Jellyfin has Watch Groups that my (tech-challenged) family uses regularly without my help.
I just added IPTV to my setup, so I haven’t tested if they work together. I can’t see why they wouldn’t. Worse case, have then tune into the same channel as you, it should sync up almost perfectly on its own.
If you want to PM me your docker-compose.yml and Caddyfile I’m more than happy to take a look at them for you. I’ve been using Caddy as my rev-proxy for 10+ app stacks for a few years now.
I recommend adding hostname: app-name lines for each container then you can just use the hostname and the native port (even if you don’t pass it through with a port: line).
It’s super useful if you want to expose any apps with a reverse proxy like Caddy. That way the ONLY way to access an apps web interface is via the reverse proxy. Then look at filter rules to deny access unless the client has a LAN IP.
Poof, you’ve got SSL and custom subdomains for all your apps, but still only on your LAN or personal VPN (like Wireguard or Tailscale).
I recommend Restic. It’s fast, it supports snapshots and compression, written in Go so it’s much quicker than most other solutions I’ve tested. It also supports multiple different backends for transporting and storing the files so you can use one you’ve already got or use the restic-server (which is pretty easy to setup).
Make sure the Allowed-IPs is as small a subnet as possible. Your device will only route traffic over your VPN that has a destination IP in that subnet.
That way you’re only tunneling the traffic that needs to go over it. Everything else will go out the normal route.
Having your device package up and encrypt every packet takes some overhead and will inherently lower your bandwidth throughput, so it’s worth minimizing the number of packets that have to go through that process.
Yeah, you’ll need to spin up a Jellyfin server. It’s really easy in docker though, and it shouldn’t need a machine too powerful. I’ve heard of people running it on an rPi4 or old laptops.