jellyfin - richay's blog

Warning: The default setup WILL remove admin priveliges. Best to create a second admin account beforehand. A work around fix is found at the bottom of this article.

Follow the instructions to integrate authentik with Jellyfin here.

Step 9 for role claims needs some extra info if you want to log into Jellyfin with admin access, namely the Admin Roles.

I’ve gone with the default group for Authentik of “authentik Admins”.

You can use a custom group or create one in Authentik by going to:
Admin Interface -> Directory -> Groups -> Create

Name it “jellyfin” and leave all as default. Go to users at the top and add the correct users you want admin access to jellyfin.

Enter “jellyfin” in the Admin Roles in the Jellyfin OIDC plugin.

Enjoy 🙂

Fixing broken admin with the OIDC Admin Roles

Credit to Spyros from the comments

If you have set this up with the official instrcutions and need to still add the ‘Admin Roles’ for authentik, navigate to your data at /jellyfin/data/plugins/configurations/SSO-Auth.xml

Edit the lines at <AdminRoles> to the following

          <AdminRoles>
            <string>authentik Admins</string>
          </AdminRoles>

          <AdminRoles>
            <string>authentik Admins</string>
          </AdminRoles>

Or to whatever your custom group is named, then save and restart 🙂

My very own docker compose stack for entertainment.

They are all in the same network of ‘entertainment’ so linking apps together is as easy as http://prowlarr:9696 – no need for ip address of prowlarr 🙂

# bazarr
# jellyfin
# overseerr
# plex
# prowlarr
# radarr
# sonarr
# tautulli
# watchtower

version: “3.6”

services:          
    bazarr:
        image: lscr.io/linuxserver/bazarr:latest
        container_name: bazarr
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
        volumes:
            – bazarr_config:/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        ports:
            – 6767:6767
        restart: unless-stopped
        networks:
            – myNetwork
    
    jellyfin:
        image: lscr.io/linuxserver/jellyfin:latest
        container_name: jellyfin
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
            – JELLYFIN_PublishedServerUrl=192.168.0.5 # optional
        volumes:
            – jellyfin_config:/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        ports:
            – 8096:8096
            – 8920:8920 # optional
            – 7359:7359/udp # optional
            – 1900:1900/udp # optional
        restart: unless-stopped
        networks:
            – myNetwork
    
    overseerr:
        container_name: overseerr
        hostname: overseerr
        image: sctx/overseerr:latest
        restart: unless-stopped
        ports:
            – 5055:5055
        volumes:
            – overseerr_config:/app/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        environment:
            – LOG_LEVEL=debug
            – TZ=Australia/Perth
        networks:
            – myNetwork
                     
    plex:
        image: lscr.io/linuxserver/plex:latest
        container_name: plex
        network_mode: host
        ports:
            – 32400:32400
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
            – VERSION=docker
            – PLEX_CLAIM= # optional
        volumes:
            – /mnt/plex:/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        restart: unless-stopped
        # networks:
        #    – myNetwork
                    
    prowlarr:
        image: lscr.io/linuxserver/prowlarr:latest
        container_name: prowlarr
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
        volumes:
            – prowlarr_config:/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        ports:
            – 9696:9696
        restart: unless-stopped
        networks:
            – myNetwork
            
    radarr:
        image: lscr.io/linuxserver/radarr:latest
        container_name: radarr
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
        volumes:
            – radarr_config:/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        ports:
            – 7878:7878
        restart: unless-stopped
        networks:
            – myNetwork
            
    sonarr:
        image: lscr.io/linuxserver/sonarr:latest
        container_name: sonarr
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
        volumes:
            – sonarr_config:/config
            – /mnt/media:/mnt/media
            – /mnt/storage:/mnt/storage
            – /mnt/downloads:/mnt/downloads
        ports:
            – 8989:8989
        restart: unless-stopped
        networks:
            – myNetwork
            
    tautulli:
        image: lscr.io/linuxserver/tautulli:latest
        container_name: tautulli
        environment:
            – PUID=1000
            – PGID=1000
            – TZ=Australia/Perth
        volumes:
            – tautulli_config:/config
        ports:
            – 8181:8181
        restart: unless-stopped
        networks:
            – myNetwork
        
    watchtower:
        container_name: watchtower
        hostname: watchtower
        image: containrrr/watchtower
        environment:
            – TZ=Australia/Perth
        restart: unless-stopped
        volumes:
            – /var/run/docker.sock:/var/run/docker.sock
        command: –cleanup
            
networks:
    myNetwork:
        name: entertainment     
           
volumes:
    bazarr_config:
    jellyfin_config:
    overseerr_config:
    prowlarr_config:
    radarr_config:
    sonarr_config:
    tautulli_config:

# bazarr
# jellyfin
# overseerr
# plex
# prowlarr
# radarr
# sonarr
# tautulli
# watchtower

version: "3.6"

services:          
    bazarr:
        image: lscr.io/linuxserver/bazarr:latest
        container_name: bazarr
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
        volumes:
            - bazarr_config:/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        ports:
            - 6767:6767
        restart: unless-stopped
        networks:
            - myNetwork
    
    jellyfin:
        image: lscr.io/linuxserver/jellyfin:latest
        container_name: jellyfin
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
            - JELLYFIN_PublishedServerUrl=192.168.0.5 # optional
        volumes:
            - jellyfin_config:/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        ports:
            - 8096:8096
            - 8920:8920 # optional
            - 7359:7359/udp # optional
            - 1900:1900/udp # optional
        restart: unless-stopped
        networks:
            - myNetwork
    
    overseerr:
        container_name: overseerr
        hostname: overseerr
        image: sctx/overseerr:latest
        restart: unless-stopped
        ports:
            - 5055:5055
        volumes:
            - overseerr_config:/app/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        environment:
            - LOG_LEVEL=debug
            - TZ=Australia/Perth
        networks:
            - myNetwork
                     
    plex:
        image: lscr.io/linuxserver/plex:latest
        container_name: plex
        network_mode: host
        ports:
            - 32400:32400
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
            - VERSION=docker
            - PLEX_CLAIM= # optional
        volumes:
            - /mnt/plex:/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        restart: unless-stopped
        # networks:
        #    - myNetwork
                    
    prowlarr:
        image: lscr.io/linuxserver/prowlarr:latest
        container_name: prowlarr
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
        volumes:
            - prowlarr_config:/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        ports:
            - 9696:9696
        restart: unless-stopped
        networks:
            - myNetwork
            
    radarr:
        image: lscr.io/linuxserver/radarr:latest
        container_name: radarr
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
        volumes:
            - radarr_config:/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        ports:
            - 7878:7878
        restart: unless-stopped
        networks:
            - myNetwork
            
    sonarr:
        image: lscr.io/linuxserver/sonarr:latest
        container_name: sonarr
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
        volumes:
            - sonarr_config:/config
            - /mnt/media:/mnt/media
            - /mnt/storage:/mnt/storage
            - /mnt/downloads:/mnt/downloads
        ports:
            - 8989:8989
        restart: unless-stopped
        networks:
            - myNetwork
            
    tautulli:
        image: lscr.io/linuxserver/tautulli:latest
        container_name: tautulli
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Australia/Perth
        volumes:
            - tautulli_config:/config
        ports:
            - 8181:8181
        restart: unless-stopped
        networks:
            - myNetwork
        
    watchtower:
        container_name: watchtower
        hostname: watchtower
        image: containrrr/watchtower
        environment:
            - TZ=Australia/Perth
        restart: unless-stopped
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock
        command: --cleanup
            
networks:
    myNetwork:
        name: entertainment     
           
volumes:
    bazarr_config:
    jellyfin_config:
    overseerr_config:
    prowlarr_config:
    radarr_config:
    sonarr_config:
    tautulli_config:

Tag: jellyfin

Jellyfin and Authentik OIDC with admin

Fixing broken admin with the OIDC Admin Roles

Docker Compose for Entertainment Stack