Any thoughts on using something like Caddy, or any other reverse proxy option, if you already have a VPN that you pay for?
Currently I’m using Tailscale for my phone and tablet, but there’s not really an option for Roku outside of my home network. I’d like to give a friend access to my Jellyfin, but I can’t seem to get anything working other than Tailscale because I already pay for ProtonVPN.
Routing the reverse proxy through the VPN just complicates things. I’m assuming you mean you want to give a friend access to your Jellyfin server, not your Roku (not sure why you mentioned that), so just have Caddy listen on ports 80 and 443, and forward the ports on your router. Then setup the reverse proxy lines for Jellyfin in the Caddyfile. Assuming you already have DNS setup you should be good to go, just give your friend the URL. Caddy enables SSL by default so there really is no reason to route the traffic through a VPN tunnel. I’m pretty sure the Jellyfin docs have a section for using Caddy as a reverse proxy.
I’ll have to check again on the Jellyfin docs, but when I was las trying to follow the steps, I ran into an issue where some IP didn’t match something else and it told me I couldn’t continue.
My friend uses a Roku so getting him to use Tailscale or anything like it isn’t really an option.
Yeah, I think you’re confused 😉 There is no need for your friend to use a VPN to access your Jellyfin server. All you need to do is make it publicly accessible and tell him where to find it (the URL).
It can literally be as simple as setting up NAT on your router (commonly known as port forwarding, linking the IP of the Jellyfin server and it’s port to a designated port on your router accessible via your public IP) and then giving your friend your public IP and the port that you opened. THIS IS HIGHLY DISCOURAGED THOUGH SINCE NOTHING IS ENCRYPTED.
It’s best to setup either Dynamic DNS (usually free, but you don’t get your own domain name, usually just a subdomain under their domain name) or buy your own domain name for cheap (like $10-$30 USD/year) and setup your A records (and CNAME records if you want) in the hosted DNS section. Once you have DNS working then setup a reverse proxy using something like Caddy (simple), Traefik (more complex), or Nginx (a full blown, complex web server) and Certbot/LetsEncrypt. SSL certs and reverse proxies can be a pain in the ass sometimes, but Caddy makes it dead simple.
From there just give your friend your URL (https://jellyfin.yourserver.com or however you have it setup). He puts that in the connection box in the Jellyfin UI and it should work as intended.
buy your own domain name for cheap (like $10-$30 USD/year) and setup your A records (and CNAME records if you want) in the hosted DNS section.
Does it matter if your domain is on shared hosting already? Like, I’ve got kaitco.net, so I should be able to set up jellyfin.kaitco.net and the A and/or CNAME in the hosted DNS? Or, would I need to purchase a new one that’s not already hosted on any server already?
Thank you for answering my asinine questions about this btw 😅
Any thoughts on using something like Caddy, or any other reverse proxy option, if you already have a VPN that you pay for?
Currently I’m using Tailscale for my phone and tablet, but there’s not really an option for Roku outside of my home network. I’d like to give a friend access to my Jellyfin, but I can’t seem to get anything working other than Tailscale because I already pay for ProtonVPN.
Routing the reverse proxy through the VPN just complicates things. I’m assuming you mean you want to give a friend access to your Jellyfin server, not your Roku (not sure why you mentioned that), so just have Caddy listen on ports 80 and 443, and forward the ports on your router. Then setup the reverse proxy lines for Jellyfin in the Caddyfile. Assuming you already have DNS setup you should be good to go, just give your friend the URL. Caddy enables SSL by default so there really is no reason to route the traffic through a VPN tunnel. I’m pretty sure the Jellyfin docs have a section for using Caddy as a reverse proxy.
I’ll have to check again on the Jellyfin docs, but when I was las trying to follow the steps, I ran into an issue where some IP didn’t match something else and it told me I couldn’t continue.
My friend uses a Roku so getting him to use Tailscale or anything like it isn’t really an option.
Yeah, I think you’re confused 😉 There is no need for your friend to use a VPN to access your Jellyfin server. All you need to do is make it publicly accessible and tell him where to find it (the URL).
It can literally be as simple as setting up NAT on your router (commonly known as port forwarding, linking the IP of the Jellyfin server and it’s port to a designated port on your router accessible via your public IP) and then giving your friend your public IP and the port that you opened. THIS IS HIGHLY DISCOURAGED THOUGH SINCE NOTHING IS ENCRYPTED.
It’s best to setup either Dynamic DNS (usually free, but you don’t get your own domain name, usually just a subdomain under their domain name) or buy your own domain name for cheap (like $10-$30 USD/year) and setup your A records (and CNAME records if you want) in the hosted DNS section. Once you have DNS working then setup a reverse proxy using something like Caddy (simple), Traefik (more complex), or Nginx (a full blown, complex web server) and Certbot/LetsEncrypt. SSL certs and reverse proxies can be a pain in the ass sometimes, but Caddy makes it dead simple.
From there just give your friend your URL (https://jellyfin.yourserver.com or however you have it setup). He puts that in the connection box in the Jellyfin UI and it should work as intended.
Does it matter if your domain is on shared hosting already? Like, I’ve got kaitco.net, so I should be able to set up jellyfin.kaitco.net and the A and/or CNAME in the hosted DNS? Or, would I need to purchase a new one that’s not already hosted on any server already?
Thank you for answering my asinine questions about this btw 😅