Background: I built this project because I wanted to run Stremio in a way that felt like a "set it and forget it," repeatable, and a lot safer than just hoping my VPN client was connected in the background in a Linux environment. If you are hosting the streaming server on a linux machine, you know what i am talking about. The whole point of this project was to make that safer path the default, so I could use my own server routed with a domain via HTTPS and not have to constantly think whether traffic was escaping the VPN or one small misconfiguration was exposing more than I intended.
It runs Stremio behind a Gluetun VPN container with a real firewall-based kill switch, startup verification, public-IP leak checks, and a background watchdog. I also added a small patch layer to improve reverse-proxy / HTTPS behavior and smooth out some annoying mobile playback edge cases.
Main focus:
- easier first-run setup
- safer torrent/VPN routing with a kill switch locked under a container
- better routing behavior behind a domain/reverse proxy
- cleaner logs and contributor-friendly structure
- VPN tunnel drop watch dog
Optional quality-of-life patches
- Keeps Stremio’s external redirect pointed at your public HTTPS domain instead of an internal/self-reported URL. In my case, when I routed a public domain to the server, Stremio would not consistently preserve HTTPS on its own; instead, it would stick with a bare HTTP URL.
- Rewrites Stremio’s self-probe media URLs back to loopback so reverse proxies do not break playback internals.
- Cuts down noisy repeated hardware probe checks on reconnects when the probe-skip option is enabled.
- Returns an empty /casting response when casting is disabled, so the web client does not show a false “server offline” warning in the verbose logs.
- Ignores favicon requests that were creating misleading parser noise in the logs.
- Separates playback-critical patches from cosmetic ones so harmless upstream drift degrades softly instead of breaking the whole build.
If you run Stremio in Docker/Linux and want something a bit more locked down, I’d love for people to try it and tell me what works, what breaks, and what should be simpler.