Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.
-
AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Patch it to Jellyfin 10.10.7.
I did this a few months back.
Some things aren't as great, but you get full control and your server idles way better on JellyFin.
Yeah, as long as you have a decently supported client the entire platform is very serviceable. I do wish they would get rid of the unprotected endpoints and officially support 2FA on the server and clients.
For all their anti-consumer practices Plex does at least take their security very seriously.
I posted a while back, tested the biggest open endpoints and they were properly secured, the issues just weren't updated.
Note: Plex didn't have SSL, and refused to implement it, until ~6 weeks after I created a POC token exploit. Here's the GitHub repo I posted as a patch before they got their system in order: https://github.com/Fmstrat/plex-ssl. In other words, don't give them too much credit.
I'll go look at it again as well, their (jf) source control still had a lot of ancient open tickets last time I looked at it.
TLS for Plex was a really nice guesture. Company handling the issuing of the cert was pretty nice.
Realistically, I don't mind running a proxy for SSL unwrapping, there are enough projects out there that handle the unwrapping and renew their own keys from lets encrypt.
I just want to self-host this thing maybe run it through a single proxy product send the URL out to my extended family and forget about it. I wanted to be as secure as reasonably possible enough that I feel comfortable surfacing it.
Right now I surface Plex for the distant relations and tailscale jellyfin for my own, but it kills me I want Plex gone. But there are random TVs and kids on tablets, and honestly I don't want to be everyone's VPN endpoint or worry about onboarding everyone's new device.
Yea the catch was we were asking for TLS for a long time, and this was pre- Let's Encrypt, so those patching on their own didn't have a free (minus work) way to handle it. It took a releasable POC to get action.
All out devices just have a permanent Wireguard client since it uses basically no battery, and then a allow rules for households. If you don't want to run the client, and don't want to take the time to learn, you don't get access. But I totally get how that's not for everyone.
Yeah, my problem is televisions.
If it was just tablets phones and desktops I could do SSL client certificates.
For my personal use I'm using tailscale and it's wonderful.
Ahhh. I put the wireguard client on the router, so it's more of a site to site setup for TVs.