I am setting up my first jellyfin server via docker, and I am offered the option to either use TMDB or OMDB. I have jellyfin on a LAN-connected device w/o VPN connection, and I am concerned queries to those DBs with file names of torrented files can get tracked and reported to my ISP. Could that be the case? And if so what to do about it? Are there more privacy-preserving metadata services than others?
Another alternative is run Jellyfin and all of your *arr apps as docker containers and run them through a docker container called gluetun. Essentially this will route all incoming traffic (tvdb, torrents, etc) through a vpn and all outgoing (sonarr, Jellyfin, etc web gui) can be accessed locally.
I didn’t know about this, this sounds great! My question then is, can I still access jellyfin on LAN after it connects to the internet via the VPN?
Firstly connections to those API should be encrypted, so parameters such as the filename shouldn’t be visible by a MitM. Also, as someone else pointed, you could rename the file beforehand to something neutral.
I’m currently using the default metadata downloaders including some made for Anime and I never had any problem with them. Maybe consider that most network traffic with these sites is encrypted. As long as you are not using the default DNS servers provided by your ISP and using DNS over TLS or HTTPS the ISP does not have a high chance of knowing what you are sending to these API’s
