Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

local cloudflare alternative

hi is there any local cloudflare alternative becourse from my reading it seems that that using it for jellyfin is against cloudflares TOS and i would like to get jellyfin to my domain but i dont wanna pay for it, so a loxal alternative would probably be my best bet, i also would prefer not to open any ports

Appoxo ,
@Appoxo@lemmy.dbzer0.com avatar

Don't proxy jellyfin through CF.
Using it for the domain or subdomain is fine.

You know it's not proxied because the cloud is gray instead of yellow.
And if you ping the domain it's your own IP instead of a cloudflare ip.

Oliper202020 OP ,

ohhh, so i can do it through cloudflare without breaking TOS? or am i misunderstanding?

Appoxo ,
@Appoxo@lemmy.dbzer0.com avatar

Nope. It's doable and permitted as long as the traffic is not proxied (gray cloud)

Oliper202020 OP ,

okay, im gonna look into it later

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

Don't expose Jellyfin to the internet

Appoxo ,
@Appoxo@lemmy.dbzer0.com avatar

Do it with a reverse proxy and set 2FA before it (and break native app functionaility).

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

Don't expose it to the internet

Appoxo ,
@Appoxo@lemmy.dbzer0.com avatar

Set proper ACLs and you are probably fine.

yannic ,

Jellyfin specifically or just anything in general?

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

Really anything in general. The only thing I have exposed is Nextcloud and a personal website. I spend a lot of time locking those down.

Sethayy ,

Just attempting to setup pihole + some DNS rules for this, but can't yet say it works cause I haven't gotten that far

Oliper202020 OP ,

okay, send me a text when you got it working

kaitco ,

Have you thought about using DuckDNS.org?

I run mine through them (it’s free) because I couldn’t work through using my own hosting since my host makes things super complicated.

Oliper202020 OP ,

well from my little knolage about them you need to use their domain right?

kaitco ,

Yeah you create the subdomain and use their domain. It’s a free DNS service that prevents you from having to buy your own domain and host and setup all the DNS security yourself.

Oliper202020 OP ,

but i would like to have my own domain

kaitco ,

I don’t think I understand your original question then.

If you want your jellyfin on your own domain like Oliper202020.com, that requires owning a domain which requires registration which incurs a cost.

If you don’t want to pay for something, just use a DNS service to redirect through their domain instead.

Oliper202020 OP ,

i want to spend money on the domain, i just dont want to pay money for a cloudflare alternative or one of the paid subscriptions

jonne ,

You can use your own domain and set a CNAME to any of the DDNS ones. So eg. home.mydomain.com can be a CNAME for oliper.ddns.com.

Starbuck ,

Maybe look into Tailscale. At the end of the day, someone needs to open up the ports, but Tailscale does it strictly to negotiate a VPN connection between two devices, so they don’t see the traffic that goes over the tunnel.

Oliper202020 OP ,

is there then a way to get it to a domain or do i need to install tailscale on every device?

Starbuck ,

I do Tailscale on every device, but they also have a Funnel service that might work for you

Oliper202020 OP ,

https://lemmy.world/pictrs/image/59faafbf-cba2-4839-8304-0be56df90c66.png
does this mean i can connect it to my domain and can nginx then route traffic from other vms trough to other subdomains?

smegger ,

If it's setup right you can even connect as if you're on the same local network. Or connect using device name as you set it in the admin panel.
There's a bunch of stuff you can do

Oliper202020 OP ,

would there maybe be a way with npm to only open up port 80 and run everything through there?

Starbuck , (edited )

I think you should understand that if you are opening ports to the wide internet, you are putting yourself and anyone else on your network at risk. You’re playing with fire here.

I have this setup with Tailscale so that I can watch plex from anywhere, without exposing ports to devices that I don’t trust and I can help you if you want. But don’t expose 80 to the internet.

atomWood ,

If you don’t want to open any ports, then you will need to setup a VPN service. Tailscale is one of the easiest to use VPNs out there.

smegger ,

+1 for tail scale. I installed it to get a feel for how hard it'd be to setup. I had it running in 15min on multiple devices via the tail net.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • jellyfin@lemmy.ml
  • incremental_games
  • meta
  • All magazines
    •