Configure Jellyfin, Caddy, and Dynu DDNS
May 20, 2025
Written by Sean David Reed
OS/Distro: Ubuntu 24.04.3 LTS (Ubuntu Server)
Install Jellyfin
For this installation, we won't be using Docker. The process is as simple as navigating to Jellyfin's installation guide, selecting your operating system, and running a few commands. I installed mine on Ubuntu Server, so this was all I needed to do.
curl https://repo.jellyfin.org/install-debuntu.sh | sudo bashSince my server is headless, I had to access the Jellyfin Setup Wizard via a browser on a separate machine. To do this, we need to configure LAN access on the server.
-
Make sure the server private IP is static. Check out this short guide: How to Set Up a Static IP.
-
Open Jellyfin's default port for HTTP traffic - 8096.
sudo ufw add allow 8096/tcp -
Open a browser on a separate machine and access your Jellyfin server with <static-ip-address>:8096. From here, it's straightforward to create your users and simply click through the Setup Wizard.
Install Caddy
These commands are straight from caddyserver.com, and they are all that's required to get Caddy installed! Run these on the server machine.
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy[Optional] Test Caddy
Write a Configuration File
Let's create a Caddyfile. We can put it anywhere for now, so I'm putting it in my main user directory.
cd ~
vim CaddyfilePopulate the Caddyfile with a "Hello, world!" test.
:2015
respond "Hello, world!"Start the server, and verify that it worked.
caddy start
curl localhost:2015Set up a Reverse Proxy
Let's modify the Caddyfile.
:2015 {
respond: "Hello, world!"
}
:2080 {
reverse_proxy :2015
}Then, reload the server, and verify that it worked.
caddy reload
curl localhost:2080Set Up HTTPS
Modify the Caddyfile:
:2015 {
respond: "Hello, world!"
}
localhost {
reverse_proxy :2015
}Reload the server, and verify.
caddy reload
curl -v https://localhostGive Caddy HTTPS Capability
sudo setcap cap_net_bind_service=+ep $(which caddy)Set Up DDNS
I created a free account with Dynu DDNS, selected a domain, and pointed it at my routers public IP address. If you don't know your routers public IP, you can run the following command on any Linux machine that's connected to it.
curl ip.mePort Forwarding
Find your router and note the Username, Password, and Gateway written on the side.
If the gateway is not written on the router, open up the terminal and run the command route -n to find your routers gateway. It will probably be something like 192.168.0.x.
Open a browser and enter the IP in the address bar. Enter the Username and Password.
My router interface has a side panel where I selected Network Setting, then NAT, and then port forwarding. I clicked Add New Rule, and added these values.
Service Name: jellyfin
Server IP Address: <static-IP-address>
Start Port: 443
End Port: 443
Translation Start Port: 443
Translation End Port: 443
Protocol: TCPAdd UFW Rule
We need to add a rule to the firewall to enable HTTPS traffic.
sudo ufw allow 443/tcpRewrite the Caddyfile
If you skipped the optional section, the Caddyfile will need to be created. Simply navigate to your user directory and create it there.
cd ~
vim CaddyfilePoint the DDNS domain at the test port 2015.
:2015 {
respond "Hello, world!"
}
<your-ddns-domain> {
reverse_proxy 127.0.0.1:2015
}Reload!
caddy reloadSSL Certificates should automatically generate. In a browser, input the following: https://<your-ddns-domain>. "Hello, world!" should appear.
Finishing Touches
We're ready to connect Caddy to Jellyfin. Edit your Caddyfile to look like this.
<your-ddns-domain> {
reverse_proxy 127.0.0.1:8096
}Reload!
caddy reloadOpen the browser and once again input: https://<your-ddns-domain>. The Jellyfin login should appear. Huzzah!