I have several services on my home server, most of which I access using Tailscale, and it works great. I had a couple services on Cloudflare tunnels in order to access them from devices that I can’t put Tailscale on.
Plex is going to start charging for remote access. So I figured now would be the time to migrate to Jellyfin. But using Jellyfin on Cloudflare tunnels is against their TOS. I have a Roku TV at a remote location that I use to watch Plex. I won’t be able to do that anymore. And I can’t put Tailscale on it to serve Jellyfin that way.
I was going to set up Nginx Proxy Manager to use my domain name for Jellyfin so I didn’t have to use Cloudflare tunnels. But in setting that up I found out that my ISP is double NATting me, and I haven’t been able to find a way around it.
So I’m left with two options: 1) buy Plex Pass so I can continue to stream remotely; or 2) get a VPS, run Tailscale and NPM on it and switch to Jellyfin.
I’m looking for a sanity check to make sure the VPS thing would work the way I think it would. If it’s running Tailscale then the double NAT would be a non-issue, correct? Is there another option that I haven’t thought of yet? Which of the two options would you choose?
I was just in your exact Situation with my Jellyfin home server. I was using Tailscale for a while, but ran into a problem: my new server is really bad at encoding, so I can only use direct play, which uses more bandwidth than the tail scale relay servers can give.
The problem with tail scale is, I basically only ever use the relay servers because my home is cgnat and most of the time when I want to stream outside of home I am on mobile data with cgnat or at college (restrictive firewall).
My solution which I implemented last weekend was to buy the cheapest VPS I could get from my trusted provider and harden it and install nginx proxy manager and tailscale. With that, I can make a direct (no relay server) connection to my home server and proxy Jellyfin to a public domain.
I am still figuring out how to secure Jellyfin, but I have also seen some comments that Jellyfin is secure by default and therefore ok to have exposed.Actually no, it is insecure, do not expose it to the internet. I will be adding separate authentication to access it via proxy.