this post was submitted on 31 Mar 2025
212 points (98.2% liked)

Selfhosted

45411 readers
522 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
212
How to secure Jellyfin hosted over the internet? (programming.dev)
submitted 3 days ago by [email protected] to c/[email protected]
141 comments fedilink hide all child comments
 

I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?

(page 2) 50 comments
sorted by: hot top controversial new old
[–] [email protected] 6 points 3 days ago (3 children)

I use Pangolin (https://github.com/fosrl/pangolin)

[–] [email protected] 2 points 3 days ago (2 children)

URL is 404

[–] [email protected] 2 points 3 days ago

remove the brace at the end

[–] [email protected] 1 points 3 days ago

It's not, though?

[–] [email protected] 1 points 2 days ago (1 children)

I was thinking of setting this up recntly after seeing it on Jim's garage. Do you use it for all your external services or just jellyfin? How does it compare to a fairly robust WAF like bunkerweb?

[–] [email protected] 1 points 2 days ago

I use it for all of my external services. It's just wireguard and traefik under the hood. I have no familiarity with bunkerweb, but pangolin integrates with crowdsec. Specifically it comes out of the box with traefik bouncer, but it is relatively straightforward to add the crowdsec firewall bouncer on the host machine which I have found to be adequate for my needs.

load more comments (1 replies)
[–] [email protected] 3 points 3 days ago (1 children)

You could put authentik in front of it too

[–] [email protected] 11 points 3 days ago (2 children)

I think that breaks most clients

[–] [email protected] 2 points 3 days ago (1 children)

? How does putting something before it break it? It most certainly doesn’t.

[–] [email protected] 5 points 3 days ago (1 children)

Clients are built to speak directly to the Jellyfin API. if you put an auth service in front it won't even ask you to try and authenticate with that.

load more comments (1 replies)
load more comments (1 replies)
load more comments
view more: ‹ prev next ›