First things first, the setup is currently up and running. but i would like to modify it to use a reverse proxy through my personal domain.
Currently, i’m using an old pc with Truenas and a jail with jellyfin in it. i’m connecting to it with the free Fritz!Box VPN service.
but that’s stupid and slow. so i’ve bought a domain at godaddy.com. but i don’t understand the principle of whatever is managing the domain knowing the public IP-adress of my server. i’ve heard of Caddy, but it’s also running locally, so i don’t understand how i connect the pc to the domain.
if anyone could simplify this down for me, it’d be very helpful.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol NAT Network Address Translation SSL Secure Sockets Layer, for transparent encryption VPN Virtual Private Network nginx Popular HTTP server
[Thread #241 for this sub, first seen 25th Oct 2023, 10:45] [FAQ] [Full list] [Contact] [Source code]
There’s a nice explanation of how caddy reverse proxies work here. https://caddy.community/t/using-caddy-as-a-reverse-proxy-in-a-home-network/9427
Essentially you setup your router to port forward any new incoming connections to Caddy, which then decides what to do with them according to the configuration (Caddyfile).
Even simpler: Your local network is like a castle, inside is a safe and secure place where your devices communicate freely. Your router is a firewall around the castle, by default it blocks incoming connections. This is good because the internet is scary. By port forwarding you allow a door in the firewall which leads to Caddy, which is like a guard. Caddy asks them what they want, and if they say e.g. jellyfin.example.com, then it sets up an encrypted connection with https to your local jellyfin server. If they want anything else they aren’t allowed in.
I just recently set up a reverse proxy with Nginx Reverse Proxy, and Cloudflare. I pointed my domain to my home address with Cloudflare (they have dynamic DNS capability), then set up NRP, to forward traffic by subdomain. The nice thing about the reverse proxy it is I can bind a subdomain to an ip:port on my local network. Like “music.!MYIP!.com” goes to my Navidrome instance “LOCALIP:4553”. This allows me to close unnecessary outbound ports.
is the free vpn service the wireguard one? if yes and it is slow, than it won’t be any faster when using your own domain and exposing the server directly to the internet, because wireguard should be as fast as any direct connection. if it is not the wireguard vpn from the fritz box i’d recommend switching to it. this can be done by tge server jellyfin is running on if your box does not support wireguard.
I assume you have a dynamic ip. what I did for that scenario: setup a dyndns hostname somewhere, configure a subdomain (e.g. jellyfin.example.com) with a cname dns record pointing to the dyndns hostname. you will have to setup updating of the dyndns hostname, this can be done in the fritz box and port forwarding to your jellyfin pc.
IPv6 may also “just work” nowadays, too, especially if the aim is to connect from mobile or other consumer networks. Corporate environments are still hit & mostly miss.
you mean without a dynamic hostname in between? but then you would still need to know about a changed prefix, wouldn’t you?
Dynamic DNS is probably still required, unless his ISP issues dedicated or very long term IPv6 leases.
