Jellyfin is everyone’s favourite open-source multimedia player. This guide goes over how to install it as a Podman Quadlet. This assumes you already have Podman setup for Quadlets. Follow this guide to setup Podman for Quadlets.
Create the container First, create and edit /etc/containers/systemd/jellyfin.container as sudo and paste the following.
[Unit] Description=Podman - Jellyfin Wants=network-online.target After=network-online.target [Container] Image=lscr.io/linuxserver/jellyfin:latest AutoUpdate=registry ContainerName=jellyfin Environment=PUID={PUID} # `id -u` to get value needed Environment=PGID={PGID} # `id -g` to get value needed Environment=TZ=America/St_Johns # Change to your time zone Volume={JELLYFIN_CONFIG}:/config Volume={MOVIE_DIR}:/movies Volume={TV_DIR}:/tv PublishPort=8096:8096 PublishPort=8920:8920 PublishPort=7359:7359/udp PublishPort=1900:1900/udp [Service] Restart=always TimeoutStartSec=900 [Install] WantedBy=default.
Do you run other things on your system other than containers? I have a VM that only runs containers so it really doesn’t do anything else with systemd apart from the basics so I’m curious if there would be any advantage to me switching.
Most VMs only run containers, but I have supporting services on every host as well. Stuff like the mesh VPN, monitoring agent or firewall.
If I want a quick overview, a quick
systemctl statuswill tell me everything I need to know.What do you have set up for mesh VPN?
I use Yggdrasil now with a whitelist of public keys. Though I’m thinking about redoing my architecture in general to make key distribution easier, have more automated DNS entries and also use the tunnel for any node to node communication.
Before that I tried Tailscale with Headscale, but I didn’t want to have a single node responsible for the network and discovery.
That’s very interesting. Once you connect something to your mesh you can access the rest of the mesh by IP? What is the gateway in that case?
Apologies for the late response
I can access every node by IP (IPv6 to be precise).
Discovery within a local network happens through regular broadcasts. For connecting different networks, you need to set peering addresses that are reachable and configure the other side to listen.
You only need one node per network though, the others will automatically discover the path and connect on the best route to their target. If your node in the middle falls over, any other node that’s reachable can be used instead. The Yggdrasil Blog posts have some explainations of the algorithms used.
There’s no explicit gateway, but you can use standard routing and firewall tools to do whatever you want. I only use it for accessing internal stuff, not as a full VPN for my client devices, but you could probably make that work by setting one node as router and configure its Yggdrasil ip as you gateway (excluding the traffic you need to connect to the VPN).
One downside is that everything’s still in progress and most versions change significant parts of the routing scheme, meaning it doesn’t work with the previous version. It is primarily a research tool for internet scale mesh networks, but releases are also infrequent enough where you shouldn’t worry too much.