• Sarsoar@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    My setup is this:

    1. cloudflare dns mapping my domain to an oracle cloud vm. 2)oracle always free tier, 1 core amd vm, with apache reverse proxy. I also have tailscale running on this machine. You have to setup the networking rules in the oci networking area, and setup ufw/iptables as well. So then jellyfin.whatever gets mapped to tailscale_ip:jellyfin_port at home.
    2. My server at home with tailscale as well so it has its own ip, but you can expose routes and use the same internal ip. Jellyfin server runs here. There is a dedicated user with appropriate access to my nas aswell.
    3. This server has a vm on it that runs prowlarr/sonarr/radarr/lidarr and qbittorrent. I have an airvpn account running here with a killswitch, and also qbittorent is only allowed to use the eddie interface. I port forwarded a dedicated port on the airvpn site and told qbittorrent to use that.

    So me, my partner, parnets, and friends when outside my network can go to jellyfin.domain.whatever and login to my jellyfin. No ports open to the internet except 80/443 on the reverse proxy, and no ips to remember. That will give you some things to google to get started to replicate a similar setup for your needs.

    • MrMonkey@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      No ports open to the internet except 80/443 on the reverse proxy

      In terms of security, isn’t this kind of the same as just opening the server port to the internet, which many others are advising against?