Searching for solution for remote clients

I’m hosting a Jellyfin Server to share my media with my family at home. In the future I also want to allow people from outside my LAN (e.g. grandparents, in laws, …) to access my server.
Since I don’t want to expose my server to the public internet I’ve set up a VPN that allows access to Jellyfin from certain devices (e.g. my phone).
While this approach itself works fine, it has some drawbacks

• Requires manual configuration (of VPN) on each client
• Some clients don’t support VPN connections (e.g. FireTV Stick)

What I’m looking for in particular is a device to connect to the TV at grandparents and in laws that

• is inexpensive
• supports hw-decoding (of H264, H265 and ideally AV1 at ideally 4K HDR) for (future proof) direct playback
• supports connections via VPN

We use a FireTV Cube at home, but it can’t do connections to a (custom) VPN, so I can’t use it. Does anyone have recommendations for my usecase?

I’m also wondering if there is a way (without replacing the router for sth like pfSense) to use a single device (e.g. RaspberryPi) to make all the devices in the network at the remote location be able to connect to my server through the VPN. Perhaps someone has some advice in this regard too.

Thanks in advance for any help!

Wouldn’t a simpler solution be to open your server on the internet but only to a whitelist of public IP addresses?

Firestick do support VPN. You can use Downloader to get apk from https://f-droid.org/packages/com.wireguard.android/

I think You can use Tailscale.

Read this:

https://mediahost.weebly.com/blog/tailscale-jellyfin-secure-remote-access-with-no-reverse-proxy-no-router-settings-no-port-hassles

ddns

reverse proxy with dmz’d vpn connection to backend.

Look at Tailscale or ZeroTier. No configuration required, ZeroTier is a services only VPN and Tailscale is a complete tunnel VPN, they act like virtual switches so they use different IPs to your public IP, which never change.

As u/Nphusion said, residential connections don’t have static IPs (at least not where I’m from). So I’d need a solution for noticing and updating the IPs every time they changed. Does not seem to be a viable solution unfortunately.

That would be a lot of work since most home connections have a dynamic ip adresses meaning you would need to update your firewall configuration every time an ip changes.

Oh yes it seems to do. Did not know you could sideload apps (without some kind of Jailbreak). Looks promising, I’ll have to try that out.

How would you use that on like a tv? I thought it was an app only on pc and phones

There are services like dyndns/noip you can self host, putting a RPI at the remote locations with a client to update your server, then fetching the new IPs and reloading the rules.

Anyhow, Jellyfin/rproxy DNS or vpn you’ll need at least one service exposed on the internet

Mine doesn’t change often, about once a year, but I use pialert to email me when it does happen. I just setup a docker container to keep it simple

Yes I thought of that, I might be privileged to have an ISP that doesn’t do dynamic IP for the last decade, but then our biggest operator here still does (maybe not anymore for optical fiber).

Your best bet is an android tv device, since I know that android TV is supported by these services.

There are services like dyndns/boop you can self host, putting a RPI at the remote locations with a client to update your server, then fetching the new iOS and reloading the rules.

Might be a solution to consider - thanks! I’ll take a look at

Anyhow, Jellyfin/rproxy DNS or vpn you’ll need at least one service exposed on the internet

Of course, but by using a VPN I only have to open up one port to be able access everything running at home - not just Jellyfin.

Sure thing, I stayed on Jellyfin only. Good luck dude/dudette

Yeah I also have various other services running (e.g. NAS) that I want to access from the outside. VPN is the obvious solution in that case.

Thanks!