Has anyone tried Tailscale to connect to Jellyfin?

I am not very knowledgeable about networking. I found I can connect to my Jellyfin server if I set under Networking “Allow remote connections” and in the remote IP address filter I put the remote IP that Tailscale assigns to my iPhone.

Is this how it’s supposed to work? I didn’t expect to have to use Remote Access Settings. I thought the point of Tailscale is to make it like you are on a local network.

  • pe1uca@lemmy.pe1uca.devEnglish
    3·
    9 months ago

    Some services usually just listen to 127.0.0.1 which makes it’s only available for the current machine.
    The service needs to listen to 0.0.0.0 or the IP of the network adapter to be able to be reached outside the machine, this is what remote access means, both your local network and the internet are “remote access” to the services running inside a machine.

    So, yes, it’s normal you have to enable remote access to be able to connect via tailscale.

    Extra note: it’s good to be extra sure your services can be only accessed by you, this is what the ip address filter does, but if this is running inside a normal ISP’s router network then it’s already closed to the outside internet, so the filter would be a bit annoying in the case you want to share it with your other devices or any guest inside your network, you’ll need to remember to update that list, and also if your IP changes for some reason.
    With tailscale you can just remember to close all your ports and use your tailIP to connect to the service

    • SiriusCybernetics@lemmy.caOPEnglish
      1·
      9 months ago

      Not quite sure I followed all that. I’ve disabled a specific white list for now. When I have access to another computer I will confirm I can’t connect unless I am running Tailscale with the appropriate IP addresses.

      • pe1uca@lemmy.pe1uca.devEnglish
        1·
        9 months ago

        Yes, that’s the idea, if you’re not running tailscale in both machines then you won’t be able to connect to them (unless you do some other networking configurations).
        Once you have tailscale running in both machines or devices, you only need to use the Tail IP to connect to them, they will find each regardless if they are in the same local network (connected to your home router) or across the internet.
        If you want to have access to your jellyfin without connecting to tailscale it’ll require more configuration depending on your set up and you’ll have to take care of the security implications of the internet being able to reach your computer or server.

        A bit more information:
        My jellyfin runs in my computer, so with tailscale I have at least these IP addresses

        • 127.0.0.1: The machine itself (or localhost)
        • 192.168.X.X: The address in your local network (usually your ISP’s router)
        • 100.X.X.X: The Tail IP.

        Now, in my phone I can be at several places and I can access jellyfin like this:

        • Same local network: 192.168.X of my computer, 100.X tail IP of my computer (if I’m connected to tailscale).
        • Mobile data or any other wifi: 100.X tail IP of my computer only when connected to tailscale.

        Again, I won’t recommend you on making your jellyfin instance public to the internet, just make sure to always be connected to tailscale.
        If you want to share your instance then you can check to share it within tailscale to the specific people you want.

        • SiriusCybernetics@lemmy.caOPEnglish
          1·
          9 months ago

          Thank you that is tremendously helpful! I expect this post will help others that come along.

          So confirming for your setup, you do need Remote Access enabled to use 100.x while home on your local network on wifi as well (and of course while away on cellular).

          That’s how it seems to be for me, so I think I’m set up correctly. I don’t believe I’ve opened any unusual ports or anything like that.