Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?
Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?
Idk if geo whitelisting is really good enough. I can’t speak for OP, but I’m in the same position and I don’t. I had high hopes for the post but everyone seems to just brush over the “secure” part
What are you afraid of?
My jellyfin runs in a a rootless podman container
I’m afraid of security bugs in the software I’m using, so that containers don’t contain, read-only doesn’t prevent writing, mounting directories doesn’t restrict access to those directories, etc.
I’m a nobody, I can’t imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)
Then don’t expose anything on the internet