From Gentoo Wiki
Jump to:navigation Jump to:search

This article contains details to help system administrators install and manage an instance of the Jellyfin media server. It does not attempt to cover the concepts of how to obtain, extract, or convert media files, although those parts may be discovered elsewhere on the internet.



root #emerge --ask www-apps/jellyfin

Additional software

The community of developers contributing to the Jellyfin project offer a suite of other software which is used in conjunction with the media server. The following are related packages available in the Gentoo ebuild repository:

Jellyfin related software
Package name Package description Additional notes
media-video/jellyfin-media-player Jellyfin Desktop Client based on Plex Media Player N/A
media-video/jellyfin-web-bin Web Client for Jellyfin (binary package) N/A
media-video/jellyfin-web-jmp-bin Modified Jellyfin Web Client for use inside Jellyfin Media Player N/A



Configuration files:

  • /etc/conf.d/jellyfin - OpenRC's configuration file. Adjust as necessary for the running service.
  • /etc/jellyfin - Default configuration location for Jellyfin's JELLYFIN_CONFIG_DIR value.[1]

Cache directories:

  • /var/cache/jellyfin - Default location for Jellyfin's JELLYFIN_CACHE_DIR value.[2]

Data directory:

  • /var/lib/jellyfin - Default data location for Jellyfin's JELLYFIN_DATA_DIR value.[3] Includes transcodes and library metadata.

Log directory:

  • /var/log/jellyfin - Default log location for Jellyfin's JELLYFIN_LOG_DIR value.[4]

Generating a certificate for HTTPS

If authentication is to be performed over a network (Eg. the jellyfin service is not simply serving localhost, but clients that are across the network) it is important to encrypt the traffic. This protects credentials used to authenticate and the privacy of the data contained in the media library, etc.

Lets Encrypt via Certbot

certbot can be used to generate a certificate signed by the Let's Encrypt public certificate authority. Upstream has instructions for this.


Manual method implies the certificate is not signed by a public certificate authority; it is self-signed and will be untrusted by all major web browsers. This is to be expected, and does not indicate compromise of the protections afforded by encryption.

OpenSSL can be used to generate a self-signed certificate...




To start and enable the service:

root #rc-update add jellyfin default
root #rc-service jellyfin start


To start and enable the service:

root #systemctl enable --now jellyfin


By default the jellyfin service binds to port 8096 on all network interfaces (including the loop back address) of the server on which it is running. Interface binding can be changed within the web management portal.

Open localhost:8096 if running from the local server, or <IP_ADDRESS>:8096 if running from another host on the LAN. It may be necessary to unblock port 8096 if a firewall rule exists preventing communication.



root #emerge --ask --depclean --verbose www-apps/jellyfin

Clean up orphaned data directories

See the cached data directories outlined in the Files section above.