So I’m trying to get Jellyfin accessible on the open web through a cloudflared tunnel
I have a default install of Jellyfin running that is still accessible locally.
I’m able to ping TV.myblogdomain.com
And the Cloudflared dashboard says the connection is up.
I have implemented page rules and caching rules to turn CDN off.
I have set the DNS server on the Jellyfin VM to be the Cloudflared DNS server.
It’s pointed to https://jellyfin:8096/
And it wasn’t working with or without a CIDR in the tunnel configuration.
Should I try uninstalling fail2ban and see if that helps? I thought I configured it right pointing it to the 8096 port but maybe I need to do 80/443?
Any tips or guides would be appreciated.
You must log in or register to comment.
Port 8096 is the default HTTP protocol port, and you’re trying to access it via HTTPS. Do you have certificates installed and available for your jellyfin instance? If not, it’s very likely Cloudflare won’t route it correctly.
I’m not saying this is your specific issue, but it’ll be the one after you fix this one at least. You may need to mess with the cloudflare “current encryption mode” to get this to work.
I’ll try swapping it to http unless you think I should run nginx or something to certify it. I don’t know if that will help.
I always advocate for HTTPS. I run a caddy proxy and sidestep cloudflare all-together.
I assume a Caddy set up would get me a URL? I might look into that.
I run caddy to handle https certs. Works great and it’s incredibly easy to setup
It should be noted that you’re not permitted to stream video through Cloudflare unless you use their CDN.
I believe this is incorrect. I can’t find the forum post from Cloudflare but you cannot use the CDN to deliver video without paying for it, but you can use CF as a reverse proxy via Cloudflared to deliver video so long as you aren’t on the CDN
They even have blog posts on using Cloudflared for hobby video streaming projects like a RPi pet cam. Unless it’s assumed I have an enterprise account.
Unless you are an Enterprise customer, Cloudflare offers specific Paid Services (e.g., the Developer Platform, Images, and Stream) that you must use in order to serve video and other large files via the CDN. Cloudflare reserves the right to disable or limit your access to or use of the CDN, or to limit your End Users’ access to certain of your resources through the CDN, if you use or are suspected of using the CDN without such Paid Services to serve video or a disproportionate percentage of pictures, audio files, or other large files. We will use reasonable efforts to provide you with notice of such action.
My understanding is that it’s technically against their TOS but loosely enforced. They don’t specify precise limits since they probably change over time and region. Once you get noticed, they’ll block your traffic until you pay. Hence you can find people online that have been using it for years no problem, while other folks have been less lucky.
Basically their business strategy is to offer too-good-to-be-true free services that people start using and relying on, then charging once the bandwidth gets bigger.
It used to be worse, and all of cloudflare’s services were technically limited to HTML files, but selectively enforced. They’ve since changed and clarified their policy a bit. As far as I’ve ever heard, they don’t give a toss about the legality of your content, unless you’re a neo Nazi.
unless you’re a neo Nazi
I hate being torn between my hatred of tech monopolies and love of seeing Nazis get their shit rocked.
Sure if you only intend to stream your pets RPi webcam nothing to worry :) ! But don’t even get into streaming illegal content you don’t own !
I mean, your jellyfin instance is not going to be hooked to a Arr stack, is it?
I don’t know what that is. So no.
And obvious it’s all movies and TV shows I own that’s just conveniently ripped for sharing with friends and family :)
I’m guessing the cloudflared daemon isn’t connecting to jellyfin. You want to use
http://. Also isjellyfinthe hostname of the VM? Usinglocalhostor127.0.0.1might be better ways to specify the same VM without relying on DNS for anything.Personal opinion, but I wouldn’t bother with fail2ban, it’s a bit of effort to get it to work with cloudflare tunnel and easy to lock yourself out. Cloudflare’s own zero trust feature would be more secure and only need fiddling around cloudflare’s dashboard.
Didn’t work.
Gonna go to bed and kinda just hope this starts working and then try again after work when reality sets in.
The actual config uses
Not sure why I decided to “censor” it like that.
I’ll try swapping it to http:// and removing f2b for now.
