Did you open ports in docket for 80, 443 for nginx and a port for jellyfin (in docker compose under services add these but with tabs not spaces ports: - 443:443)

Do you have ufw or a firewall running? This might be blocking the ports for jellyfin and/or nginx.

It might be easier to create a bridge network called proxy (docker network create proxy) then in docker compose add the following under services networks: - proxy

And at the bottom of the compose file

networks: proxy: external: true

Then in your nginx setting redirect to jellyfin:8096 (service name in docker compose: internal port jellyfin uses I.e. right hand side of ports mapping. Are you using straight nginx or nginx proxy manager (might be worth using this).

Can you access jellyfin locally on your network (http://internal-ip-of-server:8096/ on a browser)?

Has your DNS been setup to point to the correct ip your router is on? Are you behind a dynamic IP or cgnat? If cgnat, you have to use cloudflare tunnels. If ddns look into cloudflared docker image.

Does your router forward those ports to the correct internal ip of your server? Have you fixed the internal IP of the server machine?

Don’t share your certificate details but you can share your docker compose with personal information redacted or replaced

It’s probably not a good idea to publish jellyfin to the internet. Look into tailscale or cloudflare tunnel with login security, or wireguard.

Dash cams record on loops and you can usually change the video lengths. Mine has a button you can easily press to mark that video (and the one before/after if less than 1 minute in/to go) which moves that video to a different folder and prevents it being overwritten. It also does that automatically if it senses a crash. If you have a large enough SD card you won’t have to transfer it anywhere for quite a while depending on how much you want to save. I go a few months of saving the odd thing before moving them over to my laptop

Is it possible just to copy your files on your laptop\desktop to the opencloud folder once it’s setup and wait for them to sync? It might take a while but would be the easiest, plus giving you a backup copy on your hardware.

Thank you, I really appreciate the responses and other options.

Thanks for this. To be honest it just did not cross my mind! Horserace, I am not sure I want to rely on Cloudflare too much though in case they so something in the future like put those things behind paywalls. My domains are through someone else so can easily switch nameservers to them for DNS. It does sound much easier and safer though so will have to consider it

That is not published externally - I only forward ports 80 and 443, and only access the admin interface locally or through a vpn to my router. Would this be ok? Thanks for your input

Actually this happened to me about 6 months ago too - I wanted to switch to add crowdsec support but just could not get it to work so gave up and switched back to npm. I just assumed I wasn’t doing it right and never got around to trying again

I might have done exactly this, thanks for pointing it out. Is Nginx proxy manager considered secure enough to use on extremal sites?

To be honest I forgot about it. I tried it two years ago when setting up my lab but struggled compared to NPM. Nowadays it seems like all the talk I used to hear about it is now about caddy.

I tried a few and settled on outline too. It was the most straightforward to setup and use with Authentik SSO. I haven’t tried to migrate information though so no idea about that.

Thanks! I didn’t know about this and it is from the developers of prosody (currently mentioned in the top reply) so will definitely be trying it! https://blog.prosody.im/introducing-snikket/

Also look at https://github.com/creativeprojects/resticprofile and https://github.com/garethgeorge/backrest for tools built on top of restic cli

I also use restic for backups. I actually switched from Borg because it kept getting stuck and failing but couldn’t work out why. Not had issues with restic (so far, touch wood!).

I use resticprofile with yaml configurations though (https://github.com/creativeprojects/resticprofile), which made it much easier for me to figure out.

I use borgbase for offsite backups.

They really push you to install the aio container so it’s not surprising to me.

If you’re comfortable in the terminal you’ll be fine just starting out and figuring it as you go. Be ready for a few reinstalls but it becomes part of the fun, albeit sometimes frustrating! Go for a mainstream server os like Ubuntu or Debian (as if you google them with any issue you’re likely to find at answer). Get SSH up and running with keys for security, install tailscale and don’t expose to the internet until you feel more comfortable. Install docker then start on one software you think will be useful, get it up and running then move onto the next. I would recommend homepage as a front end then keep it up to date with new software so you can quickly see what you have and what ports are in use. Vaultwarden is useful for the admin passwords. I use authentik for sso but would try caddy if I was starting now.

For personal stuff, i use an external email, and borgbase for backups (highly recommend them if using Borg or restic).

To be honest, you would get frequent notifications for updates that are probably more often than just to remind you. If you’re like me, you’ll just end up ignoring them anyway! There are a lot of small updates to a lot of software, most often not from a security point of view but just as people develop their projects. I update every week if I can but can be a couple of weeks, in which I start to feel “guilty” so when it builds up I know I have to do it

Sorry this doesn’t answer your question really but I’ve had issues when I used to auto update containers so stopped doing that. Some things have breaking changes, others just had issues in that release that caused me issues accessing stuff when not at home. I update every so often when I have ten minutes to do updates, check release notes and deal with any issues if they arise or roll back to that version. I spin up what’s up docker to see what’s changed then when finished, stop the container so it doesn’t keep on polling docker hub using my free allowance.

In short, it could be an option to spin it up, let it run, then stop the container so theres less risk it could be used for an attack.

I bought a new domain for my business and there was no trace of any old business name when researching connected to that domain. After about 6 months I received some data from an old client of theirs. It had a company name so I was able to let someone from that company know, as well the sender and I deleted the data before reading it. I guess you have to think what did you use it for, who might send data that identifies you etc. You never know who might buy it.

I remember reading an article but can’t find it now. A researcher bought tons old domains from government and local departments that had shut down or changed names, and managed to get some interesting information!

You are amazing, thank you so much! It all worked apart from the last one, which said it needs an output file specified so added -o after a quick search. I really appreciate the quick response to, I got in very quickly but only just managed to respond here.