User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
services:jellyfin [2024/09/09 08:04] willyservices:jellyfin [2024/11/28 12:48] (current) willy
Line 66: Line 66:
 </code> </code>
  
-That's is, JellyFin is installed.+That's is, JellyFin is installed, now setup logrotation... 
 + 
 +Create the file **/etc/logrotata.d/jellyfin**: 
 +<file - jellyfin> 
 +/data/daemons/jellyfin/logs/*.log { 
 +    missingok 
 +    notifempty 
 +
 +</file> 
 + 
 +that's it. 
 + 
 +==== SSO Configuration ==== 
 + 
 +JeyyFin can not work with basic-auth, or at least i didnt manage to properly make it work between the web GUI and the client apps. Moreover, the Jellyfin login screen cannot be disabled, so it's pretty pointless. 
 + 
 +Instead, Jellyfin can support, via an external plugin, an OIDC Provider like Authelia. So first of all ensure your Authelia is correctly configured as OIDC Provider (see [[services:authelia|here]] the relevant chapter). 
 + 
 +The SSO plugin is located [[https://github.com/9p4/jellyfin-plugin-sso/tree/main|here]]. 
 + 
 +In short you need to: 
 +  * Configure Authelia OIDC Client 
 +  * Add this plugin repository to Jellyfin configuration 
 +  * Load the SSO plugin 
 +  * Configure Jellyfin SSO plugin 
 + 
 +This is the relevant Authelia config section (see [[https://www.authelia.com/integration/openid-connect/jellyfin/|here]] for more details): 
 +<code> 
 +identity_providers: 
 +  oidc: 
 +    ## The other portions of the mandatory OpenID Connect 1.0 configuration go here. 
 +    ## See: https://www.authelia.com/c/oidc 
 +    clients: 
 +      - client_id: 'jellyfin' 
 +        client_name: 'Jellyfin' 
 +        client_secret: '<<< generate secret >>>'   
 +        public: false 
 +        authorization_policy: 'two_factor' 
 +        require_pkce: true 
 +        pkce_challenge_method: 'S256' 
 +        redirect_uris: 
 +          - 'https://jellyfin.example.com/sso/OID/redirect/authelia' 
 +        scopes: 
 +          - 'openid' 
 +          - 'profile' 
 +          - 'groups' 
 +        userinfo_signed_response_alg: 'none' 
 +        token_endpoint_auth_method: 'client_secret_post' 
 +</code> 
 + 
 +both links above should provide enough information to help you sort the Jellyfin side. 
  
 ==== Reverse-Proxy configuration ==== ==== Reverse-Proxy configuration ====

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information