I have several services on my home server, most of which I access using Tailscale, and it works great. I had a couple services on Cloudflare tunnels in order to access them from devices that I can’t put Tailscale on.
Plex is going to start charging for remote access. So I figured now would be the time to migrate to Jellyfin. But using Jellyfin on Cloudflare tunnels is against their TOS. I have a Roku TV at a remote location that I use to watch Plex. I won’t be able to do that anymore. And I can’t put Tailscale on it to serve Jellyfin that way.
I was going to set up Nginx Proxy Manager to use my domain name for Jellyfin so I didn’t have to use Cloudflare tunnels. But in setting that up I found out that my ISP is double NATting me, and I haven’t been able to find a way around it.
So I’m left with two options: 1) buy Plex Pass so I can continue to stream remotely; or 2) get a VPS, run Tailscale and NPM on it and switch to Jellyfin.
I’m looking for a sanity check to make sure the VPS thing would work the way I think it would. If it’s running Tailscale then the double NAT would be a non-issue, correct? Is there another option that I haven’t thought of yet? Which of the two options would you choose?
Maybe using a tailscale funnel would be a good option for you? I use one for a webdav setup to get around CF’s 100mb limit on uploads when clients won’t chunk their data properly. It was fairly easy to set up and works perfectly.
Maybe something worth a shot is a direct Wireguard server/client connection. While I don’t know how it works with double NAT (wireguard client with double nat) making your home server act as a direct tunnel would solve all your issues.
- Access your services from everywhere without middleman.
IIR, tailscale uses wireguard under the hood and you’re already hosting things on your home server, so maybe this could be worth a try :) !
I was just in your exact Situation with my Jellyfin home server. I was using Tailscale for a while, but ran into a problem: my new server is really bad at encoding, so I can only use direct play, which uses more bandwidth than the tail scale relay servers can give.
The problem with tail scale is, I basically only ever use the relay servers because my home is cgnat and most of the time when I want to stream outside of home I am on mobile data with cgnat or at college (restrictive firewall).
My solution which I implemented last weekend was to buy the cheapest VPS I could get from my trusted provider and harden it and install nginx proxy manager and tailscale. With that, I can make a direct (no relay server) connection to my home server and proxy Jellyfin to a public domain.
I am still figuring out how to secure Jellyfin, but I have also seen some comments that Jellyfin is secure by default and therefore ok to have exposed.Actually no, it is insecure, do not expose it to the internet. I will be adding separate authentication to access it via proxy.
get a VPS, run Tailscale and NPM on it and switch to Jellyfin
Keep in mind that VPSs will charge for bandwidth, which adds up quickly when you’re streaming.
One suggestion I haven’t seen mentioned is contacting your ISP. Sometimes you can get a dedicated IP, although you might have to pay for it.
Alternatively you might just break down and pay for Plex Pass. I know that goes against the Lemmy philosophy to the very core, but for all its issues, Plex is still way ahead of Jellyfin in terms of features, UI/UX, etc. Jellyfin will get there, and I’m ready to switch the day that Plex becomes unusable, but that hasn’t happened yet.
Most VPSes I use offer a slower (200mbps) connection without a data cap for free.
