This. Call it in a php file on your web server through a browser and it will give you all the info you need :)
DWolfUK40
joined 11 months ago
Jellyfin is a media player. It’s built in security is more than enough for most. A lot use it for access to their own personal collections. You’re using it for your own use, you’re not distributing so doubtful anybody would care. There’s no way to know what’s there so not worth anybody’s time. Now if you were selling logins to that server and advertising the content then things would be different in the same way that if you seed pirated content they will care more than if you just leech it. For all they know you could have your personal home videos behind it or legitimate backups of physical disks you own. Hide it behind a subdomain and random path then unless somebody is looking for it they won’t stumble on it in the first place. This should be enough really. Jellyfin is designed to keep your content secure. The only way somebody official would come knocking is if they suspect there’s something to hide. Unless you tell people they have no reason to suspect. They have much bigger fish to fry.
I don’t think you have anything to worry about but you can ofc secure things further if you want to jump through a few mostly unrequired hoops.
That’s just my personal opinion. If you don’t feel safe exposing it then you shouldn’t and should setup a vpn or similar and hide it all behind that. My jellyfin has been exposed for years. Just me and my family using it. I’ve never had anybody try to access it. Nothing exciting behind it other than family videos but nobody knows that.
Transmission for me as I’ve always used it and it’s the only one I could get to update port forwarding through a put request when my vpn reconnects and the tunnelling port changes.
The nightly builds have been fairly stable for me running in a diet-pi vm.
It integrates nicely with flexget but equally as well with the arrs. I havn’t had any major problems. I havn’t heard of many that have.
I’d personally recommend using caddy and proxying as that will automatically get let’s encrypt certificates. I’m not sure if it works on .local addresses though. It’s possibly worth grabbing a cheap domain to do it, moving it to cloudflare and then using the caddy cloudflare dns Addon to get the certificates. Then you could have external access also down the line. If you want to keep the .local domain You may have to manually add the self-signed certificate to trusted stores. This isn’t always possible so you might be SOL if you’re wanting to keep the local domain.
There’s a reason stripe is a payment processor and your company is using it.
Regulations and costs alone make it difficult for companies, never mind individuals. Getting approval for things. Having protections, gaining trusts etc etc. the list is endless. It’s not something that an individual should ever be considering. Stripes fees aren’t too bad and they do the heavy lifting. You would spend way more thinking about setting up yourself and researching. The time cost involved. It’s just not worth it for anybody but the biggest players.