After 14 years with Plex, I finally moved my video library to Jellyfin. Why rising costs, feature restrictions and digital ownership pushed me towards FOSS.
This article doesn’t mention the limitations of remote access for Jellyfin, which requires some tricks like reverse proxy or Tailscale. I think Jellyfin is a great option if you only watch/listen on your home network, but if anyone wants to replicate the remote access capabilities of Plex, I typically warn them they are going to have to roll their sleeves up.
Yes the solution is different hardware, like a Google TV, older firestick, raspAP, or flash openwrt on a router. But that’s no longer plug and play and may have other caveats. Besides costing money.
No shade, it’s just not QUITE that simple every time.
Not something that unfortunately works as easily for me to connect my ailing mom’s TV to, and do NOT want to manage the reverse proxy + cert + etc setup for a number of reasons
Yeah it can be more limiting. Personally I got lucky and my mom’s TV runs Android so I could just install a wireguard client.
I will probably at some point bridge her network with mine since I want to install a TrueNAS box at her house for remote backup. So the VPN client will be moot at that point.
Which part? For the TV there was literally a wireguard app. I just had to install it on the TV and configure the connection to my wireguard server.
For the bridging I gave her my old router which I haven’t tested but I believe should support VPN bridging. I already have her on a subnet that won’t conflict with my network for that reason.
The point is that you now have another app to manage or learn about just for remote viewing, and the general public can’t and won’t manage something like that. People like us, no problem, its easy, but my dad would never be able to, for example. He can install plex and just log in to an app anywhere to use it though.
Also, dont forget that many households have non-static IP addresses, so now you need more management for that issue (again, easy for us).
But Jellyfin! It solves all your problems, you don’t have to pay for it (because fuck paying for software of any type even if it provides you some value), and did I mention Jellyfin‽
Why aren’t you using it yet? Are you a plex sympathizer? Get outta here with that!
What?
I don’t care if you have a good use case for using plex / Emby / Kodi / VLC / WMC / etc; you will assimilate and use Jellyifn!
Someone breakes in, then moves laterally to your home assistant running frigate to watch you sleep at night. Then uses your residential uplink as a proxy to resell on an open market.
After that, the possibilities are practically endless.
No reason to connect jellyfin to any sort of local network, router will still hairpin for local connection.
With that setup its honestly more secure than 99% of IOT devices, and like 50% of routers.
edit: and if youre running it in the pentagon or something just toss authentication like keycloak in front of it, plus a bit of crowdsec/fail2ban and an IP whitelist, I’d be surprised if you’d even get an attack, much less one violating that strict of a threat models.
Yeah docker isn’t the isolation sandbox some people make it out to be. It’s not meant for that. You very well may have a setup that’s meant for that but it’s more than I’m willing to expose.
I found it annoying at first when I started because I didnt know about any management tools. I was updating the firewall rules everywhere myself to allow each remote IP at the router and machine level lol
There is a third option, the program that Jellyfin was originally forked from back in 2018, Emby.
Sort of the middle child between the two. Nearly identically to Jellyfin for obvious reasons, several third party apps for Jellyfin work with it as well like Jellyseer, it has apps for nearly every device, and easy external connections via their servers like Plex does.
They do however have a premium subscription system like Plex to support things like those servers. It’s not as expensive as Plex, even before the recent rate hike, but it is there and some stuff is locked behind that premium license.
I can’t recommend emby because their business practices are pretty scummy. After accepting open source contributions for years, they went closed-source in 2018 and took all those contributions with them (they had a CLA). The very next update, they added hardware acceleration and locked it behind a paywall. They had a pretty big ‘security incident’ a few years ago, which probably would have been averted if they were still open source, as users in the community flagged it as an issue long before the devs took action.
So all the bad things of both, still a proprietary product that you can funnel your cotent through servers you don’t control while simultaneously not being plex.
This article doesn’t mention the limitations of remote access for Jellyfin, which requires some tricks like reverse proxy or Tailscale. I think Jellyfin is a great option if you only watch/listen on your home network, but if anyone wants to replicate the remote access capabilities of Plex, I typically warn them they are going to have to roll their sleeves up.
Don’t selfhost if you think a reverse proxy is tricky.
If you can spin up a podman container, you can use a caddyfile. Hell, if you can nano and read, you can set uo a caddyfile.
Tailscale truly could not be easier/simpler.
Not for all clients, like Roku for example.
Yes the solution is different hardware, like a Google TV, older firestick, raspAP, or flash openwrt on a router. But that’s no longer plug and play and may have other caveats. Besides costing money.
No shade, it’s just not QUITE that simple every time.
You’re right, I missed that.
I personally use a reverse proxy and Wireguard setup to access remotely.
Not something that unfortunately works as easily for me to connect my ailing mom’s TV to, and do NOT want to manage the reverse proxy + cert + etc setup for a number of reasons
Yeah it can be more limiting. Personally I got lucky and my mom’s TV runs Android so I could just install a wireguard client.
I will probably at some point bridge her network with mine since I want to install a TrueNAS box at her house for remote backup. So the VPN client will be moot at that point.
How do you go about doing that?
Which part? For the TV there was literally a wireguard app. I just had to install it on the TV and configure the connection to my wireguard server.
For the bridging I gave her my old router which I haven’t tested but I believe should support VPN bridging. I already have her on a subnet that won’t conflict with my network for that reason.
FYI, scrcpy can be an excellent tool for remote support, but you’d better trust the network the interface is on
There are a ton of reverse proxy options that manage the cert for you
The point is that you now have another app to manage or learn about just for remote viewing, and the general public can’t and won’t manage something like that. People like us, no problem, its easy, but my dad would never be able to, for example. He can install plex and just log in to an app anywhere to use it though.
Also, dont forget that many households have non-static IP addresses, so now you need more management for that issue (again, easy for us).
There’s lots of reasons I don’t want to set this up
But Jellyfin! It solves all your problems, you don’t have to pay for it (because fuck paying for software of any type even if it provides you some value), and did I mention Jellyfin‽
Why aren’t you using it yet? Are you a plex sympathizer? Get outta here with that!
What?
I don’t care if you have a good use case for using plex / Emby / Kodi / VLC / WMC / etc; you will assimilate and use Jellyifn!
JELLYFIN!!!11!1!1!1!1!. /s
This is like the 3rd thread I’ve seen you have a complete meltdown when someone mentions Jellyfin.
Jellyfin once located my lost puppy. Which Plex had stolen.
Damn, Jellyfin can swim through land, too.
I believe it! Emby probably kicked the dog whole plex stole it.
Just fucking yeet it online
expected advice from typical JF users.
What’s the worst that can happen. Someone watches your movies
Someone breakes in, then moves laterally to your home assistant running frigate to watch you sleep at night. Then uses your residential uplink as a proxy to resell on an open market.
After that, the possibilities are practically endless.
No reason to connect jellyfin to any sort of local network, router will still hairpin for local connection.
With that setup its honestly more secure than 99% of IOT devices, and like 50% of routers.
edit: and if youre running it in the pentagon or something just toss authentication like keycloak in front of it, plus a bit of crowdsec/fail2ban and an IP whitelist, I’d be surprised if you’d even get an attack, much less one violating that strict of a threat models.
Good grief. If you’re doing all that, just set up Wireguard
I mean containers make the networking pretty easy, everything beyond that is optional based on your threat model.
Same as hosting anything networked, you can do it easy or do it safe.
(but also wireguard is kinda an O(n) problem while exposing to wan is an O(1) problem - at least IT man hours wise)
It’s a rootless container. Chances are they are not going to do any of that.
Things are on the internet all the time.
Yeah docker isn’t the isolation sandbox some people make it out to be. It’s not meant for that. You very well may have a setup that’s meant for that but it’s more than I’m willing to expose.
Yup! That’s the worst thing that can happen. Now would you be so be kind as to send us the link to your private unsecured Jellyfin server?
I’m tempted to. But I’m not. Just because I dont want to fox my domain here.
Is running in a rootless podman container. I’m confident
A reverse proxy is a trick? That’s like standard practice for web servers.
How does Plex get around that? I’ve only ever used jellyfin.
Plex operates TURN servers
Can’t you just setup a dyndns and port forwarding?
Yes, and if that falls within your risk tolerance it’s rather easy to set up.
Most of the people in the discussion here don’t want to open a port to the internet.
To be fair Plex also requires open ports (or worse upnp) to remotly stream at full quality, without transcoding.
Oh, 100%. I was just trying to sum up the feelings in here.
Its just a pain in the ass to manage at home and easy to leave your ass open for attacks.
It’s just another attack surface. Threat tolerance is up to each person.
I found it annoying at first when I started because I didnt know about any management tools. I was updating the firewall rules everywhere myself to allow each remote IP at the router and machine level lol
Oooof, yeah that would suck.
That’s why I’m running both. I use jellyfin, everyone else uses Plex 🤣
There is a third option, the program that Jellyfin was originally forked from back in 2018, Emby.
Sort of the middle child between the two. Nearly identically to Jellyfin for obvious reasons, several third party apps for Jellyfin work with it as well like Jellyseer, it has apps for nearly every device, and easy external connections via their servers like Plex does.
They do however have a premium subscription system like Plex to support things like those servers. It’s not as expensive as Plex, even before the recent rate hike, but it is there and some stuff is locked behind that premium license.
I can’t recommend emby because their business practices are pretty scummy. After accepting open source contributions for years, they went closed-source in 2018 and took all those contributions with them (they had a CLA). The very next update, they added hardware acceleration and locked it behind a paywall. They had a pretty big ‘security incident’ a few years ago, which probably would have been averted if they were still open source, as users in the community flagged it as an issue long before the devs took action.
So all the bad things of both, still a proprietary product that you can funnel your cotent through servers you don’t control while simultaneously not being plex.
But also benefits of both, reduced cost with easier remote setup, while simultaneously not being plex
Wait, does emby do remote access similar to Plex? And without VPN like JF? That’s literally the only thing keeping me on Plex.