I’m setting up a jellyfin server, and want to access it on the internet. I created a xxxxxxx.duckdns.org address for it. I have installed caddy with duckdns addon (first installed regular caddy, then overwrote /usr/bin/caddy with this custom caddy). My caddy file is as follows
XXXXXX.duckdns.org:9091 {
reverse_proxy 127.0.0.1:8096
tls {
dns duckdns XXXXXXXXXXXXXXXXX
}
}
Started caddy and here’s my status. Doesn’t show any errors:
● caddy.service - Caddy
Loaded: loaded (/lib/systemd/system/caddy.service; enabled; preset: enabled)
Active: active (running) since Sun 2023-09-24 22:45:57 EDT; 32min ago
Docs: https://caddyserver.com/docs/
Main PID: 2132 (caddy)
Tasks: 9 (limit: 8907)
Memory: 11.7M
CPU: 313ms
CGroup: /system.slice/caddy.service
└─2132 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1027205,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1027687,"logger":"http","msg":"enabling HTTP/3 listener","addr":":9091"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1030562,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.103145,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1031566,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["xxxxxx.duckdns.org"]}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1034396,"logger":"tls","msg":"finished cleaning storage units"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.104117,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1041856,"msg":"serving initial configuration"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient systemd[1]: Started caddy.service - Caddy.
Sep 24 22:49:54 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695610194.0222473,"logger":"admin.api","msg":"received request","method":"GET","host":"localhost:2019","uri":"/config","remote_ip":"127.0.0.1","remote_port":"53888","headers":{"Accept":["*/*"],"User-Agent":["curl/7.88.1"]}}
However, my reverse proxy doesn’t work. I can’t ping it. Same thing happens when I ping my global ip
PING xxxxxx.duckdns.org (104.183.123.226) 56(84) bytes of data.
From 192.168.1.254 (192.168.1.254) icmp_seq=4 Destination Host Unreachable
From 192.168.1.254 (192.168.1.254) icmp_seq=7 Destination Host Unreachable
I have previously setup dynamic dns successfully on raspberry pi for jellyfin, but unfortunately I didn’t document the steps.
I’m on ATT Fiber with BGW320-505, and have a Deco X5700. Please advise.
Not a solution to your actual problem, but a different way: have you tried using CloudFlare Zero Trust tunnel? With that you don’t need any port forwarding or dynamic DNS and you get some extra protection. You can even add a login with your Google/Microsoft account, without getting to your devices first.
AFAIK they don’t allow passing content through jellyfin, or running a vpn through a tunnel. General web services are fine tho
Yes, you’re right
Have you port forwarded?
The ports are 80 for http, and 443 for https.Oh, you’re using 9091Yeah I’ve port forwarded 9091, 443, 80, and 8096 for good measure.
Do you have CGNAT?
If you run
traceroute 1.1.1.1the first hop should be your router, and if the second starts with 100, 10, 172, or 192, then you probably have CGNAT.The second one is the ip I use to login to my modem settings. (192.168.1.254)
What’s the first IP and third?
1 _gateway (10.0.0.1) 0.443 ms 0.488 ms 0.557 ms 2 192.168.1.254 (192.168.1.254) 1.977 ms 1.936 ms 2.006 ms 3 107-129-188-1.lightspeed.gnbonc.sbcglobal.net (107.129.1 88.1) 2.454 ms 2.412 ms 2.605 ms
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT DNS Domain Name Service/System IP Internet Protocol NAT Network Address Translation
3 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #165 for this sub, first seen 25th Sep 2023, 09:15] [FAQ] [Full list] [Contact] [Source code]
Are you sure the IP address in duckdns is correct? Do you have a static or dynamic public IP, and if dynamic, how are you updating it?
Yeah duckdns has the right ip address. It says DHCP-fixed on my modem. I don’t know if it’s dynamic or not, but I think I’ve had this ip ever since I started the service. I have a duck.sh cron script, but I think the issue might be between the modem and the router. I don’t see the public ip address from the modem settings. I only see a 192. address in it.
Did you set the modem to bridge mode/DMZ, or alternatively set it to port forward to the router. The router should then port forward to the server.
