I have the same but the one thing I can't get working is accessing overseer from outside the network (ie internet). I've read guides of course but at some point they start talking about domains and certificate signing and I start to have a siezure.
Look into Caddy, it's by far the easiest web server/reverse proxy with automatic SSL support out there. Setup both Caddy and Overseer in Docker and then just simply write
overseer.yourdomain.com {
reverse_proxy overseer:overseer port
}
Assuming you have you own domain name and have DNS records setup.
I was using Nginx and Let's Encrypt for years but it was a bit of a pain in the ass. I just rewrote my entire Docker Compose script to use Caddy so I can deploy everything in about 5 minutes.
Any thoughts on using something like Caddy, or any other reverse proxy option, if you already have a VPN that you pay for?
Currently I’m using Tailscale for my phone and tablet, but there’s not really an option for Roku outside of my home network. I’d like to give a friend access to my Jellyfin, but I can’t seem to get anything working other than Tailscale because I already pay for ProtonVPN.
Routing the reverse proxy through the VPN just complicates things. I'm assuming you mean you want to give a friend access to your Jellyfin server, not your Roku (not sure why you mentioned that), so just have Caddy listen on ports 80 and 443, and forward the ports on your router. Then setup the reverse proxy lines for Jellyfin in the Caddyfile. Assuming you already have DNS setup you should be good to go, just give your friend the URL. Caddy enables SSL by default so there really is no reason to route the traffic through a VPN tunnel. I'm pretty sure the Jellyfin docs have a section for using Caddy as a reverse proxy.
I’ll have to check again on the Jellyfin docs, but when I was las trying to follow the steps, I ran into an issue where some IP didn’t match something else and it told me I couldn’t continue.
My friend uses a Roku so getting him to use Tailscale or anything like it isn’t really an option.
Yeah, I think you're confused 😉 There is no need for your friend to use a VPN to access your Jellyfin server. All you need to do is make it publicly accessible and tell him where to find it (the URL).
It can literally be as simple as setting up NAT on your router (commonly known as port forwarding, linking the IP of the Jellyfin server and it's port to a designated port on your router accessible via your public IP) and then giving your friend your public IP and the port that you opened. THIS IS HIGHLY DISCOURAGED THOUGH SINCE NOTHING IS ENCRYPTED.
It's best to setup either Dynamic DNS (usually free, but you don't get your own domain name, usually just a subdomain under their domain name) or buy your own domain name for cheap (like $10-$30 USD/year) and setup your A records (and CNAME records if you want) in the hosted DNS section. Once you have DNS working then setup a reverse proxy using something like Caddy (simple), Traefik (more complex), or Nginx (a full blown, complex web server) and Certbot/LetsEncrypt. SSL certs and reverse proxies can be a pain in the ass sometimes, but Caddy makes it dead simple.
From there just give your friend your URL (https://jellyfin.yourserver.com or however you have it setup). He puts that in the connection box in the Jellyfin UI and it should work as intended.
buy your own domain name for cheap (like $10-$30 USD/year) and setup your A records (and CNAME records if you want) in the hosted DNS section.
Does it matter if your domain is on shared hosting already? Like, I’ve got kaitco.net, so I should be able to set up jellyfin.kaitco.net and the A and/or CNAME in the hosted DNS? Or, would I need to purchase a new one that’s not already hosted on any server already?
Thank you for answering my asinine questions about this btw 😅
It's perfectly fine to use a subdomain of kaitco.net 😉 Happy to help, I've been doing this for years.
I just set up a VPN with wire guard and duckdns. Connected my phone and works great. Some one will mention a show and I'll pull out my phone and add it via overseer. Get it on plex in like 2 minutes.
I have the same but the one thing I can't get working is accessing overseer from outside the network (ie internet). I've read guides of course but at some point they start talking about domains and certificate signing and I start to have a siezure.
Look into Caddy, it's by far the easiest web server/reverse proxy with automatic SSL support out there. Setup both Caddy and Overseer in Docker and then just simply write
Assuming you have you own domain name and have DNS records setup.
I was using Nginx and Let's Encrypt for years but it was a bit of a pain in the ass. I just rewrote my entire Docker Compose script to use Caddy so I can deploy everything in about 5 minutes.
Any thoughts on using something like Caddy, or any other reverse proxy option, if you already have a VPN that you pay for?
Currently I’m using Tailscale for my phone and tablet, but there’s not really an option for Roku outside of my home network. I’d like to give a friend access to my Jellyfin, but I can’t seem to get anything working other than Tailscale because I already pay for ProtonVPN.
Routing the reverse proxy through the VPN just complicates things. I'm assuming you mean you want to give a friend access to your Jellyfin server, not your Roku (not sure why you mentioned that), so just have Caddy listen on ports 80 and 443, and forward the ports on your router. Then setup the reverse proxy lines for Jellyfin in the Caddyfile. Assuming you already have DNS setup you should be good to go, just give your friend the URL. Caddy enables SSL by default so there really is no reason to route the traffic through a VPN tunnel. I'm pretty sure the Jellyfin docs have a section for using Caddy as a reverse proxy.
I’ll have to check again on the Jellyfin docs, but when I was las trying to follow the steps, I ran into an issue where some IP didn’t match something else and it told me I couldn’t continue.
My friend uses a Roku so getting him to use Tailscale or anything like it isn’t really an option.
Yeah, I think you're confused 😉 There is no need for your friend to use a VPN to access your Jellyfin server. All you need to do is make it publicly accessible and tell him where to find it (the URL).
It can literally be as simple as setting up NAT on your router (commonly known as port forwarding, linking the IP of the Jellyfin server and it's port to a designated port on your router accessible via your public IP) and then giving your friend your public IP and the port that you opened. THIS IS HIGHLY DISCOURAGED THOUGH SINCE NOTHING IS ENCRYPTED.
It's best to setup either Dynamic DNS (usually free, but you don't get your own domain name, usually just a subdomain under their domain name) or buy your own domain name for cheap (like $10-$30 USD/year) and setup your A records (and CNAME records if you want) in the hosted DNS section. Once you have DNS working then setup a reverse proxy using something like Caddy (simple), Traefik (more complex), or Nginx (a full blown, complex web server) and Certbot/LetsEncrypt. SSL certs and reverse proxies can be a pain in the ass sometimes, but Caddy makes it dead simple.
From there just give your friend your URL (https://jellyfin.yourserver.com or however you have it setup). He puts that in the connection box in the Jellyfin UI and it should work as intended.
Does it matter if your domain is on shared hosting already? Like, I’ve got kaitco.net, so I should be able to set up jellyfin.kaitco.net and the A and/or CNAME in the hosted DNS? Or, would I need to purchase a new one that’s not already hosted on any server already?
Thank you for answering my asinine questions about this btw 😅
It's perfectly fine to use a subdomain of kaitco.net 😉 Happy to help, I've been doing this for years.
I just set up a VPN with wire guard and duckdns. Connected my phone and works great. Some one will mention a show and I'll pull out my phone and add it via overseer. Get it on plex in like 2 minutes.
Cloudflare zero trust tunnels are your answer