|
2023-07-13, 05:07 PM
I have zero networking experience till now, have Jellyfin running on Unraid and it's working quite nicely for my home network. Next step, I would like to configure remote access. To me using DuckDNS as well as NGINX for reverse proxy seems like the easiest and the cheapest option. But is there a trade off to this? Would I be better off buying a cheap domain and using Cloudflare for example?
2023-07-13, 05:10 PM
I use NoIP + apache + letsencrypt certs without issue. Most people just use DuckDNS or some other DDNS service. Getting a domain would purely be for URL aesthetics.
Jellyfin 10.10.1 (Docker)
Ubuntu 24.04 LTS Intel i3 12100 Intel Arc A380 OS drive - SK Hynix P41 1TB Storage 3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library) ![[Image: GitHub%20Sponsors-grey?logo=github]](https://img.shields.io/badge/GitHub%20Sponsors-grey?logo=github){kind=icon}
2023-07-13, 06:44 PM
In my setup I'm running on Linux Mint 21 with Jellyfin installed with sh script as guide on web site
With Duckdns + caddy2 for reverse proxy and ssl It works with no-ip too
2023-07-13, 07:35 PM
Ok so my current plan should work then. My follow up to that is will it be necessary to configure HTTPS in Jellyfin, or will the reverse proxy take care of all of that? I assume it just means it will be HTTP on local network which is fine right?
2023-07-13, 07:49 PM
The reverse proxy handles https. The proxy will communicate internally to jellyfin via http. You CAN have the proxy communicate via https to jellyfin, but that adds unnecessary overhead.
Jellyfin 10.10.1 (Docker)
Ubuntu 24.04 LTS Intel i3 12100 Intel Arc A380 OS drive - SK Hynix P41 1TB Storage 3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
2023-07-13, 08:12 PM
Ok that's what I assumed, but yeah that would be unnecessary. So long as I'm not inviting hackers to my doorstep I'm satisfied lol.
2024-06-06, 06:11 PM
how safe is this setup considering threats?
I was thinking about pivpn + duckdns to just enter the home network and use jellyfin from there, instead of exposing anything
2024-06-06, 06:25 PM
(This post was last modified: 2024-06-06, 06:25 PM by TheDreadPirate.)
You have to keep in mind that we are all small fries. No hacker with any skill is going after us.
Keep your system up-to-date Use a reverse proxy Use legit certs for https Hide usernames from the Jellyfin login screen Use non-standard https port to minimize randos finding your jellyfin Setup fail2ban to ban the rare rando that finds your server Running on a non-standard https port is big, IMO. I've yet to see any failed login attempts on my Jellyfin from rando IPs.
Jellyfin 10.10.1 (Docker)
Ubuntu 24.04 LTS Intel i3 12100 Intel Arc A380 OS drive - SK Hynix P41 1TB Storage 3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
2024-06-11, 05:27 AM
I would agree with moderator that its a matter of small fries and hackers...
2024-06-18, 10:31 PM
(This post was last modified: 2024-06-18, 11:16 PM by pcm. Edited 4 times in total.)
I agree with TheDreadPirate with the setup if you plan to host jellyfin on the root of your site...
My strategy is different. I don't have jellyfin on the root (/) of my website. My website's root/index page just shows nginx default-homepage. I host jellyfin on a specific path on my website and I don't host a sitemap so ... good luck trying to figure that out where on my site is jellyfin hosted. And if, by brute-force someone does figure out the path to jellyfin on my site, I also don't show any user accounts on the jellyfin landing page... I don't like the reliability of duckdns .. I prefer getting my own domain. I got mine from cheap at namecheap. I get my certs from zeroSSL. I'm curious as to why you think you'd need a VPN. The SSL connection between your client and server will ensure that no one can read any data except for the server and the client... |
|
|
|
|
