Connecting Securely to Jellyfin server through HTTPS

[jluck676]

Noob to the NAS environment here.

I am trying to ensure I am remotely connecting to my Jellyfin server securely over HTTPS. How would I go about doing something like this? I've looked over many resources in the matter but everything is just a bit over my head or gives me trouble when trying to apply it to TOS6. I currently have Tailscale setup to remotely access server but it only works on HTTP. I have looked into caddy, let's encrypt, and others but just can't figure it out.

My Jellyfin server is running on a TerraMaster NAS with TOS6

[bitmap]

I have heard one of the easiest reverse proxies to start with would be NPM, nginx proxy manager. I use SWAG, which is an all-in-one container from linuxserver.io. You need a certificate and a reverse proxy at the very least. SWAG (and I think NPM) bundle certbot, which can handle getting the cert and renewing it.

Past that, you need a domain name (DuckDNS can provide a free one) and a way to determine your IP address if you don't have a static external IP (not common). DuckDNS can provide both the domain as well as dynamic IP tracking.

Your connection to Tailscale might be HTTP, but your transmissions between your server and client are secure. Tunneled VPN like Tailscale/Wireguard is one of the safest ways to access your home server. Exposing your server to the internet opens up more vulnerability.

[Generator]

I personally use desec.io for domain with linuxserver/swag

But easiest way to setup a reverse proxy maybe Nginx Proxy Manager or caddy, you can find some guides on Jellyfin docs

- https://jellyfin.org/docs/general/post-i...king/caddy

Swag isn't that hard to setup but maybe requires a little more knowledge.

[bitmap]

Moved to General Questions. Guides and Walkthroughs is for sharing your own guides or walkthroughs.