this post was submitted on 21 Oct 2025
57 points (98.3% liked)

Selfhosted

60482 readers
1006 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

This is related to the recent massive Jellyfin upgrade. The Jellyfin team recommends to only upgrade directly to the new version from version 10.10.7.

I checked my server and I happened to be a bit slow, I got 10.10.3. Maybe that is fine but I don't want to take any chances. Then I realised I have no idea how I'd get this specific version first before upgrading to the latest version, with using docker.

I tried finding the answer but somehow couldn't really find a good page explaining it. Can I do this with docker compose or maybe it is better to just run this one time without compose? How to do it and what is easier?

you are viewing a single comment's thread
view the rest of the comments
[–] ook@discuss.tchncs.de 13 points 8 months ago (2 children)

This looks simple enough, thanks for taking the time to write that out for me!

[–] seang96@spgrn.com 6 points 8 months ago (1 children)

Its also good practice to include the sha256 digest after the version like

DockerImage:v... @sha256:...

If you pull without digest and say the maintainers get compromised and release an update with the same version tag with malicious stuff in it, then you won't pull it automatically since the digest does not match.

[–] ook@discuss.tchncs.de 1 points 8 months ago (1 children)

You can only do that if you get a specific version, or can this be done in some way with just leaving it to latest version?

[–] seang96@spgrn.com 1 points 8 months ago

I believe you can just do the sha but it would be a similar affect pinning it to that sxact docker image, but doing so without version tag makes it harder for you to know what you are running.

The sha256 is generated by an algorithm based off of the bytes of the image wherr the tag is overwritable and pushed by the developer.

[–] WhyJiffie@sh.itjust.works 3 points 8 months ago (1 children)

don't forget to recreate the container after editing the file, or else you'll keep running your previous Jellyfin version. "docker compose start" does not do it, "docker compose up" does when it detects a change.

[–] ook@discuss.tchncs.de 1 points 8 months ago

Good point, thanks!