Several years ago I was looking to set up a media server and initially grabbed Plex because I’d heard so much good about it at the time. The moment it asked me to create an account with Plex during setup and I discovered this wasn’t optional I immediately uninstalled it.

I remain baffled that anyone was okay with needing an externally managed account in order to use software running entirely on their own hardware, let alone the litany of additional enshittification that has happened since.

I will almost always choose .NET as my development platform when greenfielding a project for exactly this reason. It’s an incredibly robust standard library that virtually guarantees I won’t need to pull in a litany of additional utility libraries, and I can also expect that what libraries I do choose to bring in are highly unlikely to drag along a ridiculous parade of dependencies.

They have fairly reasonable guides on their site on how to host for others.

https://foundryvtt.com/kb/

Depends on what part of “set up” you’re referring to. Getting the software itself up and running is extremely easy. They have versions available for the full swathe of experience levels from “here is a packaged Electron based Windows application” to “here are the node.js source files”. All prior versions are also available if you have specific needs for an earlier version.

Now, if you mean how difficult is it to set up and run a game, that’s going to vary wildly depending on the system the game uses and how complex of a scenario whoever is running the game wants to deal with. There are lots of off-the-shelf one shots or campaigns you can run where that setup is already done for you though.

Couple of things I have running on my home server no one has mentioned yet.

FoundryVTT is a self-hostable platform for playing tabletop RPGs online. It supports a vast selection of game systems and user/community developed mods making it extremely versatile.

Pihole is probably something you’ve heard of before and despite the name is hostable on a wide variety of systems. In case you haven’t it’s a network level ad blocker that works by taking over the role of DNS server on your LAN and blocking queries to domains used to serve ads or track telemetry.

I would be ashamed of myself and be tempted to leave the industry in disgrace if setting up DDNS and allowing a single port through a firewall took me 45 minutes.

I won’t stand for this PowerShell superhero comic erasure.

Jellyfin has some security issues that, depending on who you ask, are either critical vulnerabilities that make it completely unsafe to expose to the Internet or largely unconcerning for regular users.

OP doesn’t seem to have responded, so no, but that’s not the fault of the question.

Because of the XY problem. The problem OP is stating may not actually be the source of the issues OP is experiencing.

Finding out what OP is trying to do will better inform a solution and may make the stated problem irrelevant.

When I initially set up my media server I went with Jellyfin over Plex mostly because the idea of having to create an account on an external service to use software I was hosting myself rubbed me the wrong way. Since then the more learn about Plex the more baffled I am that anyone chooses to use it at all.

I wouldn’t buy a new Seagate drive, let alone a refurbished one. Every Seagate I’ve ever owned died in less than five years. Every WD I’ve owned lasted until long after their capacity was so far outpaced by newer drives as to be useless.

Anecdotal, yes, but it’s happened enough to me that I’ve been soured on them for life.

There are a few options there.

As someone else mentioned if you’re using IPv6 then it doesn’t matter, you’re already routing internally even if you’re using the public DNS name, no extra work required.

All the rest are for IPv4.

If you’re not behind CGNAT some routers/gateways are also smart enough with their routing to recognise when they need to route back to their own external IP and will loop back locally instead of making any hops out to the internet. Again, if this is the case for you then no additional work is required other than perhaps running a traceroute to confirm.

Another option is to add a local DNS entry for the name you’re using to resolve to a local IP address instead of your public address. The complexity (or even possibility) of this is going to vary considerably with your setup. If you’re running your own local DNS e.g. pihole or similar then it’s trivial. This is how mine is set up.

If all your clients are going to be on PCs (or devices you have more than the typical manufacturer allowed modicum of control over) then you can do something kind of like the previous, just with all your local hosts files.

If none of the above are options, then you’ll unfortunately have to fall back on using a local name/address, which means a slightly different client setup for devices you use exclusively in your home versus ones you might use elsewhere.

Traffic for a local Jellyfin server should definitely not be going over the internet. Also any reasonably modern client should be able to direct play most media without transcoding.

As for my own Jellyfin setup, one TV has an Nvidia shield plugged in and is using the standard Android TV client. The other is a Samsung smart TV onto which I have side-loaded the Jellyfin Tizen app.

A temporary one that you’re expected to remove as soon as you’ve created the admin user(s) you need, but yes. It should only be there during initial setup and ideally removed before the server is ever exposed to the internet.

Same setup here, two USB drives dangling from my NUC. One of them is even notably slow for a USB drive. Still not an issue at all for home use. I’d probably need a dozen or more people all watching different things on Jellyfin at the same time before it even approached being a problem.

The difference between building your own car and designing your own internal combustion engine.

That tracks with my experience as well. Literally every single Seagate drive I’ve owned has died, while I have decade old WDs that are still trucking along with zero errors. I decided a while back that I was never touching Seagate again.

I wasn’t speaking about PPPoE specifically when I made my post, all wired ethernet traffic only travels from sender to recipient without being visible to any other devices that’s not in the direct communication chain. This wasn’t always true. A network hub will send out incoming data to every single port, but hubs haven’t been in common use for decades. A network switch is aware of what is plugged in where, and will only send received data out whichever specific port the destination is connected to. If you have three PCs plugged into a network switch and PC1 needs to send a packet to PC2, PC3 has no way of even knowing it happened.

That said, your final point is correct, and ARP spoofing defeats this. It had completely slipped my mind when I made the above post.

accessible to any device on the LAN.

Only if that traffic is using broadcasts. Wired networking on moden hardware is strictly point-to-point, PC1 is completely unaware of any traffic between PC2 and your home server or whatever.

Wireless is different and can ostensibly be snooped by anything that knows your network key, but I’d assume that you’re not running services on wireless devices.