So I was able to install everything correctly, but I don’t know what I’m supposed to do in order for people that don’t have my same IP to see my files. I’d like to share my Jellyfin server with some friends so they can see movies there. I’ve already open the ports, but they can’t still access them, I’m using elementaryOS Hera which is built on Ubuntu 18.04.4 LTS.

@xe8
link
fedilink
2un anno

I can’t find a good guide at the moment, but I fumbled my way through setting up a reverse proxy with duckdns and a Caddy web server:

https://jellyfin.org/docs/general/networking/caddy.html

https://forum.jellyfin.org/t/securing-your-jellyfin-install-https-with-caddy-server/282

I’ll see if I can find a better guide.

明-3 NOMAD
creator
link
fedilink
2
edit-2
un anno

I was able to install nginx but I don’t really know how to make the reverse proxy point towards the Jellyfin thingy. u_u I’ll use any software for reverse proxy, though.

Also, I need everything to be free (as in beer) because I don’t have money to spent in anything to be honest.

@xe8
link
fedilink
1un anno

Don’t worry, it’s all free.

You can achieve the same with nginx and getting a certificate from Let’s Encrypt. But you might as well use Caddy instead since it gets the certificate for you.

Some key points of what you will want to do are:

  • on your router forward port 443 to the IP address of the server / computer you’re running jellyfin from.

  • get your external IP. You can run “curl ifconfig.co” in your terminal. Go to duckdns and create a URL. Copy and paste your external IP.

  • The rest will be Caddy / Jellyfin set up. If you’ve got it working you’ll be able to access the jellyfin login screen from the URL you created with duckdns

明-3 NOMAD
creator
link
fedilink
2un anno

Okay, so did I do the port forwarding correctly?

I’m trying to create an account on DuckDNS but I don’t seem to find the way to do it, there’s only sign in buttons. :(

@not_a_cop
link
fedilink
1un anno

Both internal and external should be 443. create another one with both port 80.

In your router’s setup page, what is your external IP address? is it something like 10.xx.xx.xx?

Then run caddy and try to connect example.duckdns.org

Did you setup duckdns through your router? can you go to it’s settings and see it is pointing to the right one?

明-3 NOMAD
creator
link
fedilink
1un anno

It hasn’t been workin because I am under a double NAT, so my ports aren’t really open, so I need to contact my ISP and see if they can give me my own IP or if they can open the ports.

@not_a_cop
link
fedilink
2un anno

They won’t give you your own ipv4 address unless you’re registered as a business. Try asking for ipv6 address.

明-3 NOMAD
creator
link
fedilink
1un anno

That makes sense.

@xe8
link
fedilink
1un anno

If 192.168.0.103 is the IP address of your jellyfin server that should be ok. I think both internal and external port should be 443

For DuckDNS you may need to sign in with another service like github, Google, etc.

明-3 NOMAD
creator
link
fedilink
2un anno

Okay, so now I have created a domain with DuckDNS, I have opened that port and I have installed Caddy, what should I do next?

@xe8
link
fedilink
1un anno

Also, log in to your Jellyfin server. Go to Settings > Admin Dashboard > Networking and tick the checkbox for “Allow remote connections to this server”.

明-3 NOMAD
creator
link
fedilink
1un anno

Done.

@xe8
link
fedilink
1un anno

Did you also untick ‘Enable automatic port mapping’?

明-3 NOMAD
creator
link
fedilink
1un anno

Yup.

@xe8
link
fedilink
1
edit-2
un anno

https://jellyfin.org/docs/general/networking/caddy.html

I think you should be able to run:

caddy reverse-proxy --from example.com --to 127.0.0.1:8096

where example.com is your duckdns URL

明-3 NOMAD
creator
link
fedilink
1un anno

Instead of 127.0.0.1:8096 I should input my public IP, right?

@xe8
link
fedilink
1un anno

No, leave that as 127.0.0.1:8096 as long as you haven’t changed the port from 8096.

明-3 NOMAD
creator
link
fedilink
1
edit-2
un anno

(base) user@user-MS-7A15:~$ caddy reverse-proxy --from http://example.duckdns.org --to 127.0.0.1:8096 2021/03/12 22:18:21.149 WARN admin admin endpoint disabled 2021/03/12 22:18:21.149 INFO http server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server {"server_name": "proxy", "http_port": 80} 2021/03/12 22:18:21.149 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc00043f0a0"} 2021/03/12 22:18:21.149 INFO tls cleaned up storage units reverse-proxy: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: permission denied

Should I run that as sudo, right?

@xe8
link
fedilink
1un anno

Edit your post to change your DuckDNS address to http://example.duckdns.org in case someone tries to hack you.

I think you need to run as sudo, but with your URL add an s, so https://example.duckdns.org (but put in your actual duckdns address).

明-3 NOMAD
creator
link
fedilink
1un anno

It still gives me the same error. uwu

@xe8
link
fedilink
1un anno

Hmmm on your router you may need to add another rule for port 80. Do exactly what you did before for port 443. Add a rule for the IP your jellyfin server is running on, then enter port 80 in both of the port fields.

明-3 NOMAD
creator
link
fedilink
1
edit-2
un anno

I didn’t create any type of .json file or something like that for Caddy like that forum post or the documentation says, could that be doing something? Also I realized I didn’t save the router config for port 443, I just saved it and ran it but it still gives me the same error, maybe it takes a bit to update.

I’m going to do that now, though.

Edit: Just opened port 80, still the same error. U_U

Edit 2: Thanks for being so patient and helping me.

@xe8
link
fedilink
1
edit-2
un anno

I’m not sure…

Actually when you run the caddy command remove the https:// at the start. Just input example.duckdns.org (but with your actual url).

I struggled a bit with my setup too. I think I ended up manually editing the Caddy config file at some point.

Edit: No worries. Hopefully someone more knowledgable than me will chime in to help us! :-)

明-3 NOMAD
creator
link
fedilink
1
edit-2
un anno

Oh, I think the message is different now:

(base) user@user-MS-7A15:~$ sudo caddy reverse-proxy --from https://example.duckdns.org --to 127.0.0.1:8096 2021/03/12 22:33:47.987 WARN admin admin endpoint disabled 2021/03/12 22:33:47.987 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "proxy", "https_port": 443} 2021/03/12 22:33:47.987 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "proxy"} 2021/03/12 22:33:47.987 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003f7c70"} reverse-proxy: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use

Edit: I removed the http/s and it’s still this new message.

@xe8
link
fedilink
1un anno

Do you have the nginx server running? Can you stop and disable it?

明-3 NOMAD
creator
link
fedilink
2
edit-2
un anno

deleted by creator

@xe8
link
fedilink
2un anno

I would but I’m heading out soon (and also getting to the end of my knowledge). So might need to see if someone else can help, sorry.

明-3 NOMAD
creator
link
fedilink
2un anno

Okey. Uwu

明-3 NOMAD
creator
link
fedilink
2
edit-2
un anno

deleted by creator

@xe8
link
fedilink
1un anno

You can remove that code from your post because it’s showing your real URL

On your jellyfin server (access it locally) you can create accounts. I think you should have an admin username and password already as part of the set up. Make sure you use a strong password.

You can make additional accounts for other users you want to give access to.

Jellyfin: The Free Software Media System
!jellyfin
    • 0 users online
    • 2 users / day
    • 2 users / week
    • 2 users / month
    • 2 users / 6 months
    • 77 subscribers
    • 8 Posts
    • 38 Comments
    • Modlog