this post was submitted on 23 May 2026
188 points (97.0% liked)

Selfhosted

59897 readers
715 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
188
How would you expose Jellyfin securely without a vpn? (discuss.online)
submitted 3 weeks ago by kiol@discuss.online to c/selfhosted@lemmy.world
174 comments fedilink hide all child comments
 

Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?

you are viewing a single comment's thread
view the rest of the comments
[–] PeriodicallyPedantic@lemmy.ca 1 points 2 weeks ago (1 children)

How do you get the mobile app to connect?

[–] Evotech@lemmy.world 2 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I just type the URL

I have Cloudflare set up without Auth. Just region locked to my country

So it's just a solid reverse proxy with a bunch of features and an added layer with white listing.

I know whitelisting isn't security per say but it's good enough

[–] PeriodicallyPedantic@lemmy.ca 2 points 2 weeks ago (1 children)

Idk if geo whitelisting is really good enough. I can't speak for OP, but I'm in the same position and I don't. I had high hopes for the post but everyone seems to just brush over the "secure" part

[–] Evotech@lemmy.world 1 points 2 weeks ago (1 children)

What are you afraid of?

My jellyfin runs in a a rootless podman container

[–] PeriodicallyPedantic@lemmy.ca 3 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I'm afraid of security bugs in the software I'm using, so that containers don't contain, read-only doesn't prevent writing, mounting directories doesn't restrict access to those directories, etc.

I'm a nobody, I can't imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)

[–] Evotech@lemmy.world -1 points 2 weeks ago

Then don't expose anything on the internet