I have some videos I might be interested in sharing on a Jellyfin server, as well as interest in viewing videos on someone else’s shared server. I have a question: What options do you have for hardening security-wise? I have the server hosted on a local machine and don’t wanna get pwned if I can help it.
Actually, looking in that guide you linked, the change to add https is a very small change in the config file as well. Perhaps you mean doing port forwarding in the router or setting up a domain/DNS is difficult? But those parts have nothing to do with Caddy itself.
Try looking at an equivalent guide for its competitors Nginx or Traefik. They’re far more complex to get set up.
I have my Plex server in docker container that automatically restarts with the latest image once a week. I believe most vulnerabilities will come from outdated software.
Then I have nginx reverse proxying in front, I’m sure there’s additional safeguards I could throw in there but my instance is private.
I have some videos I might be interested in sharing on a Jellyfin server, as well as interest in viewing videos on someone else’s shared server. I have a question: What options do you have for hardening security-wise? I have the server hosted on a local machine and don’t wanna get pwned if I can help it.
Removed by mod
Check out Authelia. There are docker images with it and a proxy.
Removed by mod
Caddy in a docker container took me about 5 minutes to setup. Reverse proxying is a one-liner in Caddy
Removed by mod
That’s for Caddy 1.1
In Caddy 2 and higher it handles the cert stuff automatically with Let’sEncrypt.
Actually, looking in that guide you linked, the change to add https is a very small change in the config file as well. Perhaps you mean doing port forwarding in the router or setting up a domain/DNS is difficult? But those parts have nothing to do with Caddy itself.
Try looking at an equivalent guide for its competitors Nginx or Traefik. They’re far more complex to get set up.
Removed by mod
For sure, Caddy’s the easiest tool I’ve found for this part of the chain.
DNS stuff is somewhat easy if you get a good provider, but it depends on a couple things. Port forwarding generally is a pain in the ass.
I have my Plex server in docker container that automatically restarts with the latest image once a week. I believe most vulnerabilities will come from outdated software.
Then I have nginx reverse proxying in front, I’m sure there’s additional safeguards I could throw in there but my instance is private.