I have a static IP (didn’t particularly want it but my ISP required it for port forwarding for some reason). I’m not currently hosting anything, at least not anything externally accessible, but when I did I had a tiny AWS instance configured as a reverse proxy to a separate reverse proxy VM in my house. It worked for me and if anything I hosted ever got compromised it escaped my notice.
However, I think the advantage of using something like Cloudflare rather than the way I did it (and as it sounds like you might) is threat mitigation. Especially stuff like DDoS protection.
While Cloudflare tunnels do work, streaming Jellyfin through them is technically against their TOS and they could shut you down for doing so. Instead, I recommend setting up Pangolin with a cheap VPS. Although, it will cost ~$5 a month or so.
Jellyfin: free Cloudflared: free
Jellyfin behind Cloudflared is probably the best move ATM.
It’s not specifically against TOS, they do provide you some modest protection against infiltration.
combine that with running it from a container with RO access to your media and you have a damn nice home solution.
Duckdns is free too
I have a static IP (didn’t particularly want it but my ISP required it for port forwarding for some reason). I’m not currently hosting anything, at least not anything externally accessible, but when I did I had a tiny AWS instance configured as a reverse proxy to a separate reverse proxy VM in my house. It worked for me and if anything I hosted ever got compromised it escaped my notice.
However, I think the advantage of using something like Cloudflare rather than the way I did it (and as it sounds like you might) is threat mitigation. Especially stuff like DDoS protection.
While Cloudflare tunnels do work, streaming Jellyfin through them is technically against their TOS and they could shut you down for doing so. Instead, I recommend setting up Pangolin with a cheap VPS. Although, it will cost ~$5 a month or so.
You don’t have to use a tunnel, for example I use a reverse proxy to a domain I own, and set a cache rule so cloudflare doesn’t get mad.
I really need to take a weekend to learn Jellyfin and set it up in my environment.