their servers’ ipv6 instead, where cgnat to my knowledge does not exist
A slightly more complicated setup would be to host Jellyfin on one’s server at home and run a VPN client to a VPS which would have the necessary ports forwarded and routing configured. This way the people who know the right credentials can log in (assuming SSO) and the hoster doesn’t have to open their own port
Do not expose Jellyfin to the general Internet. They have security issues, I would not trust that (no cloudflare does not save you by default).
There are basically two ways: VPN, or authenticated reverse proxy. VPN is probably the easiest to setup and the most flexible, but it’s a bit of a pita to use.
Authenticated reverse proxy will break apps, but the web app will work (and you can setup your reverse proxy to allow specific user agents from the VPN to bypass it, allowing apps on the VPN to work). I currently do this so I can look at metadata on my phone without a VPN setup.
I personally use GL.iNet routers. Basically you create VPN tunnels between a WG(WireGuard) server hosted on one router, and WG clients hosted on another GL.iNet router or a device that supports the WG app (PC and mobile afaik). The router using the WG server is facing WAN so no need to port forward and you can use it to connect to your jellyfin server as well as RDP or SSH into your server. The WG clients are simple, just need to be connected to the Internet. The tunnels bandwidth is based on your ISP’s upload speed(fiber is great, with coax good luck streaming 4k) where the WG server is located. You can use WG without the router too, but I’ll just speak to my experience.
Edit: YT link to intro for the routers - https://youtu.be/LXbDg1v65Qs?feature=shared
My setup is this:
So me, my partner, parnets, and friends when outside my network can go to jellyfin.domain.whatever and login to my jellyfin. No ports open to the internet except 80/443 on the reverse proxy, and no ips to remember. That will give you some things to google to get started to replicate a similar setup for your needs.
In terms of security, isn’t this kind of the same as just opening the server port to the internet, which many others are advising against?
Off the top of my head, I can think of 3 ways.
For 1. you don’t necessarily need a VPN. A reverse tunnel using SSH should be sufficient and is easier.
Where are you seeing a VPS for $1/month that works well as a Jellyfin server for multiple people?
I have a VPS from RackNerd for something like $11.5/yr. You can check some offers from them here.
To be clear, it probably won’t work well as a Jellyfin server since the storage and CPU capabilities aren’t great. But it’s pretty good as a relay, which is what I described above. I have a local machine, and I use the VPS to relay the connection to the open internet.
I had a question: in the $12/year plan from Racknerd, is the deal tied to a specific instance which you can spin up for that much money? Or can I just shut it down and switch it on the next day without extra charges?
I’m trying to find an API to use with Racknerd (SolusVM, but their documentation is a bit confusing for me) to be able to pull up VMs on demand. I basically want a new IP for my VM everyday, however requesting a new IP from Racknerd incurs fees, or so I have heard.
Mine is a KVM. It’s tied to a specific instance and IP. Changing the IP is not free.
Which means that if you shut it down, the plan is nullified?
Oh no. You can shut it down, and turn it on all you want. But you’ll retain all your data and IP address.
I see. Thanks.
Still very cool, though. Thanks!
If you treat it as relay, then does it consume bandwidth on the VPS?
Yes, it does. Mine gives me 2TB/month of bandwidth, which is plenty for my use.
If you have good home upload and want to host at home, a simple reverse proxy on the vps provider of your choice does the trick. I host for a large group of friends and family and it all proxies through haproxy running on digitalocean.
You don’t even need the vps unless you’re behind cgnat Though you should never expose Jellyfin to the Internet, they have had and continue to have major security problems