How to Self-Host Jellyfin Securely Using Oracle Free Tier, Tailscale, and Nginx

Home media server users running Jellyfin face challenges sharing access remotely due to CGNAT restrictions and home network security risks from open ports. A practical architecture combines Tailscale's mesh VPN, Oracle Cloud's Always Free Tier VPS, and Nginx as a reverse proxy to create a secure public gateway without exposing the home network. Tailscale links the home Jellyfin server to the Oracle VPS over an encrypted private network, while Nginx handles SSL termination and forwards streaming traffic via the Tailscale private IP. The setup requires configuring Oracle's Virtual Cloud Network with proper ingress rules for ports 22, 80, and 443, and installing the Tailscale client on both the home server and the cloud VPS. Users must also disable key expiration on both Tailscale nodes and configure firewall rules to allow traffic through the Tailscale network interface.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)
Log in to join the discussion and vote.
Log in