I am setting up my first jellyfin server via docker, and I am offered the option to either use TMDB or OMDB. I have jellyfin on a LAN-connected device w/o VPN connection, and I am concerned queries to those DBs with file names of torrented files can get tracked and reported to my ISP. Could that be the case? And if so what to do about it? Are there more privacy-preserving metadata services than others?
Another alternative is run Jellyfin and all of your *arr apps as docker containers and run them through a docker container called gluetun. Essentially this will route all incoming traffic (tvdb, torrents, etc) through a vpn and all outgoing (sonarr, Jellyfin, etc web gui) can be accessed locally.
I didn’t know about this, this sounds great! My question then is, can I still access jellyfin on LAN after it connects to the internet via the VPN?
Yes. You have to mount a port on the Gluetun container instead of the jellyfin container. As an extreme example, here is my docker-compose for my *arr apps and qbit torrent behind gluetun with traefik as a reverse proxy. I have sanitized this to remove any private info, and as such one or two necessar lines from Gluetun are missing. Do not try to copy/paste this.
gluetun: image: qmcgaw/gluetun container_name: gluetun
Yes as long as you expose the ports for the jellyfin web GUI within the gluetun container as the other commenter mentioned.
In each container, you want to change your network to the gluetun container:
network_mode: "container:gluetun"
The first time you docker-compose up, you might get an error that the gluetun container doesn’t exist. Just run it twice and you’ll be good.