How to Install Jellyfin Media Server on Ubuntu 24.04, 22.04, or 20.04

Jellyfin Media Server is a beacon for those seeking an open-source and robust solution to manage and stream their media collections. It is a popular alternative to Plex Media Server.

Below is a some of the key Features of Jellyfin Media Server:

Open-Source and Cost-Free: Jellyfin offers a transparent and cost-free solution, setting it apart from other media servers that might have hidden fees.
Privacy-Centric: With Jellyfin, user privacy remains paramount. The platform refrains from tracking or collecting user data, ensuring a secure media streaming experience.
Broad Device Compatibility: Jellyfin’s adaptability ensures smooth streaming across various devices, from Windows, macOS, and Linux to Android, iOS, and leading smart TVs.
Intuitive User Experience: Jellyfin simplifies media library management and navigation by boasting a user-friendly interface. Users can also personalize the interface to resonate with their aesthetic preferences.
Comprehensive Media Support: Jellyfin’s ability to support various media formats eliminates the need for constant conversions or transcoding.
Expandable with Plugins: Users can augment their Jellyfin experience with various plugins and add-ons, ranging from metadata fetchers to subtitle providers.

With Jellyfin, you get a top-tier media server and become part of a community that values transparency, customization, and user privacy. This guide will navigate you through the steps to install Jellyfin on Ubuntu, ensuring you’re well-equipped to elevate your home entertainment system.

Prerequisites for Installing Jellyfin Media Server

To successfully install Jellyfin Media Server on Ubuntu, ensure you meet the following requirements:

System Requirements and Supported Ubuntu Versions

Component	Recommended Requirement
Processor	4 GHz or faster quad-core processor
RAM	8 GB or more
Disk Space	100 GB of free space
Network	High-speed internet connection
Supported Versions	Ubuntu 24.04 (Noble), Ubuntu 22.04 (Jammy), Ubuntu 20.04 (Focal)

Additional Requirements

Requirement	Description
Internet Connection	Necessary for downloading Jellyfin and applying updates.
Terminal Conventions	All terminal commands should be executed as a regular user with `sudo` privileges.
CLI Commands	Utilize the Command Line Interface (CLI) for installation and setup.
Media Storage	Ensure sufficient storage for media files.
Network Configuration	Proper network setup to ensure seamless media streaming.

Import Jellyfin APT Repository

Update Ubuntu Before Jellyfin Installation

To keep your Ubuntu operating system smooth and secure and to prevent issues when installing the Jellyfin Media Server, update your packages. Use the command line interface and enter the following command to update Ubuntu:

sudo apt update && sudo apt upgrade

This command will update the package list and upgrade all installed packages to the latest versions.

Install Initial Packages For Jellyfin Media Server

Before you install the Jellyfin Media server, ensure you have installed all the necessary packages on your Ubuntu system. These packages ensure a successful installation and smooth server operation.

To install the necessary packages, you can use the command line interface and execute the following command:

sudo apt install apt-transport-https ca-certificates curl -y

Import Jellyfin Media Server APT Repository

The default Ubuntu repository doesn’t include Jellyfin. You must import the Jellyfin GPG Key and repository to install the software. This confirms the package’s authenticity and verifies no one has tampered with it.

Import Jellyfin GPG Key:

To import the GPG key, use this command:

curl -fsSL https://repo.jellyfin.org/ubuntu/jellyfin_team.gpg.key | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/jellyfin.gpg > /dev/null

This command will download the GPG key from the Jellyfin website and add it to your system’s keyring. This key is essential to verify the package’s authenticity during installation; the installation will fail without it.

Import Jellyfin Repository:

Choose between the stable and unstable Jellyfin repositories to import. We recommend the stable repository for most users because we’ve tested it extensively for stability. On the other hand, the unstable repository offers the latest development release, which might introduce bugs or instability to your Jellyfin Media server. Use the following command to select your desired repository:

To import Jellyfin Media Server stable (recommended):

echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/$( awk -F'=' '/^ID=/{ print $NF }' /etc/os-release ) $( awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release ) main" | sudo tee /etc/apt/sources.list.d/jellyfin.list

Alternatively, import Jellyfin Media Server unstable (development):

echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/$( awk -F'=' '/^ID=/{ print $NF }' /etc/os-release ) $( awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release ) main unstable" | sudo tee /etc/apt/sources.list.d/jellyfin.list

This command will add the Jellyfin repository to your Ubuntu system. It is necessary to import the repository to access the Jellyfin package and its dependencies.

Finally, update your system’s repository listing to recognize the new additions with the following command:

sudo apt update

This command will update your repository listing, ensuring Ubuntu recognizes the new repository and its contents.

Proceed to Complete Installation of Jellyfin Media Server

After importing the Jellyfin repository and GPG key, you can install the media server on your Ubuntu system. The installation process is straightforward, and you can use the following command to install Jellyfin:

sudo apt install jellyfin

After completing the installation, Jellyfin automatically starts. To confirm, use the following command to check Jellyfin’s status:

systemctl status jellyfin

If the Jellyfin service has not started for any reason, you can use the following commands:

To start the service, use the following command:

sudo systemctl start jellyfin

Next, enable the service to start automatically during system boot by using the following command:

sudo systemctl enable jellyfin

The commands start the Jellyfin service, enabling it to launch automatically during system boot.

Jellyfin Media Server Initial Setup Rundown

To access the Jellyfin Web UI, you must open your internet browser and enter the IP address of your server, followed by the default port 8096. If you’re accessing the Jellyfin server on the same machine installed, use 127.0.0.1 as the IP address.

For example, you can enter the following address in your browser’s address bar to access the Jellyfin Web UI:

Example below:

http://127.0.0.1:8096

When you enter the given address, the welcome screen for the initial server setup appears. This screen outlines the essential steps to configure Jellyfin for the first time.

Example of the Jellyfin Welcome screen:

When you set up your Jellyfin server for the first time, the system prompts you to choose your preferred display language. After selecting, click the “Next ->” button to continue.

Next, the system asks you to create a username and password for your Jellyfin account. This account gives administrative access to the Jellyfin server, enabling you to manage media libraries, user accounts, and server settings.

To secure your Jellyfin server, choose a strong, unique password that combines uppercase and lowercase letters, numbers, and symbols. After setting your username and password, click the “Next ->” button to proceed to the next phase of the server setup.

Example of creating username and password:

After creating your username and password, click the “Next ->” button. You can add more users after completing the initial setup.

Next, set up your media libraries. Add your media content to Jellyfin by configuring these libraries. Jellyfin uses them to organize and display your media. Create separate libraries for movies, TV shows, and music.

Example of media libraries:

To add media content to Jellyfin, click the “+” or “Add Media Library” button on the Jellyfin dashboard. This click brings you to the Media Library setup screen, where you can select your media folder.

Once you’ve added your media libraries, click the “Next ->” button. You’ll land on the Metadata Language screen. Here, pick the language you want for your media content’s metadata, enriching your collection with details like cast, plot summaries, and reviews.

Note: The setup mirrors that of Plex, making it straightforward for those familiar with Plex. After clicking the “Add Media Library” button, select the type of media you want to add: movies, TV shows, or music.

After setting up your media libraries and choosing your metadata language, move to the next step: configuring remote access for your Jellyfin media server. Remote access lets you view media content from different locations or devices outside your local network.

Example of configuring remote access:

Allow remote connections to your Jellyfin media server and turn on automatic port mapping to enable remote access. Allowing remote connections lets you access your media from any location with internet connectivity. Meanwhile, automatic port mapping opens the required ports for incoming traffic to your Jellyfin server.

Once you’ve selected it, you can proceed to the next step. The next screen confirms that you have finished the installation and that your Jellyfin media server is ready.

Example of initial setup complete:

After confirming that you have finished the installation process, click the “Finish” button to complete the setup. This action will take you to the login screen, where you can sign in with the user account and password you created during the initial setup.

Example of Jellyfin sign-in screen:

Enter your username and password to sign in to your Jellyfin media server, then click the “Sign in” button.

Troubleshoot: Reset the Initial Setup

Note: This section can be skipped unless you have issues or need to reset the installation process. In that case, follow the steps below.

During your Jellyfin media server’s initial setup, you can reset the setup process if you make an error or mistake. To do this, modify the “IsStartupWizardCompleted” value in the system.xml file and restart the Jellyfin server.

First, open the system.xml file which you can do this by running the following command:

sudo nano /etc/jellyfin/system.xml

This command opens the system.xml file in the nano text editor, allowing you to change the file.

Modify the “IsStartupWizardCompleted” value:

<IsStartupWizardCompleted>true</IsStartupWizardCompleted>

And change it to:

<IsStartupWizardCompleted>false</IsStartupWizardCompleted>

This change resets the initial setup process, allowing you to start again from the beginning.

To restart the Jellyfin server, run the following command:

sudo systemctl restart jellyfin

Restart the setup process: Once you’ve restarted the Jellyfin server, you can revisit the HTTP://127.0.0.1:8096 and restart the setup process.

Configure Jellyfin Media Server Permissions For Media Drives

After installing Jellyfin, the media server will require permission to read and execute your media directories. To do this, you can use the setfacl command, which allows you to control access at a very detailed level compared to the default chown and chgrp commands.

First, make sure you have the ACL package installed by running the following command:

sudo apt install acl

Next, to give Jellyfin access to your media directory and all its subdirectories, use the following command with the -R (recursive) flag:

sudo setfacl -R -m u:jellyfin:rx /media/mymediadrive

If you need to assign permissions to individual media directories or files, use the following command:

sudo setfacl -m u:jellyfin:rx /media/mymediadrive/example-name-of-file-or-directory

Additional Jellyfin Media Server Commands

Configure Ubuntu Server SSH For Jellyfin Media Server

To access your Jellyfin Media Server remotely, set up an SSH tunnel. SSH provides a secure method for remote logins over insecure networks.

To establish an SSH tunnel on your local computer, replace {server-ip-address} with your server’s IP address. Use the following command to create the SSH tunnel for the Jellyfin Media Server:

ssh {server-ip-address} -L 8096:localhost:8096

For users without SSH, use the following command to install it:

sudo apt install openssh-server

After enabling the SSH service, access the Jellyfin Media Server using this link in your web browser:

http://localhost:8096/web/index.html#/wizardstart.html

Remember, when you use an SSH tunnel, it directs the HTTP request to http://localhost:8096/web on the remote server. After completing the initial setup, access your Jellyfin Media Server at https://{server-ip-address}:8096 using the remote server IP address.

Configure UFW Firewall For Jellyfin Media Server

The Ubuntu Firewall (UFW) manages firewall rules in Ubuntu. By default, Ubuntu doesn’t enable UFW; users must activate it themselves. A firewall controls network traffic on your server.

Before moving on, configure UFW to allow only essential traffic. To activate UFW, use this command:

sudo ufw enable

To allow the Jellyfin Media Server port 8096, run the following command:

sudo ufw allow 8096

Allow incoming traffic on port 8096 to your server; Jellyfin Media Server needs this to function correctly.

If you haven’t installed UFW, use the following command to install it:

sudo apt install ufw

Setup Apache or Nginx as a Reverse Proxy For Jellyfin Media Server

You can set up a reverse proxy to access Jellyfin from a remote computer or network.

Setup Apache as a Reverse Proxy For Jellyfin Media Server

To set up Apache as a reverse proxy, start by installing the Apache web server:

sudo apt install apache2

By default, Apache should be enabled. If not, use this command:

sudo systemctl start apache2

To start Apache on boot, use this command:

sudo systemctl enable apache2

Next, enable the necessary modules with the following command:

sudo a2enmod proxy proxy_http headers proxy_wstunnel

Create a new virtual host configuration file for Jellyfin using the following command:

sudo nano /etc/apache2/sites-available/jellyfin.conf

You need an active domain name to set up the subdomain. You can purchase a domain name for as little as $1 to $2 from NameCheap. If you prefer a .com, use Cloudflare.

After creating your subdomain, add the following to the virtualhost file you created:

<VirtualHost *:80>
    ServerName jellyfin.example.com

    # Redirect HTTP to HTTPS
    Redirect permanent / https://jellyfin.example.com

    ErrorLog /var/log/apache2/jellyfin-error.log
    CustomLog /var/log/apache2/jellyfin-access.log combined
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName jellyfin.example.com

    DocumentRoot /var/www/html/jellyfin/public_html

    ProxyPreserveHost On

    ProxyPass "/socket" "ws://localhost:8096/socket"
    ProxyPassReverse "/socket" "ws://localhost:8096/socket"

    ProxyPass "/" "http://localhost:8096/"
    ProxyPassReverse "/" "http://localhost:8096/"

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/jellyfin.example.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/jellyfin.example.com/privkey.pem
    Protocols h2 http/1.1

    SSLCipherSuite HIGH:RC4-SHA:AES128-SHA:!aNULL:!MD5
    SSLHonorCipherOrder on

    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

    ErrorLog /var/log/apache2/jellyfin-error.log
    CustomLog /var/log/apache2/jellyfin-access.log combined
</VirtualHost>
</IfModule>

Save the file (CTRL+O), then exit (CTRL+X).

Before enabling the virtual host, you can check whether there are any errors in the Apache configuration or virtual host file by performing a “dry run” using the following command:

sudo apache2ctl configtest

This command checks the Apache configuration syntax and returns “Syntax OK” if there are no syntax errors.

If there are no errors, you can enable the virtual host using the following command:

sudo a2ensite jellyfin.conf

The command establishes a symbolic link between the sites-available and sites-enabled directories, allowing Apache to serve the virtual host. After you activate the virtual host, restart Apache with this command:

sudo systemctl restart apache2

This command stops and starts the Apache service, reloads the configuration with the new changes, and applies the new virtual host settings.

Setup Nginx as a Reverse Proxy For Jellyfin Media Server

Nginx, a popular, lightweight, high-performance web server, is an excellent reverse proxy for accessing your Jellyfin media server from remote computers or networks.

To install Nginx, use this command:

sudo apt install nginx

Nginx should be enabled by default. If not, use the following command to start it:

sudo systemctl start nginx

To ensure Nginx starts automatically on boot, use the following command:

sudo systemctl enable nginx

Example output if successful:

Synchronizing state of nginx.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable nginx

You can verify the status of Nginx with the following command:

sudo systemctl status nginx

After you’ve confirmed that Nginx is running correctly, create a new server block file at /etc/nginx/conf.d/jellyfin.conf.

sudo nano /etc/nginx/conf.d/jellyfin.conf

In this server block file, you’ll need to configure the following:

listen directive specifies the port and address Nginx should listen on. In this example, we’re using port 80.
server_name directive specifies the hostname or domain name Nginx should listen to. Replace jellyfin.example.com with your domain name.
access_log and error_log directives: These define the locations of the access and error logs.
location directives: These specify how Nginx should handle incoming requests.

In the location directives, set up proxy_pass to forward requests from Nginx to Jellyfin. proxy_pass specifies the protocol and address of the Jellyfin server, which listens on port 8096. The location directive handles requests for the root URL (/), the /web/ directory, and the /socket directory.

Here is an example server block file:

server {
    listen 80;
    server_name jellyfin.example.com;

    access_log /var/log/nginx/jellyfin.access;
    error_log /var/log/nginx/jellyfin.error;

    set $jellyfin jellyfin;
    resolver 127.0.0.1 valid=30;

    # Security / XSS Mitigation Headers
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    location = / {
        return 302 https://$host/web/;
    }

    location / {
        # Proxy main Jellyfin traffic
        proxy_pass http://$jellyfin:8096;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;

        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
        proxy_buffering off;
    }

    # location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
    location = /web/ {
        # Proxy main Jellyfin traffic
        proxy_pass http://$jellyfin:8096/web/index.html;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

    location /socket {
        # Proxy Jellyfin Websockets traffic
        proxy_pass http://$jellyfin:8096/socket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }
}

Save the file (CTRL+O), then exit (CTRL+X).

Once you configure Nginx as a reverse proxy for Jellyfin, ensure the configuration has no errors before moving on. Execute the following command for a dry run:

sudo nginx -t

This command will test the configuration file for syntax errors and other issues. If everything is working correctly, the output should show that the configuration file is ok and the test is successful, as follows:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Once you have verified that there are no errors in the configuration, you can reload Nginx to apply the changes:

sudo systemctl reload nginx

If you have set up your domain and DNS records to point to your server IP, you can now access your Jellyfin Media Server at jellyfin.example.com. With Nginx configured as the reverse proxy, remote users can access Jellyfin by visiting the subdomain, and Nginx will forward their requests to Jellyfin’s web interface.

Create Let’s Encrypt SSL Free Certificate For Jellyfin Media Server

The section provides instructions for securing the Apache or Nginx with a Let’s Encrypt SSL Free Certificate. An SSL certificate is ideal for running the Apache or Nginx server on HTTPS. The purpose of using an SSL certificate is to ensure that the communication between the user’s browser and the server is secure.

To install the certbot package, the user must match the reverse proxy they have installed. For Apache, they need to install python3-certbot-apache, and for Nginx, they need to install python3-certbot-nginx.

sudo apt install python3-certbot-apache

sudo apt install python3-certbot-nginx

After installation, the user must create a certificate by running the certbot command. The command includes several options, such as –apache or –nginx, which the user can choose based on their reverse proxy. The command also has options like –agree-tos, –redirect, –hsts, and –staple-ocsp. These options include 301 redirects, a Strict-Transport-Security header, and OCSP Stapling, making it an ideal setup. The user must also replace the e-mail and domain name with their requirements.

Create Certbot Certificate for Apache:

sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d jellyfin.example.com

Create Certbot Certificate for Nginx:

sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d jellyfin.example.com

After creating the certificate, the user’s URL changes to https://jellyfin.example.com from HTTP://jellyfin.example.com.

To renew the certificates automatically, the user can set a cron job that checks the certificate daily. Certbot offers a script that automatically renews the certificates. Before setting up the cron job, the user can test the script by running a dry run using the following command:

sudo certbot renew --dry-run

If the dry run is successful, you can set up the cron job. To set up the cron job, the user needs to use the following command:

sudo crontab -e

The user can specify the daily certificate check time. If the certificate requires renewal, the script updates it. For optimal cron job timing, users can consult crontab.guru. This website’s calculator proves beneficial, especially for beginners. To set up the cron job, use the following command:

00 00 */1 * * /usr/sbin/certbot-auto renew

Update Jellyfin Media Server

Updating Jellyfin Media Server is similar to updating any other package on your system, and you can use the standard apt commands.

To check for updates, run the following command:

sudo apt update

If there are any updates available, run the upgrade command:

sudo apt upgrade

Remove Jellyfin Media Server

If you no longer require Jellyfin, you can easily remove it from your system. Use the following command to remove the software:

sudo remove install jellyfin --purge

Next, remove the Jellyfin repository from your system so you don’t accidentally reinstall it in the future:

sudo rm /etc/apt/sources.list.d/jellyfin.list

And that’s it. You have successfully removed Jellyfin from your system.

Conclusion

In conclusion, Jellyfin is an accessible, open-source media server that allows you to organize, stream, and access your media files from anywhere. Setting up Jellyfin on Ubuntu is a straightforward process that involves installing the necessary dependencies, configuring Apache or Nginx as a reverse proxy, and securing the server with an SSL certificate. With Jellyfin, you can access your media content from a web browser, mobile device, or smart TV, making it an ideal solution for home media streaming. Following the steps outlined in this guide, you can get Jellyfin up and running on your Ubuntu server in no time.

Useful Links

Here are some valuable links related to using Jellyfin:

Jellyfin Official Website: Visit the official Jellyfin website for information about the media server, its features, and download options.
Jellyfin Documentation: Access comprehensive documentation for detailed guides on installing, configuring, and using Jellyfin.
Jellyfin Forum: Join the Jellyfin community forum to discuss issues, share solutions, and get support from other users.
Jellyfin Demo: Explore the live demo of Jellyfin to see the interface and features in action.