Jellyfin adalah sistem streaming media sumber terbuka yang memungkinkan Anda mengelola dan mengalirkan media. Ini adalah lintas platform dan alternatif untuk aplikasi lain seperti Emby dan Plex. Dengan Jellyfin, Anda dapat mengatur dan berbagi file Media, Acara TV, Musik, dan Foto dari antarmuka berbasis web. Anda dapat mengakses media yang dialirkan tersebut di PC, Tablet, Telepon, Roku, dan TV Anda melalui internet. Jellyfin secara otomatis mengambil metadata dari database TheMovieDB, OpenMovie, Rotten Tomatoes, dan TheTVDB.
Dalam posting ini, kami akan menunjukkan cara menginstal server streaming media Jellyfin dengan Nginx sebagai proxy terbalik di Debian 10.
Prasyarat
- Server yang menjalankan Debian 10.
- Nama domain valid yang ditunjukkan dengan IP server Anda.
- Sandi root dikonfigurasi untuk server.
Memulai
Pertama, Anda perlu memperbarui paket sistem Anda dengan versi terbaru. Anda dapat memperbaruinya dengan perintah berikut:
apt-get update -y
Setelah semua paket diperbarui, instal paket lain yang diperlukan dengan perintah berikut:
apt-get install apt-transport-https ca-certificates gnupg2 curl git -y
Setelah semua paket terinstal, Anda dapat melanjutkan ke langkah berikutnya.
Instal Jellyfin
Secara default, paket Jellyfin tidak disertakan dalam repositori Debian 10. Jadi, Anda perlu menambahkan repositori Jellyfin ke APT Anda.
Anda dapat menambahkannya dengan perintah berikut:
echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/debian buster main" | tee /etc/apt/sources.list.d/jellyfin.list
Setelah repositori ditambahkan, tambahkan kunci GPG dengan perintah berikut:
wget -O - https://repo.jellyfin.org/jellyfin_team.gpg.key | apt-key add -
Selanjutnya, perbarui repositori dan instal Jellyfin dengan perintah berikut:
apt-get update -y
apt-get install jellyfin -y
Setelah Jellyfin terinstal, Anda dapat memeriksa status Jellyfin dengan perintah berikut:
systemctl status jellyfin
Anda akan mendapatkan output berikut:
? jellyfin.service - Jellyfin Media Server
Loaded: loaded (/lib/systemd/system/jellyfin.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/jellyfin.service.d
??jellyfin.service.conf
Active: active (running) since Mon 2021-03-22 08:27:42 UTC; 5min ago
Main PID: 10192 (jellyfin)
Tasks: 17 (limit: 4701)
Memory: 113.9M
CGroup: /system.slice/jellyfin.service
??10192 /usr/bin/jellyfin --webdir=/usr/share/jellyfin/web --restartpath=/usr/lib/jellyfin/restart.sh --ffmpeg=/usr/lib/jellyfin-ffm
Mar 22 08:27:45 debian10 jellyfin[10192]: [08:27:45] [WRN] 127.0.0.1/32: GetBindInterface: Loopback 127.0.0.1 returned.
Mar 22 08:27:45 debian10 jellyfin[10192]: [08:27:45] [INF] Executed all pre-startup entry points in 0:00:00.1545678
Mar 22 08:27:45 debian10 jellyfin[10192]: [08:27:45] [INF] Core startup complete
Mar 22 08:27:46 debian10 jellyfin[10192]: [08:27:46] [INF] Executed all post-startup entry points in 0:00:00.1976994
Mar 22 08:27:46 debian10 jellyfin[10192]: [08:27:46] [INF] Startup complete 0:00:03.6985068
Mar 22 08:27:48 debian10 jellyfin[10192]: [08:27:48] [INF] StartupTrigger fired for task: Update Plugins
Mar 22 08:27:48 debian10 jellyfin[10192]: [08:27:48] [INF] Queuing task PluginUpdateTask
Mar 22 08:27:48 debian10 jellyfin[10192]: [08:27:48] [INF] Executing Update Plugins
Mar 22 08:27:49 debian10 jellyfin[10192]: [08:27:49] [INF] Update Plugins Completed after 0 minute(s) and 0 seconds
Mar 22 08:27:49 debian10 jellyfin[10192]: [08:27:49] [INF] ExecuteQueuedTasks
Pada titik ini, Jellyfin dimulai dan mendengarkan pada port 8096. Anda dapat memeriksanya dengan perintah berikut:
ss -antpl | grep 8096
Keluaran:
LISTEN 0 128 0.0.0.0:8096 0.0.0.0:* users:(("jellyfin",pid=10192,fd=289))
Konfigurasikan Nginx sebagai Proxy Terbalik
Selanjutnya, Anda perlu mengonfigurasi Nginx sebagai proxy terbalik untuk mengakses Jellyfin pada port 80.
Pertama, instal paket Nginx dengan perintah berikut:
apt-get install nginx -y
Setelah terinstal, buat file konfigurasi Nginx baru dengan perintah berikut:
nano /etc/nginx/conf.d/jellyfin.conf
Tambahkan baris berikut:
server {
listen 80;
server_name jellyfin.example.com;
access_log /var/log/nginx/jellyfin.access;
error_log /var/log/nginx/jellyfin.error;
set $jellyfin 127.0.0.1;
location / {
proxy_pass http://127.0.0.1:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
# location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
location ~ ^/web/$ {
# Proxy main Jellyfin traffic
proxy_pass http://$jellyfin:8096/web/index.html/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://$127.0.0.1:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
# Security / XSS Mitigation Headers
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
}
Simpan dan tutup file kemudian verifikasi Nginx untuk kesalahan sintaks dengan perintah berikut:
nginx -t
Keluaran:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Selanjutnya, restart layanan Nginx untuk menerapkan perubahan:
systemctl reload nginx
Akses Jellyfin
Sekarang, buka browser web Anda dan akses antarmuka web Jellyfin menggunakan URL http://jellyfin.example.com . Anda akan diarahkan ke halaman berikut:
Pilih bahasa Anda dan klik Berikutnya tombol. Anda akan melihat halaman berikut:
Berikan nama pengguna, sandi, dan klik Berikutnya tombol. Anda akan melihat halaman berikut:
Klik Berikutnya tombol. Anda akan melihat halaman berikut:
Pilih bahasa metadata Anda dan klik Berikutnya tombol. Anda akan melihat halaman berikut:
Izinkan akses jarak jauh dan klik Berikutnya tombol. Setelah instalasi selesai, Anda akan melihat halaman berikut:
Klik tombol Selesai tombol untuk menyelesaikan instalasi. Anda akan melihat halaman login Jellyfin:
Berikan nama pengguna, sandi, dan klik Tanda Dalam tombol. Anda akan melihat dasbor Jellyfin di halaman berikut:
Amankan Jellyfin dengan Let's Encrypt SSL
Selanjutnya, Anda perlu menginstal paket klien Certbot untuk menginstal mengelola Let's Encrypt SSL. Pertama, instal Certbot dengan perintah berikut:
apt-get install python3-certbot-nginx -y
Setelah instalasi selesai, jalankan perintah berikut untuk menginstal Let's Encrypt SSL di situs web Anda:
certbot --nginx -d jellyfin.example.com
Anda akan diminta untuk memberikan alamat email yang valid dan menerima persyaratan layanan seperti yang ditunjukkan di bawah ini:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for jellyfin.example.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/conf.d/jellyfin.conf
Selanjutnya, pilih apakah akan mengarahkan lalu lintas HTTP ke HTTPS seperti yang ditunjukkan di bawah ini:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Ketik 2 dan tekan Enter untuk menyelesaikan instalasi. Anda akan melihat output berikut:
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/jellyfin.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://jellyfin.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=jellyfin.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/jellyfin.example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/jellyfin.example.com/privkey.pem Your cert will expire on 2020-10-30. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le - We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.
Sekarang, situs web Anda diamankan dengan Let's Encrypt SSL. Anda dapat mengaksesnya dengan aman menggunakan URL https://jellyfin.example.com.
Kesimpulan
Selamat! Anda telah berhasil menginstal Jellyfin di server Debian 10. Kini Anda dapat dengan mudah berbagi media dengan teman, keluarga, dan pengguna lain.