this post was submitted on 11 Nov 2023
554 points (92.4% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54772 readers
635 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Sarsoar@lemmy.world 4 points 1 year ago (1 children)

My setup is this:

  1. cloudflare dns mapping my domain to an oracle cloud vm. 2)oracle always free tier, 1 core amd vm, with apache reverse proxy. I also have tailscale running on this machine. You have to setup the networking rules in the oci networking area, and setup ufw/iptables as well. So then jellyfin.whatever gets mapped to tailscale_ip:jellyfin_port at home.
  2. My server at home with tailscale as well so it has its own ip, but you can expose routes and use the same internal ip. Jellyfin server runs here. There is a dedicated user with appropriate access to my nas aswell.
  3. This server has a vm on it that runs prowlarr/sonarr/radarr/lidarr and qbittorrent. I have an airvpn account running here with a killswitch, and also qbittorent is only allowed to use the eddie interface. I port forwarded a dedicated port on the airvpn site and told qbittorrent to use that.

So me, my partner, parnets, and friends when outside my network can go to jellyfin.domain.whatever and login to my jellyfin. No ports open to the internet except 80/443 on the reverse proxy, and no ips to remember. That will give you some things to google to get started to replicate a similar setup for your needs.

[–] MrMonkey@lemmy.world 1 points 1 year ago

No ports open to the internet except 80/443 on the reverse proxy

In terms of security, isn't this kind of the same as just opening the server port to the internet, which many others are advising against?