overview for SirMaple_

Moving from Cloudflare tunnels for media streaming, first plan didn't work out due to double NAT in c/selfhosted@lemmy.world

[–] SirMaple__@lemmy.ca 0 points 5 hours ago (1 children)

https://github.com/jellyfin/jellyfin/issues/5415

Moving from Cloudflare tunnels for media streaming, first plan didn't work out due to double NAT in c/selfhosted@lemmy.world

[–] SirMaple__@lemmy.ca 1 points 5 hours ago (1 children)

https://github.com/jellyfin/jellyfin/issues/5415

Moving from Cloudflare tunnels for media streaming, first plan didn't work out due to double NAT in c/selfhosted@lemmy.world

[–] SirMaple__@lemmy.ca -1 points 13 hours ago* (last edited 13 hours ago)

No worries. Better than reading that someone got hacked because they left Jellyfin wide open

You could even run a travel router, mini PC or Raspberry Pi, run the VPN on it, connect the Roku to it over the onboard WiFi adapter. On the PC/Pi you'd force all the traffic from the Roku towards Jellyfin over the tunnel. You could even define the Jellyfin in DNS (/etc/hosts) so the internet will never even know you're running Jellyfin. Something like https://raspap.com/ or even a openwrt travel router from the likes of GL.iNet would work.

Moving from Cloudflare tunnels for media streaming, first plan didn't work out due to double NAT in c/selfhosted@lemmy.world

[–] SirMaple__@lemmy.ca 19 points 13 hours ago* (last edited 13 hours ago) (9 children)

Do not. I repeat do not expose Jellyfin to the internet. It has too many security issues to be directly accessible from the internet.

I use Jellyfin and only access it over WireGuard. I have a mesh setup between the routers at a few family members houses.

If you have absolutely no other way then to expose it to the internet you need to make sure that you whitelist only the approved IPs in your VPS firewall and block everything else.