Kind of a quick off the cuff question… but is it difficult to get a docker hosted jellyfin server accessible outside of lan safely?
I have tailscale and a VPN I can use for my own devices but would like to be able to access it safely without needing those.
Stick with the VPN. No point in exposing more services with possible security vulnerabilities.
I love Jellyfin but I would absolutely not make it accessible over the public internet. A VPN is the way to go.
Yeah I’m thinking maybe just have family sign up for tailscale.
Why not just run your own WireGuard instance? I have a pivpn vm for it and it works great. You could also just put jellyfin behind a TLS terminating reverse proxy.
Oof, that’s bad… And lazy
Unfortunately a lot of these issues are architectural issues inherited from Emby
If you are not behind a CGNAT, it should be as easy as opening the necessary ports.
I have a reverse proxy running in ports 80, 443 and can safely access Jellyfin on a subdomain without issues from outside my LAN.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT NAT Network Address Translation SSL Secure Sockets Layer, for transparent encryption TLS Transport Layer Security, supersedes SSL VPN Virtual Private Network
4 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #204 for this sub, first seen 9th Oct 2023, 21:05] [FAQ] [Full list] [Contact] [Source code]
Depends on your definition of safe.
If you do a public port forward and set up basic security and proper SSL its safe from the majority of people.
To get it outside the LAN, you just need to forward the port it uses in your router. Example 8096 for regular http requests. I would highly recommend getting at least a reverse proxy with an SSL cert.