Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

Off the top of my head, I can think of 3 ways.

1. Using a VPS and DDNS (I personally do this):
   • Pros: Super easy for others to access, you just give them the address.
   • Cons: Not free. (Oracle free tier might work, but it's unreliable.) But there are cheap VPSs as low as $12/yr that work pretty well. Also, it's a bit harder to setup since you'll need to create a VPN tunnel between your local machine and the VPS.
2. Using tailscale or zeroties:
   • Pros: Free, and easier to setup than a VPS.
   • Cons: People need to install extra apps to access your server.
3. By port forwarding:
   • Pros: Super easy to setup, just need to forward the ports through your router.
   • Cons: You're opening a port to the internet, which is less than ideal. Also, it won't work if you're behind a NAT.

It's easy af, just look up Jellyfin server guide. Basically it's just forwarding a few ports and setting up usernames/passwords for them and you're good to go

I personally use GL.iNet routers. Basically you create VPN tunnels between a WG(WireGuard) server hosted on one router, and WG clients hosted on another GL.iNet router or a device that supports the WG app (PC and mobile afaik). The router using the WG server is facing WAN so no need to port forward and you can use it to connect to your jellyfin server as well as RDP or SSH into your server. The WG clients are simple, just need to be connected to the Internet. The tunnels bandwidth is based on your ISP's upload speed(fiber is great, with coax good luck streaming 4k) where the WG server is located. You can use WG without the router too, but I'll just speak to my experience.

Edit: YT link to intro for the routers - https://youtu.be/LXbDg1v65Qs?feature=shared

If you have good home upload and want to host at home, a simple reverse proxy on the vps provider of your choice does the trick. I host for a large group of friends and family and it all proxies through haproxy running on digitalocean.

My setup is this:

1. cloudflare dns mapping my domain to an oracle cloud vm. 2)oracle always free tier, 1 core amd vm, with apache reverse proxy. I also have tailscale running on this machine. You have to setup the networking rules in the oci networking area, and setup ufw/iptables as well. So then jellyfin.whatever gets mapped to tailscale_ip:jellyfin_port at home.
2. My server at home with tailscale as well so it has its own ip, but you can expose routes and use the same internal ip. Jellyfin server runs here. There is a dedicated user with appropriate access to my nas aswell.
3. This server has a vm on it that runs prowlarr/sonarr/radarr/lidarr and qbittorrent. I have an airvpn account running here with a killswitch, and also qbittorent is only allowed to use the eddie interface. I port forwarded a dedicated port on the airvpn site and told qbittorrent to use that.

So me, my partner, parnets, and friends when outside my network can go to jellyfin.domain.whatever and login to my jellyfin. No ports open to the internet except 80/443 on the reverse proxy, and no ips to remember. That will give you some things to google to get started to replicate a similar setup for your needs.

Do not expose Jellyfin to the general Internet. They have security issues, I would not trust that (no cloudflare does not save you by default).

There are basically two ways: VPN, or authenticated reverse proxy. VPN is probably the easiest to setup and the most flexible, but it's a bit of a pita to use.

Authenticated reverse proxy will break apps, but the web app will work (and you can setup your reverse proxy to allow specific user agents from the VPN to bypass it, allowing apps on the VPN to work). I currently do this so I can look at metadata on my phone without a VPN setup.