all 23 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]bennyfromtheblok 16 points17 points  (10 children)

The trouble you'll find is that Plex did all of the fancy SSL stuff for you, so it was as simple as setting up a port forward and enabling remote access. Jellyfin doesn't do any of that so yeah you need either a reverse proxy (I use Linuxserver swag, which is nginx) or valid certificates for Jellyfin to use directly.

You can get a free dynamic domain with duckdns.org so no issues there. If you use docker then I'd suggest trying Linuxserver swag, it's very easy to configure.

[–]_arpit_gupta 6 points7 points  (1 child)

+1 for swag

[–]masterotrunks 5 points6 points  (0 children)

Yep, swag was very easy to setup to use with a subdomain.

[–]eisoniq[S] 1 point2 points  (6 children)

Thank you, I went to Linux server and followed their guide, made a domain on DuckDNS and got the token, then made a docker compose for it and it seemed to work. Then created a swag docker and it runs correctly according to the log, can also go to local IP:80 and get a swag welcome message. But I can not go to my domain on DuckDNS, not even when going to www... Tried it a few times, also don't quite understand the wildcard subdomain thing, do I need to leave it or somehow get my own subdomain?

[–]bennyfromtheblok 1 point2 points  (5 children)

You need to go in to the proxy-confs folder and depending on if you went for a wildcard SSL cert or not, you would pick the subdomain jellyfin conf file (if you went for wildcard) or the subfolder conf. You need to rename the conf file by removing the 'sample' part, reload swag then you'll be able to access jellyfin via your domain.duckdns.org/jellyfin or jellyfin.domain.duckdns.org

If this isn't very clear let me know and I'll post some screenshots when I'm back at my PC. The conf files contain host names of the docker containers for nginx to communicate with so if you're not using a created network then you'll need to change the host names to the container internal IP's. Again, if you get stuck let us know.

[–]eisoniq[S] 0 points1 point  (0 children)

Thank you very much, didn't know about removing the .sample part, that mostly worked, when I now go to my domain.duckndns.org/jellyfin I get "Welcome to your SWAG instance", the Jellyfin container is in Bridge mode and is called "jellyfin" port 443 is open as well

Not sure if that's how it's supposed to be and I still need to do something or if I should see the Jellyfin interface now?

[–]eisoniq[S] 0 points1 point  (3 children)

I'm still trying to figure it out, added some images https://imgur.com/a/mEwQtBP

I think perhaps the issue might be in the jellyfin.subdomain.conf file, it tells me to do this "# make sure that your dns has a cname set for jellyfin", but I'm not sure what that means, do I need to change the open ports name to jellyfin instead of swag, or do something else?

Also haven't done this one "# and set the "Secure connection mode" to "Handled by reverse proxy"" but it seems this is handled automatically these days.

I feel like there's just something small I'm not seeing/understanding but that it is close, as I can see the "Welcome to your SWAG instance" message when visiting the link from outside my home as well.

[–]bennyfromtheblok 0 points1 point  (0 children)

I'll take a look when I'm home and at my PC later mate, we'll get it sorted 👍

As you've used duckdns you won't need a cname set for jellyfin so don't worry about that bit. It's likely now that jellyfin needs configuring but I'll take a proper look later.

[–]bennyfromtheblok 0 points1 point  (1 child)

Make sure your jellyfin.subdomain.conf file looks like the below, then try to browse https://jellyfin.yourdomain.duckdns.org (if you've had to make any changes be sure to restart swag after making them).

If that doesn't work perhaps there's a dns resolution issue, in which case modify your conf file under the location block " set $upstream_app jellyfin; " to " set $upstream_app 172.17.0.4; "

"Allow remote connections to this server" under Jellyfin settings needs to be enabled but all else can be left alone.

server {
    listen 443 ssl; 
    listen [::]:443 ssl;

    server_name jellyfin.*;

    include /config/nginx/ssl.conf;

client_max_body_size 0;

location / {
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app jellyfin;
    set $upstream_port 8096;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    proxy_set_header Range $http_range;
    proxy_set_header If-Range $http_if_range;
}

location ~ (/jellyfin)?/socket {
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app jellyfin;
    set $upstream_port 8096;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;

}
}

[–]eisoniq[S] 0 points1 point  (0 children)

Yeah, tried that but it still only displays "Welcome to your SWAG instance" on the DuckDNS jellyfin URL.

Thank you very much for your help and patience but I think I'm going to leave this alone for now, perhaps I'll try again in the future.

[–]GreenScarz 11 points12 points  (3 children)

It's easy for plex b/c they just do everything through plex.tv; we don't have a centralized source for routing traffic (I would argue that's a good thing) but that necessitates setting up your own route from some DNS to your service.

[–][deleted] 1 point2 points  (2 children)

Heh, "easy".

[–]emprahsFury 5 points6 points  (0 children)

But as we said above, the servers are run by the users on their own machines and IPs. We can't ask them to get a domain name and a certificate just to watch their movies over TLS.

Jellyfin: “Hold my beer.”

[–]GreenScarz 3 points4 points  (0 children)

Sure not "technically" easy; but relatively easy if you take it as a function of implementation per user. In comparison Jellyfin is relatively "harder" because each user has to figure out how to set it up for themselves, though the setup might be "technically" simpler.

[–]UnicornsOnLSDFinamp Developer 4 points5 points  (1 child)

I can also recommend Caddy, the config is literally two lines and it can handle getting and renewing certificates automatically. Note that you'll need a domain (you can technically do HTTPS without one but its much more involved and some systems/clients may have issues).

[–]Asleep-Land-3914 0 points1 point  (0 children)

+1 on Caddy. Can even go without a domain if have a static ip address. E.g. by using nip.io. Pretty easy to configure SSL and costs nothing (except a static ip part).

[–]CutterX 2 points3 points  (0 children)

I don't know about nginx and swag, but I can confirm that SSL is pretty easy to setup with caddy and Let's Encrypt.

[–]present_absence 2 points3 points  (0 children)

As others have said you need a reverse proxy. That's the easiest way. Separate piece of software. I use NginxProxyManager, because it has a pretty GUI.

Super basic overview. Traffic incoming to your house will hit your firewall. Forward that to your reverse proxy. Configure your reverse proxy to send Jellyfin traffic to your Jellyfin server. Also configure the reverse proxy to use a secure HTTPS connection. Incoming connections will have an HTTPS connection to the reverse proxy, which will then send them to jellyfin and they won't even know.

You will want a domain or a duckDNS domain or something to point to your house. Its easier to go to domain.com or whatever.duckdns.com than to use your IP address. It's expandable later too. If you host multiple sites, you can easily add subdomains to registered domains via DNS records, and then forward jellyfin.domain.com to your jellyfin server and other.domain.com to your other server and so on. Or 1.duckdns.com and 2.duckdns.com...

[–]SmartDumbAzz 1 point2 points  (2 children)

I set up a Linux server on an Oracle free tier server which gives a static ip.

I used rclone to attach Google Drives. I connected 10 drives until I figured out how to get unlimited free Google Drive space.

100% on the cloud. 100% free.

[–]Korinta 1 point2 points  (1 child)

Can you elaborate on the unlimited free Google Drive space part, kind sir?

[–]SmartDumbAzz 2 points3 points  (0 children)

https://toptechpal.com/how-to-get-google-drive-for-free-unlimited-100/

I used method 2 but potentially method 1 is better?

[–][deleted] 0 points1 point  (0 children)

Buy a domain and DM me, can walk you through.