One of the popular uses of self hosted, is having a home media server for streaming your movies and series.

I’ve configured services like Deluge to download the media through PIA VPN with gluetun. This part is secure. HOWEVER…

I configured JellyFin to be able to stream remotely. To avoid reduced bandwidth, will not route this service with PIA VPN.

If I configure the Jellyfin service with a reverse proxy, and enable SSL with let’s encrypt (Nginx PM):

  1. Is the data encrypted?
  2. will my ISP be able to know what movies or series are being streamed?
  3. will the remote user be able to determine my external IP address?
  4. will a DNS IP lookup (or another ways) identify my IP address?

Is this a correct approach, or should I go a different path?

Any help is appreciated.

  • Ace! _SL/SEnglish
    1·
    1 year ago

    I’m by no means an expert but:

    1. Yes it is, that’s what https is for (your reverse proxy in that case, best to host Jellyfin and Nginx on the same machine to prevent any unencrypted traffic leaving your machine)
    2. They won’t, unless someone accesses your Jellyfin via http
    3. Yes they will
    4. Yes

    You could use a Cloudflare tunnel to hide your IP from your users, but that will give Cloudflare the ability to decrypt your users traffic. They shouldn’t do that though, just wanted to let you know they could

    Hiding your IP shouldn’t be necessary though imo, unless you really need to (Cloudflare most likely won’t help with that)

    Also make sure to setup a Firewall if you plan on exposing your server to the internet!