🚀 Jellyfin Server 10.11.7
We are pleased to announce the latest stable release of Jellyfin, version 10.11.7! This minor release brings several bugfixes to improve your Jellyfin experience. As alway...
or use the ldap auth plugin with your source of truth, put it behind a reverse proxy, protect it with fail2ban and anubis. there are ways of exposing it safely.
Do not rely on an OIDC/LDAP provider with Jellyfin, you cannot run these in front of your proxy otherwise Jellyfin applications will not be able to communicate with the server.
Blacklist all IP address and whitelist the known few, no need for Fail2Ban or a WAF.
you totally can use ldap or oidc it just requires more setup. you just ensure jellyfin and your source of truth talk on their own subnet, docker can manage it all for you. ldap can be setup to be ldaps with ssl and never even leave the docker subnet anyways.
and yes I suppose you could rely on whitelists, but you’d have to manually add to the whitelist for every user, and god forbid if someone is traveling.
or use the ldap auth plugin with your source of truth, put it behind a reverse proxy, protect it with fail2ban and anubis. there are ways of exposing it safely.
Do not rely on an OIDC/LDAP provider with Jellyfin, you cannot run these in front of your proxy otherwise Jellyfin applications will not be able to communicate with the server.
Blacklist all IP address and whitelist the known few, no need for Fail2Ban or a WAF.
you totally can use ldap or oidc it just requires more setup. you just ensure jellyfin and your source of truth talk on their own subnet, docker can manage it all for you. ldap can be setup to be ldaps with ssl and never even leave the docker subnet anyways.
and yes I suppose you could rely on whitelists, but you’d have to manually add to the whitelist for every user, and god forbid if someone is traveling.