diff --git a/cils/container_jellyfin.cil b/cils/container_jellyfin.cil
new file mode 100644
index 0000000..7fe8bb4
--- /dev/null
+++ b/cils/container_jellyfin.cil
@@ -0,0 +1,9 @@
+(block container_jellyfin
+    (blockinherit container)
+    (blockinherit net_container)
+
+    (allow process user_home_t ( dir ( watch getattr ioctl lock open read search ))) 
+    (allow process user_home_t ( file ( watch getattr ioctl lock open read ))) 
+
+    (allow process tmpfs_t (file (execute map)))
+)
diff --git a/server.yaml b/server.yaml
index 9ca19d4..1bda118 100644
--- a/server.yaml
+++ b/server.yaml
@@ -265,6 +265,7 @@ add-files:
       "/etc/cils/container_rwhome_allbind.cil",
     ],
     ["cils/container_wireguard.cil", "/etc/cils/container_wireguard.cil"],
+    ["cils/container_jellyfin.cil", "/etc/cils/container_jellyfin.cil"],
     ["etc/containers/containers.conf", "/etc/containers/containers.conf"],
     ["etc/containers/storage.conf", "/etc/containers/storage.conf"],
     [