this post was submitted on 23 May 2026
206 points (97.2% liked)

Selfhosted

60664 readers
472 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?

you are viewing a single comment's thread
view the rest of the comments
[–] PeriodicallyPedantic@lemmy.ca 1 points 1 month ago (1 children)

How do you get the mobile app to connect?

[–] Evotech@lemmy.world 2 points 1 month ago* (last edited 1 month ago) (1 children)

I just type the URL

I have Cloudflare set up without Auth. Just region locked to my country

So it's just a solid reverse proxy with a bunch of features and an added layer with white listing.

I know whitelisting isn't security per say but it's good enough

[–] PeriodicallyPedantic@lemmy.ca 2 points 1 month ago (1 children)

Idk if geo whitelisting is really good enough. I can't speak for OP, but I'm in the same position and I don't. I had high hopes for the post but everyone seems to just brush over the "secure" part

[–] Evotech@lemmy.world 1 points 1 month ago (1 children)

What are you afraid of?

My jellyfin runs in a a rootless podman container

[–] PeriodicallyPedantic@lemmy.ca 4 points 1 month ago* (last edited 1 month ago) (1 children)

I'm afraid of security bugs in the software I'm using, so that containers don't contain, read-only doesn't prevent writing, mounting directories doesn't restrict access to those directories, etc.

I'm a nobody, I can't imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)

[–] Evotech@lemmy.world -2 points 1 month ago

Then don't expose anything on the internet