Hi All,

I was hoping to get some advice on my new media stack. I am a bit of a Newbie when it comes to this, and I am a little bit confused at the final step of this. I recently bought a new Raspberry Pi 5, which I am using as the media stack. On this I have Radarr, Sonarr, Jellyfin, Jellyseer, Prowlarr and qBittorrent installed using docker. I have also made sure that both Prowlarr and qBittorent are behind a VPN (using NordVPN if it matters).

This works fine locally, but I would like this to be accessible externally. The need for this is that I have some friends who want to access the media Server. The 3 options I have seen for this are:

a) Open the ports on your router. I know this is very unsecure, even with jellyfin IP whitelisting, so I dont want to do this.

b) Use a VPN. This would require giving my friends my login to tailscale/NordVPN mesh, and would be a real pain when using smart TV’s so would also prefer not to do this.

c) Use Nginx to create a weblink. This one I understand the least but I do have a domain using cloudflare. As far as I know though, this is against cloudflare TOS.

Am I missing any options here? and does anyone have any good guides on option 3 that wont break cloudflare TOS?

Thanks in advance.

  • shaunjanssens@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    You’re missing the easiest option of them all: Cloudflare tunnels. You don’t have to open any ports, your friends don’t need to install extra software and it’s free. I don’t know about the TOS but I wouldn’t worry to much because it’s only a couple of friends.

    • Silencer306@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Isn’t that his second option? Do you have to give others access to your network and login to use the apps? Or how does it work?

  • zfa@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I suspect your friends probably don’t need access to your whole media stack.

    What parts they do need access to, and from what type of devices, will determine the best approach.