Kind of a quick off the cuff question… but is it difficult to get a docker hosted jellyfin server accessible outside of lan safely?

I have tailscale and a VPN I can use for my own devices but would like to be able to access it safely without needing those.

  • SheeEttin@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    1 year ago

    Stick with the VPN. No point in exposing more services with possible security vulnerabilities.

  • darkan15@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    If you are not behind a CGNAT, it should be as easy as opening the necessary ports.

    I have a reverse proxy running in ports 80, 443 and can safely access Jellyfin on a subdomain without issues from outside my LAN.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    CGNAT Carrier-Grade NAT
    DNS Domain Name Service/System
    NAT Network Address Translation
    SSL Secure Sockets Layer, for transparent encryption
    TLS Transport Layer Security, supersedes SSL
    VPN Virtual Private Network

    5 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.

    [Thread #204 for this sub, first seen 9th Oct 2023, 21:05] [FAQ] [Full list] [Contact] [Source code]

  • Strit@lemmy.linuxuserspace.show
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    To get it outside the LAN, you just need to forward the port it uses in your router. Example 8096 for regular http requests. I would highly recommend getting at least a reverse proxy with an SSL cert.

  • Boring@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    Depends on your definition of safe.

    If you do a public port forward and set up basic security and proper SSL its safe from the majority of people.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    You can but it will cause security issues. You will need to buy a domain and setup a SSL proxy with https to proxy traffic in. After than I would lock down you firewall rules and make sure that a compromise can’t escape the isolated environment.

    Also make sure you docker container is hardened against excaping as it will improve security when a security hole is discovered in jellyfin