How to Install Jellyfin Media Server on Linux Mint 21 or 20

Jellyfin has gained traction as a free and open-source media server, offering a reliable platform for streaming movies, TV shows, music, and photos. This guide aims to walk you through how to install Jellyfin Media Server on Linux Mint 21 or 20. Along with first-time setup tips, we’ll also demonstrate how to set up firewall rules and a reverse proxy with Apache or Nginx.

Why Choose Jellyfin on Linux Mint 21 or 20?

• Open-Source: Unlike some competitors, Jellyfin is entirely open-source, meaning it’s free to use and modify. This fosters an active developer community focused on continuous improvement.
• Device Compatibility: Jellyfin works across various devices, from smart TVs and mobile devices to game consoles, making media access incredibly flexible.
• Automatic Media Categorization: Unlike Kodi, Jellyfin automatically sorts and categorizes your media, simplifying library management.
• Demo Server: For those who want to try before installing, Jellyfin offers a demo server to test its features.

What This Guide Covers

• Installing Jellyfin on Linux Mint 21 or 20
• Configuring media drives for read-and-write access
• Setting up firewall rules for secure access
• Implementing a reverse proxy with Apache or Nginx
• Obtaining a Let’s Encrypt SSL certificate for enhanced web application security

Stay tuned for detailed steps on installing Jellyfin and optimizing its settings for your Linux Mint system.

Install Jellyfin Media Server on Linux Mint 21 or 20 via APT

Step 1: Update Linux Mint Before Jellyfin Media Server Installation

Before installing the Jellyfin Media server on your Linux Mint operating system, ensuring that all packages are up to date is essential. Updating your operating system will ensure that all current packages are up to date and can help prevent any compatibility issues with Jellyfin.

To update your Linux Mint operating system, open the terminal and run the following command:

sudo apt update && sudo apt upgrade

This command will update all the packages on your system to their latest versions, ensuring that your system is up to date.

Step 2: Install Required Packages for Jellyfin on Linux Mint

After updating your Linux Mint operating system, you must install the necessary packages to install the Jellyfin Media server. The required packages may vary depending on your Linux Mint distribution and version.

To install the required packages, open the terminal and run the following command:

sudo apt install software-properties-common apt-transport-https ca-certificates curl

This command will install the necessary packages, which include apt-transport-https, ca-certificates, gnupg2, and curl.

Step 3: Import Jellyfin Media Server GPG Key

To install the Jellyfin Media Server on Linux Mint, import the Jellyfin GPG key and repository, as the software isn’t in the default repository. This action verifies the package’s authenticity and integrity.

To begin, import the GPG key by running the following command in the terminal:

curl -fsSL https://repo.jellyfin.org/ubuntu/jellyfin_team.gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/jellyfin.gpg > /dev/null

This command downloads the GPG key from the Jellyfin website and adds it to your system’s keyring, allowing you to verify the package’s authenticity during installation.

Step 4: Import Jellyfin Media Server APT Repository

Next, import either the stable or unstable Jellyfin repository. We recommend the stable repository for most users due to its thorough testing and proven stability. Import the stable repository by using one of the following commands:

Import JellyFin stable repository for Linux Mint:

Add JellyFin Media Server stable for Linux Mint 21 distribution series:

echo "deb [arch=$( dpkg --print-architecture ) signed-by=/usr/share/keyrings/jellyfin.gpg] https://repo.jellyfin.org/ubuntu jammy main" | sudo tee /etc/apt/sources.list.d/jellyfin.list

Add JellyFin Media Server stable for Linux Mint 20 distribution series:

echo "deb [arch=$( dpkg --print-architecture ) signed-by=/usr/share/keyrings/jellyfin.gpg] https://repo.jellyfin.org/ubuntu focal main" | sudo tee /etc/apt/sources.list.d/jellyfin.list

Importing the correct repository for your specific version of Linux Mint is crucial. Importing the wrong repository could result in Jellyfin not installing correctly or not functioning as expected.

Import JellyFin unstable repository Linux Mint:

Alternatively, you can import the unstable repository using the following commands. Note the unstable repository requires FFMpeg 5. Jellyfin now offers FFMpeg 6 support via its repositories, so this should still be installable.

Import JellyFin Media Server unstable for Linux Mint 21 distribution series:

echo "deb [arch=$( dpkg --print-architecture ) signed-by=/usr/share/keyrings/jellyfin.gpg] https://repo.jellyfin.org/ubuntu jammy unstable" | sudo tee /etc/apt/sources.list.d/jellyfin.list

Import JellyFin Media Server unstable for Linux Mint 20 distribution series:

echo "deb [arch=$( dpkg --print-architecture ) signed-by=/usr/share/keyrings/jellyfin.gpg] https://repo.jellyfin.org/ubuntu focal unstable" | sudo tee /etc/apt/sources.list.d/jellyfin.list

Once you’ve added a new software repository, you must update your system’s repository listing to recognize the new additions. To do this, run the following command in the terminal:

sudo apt update

Running the sudo apt update command updates your system’s repository listing to include the newly added repository. This update allows Linux Mint to recognize the new repository and its contents, enabling Jellyfin Media Server installation on your system.

Step 4: Install Jellyfin on Linux Mint 21 or 20 via APT Command

After importing the Jellyfin repository and GPG key, it’s time to install the media server on your Linux Mint system. Complete the installation efficiently with the command below:

sudo apt install jellyfin

Once installation is completed, the Jellyfin service starts automatically. Check the status of the Jellyfin service using the following command:

systemctl status jellyfin

If, for any reason, the Jellyfin service fails to start, you can manually start it using the following command:

sudo systemctl start jellyfin

To ensure that the Jellyfin service starts automatically during system boot, run the following command:

sudo systemctl enable jellyfin

These commands start the Jellyfin service, enabling it to launch automatically during system boot.

Jellyfin Media Server Initial Setup on Linux Mint 21 or 20

To access the Jellyfin Web UI, you need to open your internet browser and enter the IP address of your server, followed by the default port 8096. If you’re accessing the Jellyfin server on the same machine installed, use 127.0.0.1 as the IP address.

For instance, you can type the following address into your browser’s address bar to access the Jellyfin Web UI:

http://127.0.0.1:8096

When you enter the above address, the welcome screen for the initial server setup directs you. The setup screen provides the necessary steps for configuring Jellyfin for first-time use.

During the initial setup of your Jellyfin server, the interface will ask you to select your preferred display language.

Once you’ve selected, click the “Next ->” button to move on to the next step.

After you select your preferred display language, the system will prompt you to create a Jellyfin account username and password. Your account grants administrative access to the Jellyfin server, where you can manage media libraries, user accounts, and server settings.

Create a strong, unique password combining uppercase and lowercase letters, numbers, and symbols to secure your Jellyfin server effectively.

Once you’ve created your username and password, click on the “Next ->” button to proceed to the next step of the initial server setup.

After creating your Jellyfin account, the next step in setting up your server is configuring your media libraries. Media libraries allow you to add your media content to Jellyfin and organize it in a structured manner. You can create multiple libraries for different media types, such as movies, TV shows, and music.

To organize and display media content in Jellyfin, add your content to media libraries. Click the big “+” or “Add Media Library” button on the Jellyfin dashboard. This click will redirect you to the Media Library setup screen to input your media folder.

Adding media content to Jellyfin is straightforward:

• If you’ve used Plex, you’ll find the process familiar.
• Select the “Add Media Library” button.
• Choose the type of media to add: movies, TV shows, or music.
• Follow the prompts to input your media folder.
• Set the metadata language, which provides episode descriptions, actor biographies, and album artwork.

After populating your media libraries, you can efficiently organize and browse content through Jellyfin. Click “Next ->” after adding media libraries to proceed to the Metadata Language screen. Here, select a language for your content’s metadata. This selection enriches your content with valuable information like cast and crew details, plot summaries, and reviews.

After setting up your media libraries and selecting your preferred metadata language, configure remote access for your Jellyfin media server. Configuring remote access lets you view media content from different locations or devices, not just your local network.

Enable remote access by allowing connections to your Jellyfin media server and activating automatic port mapping. Allowing remote connections lets you access media content from anywhere with an internet connection. Meanwhile, automatic port mapping opens the necessary ports, ensuring incoming traffic can reach your Jellyfin server.

Once you complete the initial setup of your Jellyfin media server, the following screen confirms that the installation process has finished and your server is ready for use.

After accessing the Jellyfin Web UI, enter the username and password created during the initial setup process and click the “Sign in” button. This action will take you to the Jellyfin dashboard, where you can access your media libraries and manage content.

First-Time Tips for Jellyfin Once Logged in on Linux Mint

Once you log in to your Jellyfin media server, you can access the dashboard to manage your media libraries, users, and server settings. Here are some actions you can perform from the dashboard:

• Add more media content: You can add more to your Jellyfin server by clicking the “Add Media Library” button and selecting the media type you want to add, such as movies, TV shows, or music. You’ll need to provide the necessary information, such as the library’s name, location of the media files, and any specific settings for the media type.
• Configure customizations: You can customize the look and feel of your Jellyfin server by configuring customizations such as theme, language, and metadata. Click on the “Dashboard” button, then select “General” or “Display” settings to make changes.
• Manage users: You can add, remove, and modify user accounts to manage access to your media content. Click on the “Users” button on the dashboard, then select “Add User” or “Edit User” to make changes.

Here are some general tips for managing your Jellyfin media server:

• Keep it updated: Regularly check for updates and install them as they become available to ensure your server is up to date.
• Use plugins and extensions: You can use plugins and extensions to add additional functionality to your Jellyfin server, such as support for subtitles or remote control.

Troubleshoot: Reset Jellyfin Initial Setup on Linux Mint

If you run into any issues during the initial setup of your Jellyfin media server or need to start over for any reason, resetting the setup process is a straightforward process. By modifying the “IsStartupWizardCompleted” value in the system.xml file and restarting the Jellyfin server, you can reset the initial setup process and begin again. Here are the steps to follow:

Open the system.xml file: You can do this by running the following command:

sudo nano /etc/jellyfin/system.xml

This command will open the system.xml file in the nano text editor, allowing you to change the file.

Modify the “IsStartupWizardCompleted” value:

<IsStartupWizardCompleted>true</IsStartupWizardCompleted>

And change it to:

<IsStartupWizardCompleted>false</IsStartupWizardCompleted>

This change resets the initial setup process, allowing you to start again from the beginning.

To restart the Jellyfin server, run the following command:

sudo systemctl restart jellyfin

Restart the setup process: Once you’ve restarted the Jellyfin server, you can revisit the HTTP://127.0.0.1:8096 and restart the setup process.

Configure Permission For Media Drives for Jellyfin on Linux Mint 21 or 20

After installing Jellyfin on your Linux Mint system, setting up the permissions for the media server to access and read your media directories is essential. Use the setfacl command, as it offers more detailed access control than the chown and chgrp commands.

Ensure you have the ACL package installed before setting up permissions. Run the following command to proceed:

sudo apt install acl

To give Jellyfin access to your media directory and all its subdirectories, use the following command with the -R (recursive) flag:

sudo setfacl -R -m u:jellyfin:rx /media/mymediadrive

If you need to assign permissions to individual media directories or files, use the following command:

sudo setfacl -m u:jellyfin:rx /media/mymediadrive/example-name-of-file-or-directory

Additional Commands & Tips with Jellyfin on Linux Mint 21 or 20

Configure SSH for Jellyfin and Linux Mint

If you plan to access your Linux Mint Jellyfin Media Server remotely, setting up a Secure Shell (SSH) tunnel is essential. SSH is a protocol for secure remote login and other secure network services over an insecure network.

To configure SSH on your Linux Mint server, follow these steps:

Install the SSH server on your Linux Mint machine using the following command:

sudo apt install openssh-server

After installing the SSH server, connect to your Jellyfin Media Server remotely through an SSH tunnel. Replace {server-ip-address} with your server’s IP address and input the following command in your terminal:

ssh {server-ip-address} -L 8096:localhost:8096

This command creates an SSH tunnel for the Jellyfin Media Server.

After creating the SSH tunnel, you can access the Jellyfin Media Server through the following link in your web browser:

http://localhost:8096/web/index.html#/wizardstart.html

An SSH tunnel will redirect the HTTP request to http://localhost:8096/web on the remote server. After the initial setup, access your Jellyfin Media Server using your remote server’s IP address at https://{server-ip-address}:8096.

Configure UFW Firewall for Jellyfin and Linux Mint

Configuring the UFW firewall proves crucial when managing incoming and outgoing network traffic on your Linux Mint server. Unlike Ubuntu, Linux Mint does not enable the UFW firewall by default; you must enable it manually. Activating the UFW firewall allows users to permit only necessary traffic to reach their server.

Use the following terminal command to enable the UFW firewall:

sudo ufw enable

Once enabled, ensure you allow incoming traffic on port 8096, which is crucial for correctly functioning the Jellyfin Media Server. Use the following command to allow traffic on port 8096:

sudo ufw allow 8096

This command will allow incoming traffic on port 8096 to your server, ensuring that the Jellyfin Media Server can function correctly.

If you don’t have UFW installed, use the following command to install it:

sudo apt install ufw

Setup Apache or Nginx as a Reverse Proxy for Jellyfin and Linux Mint

Setting up a reverse proxy for Jellyfin can help you access the media server from a remote computer or network.

Setting up Apache as a Reverse Proxy for Jellyfin and Linux Mint

If you want to access your Jellyfin media server from a remote computer or network, you can set up a reverse proxy using Apache or Nginx. The guide will cover setting up Apache as a reverse proxy on Linux Mint.

First, install the Apache web server using the following command:

sudo apt install apache2

By default, Apache should be active. If not, use the following command to enable it:

sudo systemctl start apache2

Next, use a text editor to create a new virtual host configuration file for Jellyfin. For example, you can use the nano editor as follows:

sudo systemctl enable apache2

Next, enable the necessary modules with the following command:

sudo a2enmod proxy proxy_http headers proxy_wstunnel

Create a new virtual host configuration file for Jellyfin using the following command:

sudo nano /etc/apache2/sites-available/jellyfin.conf

To create a subdomain, you must have an active domain name. One option for purchasing a domain name is through NameCheap, where domains are available for as little as $1 to $2. Alternatively, if you prefer a .com domain, you can use Cloudflare.

Once you have created your subdomain, you can set up a virtual host with Apache by following these steps:

<VirtualHost *:80>
    ServerName jellyfin.example.com

    # Redirect HTTP to HTTPS
    Redirect permanent / https://jellyfin.example.com

    ErrorLog /var/log/apache2/jellyfin-error.log
    CustomLog /var/log/apache2/jellyfin-access.log combined
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName jellyfin.example.com

    DocumentRoot /var/www/html/jellyfin/public_html

    ProxyPreserveHost On

    ProxyPass "/socket" "ws://localhost:8096/socket"
    ProxyPassReverse "/socket" "ws://localhost:8096/socket"

    ProxyPass "/" "http://localhost:8096/"
    ProxyPassReverse "/" "http://localhost:8096/"

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/jellyfin.example.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/jellyfin.example.com/privkey.pem
    Protocols h2 http/1.1

    SSLCipherSuite HIGH:RC4-SHA:AES128-SHA:!aNULL:!MD5
    SSLHonorCipherOrder on

    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

    ErrorLog /var/log/apache2/jellyfin-error.log
    CustomLog /var/log/apache2/jellyfin-access.log combined
</VirtualHost>
</IfModule>

Save the file (CTRL+O), then exit (CTRL+X).

To ensure that there are no errors in the Apache configuration or virtual host file before enabling the virtual host, you can perform a “dry run” using the following command:

sudo apache2ctl configtest

After checking the Apache configuration syntax for any syntax errors using the previous command, you can proceed to enable the virtual host using the following command:

sudo a2ensite jellyfin.conf

Creating a symbolic link from the sites-available directory to the sites-enabled directory enables Apache to serve the virtual host through the previous command. Once you’ve enabled the virtual host, restart Apache to apply the changes.

Execute the following command to accomplish this:

sudo systemctl restart apache2

The command stops and starts the Apache service, applies the new virtual host settings, and reloads the configuration with the updated changes.

Setting up Nginx as a Reverse Proxy for Jellyfin and Linux Mint

Nginx can be a reverse proxy to enable remote access to your Jellyfin media server. Nginx is a lightweight and high-performance web server commonly used for this purpose.

To install Nginx, use the following command:

sudo apt install nginx

Next, start the Nginx service using the following command:

sudo systemctl start nginx

Run the following command to ensure Nginx is enabled:

sudo systemctl enable nginx

This command starts the Nginx service and ensures that it starts automatically at boot time.

Example output if successful:

Synchronizing state of nginx.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable nginx

To check the status of Nginx, use the following command:

systemctl status nginx

Once you have confirmed that Nginx is running correctly, you can create a new server block file at /etc/nginx/conf.d/jellyfin.conf. In this example, we will use the subdomain jellyfin.example.com.

sudo nano /etc/nginx/conf.d/jellyfin.conf

To configure Nginx as a reverse proxy, you need to set up a server block file at /etc/nginx/conf.d/jellyfin.conf with the following directives:

• The listen directive sets the port and address that Nginx should listen on. For this example, port 80 is used.
• The server_name directive sets the hostname or domain name Nginx should listen to. Replace jellyfin.example.com with your domain name.
• The access_log and error_log directives: These set the locations for the access and error logs.
• The location directives: These define how Nginx should handle incoming requests.

Location directives configure the proxy_pass to forward requests from Nginx to Jellyfin. The proxy_pass establishes the protocol and address of the upstream server—Jellyfin server—and listens on port 8096. The location directive defines how Nginx should manage incoming requests, handling requests for the root URL (/), the /web/ directory, and the /socket directory.

Here is an example server block file:

server {
    listen 80;
    server_name jellyfin.example.com;

    access_log /var/log/nginx/jellyfin.access;
    error_log /var/log/nginx/jellyfin.error;

    set $jellyfin jellyfin;
    resolver 127.0.0.1 valid=30;

    # Security / XSS Mitigation Headers
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    location = / {
        return 302 https://$host/web/;
    }

    location / {
        # Proxy main Jellyfin traffic
        proxy_pass http://$jellyfin:8096;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;

        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
        proxy_buffering off;
    }

    # location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
    location = /web/ {
        # Proxy main Jellyfin traffic
        proxy_pass http://$jellyfin:8096/web/index.html;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }

    location /socket {
        # Proxy Jellyfin Websockets traffic
        proxy_pass http://$jellyfin:8096/socket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
    }
}

Save the file (CTRL+O), then exit (CTRL+X).

Before proceeding, ensure the Nginx configuration as a reverse proxy for Jellyfin is error-free. Execute a dry run using the following command to verify this:

sudo nginx -t

This command will test the configuration file for syntax errors and other issues. If everything is working correctly, the output should show that the configuration file is ok and the test is successful, as follows:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

To apply the changes to Nginx, you need to reload the service. You can do this by running the following command:

sudo systemctl reload nginx

After adequately configuring Nginx as a reverse proxy for Jellyfin and setting up your domain and DNS records to point to your server IP, you can now access your Jellyfin Media Server at jellyfin.example.com. With Nginx acting as the intermediary, remote users can now access Jellyfin by visiting the subdomain, and Nginx will direct their requests to Jellyfin’s web interface.

Create Let’s Encrypt SSL Free Certificate for Jellyfin and Linux Mint

This section will guide you on securing your Apache or Nginx server using a Let’s Encrypt SSL free certificate. Using an SSL certificate ensures that the communication between the user’s browser and the server is secure, making it an ideal way to run your server on HTTPS.

To install the certbot package, you must match the reverse proxy you installed. If you’re using Apache, you need to install python3-certbot-apache; if you’re using Nginx, you need to install python3-certbot-nginx.

Install Certbot for Apache:

sudo apt install python3-certbot-apache

Install Certbot for Nginx:

sudo apt install python3-certbot-nginx

To secure the Apache or Nginx with a Let’s Encrypt SSL Free Certificate, you need to install the certbot package that matches the reverse proxy you have installed. If you’re using Apache, install python3-certbot-apache; for Nginx, install python3-certbot-nginx.

Once installed, run the certbot command to create a certificate. The command has options like –Apache or –nginx, depending on your reverse proxy, as well as –agree-tos, –redirect, –hsts, and –staple-ocsp. These options help set up 301 redirects, a Strict-Transport-Security header, and OCSP Stapling, making it a secure setup. Remember to replace the email and domain name with your requirements.

Run Certbot for Apache for Jellyfin and Linux Mint:

sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d jellyfin.example.com

Run Certbot for Nginx for Jellyfin and Linux Mint:

sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d jellyfin.example.com

The URL changes from HTTP to HTTPS upon creating the SSL certificate. Users should establish a cron job that conducts daily checks to guarantee automatic certificate renewal. Certbot offers a script for automatic certificate renewal. Users should test the script with a dry run before setting up the cron job, using the following command:

sudo certbot renew --dry-run

After confirming the successful dry run, the user can set up a cron job to automate the certificate renewal process. To do this, the user can use the following command:

sudo crontab -e

This command opens the user’s cron table in edit mode. Next, the user can add the following line to the end of the file to schedule a daily renewal check at 2:30 am:

30 2 * * * /usr/bin/certbot renew --quiet

Once the user saves and exits the file, cron will automatically check the certificates daily and renew them if necessary.

Update Jellyfin Media Server

To update your Jellyfin Media Server, you can use the standard apt commands, just like you would for any other package on your system. This makes updating Jellyfin a simple process.

To check for updates, run the following command:

sudo apt update

If there are any updates available, run the upgrade command:

sudo apt upgrade

Remove (Uninstall) Jellyfin Media Server from Linux Mint

To uninstall Jellyfin from your system, you can use the following command:

sudo remove install jellyfin

Lastly, to prevent accidental future reinstallations of Jellyfin, removing the Jellyfin repository from your system is recommended.

Execute the following command for removal:

sudo rm /etc/apt/sources.list.d/jellyfin.list

This command will remove the repository file for Jellyfin from the sources.list.d directory, preventing future updates or installations of Jellyfin.

Conclusion

In conclusion, while setting up a media server might appear daunting, using Jellyfin and Linux enables quick and efficient setup. Jellyfin, a free, open-source media server, boasts many features, making it the ideal choice for anyone aiming to establish a media server.