Last updated on 24 November 2023
Please note if you are using DSM7.2 or higher you should use the Container Manager version of this guide from the menu.
This guide has reached the end of its updates as most people are now on the latest DSM update - This guide is correct as of 08/12/2023 however no further updates will be added.
|Amended the devices mounted to the container as had reports of better performance with them.
In this guide I am going to take you through the setup of Jellyfin in Docker using Docker Compose.
As of writing the Synology UI does not have the capability of passing through specific hardware to a container, this means we will need to set up Jellyfin via SSH using Docker Compose. However, don’t freak out as it’s not that difficult!
Does my Synology support Hardware Transcoding?
Before we do anything else, you need to make sure your model of Synology has hardware transcoding capabilities. You need to do a quick lookup via the linked Google Sheet below, this is updated by Plex however it’s perfectly relevant for Jellyfin.
If you find that your model does not support hardware transcoding you can jump back over to the standard guide.
As usual, it’s important you complete the three preceding guides which will get your folder structure and docker, user and bridge network setup.
- Step 0.5 : Docker, Memory Recommendations and Limitations
- Step 1: Directory Setup Guide
- Step 2: Setting up a restricted Docker user
- Step 3: Setting up a Docker Bridge Network
We will be using Docker Compose to set up the Jellyfin container. In a nutshell we will be creating a text file (YAML formatted) which tells Docker exactly how we want to set up a specific container.
The next steps can be done either using a code/text editor such as Notepad++ or to keep things simple for this guide we will be using the Synology Text Editor which can be installed from the Package Center.
Open up Text Editor and click on File then New to start a new file.
You can now copy and paste the details below into the new text file, it is important you don’t change the spacing as YAML has to be formatted correctly in order to be read by Docker Compose.
- PUID=1234 #CHANGE_TO_YOUR_UID
- PGID=65432 #CHANGE_TO_YOUR_GID
- TZ=Europe/London #CHANGE_TO_YOUR_TZ
- 8096:8096 #web port
- 8920:8920 #optional
- 7359:7359/udp #optional
The two optional ports in the above can be removed if you will not use them. 7359 is for automated discovery of Jellyfin by the apps, and 8920 is the HTTPS port which is useful if not using the reverse proxy later in the guide.
We need to make some changes in order for the container to have the correct permissions to save its configuration files and to have access to your media.
PUID and PGID
When you created your docker user you would have noted down these IDs add these to the compose file in the ‘environment:’ section
We can now pass through our file paths into the container they are mounted using the volume’s section of the compose file.
I have pre-filled this section to pass the correct paths, the only thing that you may need to change is the /volume1/ if your file paths are on a different volume.
The timezone variable will tell the container where you are in the world meaning your logs and scheduled tasks will run at the correct times. A list of timezones with the correct formatting can be found here wikipedia.org/wiki/List_of_tz_database_time_zones
Your final file should look similar to the one shown below.
Saving the Compose File
We now need to save this file into our docker share.
Click on File then Save As, navigate to the ‘docker’ share and create a new folder called ‘jellyfin’ (lower case)
You need to change the ‘File name’ to jellyfin.yml and save it in the ‘docker‘ folder
SSH and Docker-Compose
It’s time to get logged into your Diskstation via SSH, you can do this in the same way as when you obtained your IDs in the ‘Setting up a restricted Docker user‘ guide.
Once you have logged in you will need to give 2 commands, you can copy and paste these one at a time — you will need to enter your password for the command starting with ‘sudo’
First we are going to change directory to where the jellyfin.yml is located, type the below and then press enter.
Then we are going to instruct Docker Compose to read the file we created and complete the set-up of the container. Again type the below and press enter.
sudo docker-compose -f jellyfin.yml up -d
When the command has completed you should be able to see Jellyfin running in the list of containers in the Synology GUI.
Jellyfin Initial Setup
After a few minutes you should be able to access the server and go through the initial Jellyfin setup by going to the IP of your NAS in your browser followed by port 8096.
When adding movies or shows they will be located in the /data/media folder.
Part 2 – DDNS, SSL and Reverse Proxy
Before we start, make sure you have registered for a Synology Account as we are going to be using their DDNS service. https://account.synology.com/en-uk/register/
In order to successfully use the reverse proxy you will also need to forward port 443 to you NAS IP. (You will need to check how to do this on your own router) This port is used for secure web traffic.
DDNS (Dynamic Domain Name System)
A DDNS address allows you to get external access to Jellyfin via a subdomain provided by Synology, this is useful on home internet connections where your ISP will change your IP address on a regular basis. (If you already have this set up via another guide you can skip to the Reverse Proxy section)
Note: If you want to access DSM via this new address you will either need to create an additional Reverse Proxy for it or open port 5001 on your router.
In the DSM Control panel go to ‘External Access’ and then to the ‘DDNS’ tab
Click on ‘Add’, then fill out the following sections.
|This can be anything it will be used to access your NAS externally
|Log into your Synology account
|External Address (IPv4)
|This should be filled in automatically
|External Address (IPv6)
|This should be filled in automatically if your ISP is using IPv6
|Get a Cert from Let’s Encrypt
|Tick this box
|Tick this box
Now press OK, DSM will apply your settings. It can take a few moments to set up and the DSM interface will refresh. You will likely receive a certificate error which you will need to accept to get back into DSM.
You should now test that you can access your Diskstation via the hostname you requested and not receive any SSL errors.
So you don’t have to open up additional ports on your router for Jellyfin we are going to set up a reverse proxy subdomain. This means you and your users can access Jellyfin without using a port number as it will route all traffic through the secure 443 port.
Go back into the Control Panel and access the ‘Login Portal’ then in the ‘Advanced’ tab click ‘Reverse Proxy’ and then click on ‘Create’.
We are now going to enter some rules, so when you or your users access the URL specified the request will automatically be sent to the Jellyfin web UI.
Use the settings below, you will need to amend the Hostname sections in line with the hostname you registered earlier, and the IP of your NAS.
|Reverse Proxy Name:
|jellyfin.xxx.synology.me (change the part after ‘jellyfin.’ to your own hostname you registered earlier.
|Your NAS IP
On the second tab ‘Custom Header’ click on Create then WebSocket, this will add two entries which will force a https connection if you ever try and connect over http, you can now press save.
You should now be able to access the Jellyfin login screen to https://jellyfin.yourhostname it will be a secure connection, and you should have no SSL errors.
You can now log in with the username and password you created earlier, the same address is used in the Android and iPhone apps.
How to enable Hardware Transcoding
The last steps for initial set up are to enable the hardware transcode features for your NAS.
On the main Jellyfin homescreen, click on the hamburger menu on the top left and then ‘Dashboard’ in the ‘Administration’ section
On the next screen select ‘Playback’ where you will now be able to select from the first drop-down from ‘None’ to ‘Intel QSV Video’
I have removed the video previously shown below and changed into a table – to take into account some feedback and testing completed in our Matrix/Discord server.
Below are the settings you would enable for a Gemini Lake based NAS such as the 920+/720+/420+/220+. You can cross-check between the Synology CPU list and the table on the QSV Wikipedia page as to the hardware functions your NAS supports.
Please note that I have included the items I changed from the default values – e.g. if the default item is turned off, and I turn it on then it appears in the table.
|Setting changed from the default.
|Variable to use
|Allow Encoding in HEVC format
|Enable VPP Tone Mapping
|Enable Tone Mapping
Once you have made the required change press ‘Save’ and you are now free to change any other settings you wish in relation to the server, make sure you check out the fantastic documentation from Jellyfin.
|New guide released
|Added how to enable Hardware Transcoding in the Admin settings
|Added an environment variable to help with tone mapping
|Removed the OpenCL mod as it should not be required for newer + Models and removed compose version
|Adjusted tone mapping settings to avoid a device error
|Amended the path to save the compose file – this is for security, so the container has no access to the file contents.
Buy Me a Coffee or a Beer
If you have found my site useful please consider pinging me a tip as it helps cover the cost of running things or just lets me get the odd beverage. Plus 10% goes to the devs of the apps I do guides for every year.