Jellyfin and Chromecast

September 20, 2020

A partial connection via Chromecast established

I ran into an odd problem when trying to Chromecast from Jellyfin to the livingroom television. I have the app installed on my phone and I was able to establish a Chromecast connection from the app to the TV. However, whenever I went to actually play the content, nothing happened and nothing appeared in the logs.

The thing is, I distinctly recall using Chromecast with Jellyfin a few days back when I was scoping out various media servers. Something must have changed!

Let’s look at the evidence.

I can connect to jellyfin.home.lan in my browser and Android app just fine
I can connect to Chromecast and adjust the TV’s volume, but nothing will actually play
Trying to bypass DNS via 10.0.0.12 fails too

Hypothesis #1: Unexposed ports and the wrong IP

My first suspicion is that Chromecast needs some additional ports that aren’t being exposed via my docker-compose.yml and aren’t being forwarded along from system-apps (10.0.0.11, where Traefik lives) to user-apps (10.0.0.12, where Jellyfin lives). https://jellyfin.org/docs/general/networking/index.html confirms two additional UDP ports that I wasn’t exposing. I adjust docker-compose.yml and begin looking into traefik forward all ports with the intent of setting up Traefik to forward not just 443, but any requested port.

A little digging and I opt to go with a simpler approach: set up a copy of Traefik on both system-apps and user-apps. The process is fairly straightforward: copy over the Traefik configuration, remove user-apps-related files from system-apps and vice versa. A quick change to DNS entries in Pi-hole, and everything’s set up. I’m actually happier with this split. Pinging jellyfin.home.lan now actually pings the right host, whereas before it would misleadingly ping system-apps.

version: "3"
services:
  jellyfin:
    image: jellyfin/jellyfin
    restart: "unless-stopped"
    volumes:
      - ./config:/config
      - ./cache:/cache
      - /mnt/videos:/media:ro
    ports:
      - "10296:8096"
      - "1900:1900/udp"
      - "7359:7359/udp"

I try again. Casting fails again when the app is configured to use the domain name, but now succeeds when connecting via the IP. Thinking back on it, it must have been working back when I was playing around as I hadn’t yet limited which ports were being exposed and I wasn’t yet using Pi-hole for DNS. Okay, so that’s progress.

Hypothesis #2: Custom root cert

My second hunch is that there’s some kind of back and forth in the how chomecasting works, which results in the Chromecast trying to connect to https://jellyfin.home.lan and failing because it doesn’t like the custom root cert. Some quick googling shows others have run into this issue. There’s no way to install custom root certs on Chromecasts. An unintended side effect of choosing a reserved TLD for my home network!

Is there any easier way to get this done? There’s some online talk about using Let’s Encrypt instead of a custom root cert, but that’s not applicable to my .lan domain; Let’s Encrypt process can’t reach into my network. Unfortunately, that’s the solution the community seems fixed on.

Perhaps Jellyfin could resolve its own IP from jellyfin.home.lan to 10.0.0.12 and pass that along to the Chromecast, though it wouldn’t know which port it’s been exposed on. Hmmm… The networking page has a bunch of options detailed in https://jellyfin.org/docs/general/networking/index.html, but being careful of yakshaving and knowing that I now have a workaround, I log a low priority non-breaking bug in GitLab and move on.