This is for remote streaming. Can Jellyfin be accessed outside the network? I thought that was the difference.
Like if I didn’t like Plex and I ran Jellyfin (and I have done), I could access it locally but I couldn’t access it, say, from a hotel a thousand miles away. Or it requires a lot more work (and maybe some paid service) to do.
Plex may have gone up, but a bunch of us got it for $100 or less years ago and we are not affected by the new limitations. Still free for our family members accessing remotely. Wasn’t free for us to set up.
I don’t run Jellyfin, but I’ve considered it. From what I understand, you have to set up a reverse proxy or something like Tailscale in order to access it remotely. Doing that safely can take a bit of learning, but the only part that could cost money is getting a domain name.
Is a domain name strictly necessary though? You would need a static IP. I thought you needed something like a VPS or VPN — I know what a VPN is, but I think it was something with a similar acronym — and that was a service that cost money.
With Plex it just works. When I load up Plex on a remote machine, first it tells me my server is offline, because my server is a Mac and Macs are sleepy bois, so it wakes up the Mac, which wakes up the drives, and then the server loads up and I can play pretty much anything.
I’ve ran Jellyfin on both Mac (current setup) and Windows/Intel. I like Jellyfin overall, and it does some cool things Plex doesn’t. Like you can fix details Plex won’t let you. Like for some reason it only lists the foreign actors in anime, you can manually specify the English voices if you want. Plex doesn’t let you do that and AFAIK there’s no way to. (There should be an API out there that taps into a service that lets you access any language cast, and there should be a way to set it to dynamically change the cast to whatever language you have selected.) But anyway, Jellyfin is somewhat fine, but to use it on other devices (e.g. an Apple TV box on the same network), you have to do a fair bit of configuring. It’s not just, log into the account on your phone and type in the text on the screen. Jellyfin doesn’t even prioritise Apple development, but they have come a long way.
I host a couple services for my family using a reverse proxy (nginx through SWAG), and I have a free domain name with duckdns. This is not as secure as the above tailscale solution, but has worked for me so far. This is likely how I would add Jellyfin to my workflow, since I already have a reverse proxy and domain name.
Yes. Jellyfin is just a Docker container. It can be accessed the same as any other Docker container. Plex simplifies this because they can basically configure all the DNS stuff for you, because it goes through their DNS. But either can be accessed.
Or it requires a lot more work (and maybe some paid service) to do.
More specialized knowledge to configure Tailscale or a reverse proxy, yes. I use Yunohost which makes all of this a whole lot simpler.
I also bought Plex years ago for 87€ but i gifted that account to a friend once i got jellyfin up and running.
You’re right - Jellfyin doesn’t have a native built-in way to access it from outside. That’s the reason Plex intercepts with their own servers when you do remote streaming, that’s one of the aspects you pay for.
Using tailscale (free and setup in like 5 min) you can access jellfin from everywhere. Easy peasy.
Rumor says that Plex also denies you remote access when you use a VPN or mesh like tailscale… so ymmv
So, I am not going to deny that those security issues exist, but it seems like they would only pop-up in niche situations, or only if someone already had access to your admin profile. Most people are using Jellyfin to share their media with themselves and their tech-illiterate friends in family. In that use case, the only people who even know my server URL are people I have shared that info with privately. Nobody is trying to hack my admin account.
Now, I am no infosec expert. Maybe there are folks that are trying to run larger operations, and for those people I can understand why these security issues may become concerning if you don’t have a tight handle on the circle of people that have access to your server. That said, it’s also a bit silly to expect a free, open source solution to meet your needs in that scenario, anyway. If you know and understand the issues that well, then maybe go join the dev team and patch the holes. That is the beauty of open source, anyone can jump in and fix it.
The main issue there isn’t the fact that these issues exist. The problem is the Jellyfin devs attitude towards them, most of these problems have been known for years (more than five in some cases) but are largely ignored. Client compatibility is valued over everything else.
There have been plenty of suggestions, ideas and even PRs, but the devs priorities don’t allow for any security centered patches to get merged
idk the full history, but Joshua’s comment here does not give me the impression of devs that are just deliberately ignoring security issues. It seems like they are simply balancing priorities, which is what all good devs should do. Personally I like that client compatibility is valued over everything else - I would be pissed if they broke the Fire TV client to fix a minor security hole on a niche Linux distro, because then one of my users would be SOL. And as Joshua says in that comment:
many other options are now open to us in a post-10.11 landscape now that we have a proper library database ready.
So it seems like now they are better set up to address the security issues without breaking compatibility.
jellyfin welcomes you with open arms
This is for remote streaming. Can Jellyfin be accessed outside the network? I thought that was the difference.
Like if I didn’t like Plex and I ran Jellyfin (and I have done), I could access it locally but I couldn’t access it, say, from a hotel a thousand miles away. Or it requires a lot more work (and maybe some paid service) to do.
Plex may have gone up, but a bunch of us got it for $100 or less years ago and we are not affected by the new limitations. Still free for our family members accessing remotely. Wasn’t free for us to set up.
Yes it can be accessed outside the network. We use Tailscale. Our Jellyfin setup cost us the energy to run it, lol.
I don’t run Jellyfin, but I’ve considered it. From what I understand, you have to set up a reverse proxy or something like Tailscale in order to access it remotely. Doing that safely can take a bit of learning, but the only part that could cost money is getting a domain name.
Is a domain name strictly necessary though? You would need a static IP. I thought you needed something like a VPS or VPN — I know what a VPN is, but I think it was something with a similar acronym — and that was a service that cost money.
With Plex it just works. When I load up Plex on a remote machine, first it tells me my server is offline, because my server is a Mac and Macs are sleepy bois, so it wakes up the Mac, which wakes up the drives, and then the server loads up and I can play pretty much anything.
I’ve ran Jellyfin on both Mac (current setup) and Windows/Intel. I like Jellyfin overall, and it does some cool things Plex doesn’t. Like you can fix details Plex won’t let you. Like for some reason it only lists the foreign actors in anime, you can manually specify the English voices if you want. Plex doesn’t let you do that and AFAIK there’s no way to. (There should be an API out there that taps into a service that lets you access any language cast, and there should be a way to set it to dynamically change the cast to whatever language you have selected.) But anyway, Jellyfin is somewhat fine, but to use it on other devices (e.g. an Apple TV box on the same network), you have to do a fair bit of configuring. It’s not just, log into the account on your phone and type in the text on the screen. Jellyfin doesn’t even prioritise Apple development, but they have come a long way.
Honestly the others in this comment section would be better to ask about accessing Jellyfin remotely, but I can tell you what I know.
If you go the VPN route, Tailscale is typically recommended, which appears to be free for personal use. It looks like these are the docs for using Tailscale with Jellyfin.
I host a couple services for my family using a reverse proxy (nginx through SWAG), and I have a free domain name with duckdns. This is not as secure as the above tailscale solution, but has worked for me so far. This is likely how I would add Jellyfin to my workflow, since I already have a reverse proxy and domain name.
Doing it safely is pretty simple.
Install Tailscale at both ends. Done.
It’s a fully encrypted mesh VPN.
If you need access without the TS client on the other end, that takes a little more work. Then you need to enable the Funnel option.
Nnnnno, doesn’t really work that way
You absolutely can access it from outside your network if you configure it that way.
Yes. Jellyfin is just a Docker container. It can be accessed the same as any other Docker container. Plex simplifies this because they can basically configure all the DNS stuff for you, because it goes through their DNS. But either can be accessed.
More specialized knowledge to configure Tailscale or a reverse proxy, yes. I use Yunohost which makes all of this a whole lot simpler.
I also bought Plex years ago for 87€ but i gifted that account to a friend once i got jellyfin up and running.
You’re right - Jellfyin doesn’t have a native built-in way to access it from outside. That’s the reason Plex intercepts with their own servers when you do remote streaming, that’s one of the aspects you pay for.
Using tailscale (free and setup in like 5 min) you can access jellfin from everywhere. Easy peasy.
Rumor says that Plex also denies you remote access when you use a VPN or mesh like tailscale… so ymmv
I’ve accessed my Plex off network with tail scale 🤷
Yet can’t find a way to install it on my old Tizen… Pain.
i also would be on Tizen OS, got myself a cheap used NVidia Shield TV and use this now. debloated it etc.
Magnitudes of order better experience than fucking Tizen
As open as the source? (☞゚ヮ゚)☞
As open as the servers “security”
is there some security incident you have in mind involving jellyfin?
Beside the various security holes that have been ignored for years by the devs?
such as…?
https://github.com/jellyfin/jellyfin/issues/5415
So, I am not going to deny that those security issues exist, but it seems like they would only pop-up in niche situations, or only if someone already had access to your admin profile. Most people are using Jellyfin to share their media with themselves and their tech-illiterate friends in family. In that use case, the only people who even know my server URL are people I have shared that info with privately. Nobody is trying to hack my admin account.
Now, I am no infosec expert. Maybe there are folks that are trying to run larger operations, and for those people I can understand why these security issues may become concerning if you don’t have a tight handle on the circle of people that have access to your server. That said, it’s also a bit silly to expect a free, open source solution to meet your needs in that scenario, anyway. If you know and understand the issues that well, then maybe go join the dev team and patch the holes. That is the beauty of open source, anyone can jump in and fix it.
The main issue there isn’t the fact that these issues exist. The problem is the Jellyfin devs attitude towards them, most of these problems have been known for years (more than five in some cases) but are largely ignored. Client compatibility is valued over everything else.
There have been plenty of suggestions, ideas and even PRs, but the devs priorities don’t allow for any security centered patches to get merged
idk the full history, but Joshua’s comment here does not give me the impression of devs that are just deliberately ignoring security issues. It seems like they are simply balancing priorities, which is what all good devs should do. Personally I like that client compatibility is valued over everything else - I would be pissed if they broke the Fire TV client to fix a minor security hole on a niche Linux distro, because then one of my users would be SOL. And as Joshua says in that comment:
So it seems like now they are better set up to address the security issues without breaking compatibility.