this post was submitted on 04 Oct 2023
9 points (90.9% liked)
Jellyfin: The Free Software Media System
5783 readers
5 users here now
Current stable release: 10.10.3
Matrix (General Information & Help)
Matrix (Off-Topic) - Come get to know the team and blow off steam!
Matrix Space - List of all the available rooms on Matrix.
Discord - Bridged to our Matrix rooms
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Some services usually just listen to
127.0.0.1
which makes it's only available for the current machine.The service needs to listen to
0.0.0.0
or the IP of the network adapter to be able to be reached outside the machine, this is what remote access means, both your local network and the internet are "remote access" to the services running inside a machine.So, yes, it's normal you have to enable remote access to be able to connect via tailscale.
Extra note: it's good to be extra sure your services can be only accessed by you, this is what the ip address filter does, but if this is running inside a normal ISP's router network then it's already closed to the outside internet, so the filter would be a bit annoying in the case you want to share it with your other devices or any guest inside your network, you'll need to remember to update that list, and also if your IP changes for some reason.
With tailscale you can just remember to close all your ports and use your tailIP to connect to the service
Not quite sure I followed all that. I’ve disabled a specific white list for now. When I have access to another computer I will confirm I can’t connect unless I am running Tailscale with the appropriate IP addresses.
Yes, that's the idea, if you're not running tailscale in both machines then you won't be able to connect to them (unless you do some other networking configurations).
Once you have tailscale running in both machines or devices, you only need to use the Tail IP to connect to them, they will find each regardless if they are in the same local network (connected to your home router) or across the internet.
If you want to have access to your jellyfin without connecting to tailscale it'll require more configuration depending on your set up and you'll have to take care of the security implications of the internet being able to reach your computer or server.
A bit more information:
My jellyfin runs in my computer, so with tailscale I have at least these IP addresses
Now, in my phone I can be at several places and I can access jellyfin like this:
Again, I won't recommend you on making your jellyfin instance public to the internet, just make sure to always be connected to tailscale.
If you want to share your instance then you can check to share it within tailscale to the specific people you want.
Thank you that is tremendously helpful! I expect this post will help others that come along.
So confirming for your setup, you do need Remote Access enabled to use 100.x while home on your local network on wifi as well (and of course while away on cellular).
That’s how it seems to be for me, so I think I’m set up correctly. I don’t believe I’ve opened any unusual ports or anything like that.