Let the record show that irmadlad saved the day here. I learned a lot about what I needed and no longer have to concern myself with something beyond my comprehension

Thank you, that’s really solid advice. It turns out my efforts may have been misguided anyway. I think I was under the impression that “internet exposure” and “Cloudflare tunnel” had similar setups

I thought my VPN didn’t, but they continue to disappoint me. According to the internet, my VPN is using CGNAT

See, this just shows how much I need to learn…I thought what I was trying to set up *was *the same thing as a “Cloudflare tunnel.” Honestly, don’t care how it gets implemented, I just assumed this was the easy way because that’s what all the youtubers were suggesting. My end goal here is “I’m on my phone 100 miles away from home, open Jellyfin/Nextcloud/whatever, use domain.actually.works” without needing to disable my Proton/Air/Mullvad connection.

But I’ve followed 4 or 5 “you won’t believe how easy Nginx is” tutorials, and they’re not working for me…

Ok, this is an extensive answer (thank you), but also a lot to unpack. Before I go making a bridge network, I wanna make sure I’m following you. I’m pretty inexperienced with self-hosting in general outside of Docker, but I’m especially a novice with anything networking so pardon my ignorance here.

Yes, Jellyfin is accessible locally. Performance is the best I’ve ever seen it too. I uninstalled Tailscale on my Ubuntu server (it was causing networking issues, frankly I didn’t understand how) and removed it from my tailnet dashboard, but Jellyfin is still remotely accessible via Tailscale (which is fine, I guess).

At this point, my users and I are trying to avoid Tailscale on mobile devices when possible. Two reasons: 1. prevents maintaining regular VPN usage (deal breaker for a couple people) 2. switching between home wifi and mobile drops connectivity, required turning networking off and on again (deal breaker for me, I got spoiled by Synology’s reverse proxy and can’t go back)

From what I can tell, there’s no CGNAT trickery at play (actually the internet says otherwise). My DNS is a local Pihole+Unbound, in case that matters. The Ubuntu IP is static. Were you requesting the yaml of Jellyfin or Nginx?

And I believe I was hoping to set up a “Cloudflare tunnel.” I think I was under the impression that this “tunnel” *is *a reverse proxy.

Yes, I recently got it working. So LAN connectivity is fine and strangely I can remote access it via Tailscale even though the machine isn’t on a tailnet

The whole reason I bought the domain is because I was told to stop using Tailscale for this purpose. I’m so confused…

Yeah, I’m about to start the process of trashing the system and starting anew with Ubuntu Server. Even if I had 24/7 community support, I think I’d still dread dealing with Proxmox. The whole reason I hopped on the Prox train was that videos make it seem like an alternative to deep-diving into cli…but everything I’ve been doing is cli, so screw it

So this looks good then?

Yes, just using the iGPU. Thought about an Nvidia card, but setting it up sounded like torture so just whatever is on the i5-13500 for now

So I starting this post with many intertwining issues, but most of them have been resolved thanks to extensive help. At this point, most of my issues are Jellyfin-specific so I made a new post in c/jellyfin. But thank you, I’ll be trying your method if mine continues to fail me

I tried taking a screenshot of the full page to show you, but yes it’s set to QSV and /dev/dri/renderD128. I’ve tried QSV and VAAPI with similar results, I’m sticking with QSV for now as it’s Jellyfin’s official recommendation. I’ve enabled decoding for H264, HEVC, VP9, and AVI. I’ve enabled hardware encoding for H264 and HEVC. If I disable transoding completely it works fine, but some of the streaming devices need 720p functionality (ideally to transcode down to 4:3 480i).

So I got Jellyfin running last night as an unprivileged LXC using a community script. It’s accessible via web browser, and I could connect my NAS. Now I’m having NAS-server connection issues and “fatal player” issues on certain items. I appreciate the support, I’m going to need a lot of it haha

That’s good to know at least. I was getting anxious last night thinking that I signed up for something I’d never get running. So curl is working now…not sure why it wasn’t earlier, but I’ve used it since and it is confirmed working. And networking (as in internet connectivity) is working, but now I’m struggling with the NAS mount: it was working perfectly at first, but now it’s randomly shifting between “available” and “unknown”.

Well, the plan was to use a couple VMs for niche things that I’d love to have and many services. But if I can’t get Proxmox working as advertised, I’ll throw most of that out of the window

That’s where I’m at, dude. I bought into the idea of Proxmox because I was led to believe that it makes docker deployment easier…but I’m thinking it would actually work if I just used a VM

Yes, I tried a couple of those. They were giving me errors

I tried, the script gave me errors

I’d recommend most people start with the guides (I did, no regrets there). But expect to need to manually search for things sometimes because their restraints, by design, will block some “lesser quality” options. And if some flaw in the system is bothering you, you’ll hopefully have enough experience under your belt to tailor your settings at that point

I enabled all the stock options except the ones requiring accounts to function. My users only need English subs, mileage may vary