this post was submitted on 20 Oct 2023
1 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

I'm using cloudflare tunnel to access my movie collection on selfhosted jellyfin. Jellyfin accounts are behind a strong password.

Considering it's on the web, how bad is it? I'm not thinking about attacks, can I be flagged for piracy or things? Where does the ISP stand?

you are viewing a single comment's thread
view the rest of the comments
[–] TheRealAdreaner@alien.top 1 points 1 year ago (7 children)

I would suggest to put it behind an sso service like a self hosted authelia or authentik. So even if someone finds your website they will only see your authentication page and not what’s behind it.

[–] Ben4425@alien.top 1 points 1 year ago (1 children)

How would that work with a Jellyfin client running on a device like a Chromecast dongle? The code on the dongle doesn't (IMHO) know how to log into an SSO service.

[–] TheRealAdreaner@alien.top 1 points 1 year ago

You would have to exclude the */api/ path in the authentik provide settings, so that if something wants to call the jellyfin api (like Swiftfin) it can go around the sso. It’s not the best practice for security but the only working way I have found.

load more comments (5 replies)