I just got Authentik / Traefik going for Navidrome, Jellyfin is next.
Does it play well for the mobile applications? If you use them?
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
I just got Authentik / Traefik going for Navidrome, Jellyfin is next.
Does it play well for the mobile applications? If you use them?
Does jellyfin do untranscoded video/audio?
Haven't used it in years but finally building up my media server again and I remember it had some funky settings for hardware encoding back then which I didn't need because I was connecting to it via a repurposed gaming laptop that could easily handle 4k content and surround sound by itself.
I use jellyfin for unencoded audio and video on my clients that support it like my newer television, but I also use transcoded audio video on things that can't handle the higher codecs like the raspberry pi.
I want to leave too, but I really like PlexAmp for my music streaming. And no, Finamp doesn't work nearly as well or look as nice.
What about subsonic or funkwhale? I think I also tried a third one I'm forgetting
Thanks for the suggestions. I'll try them out. One thing that I hate is critical for me is integration with Android auto. It's the last Google service I can't seem to quit. Might have to give up and just roll with Bluetooth instead.
I've been using jellyfin for years.
My best recommendation is DELAY UPDATES and back up before you update.
I have a history of updates breaking everything so you should be careful about them.
All software recommends backing up before an update, but for jellyfin the shit is real, you really want to back up.
laughs in immich
I've been using jelly since just after the emby fork and never had an update issue on docker. Automatic snapshots every 5 mins (amoung other backup tools). means I don't need to worry much if it does.
Like the version or the media?
I have it on docker with two volumes, ./config and ./cache
I back up those before each update.
A bad Jellyfin update should not mess with your media folder in anyway. Though you should have backups of those aswell as a rule of thumb.
With respect to the media, you can mount the volume as read only, preventing Jellyfin from accidentally wiping your underlying content.
the config and databases or the media, you mean?
if so, the former, but I mount the meadia with a read only docker volume just to be sure, because chances are I would never notice it
Unrelated but why a full VM for Linux stuff, lxc is much more efficient
honestly every explanation probably just ends at 'this is what i learned on and it works'. same way i religiously use nano and try to do everything in bash first. or how a couple coworkers can't stop explaining their vim workflow and defending python unprompted like it's a trauma response for them. my current homelab is also running a r9 with 64gb ram and 30tb storage. if i were paying for remote hosting, still using salvaged hardware or being paid, i'd invest time learning newer processes. but containers haven't caught my interested and this set up takes basically no effort on my part to maintain, so i can focus my limited free time elsewhere.
honestly every explanation probably just ends at 'this is what i learned on and it works'.
Yeah, lots of these answers basically boil down to “when all you have is a hammer, everything looks like a nail.”
These days the hammer is usually docker/podman/lxc containers instead of VMs though. Like, you don't need a container to run a self-contained statically-compiled binary, yet people still do it for some reason.
Same.
The time it takes me to write a single function in Python is the same as writing a whole Bash-script using nano.
Also I initially set up my homelab using Docker in a VM on Proxmox. Totally useless abstraction, but I never found the time and patience to migrate the VM to bare metal.
Stronger compartmentalization
I've heard jellyfin has a lot of security issues, which I don't know if that's accurate or not. But the BIGGEST issue is lack of a proper tvOS app. I really don't feel like using Infuse or some other app just to use my library. Year after year I hear about people switching and yet, the gap is simply still there.
To be fair there is a tvOS app in development but progress is slow because the whole project is maintained by a small handful of volunteers. They’ve put out a call for help and the maintainers post updates here
Yeah, Samsung TVs don’t have a native Jellyfin app either. You can sideload it, but good luck walking your “you touched my computer six months ago and now it’s broken. This is your fault” grandmother through that over the phone.
I just validated that the latest version of the LDAP privilege escalation issue is not an issue anymore. The curl
script is in the ticket.
This was the one where a standard user could get plugin credentials, such as the LDAP bind user, and change the LDAP endpoint. I.E., bad.
I chose this one because after going through all of them, it was the only one that allowed access to something that wasn't just data in Jellyfin.
So for me, security is less of an issue knowing that, as only family use the service, and the remaining issues all require a logged in user (hit admin endpoint with user token).
Plus, I tried a few of those and they were also fixed, just not documented yet. I didn't add to those tickets because I was not as formal with my testing.
I’ve heard jellyfin has a lot of security issues
The biggest known stuff I saw on their GitHub is that a number of the exposed service URLs under the hood don't require auth. So, it's open-source with known requirements, you can tell easily from the outside that it's running, and you can cause it to activate a LOT of packages without logging in. That's a zero-day in any package that can be passed a payload away from disaster.
AS far as TVOS, I'm kinda surprised swiftfin doesn't service you.
Assuming this is all true, sure its not great but how much does it matter?
Most have jellyfin in a docker. My jellyfin can't only has read only accses to the media folder. Only the config folder has write access. Assuming the worst case scenario here, how much damage can than do?
A lot of neophyte self hosters Will try running the binary in Windows instead. Experienced self hosters will indeed use docker.
Then out of the ones that are using docker some of them will set it up as privileged.
And then how many of those people actually make read-only versus how many just add the path and don't think about it.
Don't confuse your good practices with what the average person will do.
I am also not up to date on Jellyfin security issues but the biggest one I care about is that its clients don’t support OIDC. There’s a neat plugin for OIDC, but without client support it only works with the web client and I’m not a fan of leaving login pages open to the internet.
Use an LDAP to OIDC bridge?
Op already said they were behind authentik
There also absolutely are apps for tv oses like Android, I use one daily.
Welcome to the jelly. ONE OF US. ONE OF US.
This is probably the wrong post to ask this question, so sorry in advance.
I have a dual boot Linux + Windows. Jellyfin runs wonderfully on muy Linux partition with docker-compose. Anybody knows how can I clone it in my Windows partition, such that configs, metada and accounts remain the same? I've failed to do this, and only the media volume remaines identical on both OS.
This may not be the answer you are looking for, but one method would be to use WSL on windows to run a Linux distro with Docker installed and just migrate everything over, basically 1-to-1. Then set WSL to auto start when you boot up windows. If you install Docker Desktop on Windows, it will also pick up that you're using Docket via WSL and allow you to manage shit from the client. I don't do that though, I'm ~~a masochist~~ old-school.
Looks like there is a config and cache location in their docker scripts. The easiest way to make a docker application portable is to bind mount the config and cache. That way you have access to the actual files and could copy them to your windows partition.
If you're already using a volume for that data, I think it becomes a bit trickier. I know technically you can move or copy volumes, but I've never tried. Although you could still bind mount a random directory and still copy the files out.
i love jellyfin i just wish there was a nicer way to highlight collections so you could make themed weekly or monthly collections of movies and shows that also still show up in the regular folders.... almost like netflix.
That is coming, I saw a PR for that. Just need to be patient.
Long time Jellyfin user here, welcome on board. I think biggest hurdle I should newbies warn about is the lack of availability on TizenOS.
Its possible but needs some extra steps.
This is one of my issue with Jellyfin. It's a workaround to install the app onto Tizen. Updates are again manual. But zero issues since installation and runs smooth.
I'm also 90% done migrating to jellyfin. I've had the instance running for 6 months now, the cultural change to watch jellyfin is complete, except for my wife's iPad.
Heck, I should just retire Plex. That will force the change.
These are the thoughts of a cold and calloused sysadmin. Didn't get the email about the change? Too bad.