this post was submitted on 14 Jun 2023
6 points (100.0% liked)
Self Hosted - Self-hosting your services.
11149 readers
5 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules
- No harassment
- crossposts from c/Open Source & c/docker & related may be allowed, depending on context
- Video Promoting is allowed if is within the topic.
- No spamming.
- Stay friendly.
- Follow the lemmy.ml instance rules.
- Tag your post. (Read under)
Important
Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!
- Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.
Cross-posting
- [email protected] is allowed!
- [email protected] is allowed!
- [email protected] is allowed!
- [email protected] is allowed if topic has to do with selfhosting.
- [email protected] is allowed!
If you see a rule-breaker please DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If you are ok with Jellyfin being public, then I would just put it in front of an nginx proxy. That way, your nginx proxy will handle SSL termination. With SSL, your ISP won't be able to inspect the traffic directly.
If you are running docker, then I'd recommend
jwilder/nginx-proxyand its lets encrypt companionjrcs/letsencrypt-nginx-proxy-companion. It makes putting things behind an SSL proxy very easy! This of course assumes you have a public IP address through your ISP and aren't stuck behind CG-NAT!A second option is to keep it private then use a VPN (this is what I do). Wireguard can be a good option although setting up each device is a bit manual, since you have to generate key pairs for each of them. This also requires you have a public IP through your ISP or have a public box that bridges your public VPN to your home network. That said, it works really well.
Tailscale is a free, but commercial option built on top of wireguard that makes set up a lot easier. If you are stuck behind CG-NAT this is probably your easiest option.
To Hijack this: If I wanted to host a public instance of jellyfin at jellyfin.mydomain.xyz, I would then need a dDNS hosted on my server, and then...? If I want to allow non-technical people to access my instances, how do I manage that? Could you point me to a guide that explains the overarching requirements that one would need for that, with a mention of examples for each service I need to host that I need to achoeve this? Because I am a bit lost atm :p
If you are running Jellyfin on a computer at home you’ll need to configure your dns with your dns provider to point to your home public ip then configure your router to forward port 443 to your Jellyfin server.
And this works even with a dynamic/non-static IP? I thought there was more hassle involved :D
No, if you don't have a static IP, you will need to use a dynamic DNS solution.
You might also investigate ipv6 if your ISP provides it. Often, if they don't give you a static ipv4 address, they might assign you a static block of ipv6 addresses you can use. That makes a big assumption that you can always use ipv6 though!
Headscale is an open source implementation of Tailscale