2024-10-29, 01:12 PM
Regardless whether you use Nginx or not, you'd need to use a DDNS service. Nginx is just a proxy or http/s server. The DDNS service is what allows you to use a domain name while having a dynamic IP address. If you were to use Nginx, you'd still need your DDNS service.
As for why we suggest using Nginx, security is one and, related, https is another. Jellyfin's built in http server is not hardened and even if you were to use https directly within Jellyfin, there are attacks against https that weaken encryption that Jellyfin is not built to handle. Additionally, when using plaintext http, your API key is part of the URL that is sent between the client and server. And that API key travels over the Internet unencrypted. Using https would protect your API key since that portion of the URL becomes encrypted.
Which is where Nginx comes in. Nginx is hardened, much more secure by default, and much, much more configurable to enhance security further. There are also a lot of tools to automate the process of getting and renewing certificates for proper https.
Since you are using Ubuntu, just run "sudo apt install nginx" and follow our guide here.
https://jellyfin.org/docs/general/networking/nginx/
And once you have the https config for Jellyfin setup, you can then request certs. Let's Encrypt has an app, Certbot, to automate the request and renewal of your certs.
https://certbot.eff.org/instructions?ws=nginx&os=snap
As for why we suggest using Nginx, security is one and, related, https is another. Jellyfin's built in http server is not hardened and even if you were to use https directly within Jellyfin, there are attacks against https that weaken encryption that Jellyfin is not built to handle. Additionally, when using plaintext http, your API key is part of the URL that is sent between the client and server. And that API key travels over the Internet unencrypted. Using https would protect your API key since that portion of the URL becomes encrypted.
Which is where Nginx comes in. Nginx is hardened, much more secure by default, and much, much more configurable to enhance security further. There are also a lot of tools to automate the process of getting and renewing certificates for proper https.
Since you are using Ubuntu, just run "sudo apt install nginx" and follow our guide here.
https://jellyfin.org/docs/general/networking/nginx/
And once you have the https config for Jellyfin setup, you can then request certs. Let's Encrypt has an app, Certbot, to automate the request and renewal of your certs.
https://certbot.eff.org/instructions?ws=nginx&os=snap
Jellyfin 10.10.5 (Docker)
Ubuntu 24.04 LTS
Intel i3 12100
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
![[Image: GitHub%20Sponsors-grey?logo=github]](https://img.shields.io/badge/GitHub%20Sponsors-grey?logo=github)
Ubuntu 24.04 LTS
Intel i3 12100
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)