Deploy your own media streaming server with Jellyfin

Jellyfin media streaming server installation guide for Raspberry PI

Installation

1. Before we proceed, let us start by ensuring we are running an updated operating system.

As long as you are running a Debian operating system such as Ubuntu or Raspberry Pi OS, the following steps will work fine for you.

Update your Raspberry Pi’s operating system by using the following two commands.

1
2

sudo apt update
sudo apt full-upgrade

1. With our Raspberry Pi up to date, we need to install some packages to access the Jellyfin package repository. Out of the box, the apt package manager does not have support for repositories running behind HTTPS.

To work around this, we can install the apt-transport-https package by running the following command.

1

sudo apt install apt-transport-https lsb-release

This package adds support for the HTTPS transport protocol to the apt package manager.

1. Next, we need to import the GPG signing key to our Pi.

We can use the following command to pipe the key directly to our package manager’s key chain.

1

curl https://repo.jellyfin.org/debian/jellyfin_team.gpg.key | gpg --dearmor | sudo tee /usr/share/keyrings/jellyfin-archive-keyring.gpg >/dev/null

GPG Keys are an essential part of how package repositories remain secure. The keys help ensure that only software signed by the repository will be installed.

1. Now that we have the GPG key added, we can finally add the Jellyfin repository to our Raspberry Pi.

We can use a handy one-liner that will automatically generate the correct line for the sources file.

1
2

echo "deb [signed-by=/usr/share/keyrings/jellyfin-archive-keyring.gpg arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/debian $( lsb_release -c -s ) main" | sudo tee /etc/apt/sources.list.d/jellyfin.list

This line automatically grabs the current systems architecture and its current release and fills in the blanks.

1. Lastly, we need to update our Pi’s package list.

You can update the package list by using the following command on your device.

1

sudo apt update

When you make a change to the sources file, you need to update the package list. Without updating, the package manager won’t be aware of the changes.

1. On your Raspberry Pi, all you need to do is run the following command to install Jellyfin.

1

sudo apt install jellyfin

1. During the installation process Jellyfin will set up a few things on our Raspberry Pi.

The first thing it does is create a new user called jellyfin. This user is used to run the software on your Raspberry Pi and is also the user who will need to access your files.

Secondly, it also creates a service for Jellyfin. This service will start the media server automatically at boot and allow you to start, stop, and restart the service easily.

Nginx Setup

• Create jellyfin file in /etc/nginx/site-available/jellyfin

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

# Default server configuration
#
server {
	listen 80 default_server;

	server_name _;

	access_log /var/log/nginx/jellyfin.access;
	error_log /var/log/nginx/jellyfin.error;

      set $jellyfin 127.0.0.1;

      location / {
          proxy_pass http://127.0.0.1:8096;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;

          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Protocol $scheme;
          proxy_set_header X-Forwarded-Host $http_host;

          # Disable buffering when the nginx proxy gets very resource heavy upon streaming
          proxy_buffering off;
      }

      # location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
      location ~ ^/web/$ {
          # Proxy main Jellyfin traffic
          proxy_pass http://$jellyfin:8096/web/index.html/;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Protocol $scheme;
          proxy_set_header X-Forwarded-Host $http_host;
      }

      location /socket {
          # Proxy Jellyfin Websockets traffic
          proxy_pass http://$127.0.0.1:8096;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Protocol $scheme;
          proxy_set_header X-Forwarded-Host $http_host;
      }

        # Security / XSS Mitigation Headers
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Content-Type-Options "nosniff";
}

• Link nginx config to site-enabled

1

sudo ln -s /etc/nginx/site-available/jellyfin /etc/nginx/site-enabled/

• Test nginx config

1

sudo nginx -t

• Reload nginx config

1

sudo service nginx reload