• Yote.zip@pawb.social
    link
    fedilink
    English
    arrow-up
    184
    arrow-down
    1
    ·
    1 year ago

    Not to be disrespectful but you can skip to 5:32 if you don’t need to justify piracy to yourself.

    • guitars are real@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      118
      ·
      1 year ago

      Those aren’t pirated copies, those are… lawfully encoded… 4k bluray rips… I made myself… to back up the uh, lawful copies I purchased at MSRP! That’s right!

        • ѕєχυαℓ ρσℓутσρє@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          27
          ·
          edit-2
          1 year ago

          Yeah lol. When I we first got wired internet at home (about 15 years ago), the speeds weren’t good. It averaged around 120 KBPS for browsing the internet. But the guy installing the connection told me that torrents went up to 10 MBPS easily, and he wasn’t lying. Before that, I didn’t understand that torrent worked in a fundamentally different way compared to direct downloads.

          It was in India. I won’t be surprised if the situation is still similar. (I mean the attitude towards piracy. The speeds are pretty good nowadays.)

        • marito@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          I miss living back in Mexico and not having to activate (and pay for) the VPN whenever I want to download something.

        • Empricorn@feddit.nl
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Which is honestly their job, their entire corporate existence! My engineer friend would get mad at all the ISPs for every single thing they did that was not related to the service. “Why are they spending time and money lobbying!?” “Why are they paying to put apps on my phone!?” “Why are they treating different types of content differently, their entire purpose is to be a pipe of connectivity!” And you know what? He’s right…

  • BaroqueInMind@kbin.social
    link
    fedilink
    arrow-up
    71
    arrow-down
    1
    ·
    1 year ago

    My Jellyfin server keeps getting pinged by EMOTET malware lately. Everyone here should be aware if you expose the Jellyfin port to the internet it will get data exfiltration attempts. Use strong passwords.

    • icedterminal@lemmy.world
      link
      fedilink
      English
      arrow-up
      53
      arrow-down
      1
      ·
      1 year ago

      Oh my. You’re doing it wrong. Exposing the unencrypted connection without the proper security measures is putting yourself at risk. Regardless of how strong you set the password, the connection can still be abused in all manner of ways. If you read the jellyfin documentation, you’d see the developers clearly state you should never do this. You need to put Jellyfin behind server software. Specifically a reverse proxy. I use NGINX. You can setup your connection to be secure this way. You can now also use Cloudflare if you have cache turned off. And if you really wanna go the extra mile, route it behind a VPN. Though this makes it harder for those you share it with or some devices that don’t support VPN.

      Please revise your connection. If you need help, feel free to reach out.

      • BaroqueInMind@kbin.social
        link
        fedilink
        arrow-up
        12
        ·
        edit-2
        1 year ago

        I have nginx setup and acessing through a Cloudflare tunnel but still getting EMOTET issues detected by my IDS.

        • pcjones@feddit.de
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          May I ask what I should look for in the log files to detect this (and so I can configure fail2ban correctly)?

          • BaroqueInMind@kbin.social
            link
            fedilink
            arrow-up
            4
            ·
            1 year ago

            First read this

            Then use the following:

            alert tcp $HOME_NET any -> $EXTERNAL_NET 443 (msg:“[CIS] Emotet C2 Traffic Using Form Data to Send Passwords”; content:“POST”; http_method; content:“Content-Type|3a 20|multipart/form-data|3b 20|boundary=”; http_header; fast_pattern; content:“Content-Disposition|3a 20|form-data|3b 20|name=|22|”; http_client_body; content:!“------WebKitFormBoundary”; http_client_body; content:!“Cookie|3a|”; pcre:“/:?(chrome|firefox|safari|opera|ie|edge) passwords/i”; reference:url,cofense.com/flash-bulletin-emotet-epoch-1-changes-c2-communication/; sid:1; rev:2;)

            And the following:

            alert tcp any any -> any $HTTP_PORTS (msg:“EMOTET:HTTP URI GET contains ‘/wp-content/###/’”; sid:00000000; rev:1; flow:established,to_server; content:“/wp-content/”; http_uri; content:“/”; http_uri; distance:0; within:4; content:“GET”; nocase; http_method; urilen:<17; classtype:http-uri; content:“Connection|3a 20|Keep-Alive|0d 0a|”; http_header; metadata:service http;)

            And also this one:

            alert tcp any any -> any $HTTP_PORTS (msg:“EMOTET:HTTP URI GET contains ‘/wp-admin/###/’”; sid:00000000; rev:1; flow:established,to_server; content:“/wp-admin/”; http_uri; content:“/”; http_uri; distance:0; within:4; content:“GET”; nocase; http_method; urilen:<15; content:“Connection|3a 20|Keep-Alive|0d 0a|”; http_header; classtype:http-uri; metadata:service http;)

        • icedterminal@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          1 year ago

          You always will. Welcome to the Internet. The difference is whether or not you’ve taken steps to secure your stuff. You need to understand what this malware is looking for. It’s explicitly looking for unsecured services. Such as WordPress, SQL, etc. There are inexperienced users out there that inadvertently expose themselves. I see this type of probing at work and at home. Don’t overly stress it. My home server has been running for a decade without issues. Just keep it updated and read before you make any changes if you don’t fully understand the implications.

          My home based server is behind a pfsense firewall. Runs Arch. Everything is in a non-root docker container. SELinux is enforced. All domains are routed through Cloudflare. Some use Cloudflare Zero Trust.

      • BaroqueInMind@kbin.social
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Mines behind an NGINX reverse proxy as well. EMOTET is a very advanced malware and can get around those now. My IDS detected data exfiltration to an unknown Brazilian IP, and I have a VPN with an IP tunnel on top of my reverse proxy, as well as everything on port 443. It still found a way.

        • icedterminal@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          If it found a way, then your server configuration is inadequate. Are you using old ciphers or protocols? Missing headers? Wrong headers? Something doesn’t add up here.

      • BaroqueInMind@kbin.social
        link
        fedilink
        arrow-up
        9
        ·
        1 year ago

        I have a refurbished server rack system that is running Zeek and also Suricata. I have a managed switch that will duplicate all network traffic to the system that is running those applications and a JBOD setup to store the countless logs. I have scoured through nearly all the CISA documents and alert reports to copy the various Snort rules they mention in each report and also purchased a specific modem to connect with my ISP that provides a service to monitor my traffic that has Minim.

        I am a cybersecurity expert and still don’t know what I’m doing most of the time, so this is literally scratching the surface, as well as only detecting threats not really stopping them which requires more knowledge.

    • CmdrShepard@lemmy.one
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      1 year ago

      This is the biggest downfall of Emby/Jellyfin IMO. It’s a tradeoff from being reliant on Plex’s authentication servers, but requires a lot of technical knowledge to setup correctly (rather than just port forwarding and relying on a strong password).

        • kaan@lemmy.ml
          cake
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          The employee who got hacked was both using an insecure password (the exploit needs access to an admin account) and his Plex install was 2.5 years out of date.

          • Snowplow8861@lemmus.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Sure was! You need to be on top of paid and free and open source software from a security stand point. There’s no shortcut no matter what you think you’re paying for. Your threat model might be better when the service automates a Web proxy for you, but that’s only one facet. You trade problems but should never feel like you can “set and forget”. Sometimes it’s better for you to do it yourself because there’s no lying about responsibilities that way.

    • TBi@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      Get a reverse proxy. Ping me if you need details. All my stuff is hidden behind port 443.

    • paris@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      1 year ago

      Why not use a reverse proxy to keep everything on port 443 behind your own domain or duckdns? /gen

      • Bill@lemmy.ca
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        Can you link a good resource for me to set this up myself ? To many similar but different guides and my ADD makes it impossible to reach the goal.

        • magikfish@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Look up Caddy V2 probably the most dead simple reverse proxy I’ve seen and they have solid documentation

      • BaroqueInMind@kbin.social
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        I do this already and also am inside an encrypted Cloudflare tunnel… Still getting EMOTET warnings from my IDS.

          • BaroqueInMind@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            I will simply copy/paste here then:

            I have a refurbished server rack system that is running Zeek and also Suricata. I have a managed switch that will duplicate all network traffic to the system that is running those applications and a JBOD setup to store the countless logs. I have scoured through nearly all the CISA documents and alert reports to copy the various Snort rules they mention in each report and also purchased a specific modem to connect with my ISP that provides a service to monitor my traffic that has Minim.

            I am a cybersecurity expert and still don’t know what I’m doing most of the time, so this is literally scratching the surface, as well as only detecting threats not really stopping them which requires more knowledge.

  • DLSantini@lemmy.ml
    link
    fedilink
    English
    arrow-up
    46
    arrow-down
    1
    ·
    1 year ago

    Made the switch from Plex to jellyfin last week. Runs so much smoother, far fewer issues, my NAS isn’t lighting itself on fire, and I don’t have unwanted features being shoved down my throat every time I open the client app. A few small UI things I don’t like, but Plex had just fucked up the exact same UI element on me anyway.

    I think it’s finally time I get around to setting up a second sonarr instance to customize for anime.

    • Swarfega@lemm.ee
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      1
      ·
      1 year ago

      I’ve been running Plex on a Pi 3 and now Pi 4 along with multiple other containers with no real problems. I don’t transcode obviously but have no issues with performance.

      I also installed Jellyfin last week to run side by side but ended up uninstalling as even when idle the memory usage went through the roof.

      • rambos@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        I had jellyfin and 20+ more containers on rpi4 4GB and didnt have that problem.

        • Swarfega@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          3
          ·
          1 year ago

          There isn’t a problem. It just consumed more memory than I’d have liked.

          I’ve just powered on the container and the system went from 1.75G to 2.47G consumed. This is when it’s idle.

          I’ve just stopped the Plex container and memory usage is now 2.40G. Plex is definitely more lightweight in comparison.

      • Jayb151@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I’ve never considered a pi for this purpose. Assuming you have either one large or multiple smaller hard drives, physically how do you connect all that to your pi? Thanks!

        • Swarfega@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Actually, the OS runs from SD and for mass storage I have a single USB drive. The container’s data is stored on the USB drive along with the docker-compose.yml file. So if I lose the SD it’s just a case of reloading the OS, installing docker and docker-compose. Configuring the disk to mount on boot and then running docker-compose to get back up and running.

          Docker data is sent via rsync to a Pi Zero should the USB drive fail. Plex/Jellyfin content I don’t care too much about as they can be “obtained” again 😉

          From the first boot it’s only a few lines to get docker installed ready for running containers. Containers are awesome!

      • SpezCanLigmaBalls@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Yeah my pi 4 works perfectly with Plex. The only issues I have with Plex is the apps on certain devices. For example on my Xbox it will stutter on a 4k movie but my TV app works fine. It’s pretty uncommon though. Also works great for everyone else I have on it. Just have them set the quality to original in the settings and smooth sailing from there. Barely uses any power from it. I can have multiple 4k HDR streams at one time

    • mayooooo@beehaw.org
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      Well this is really strange. I kept trying to use jellyfin but it felt like a hammer in search of fingers, what with being unable to disable transcoding and the apps being unable to play basically anything. So my server was on fire. And two days ago I decided to try plex, and everything just works tm, I disabled transcoding, it’s like magic. Just wish it wasn’t trying to make me get a subscription so bad, but for me the experience was completely opposite

      • pimeys@lemmy.nauk.io
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I used both of them for a long time. Plex(amp) for music because it just works for streaming my collection everywhere I go and has a good UI. My own personal Spotify… And Jellyfin for everything else.

        Now I built a new homelab server with a beefier AMD and proxmox, and decided to just switch to Plex for all my content. It has a better UI to my taste at least, but it also has these weird glitches sometimes where the video playback stutters if watching 4k material (where Jellyfin just worked).

        I don’t know really. For music Plex is definitely worth the subscription price, but these weird playback issues put me to consider alternatives for video content.

        • mayooooo@beehaw.org
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          3
          ·
          1 year ago

          I just added jellyfin to my nas and deleted it again. It doesn’t work without transcoding and the replies to people asking for the option are idiotic to say the least. Sometimes opensource software can be proper crap, what can you do. And plex is obviously faster, a lot faster. Maybe because it’s not wasting resources on transcoding haha

      • DLSantini@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I haven’t seen a specific way to explicitly disable transcoding, like I did on Plex. If I try to play a video in the browser, it obviously needs to transcode my hevc videos, and the CPU in my NAS gets demolished(though it does technically allow the video to play). But as long as I use a player that is capable of direct-play (so the desktop app, or the Android app), it will direct-play automatically, without transcoding. Hasn’t been a problem so far. I plan to upgrade my NAS at some point, and the new build will be more than capable of transcoding.

        • mayooooo@beehaw.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I guess it has a lot to do with hardware. The issue I have with this is mainly the lack of this option, I want to control what happens. But the weird thing is my devices are capable of playing the raw files over smb shares, using a regular player, no problems whatsoever. Then the jellyfin client decides that it can’t play these things and stuff goes downhill. It’s a shame, I’d always rather go with open things but there are limits.

    • i_stole_ur_taco@lemmy.ca
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Did you give up any Plex features you miss? I’ve been running a Plex server for years without serious issues, but I’m tired of seeing my CPUs getting hammered so bad when it doesn’t seem justifiable.

      • DLSantini@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Nothing much that I can think of. Everything works just about as well as before. If I need/want to change a cover or other image manually, the jellyfin system is kind of trash, where the Plex system works really well. But that’s a fairly minor complaint, to be fair. My only other issue is the way the unwatched episode badge works. Plex had just changed theirs on me and made it worse. And jellyfin is even more useless than that. But those are the only things I can even think to complain about.

  • Phoenixz@lemmy.ca
    link
    fedilink
    English
    arrow-up
    29
    arrow-down
    4
    ·
    1 year ago

    Jellyfin is awesome but…

    There are still problems. The mobile app recently got loads better but still has some pretty major issues with subtitles, showing that subtitles either are barely tested, or the dev simply doesn’t have the resources required or finished the app in a better way. Right now you cannot watch two episodes of a show in a row over Chromecast with subtitles without the last subtitles of the previous show frozen in screen and the new subtitles being display above those. Gotta disconnect Chromecast, shutdown the app, restart everything. This is super annoying but still light-years better than the previous mobiel app that would basically require a reinstall after each episode.

    There are many other issues too, scrubbing is much better again, but still problematic and tents to freeze, requiring restarting everything.

    Jellyfin is awesome but I can’t really let my wife use it, as she doesn’t have the computer patience that I have.

    • filcuk@lemmy.zip
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      2
      ·
      1 year ago

      I’m sticking with Plex for now too. Although there are some grating, persistent issues in basic use, it usually just works.
      Swear the UI gets laggier on the TV by the day, Jellyfin was jarring to me how snappy it was in comparison.

      • crimsdings@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I switched recently from Plex to jellyfin because Plex implemented stuff I do not need nor want, and it was full of bugs. Jellyfin works way better for me then Plex did.

    • Skimmer@lemmy.zip
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      My biggest issue with Jellyfin is the downloads. I hate not being able to downscale or compress files. Its really the main reason I still leave Plex up in conjunction to it. Though I hope to be able to get rid of Plex entirely in the future, Jellyfin just needs more time.

      • Phoenixz@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Agreed and inknownit needs more time but it’s frustrating that I can’t yet sit down with family and watch something because it’s so unreliable

    • pokemaster787@ani.social
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      I don’t have this issue with Jellyfin on my Chromecast at all.

      Sometimes it’ll not “remember” which sub track I had selected when going to the next episode and I have to re-select it, or occasionally it won’t properly burn in the subtitles and I have to back out and restart the episode, but I never get them “stuck” like that.

      I’d recommend trying to change the default player, the player is actually where I find most of the issues arise with subtitles. Jellyfin ships with LibVLC and ExoPlayer on Chromecast, but only uses one by default. I have it set to ask me which player to use for each show, since the subtitles for some of my shows work in one player but not the other.

      Also are you using the Chromecast app for Jellyfin or are you casting to the Chromecast through the Jellyfin mobile app? (Not sure if the latter is possible, but I can see that causing weird behavior)

      • Phoenixz@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Interesting! Thanks, did not know that.

        I’m casting using the mobile app, is there another way to cast, even?

        • pokemaster787@ani.social
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          There’s a dedicated app you can install on your Chromecast, then connect to your server the same way you connect on your phone. Works great for me as long as I select the right player

    • khi@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      1 year ago

      Oh that is an extremely different experience that what I’m having! Chromecast works fine for me and i never have to restart anything and no problems with scrubbing either, just a bit slow on shows with a lot of episodes (300+). I have given my friends access to my server and most of them are using it just fine (sure with some issue now and then, as you said its not perfect). And in iOS with the alternative Swiftfin client the experience feels phenomenal!!

        • khi@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Yes! Usually the ones that come with the media are fine for me but i also have the open subtitles plugin to download extra ones in my language. There are no problems 98% of the time and the other 2% its just that they won’t load and I just have to select/download different ones.

  • rockSlayer@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    ·
    edit-2
    1 year ago

    Does anyone have hypothetical knowledge on how to set up jellyfin at one location for several family members spread out across the country?

    • ѕєχυαℓ ρσℓутσρє@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      14
      ·
      edit-2
      1 year ago

      Off the top of my head, I can think of 3 ways.

      1. Using a VPS and DDNS (I personally do this):
        • Pros: Super easy for others to access, you just give them the address.
        • Cons: Not free. (Oracle free tier might work, but it’s unreliable.) But there are cheap VPSs as low as $12/yr that work pretty well. Also, it’s a bit harder to setup since you’ll need to create a VPN tunnel between your local machine and the VPS.
      2. Using tailscale or zeroties:
        • Pros: Free, and easier to setup than a VPS.
        • Cons: People need to install extra apps to access your server.
      3. By port forwarding:
        • Pros: Super easy to setup, just need to forward the ports through your router.
        • Cons: You’re opening a port to the internet, which is less than ideal. Also, it won’t work if you’re behind a NAT.
        • ѕєχυαℓ ρσℓутσρє@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          7
          ·
          edit-2
          1 year ago

          I have a VPS from RackNerd for something like $11.5/yr. You can check some offers from them here.

          To be clear, it probably won’t work well as a Jellyfin server since the storage and CPU capabilities aren’t great. But it’s pretty good as a relay, which is what I described above. I have a local machine, and I use the VPS to relay the connection to the open internet.

          • MigratingtoLemmy@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I had a question: in the $12/year plan from Racknerd, is the deal tied to a specific instance which you can spin up for that much money? Or can I just shut it down and switch it on the next day without extra charges?

            I’m trying to find an API to use with Racknerd (SolusVM, but their documentation is a bit confusing for me) to be able to pull up VMs on demand. I basically want a new IP for my VM everyday, however requesting a new IP from Racknerd incurs fees, or so I have heard.

      • strahlemann@feddit.de
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        1 year ago

        For 1. you don’t necessarily need a VPN. A reverse tunnel using SSH should be sufficient and is easier.

    • Selmafudd@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      1 year ago

      It’s easy af, just look up Jellyfin server guide. Basically it’s just forwarding a few ports and setting up usernames/passwords for them and you’re good to go

        • MigratingtoLemmy@lemmy.world
          link
          fedilink
          English
          arrow-up
          10
          ·
          1 year ago

          A slightly more complicated setup would be to host Jellyfin on one’s server at home and run a VPN client to a VPS which would have the necessary ports forwarded and routing configured. This way the people who know the right credentials can log in (assuming SSO) and the hoster doesn’t have to open their own port

        • clericc@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          one could dyndns their servers’ ipv6 instead, where cgnat to my knowledge does not exist

    • Stormcrow@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      I personally use GL.iNet routers. Basically you create VPN tunnels between a WG(WireGuard) server hosted on one router, and WG clients hosted on another GL.iNet router or a device that supports the WG app (PC and mobile afaik). The router using the WG server is facing WAN so no need to port forward and you can use it to connect to your jellyfin server as well as RDP or SSH into your server. The WG clients are simple, just need to be connected to the Internet. The tunnels bandwidth is based on your ISP’s upload speed(fiber is great, with coax good luck streaming 4k) where the WG server is located. You can use WG without the router too, but I’ll just speak to my experience.

      Edit: YT link to intro for the routers - https://youtu.be/LXbDg1v65Qs?feature=shared

    • Stephen304@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      If you have good home upload and want to host at home, a simple reverse proxy on the vps provider of your choice does the trick. I host for a large group of friends and family and it all proxies through haproxy running on digitalocean.

      • dinosaurdynasty@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        You don’t even need the vps unless you’re behind cgnat Though you should never expose Jellyfin to the Internet, they have had and continue to have major security problems

    • Sarsoar@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      My setup is this:

      1. cloudflare dns mapping my domain to an oracle cloud vm. 2)oracle always free tier, 1 core amd vm, with apache reverse proxy. I also have tailscale running on this machine. You have to setup the networking rules in the oci networking area, and setup ufw/iptables as well. So then jellyfin.whatever gets mapped to tailscale_ip:jellyfin_port at home.
      2. My server at home with tailscale as well so it has its own ip, but you can expose routes and use the same internal ip. Jellyfin server runs here. There is a dedicated user with appropriate access to my nas aswell.
      3. This server has a vm on it that runs prowlarr/sonarr/radarr/lidarr and qbittorrent. I have an airvpn account running here with a killswitch, and also qbittorent is only allowed to use the eddie interface. I port forwarded a dedicated port on the airvpn site and told qbittorrent to use that.

      So me, my partner, parnets, and friends when outside my network can go to jellyfin.domain.whatever and login to my jellyfin. No ports open to the internet except 80/443 on the reverse proxy, and no ips to remember. That will give you some things to google to get started to replicate a similar setup for your needs.

      • MrMonkey@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        No ports open to the internet except 80/443 on the reverse proxy

        In terms of security, isn’t this kind of the same as just opening the server port to the internet, which many others are advising against?

    • dinosaurdynasty@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Do not expose Jellyfin to the general Internet. They have security issues, I would not trust that (no cloudflare does not save you by default).

      There are basically two ways: VPN, or authenticated reverse proxy. VPN is probably the easiest to setup and the most flexible, but it’s a bit of a pita to use.

      Authenticated reverse proxy will break apps, but the web app will work (and you can setup your reverse proxy to allow specific user agents from the VPN to bypass it, allowing apps on the VPN to work). I currently do this so I can look at metadata on my phone without a VPN setup.

  • TurnItOff_OnAgain@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    1 year ago

    It needs a good Xbox app for me to switch. I could deal with dlna, but my wife and daughter need the easier interface plex has, and unless I can at least partially match that I can’t switch.

    • Selmafudd@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      It works fine on Google tv via the new gen Chromecast if that’s an option for you?

      • nevernevermore@kbin.social
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        It works fine on Google tv

        It working ‘fine’ is the reason I’ve switched back to Plex for the time being. Too many QoL issues for me personally

      • state_electrician@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        That looks nice, but I am not getting anything close to the listed prices. I don’t see the board for under 400 Euro, the PSU is off by a factor of 10 and so on. Overall I don’t think I can build the PC for less than the 573 Euro a Synology DS923+ would cost me. The only upside of the custom build would be that I can attach more than 4 disks.

      • state_electrician@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        I want to go for a 4 bay one, so that I’ll survive a disk failure. And then you’re looking at about 2000 Euro for the NAS and four drives.

        • PainInTheAES@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          Just buy a used PC and the drives. You don’t have to buy them all at once since you can add drives to your RAID.

          • Blackmist@feddit.uk
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I’ve got old PCs, but would rather have something that uses very little power rather than some ancient Athlon X2 running full tilt.

            Those mini PCs are neat, but lack space for drives.

            • PainInTheAES@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              1 year ago

              As far as I can tell a Dell small form factor and Synology idle around 15-25w and 15w respectively. Both seem to pop up to 30-45w under average load depending on what you’re doing with them. But it depends on the kind of processor you pick and additional drives will also pull more wattage.

              The SFF units are limited on space. The one I have is limited to one HDD although you could put a few SATA SSDs in there and 1 nvme. The SSDs would be more expensive but lower energy use. I’ve been toying with attaching a external HDD mount to the case to see if I could add in some extra drives.

              I’m not familiar with the EU/UK market, but in the US I got my used Dell for $87 from eBay. It came with 8Gb RAM and a 250Gb SSD. And it had cosmetic damage so the seller sent me a second for free :P

              I think depending on how much storage you need it could be a viable alternative.

              Currently I’m still using my Odroid HC4 which is probably super power efficient but limited to 2 drives and it isn’t very powerful.

              The Synology units are much more user friendly out of the box though. Also I guess it depends on if you just want a NAS or if you eventually want to get into self hosting.

          • state_electrician@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            RAID1 is nice, but you lose 50% of your total capacity to the mirroring. I want to go with 4 drives and RAID5. I only give up 1 drive of capacity and can still lose one without losing data. If I invest money into this I don’t want to compromise too much, as it needs to last for years.

        • Kbobabob@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I noticed, but it kinda works. One takes you to learn more about the brand and the other to the store site.

      • state_electrician@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I don’t see anything that would be cheaper than a DS923 from Synology, which costs 570 plus the drives. The cheapest I see still costs me 1200 Euro for everything.

        • droans@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          https://pcpartpicker.com/list/JhPvZJ

          I didn’t even bother getting the best price. I just selected things that would work well.

          Get an LSI HBA in IT Mode for another $60 to add another 8 drives.

          The case was chosen because it can support 11 drives. It comes with six bays by default but you can buy packs of two bays for $15.

          As is, this will cost ~$560 plus the drives and allow you to use eleven 3.5", but cheaper and better options for the PSU, mobo, SSD and memory are out there. I just selected things that would be useful for what you need and provide better hardware than a Synology.

          If you don’t need as much storage, you can shave off $160 with a cheaper case and skip the HBA.

        • CCMan1701A@startrek.website
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Nah, you need to build a PC or pickup a older server. I went with Synology and it ended up close to $1k with drives 😭

          • time_fo_that@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I built a Ryzen 5800X machine using a cheap AsRock motherboard and three 8tb WD Red drives for about $600 USD. I did reuse the case, power supply, and NVME cache drive from an old build. I’m running Unraid and it has been great!

    • TheControlled@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I built by own NAS for $100 and with old HDDs I had lying around. Buy used, old parts on eBay (like 10 years old) install Unraid trial. Bob’s your uncle. Then you can upgrade as you go as needed.

    • CallOfTheWild@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      You can build a dedicated NAS fairly inexpensively. If you have an old computer you don’t use anymore that’s a great starting point. I was able to find a micro optiplex at my local used computer store for $99 and it runs great. I originally had it running on a raspberry pi 3 but was having power management issues and needed something a little more powerful.

      I would recommend using Samba for your NAS. It’s a free SMB server that lets you access your data on all operating systems. Other Linux computers can mount samba by adding a line to /etc/fstab. On Windows you just go to file explorer and click map network drive.

    • Nick@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      You could always hop over to https://frame.work and pick up a refurbished Intel mainboard plus an enclosure (or 3D print your own using their plans). You’d just need to get some RAM and a small SSD to run an OS like TrueNAS and you’d be good to go for probably under USD $600.

    • imclaux@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      keep both, sometimes jwllyfin doesn’t like streaming one kind of hdr or another and Plex will stream that. rarely can be the other way around. I have both using the same library, if one fails I try the other one.

  • rengoku2@lemm.ee
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    Jellyfin is almost perfect for me, I just need to find out why it decides to randomly transcode when it needs to do nothing when serving client.

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      There are tons of reasons why Jellyfin may decide to transcode. In my experience browsers and players usually have the right video decoder support, but high efficiency audio codecs seem to trigger transcoding. It’s also possibly the specific video profile (colour depth, HDR, whatever) isn’t supported by the client even if the more common profiles are.

      In some circumstances, enabling embedded subtitles can force a transcode. Using Bazarr to download separate subtitles helps prevent weird transcodes for some of the videos I’ve gathered on my server.

    • Blackmist@feddit.uk
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Yeah, why is it doing that?

      Especially when I’m using the Jellyfin Android TV client. The quality goes from ok to complete shit.

      Does it not like mkv files?

      • CCMan1701A@startrek.website
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Disable video transcoding for the account your client connects with. Then check the log to see why it needs to transcod it the video fails. Could be the bitrate limit. I’m not having issues and using the same client.

        • Blackmist@feddit.uk
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Checked on the dashboard as per the other comment.

          It’s subtitles. I’m probably going to try Kodi as a client, see how that goes. Shame, because I quite like the Jellyfin client UI, it just doesn’t work with some files.

            • Blackmist@feddit.uk
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              It’s strange because Jellyfin claims to be able to extract and convert subtitles on the fly, and even has an option to disable that, but for some reason it’s choosing not to do it. There doesn’t seem to be a definitive list of what does and doesn’t work. You just play things and hope it doesn’t trigger the transcoding dance.

              Kodi’s player does work (to an extremely impressive level, including DVD rips I made years ago), but I’m really not keen on the UI, dating as it does from before Android TV was a thing. All the buttons seem configured just differently enough from everybody else that simple things like checking how long a video has left, to backing out so you can finish watching tomorrow are borderline infuriating. I did get a keybinding editor for it, to make it so pressing back stops the video, but knowing all the functions is something that takes more knowledge of it than I have. I’ll probably get it configured eventually, but it’s annoying to start with.

              The Jellyfin UI on the other hand is great. I love the detail on each film, all the cast and blurb and all that. It’s just the player is Exoplayer, and every limitation in that is now Jellyfin’s limit too. There does seem to be an option to swap it, but what with? I’m not sure what Kodi uses internally. Maybe it’s their own thing.

  • piskertariot@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    Jellyfin works great in an all Jellyfin environment. It’s poor integration with Chromecast ultimately kept me off the platform. But that’s on me for letting Google make things too easy.

    I will give Jellyfin further credit, that Finamp is really well designed for music use, and it kept me running the server in parallel with other media servers for quite a while.

      • lemming741@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I had enough parts laying around to build a HTPC but the LG is too damn good, especially after you pihole it.

      • Fushuan [he/him]@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        The LG app is jellyfin TV, right? It gives me issues with some formats, the video player is kinda crap honestly, if you try to forward or go back in the video it freezes for some seconds, zero buffering, and the UI is kinda ugly. I use another video payer as a proxy and that solves the ui and some formats, but it still complain on some others and the buffering issue is still there for some reason.

        This is quite weird since the android app, which supposedly is just the Web app plugged in through react native, works flawlessly. Instead of adding tv controls to that app they decided to create a new one and it’s really not the best idea.

        I hate to say it but this doesn’t happen with emby, the UI is similar but I’m able to see all the formats I own and there’s no issue with forwarding.

    • M500@lemmy.ml
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      It has a pretty good google tv app. That’s how my wife mainly uses it. I use the iOS app Swiftfin.

    • JustEnoughDucks@feddit.nl
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      What? Why do you say that?

      I use it on my Chromecast constantly. I have had subtitle sync problems with some media, but that is literally on every single jellyfin app platform I have tried.

    • hardcoreufo@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      You can use jellyfin to manage your Kodi media which is how I use it. I get the customizability of Kodi with the seamless syncing between devices of jellyfin.

  • Alborlin@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    2
    ·
    1 year ago

    Okay , for anyone who can advise a noob like me.i don’t want NAS, of fancy connections and switches and gears. All I want is to get SSD or HDD , an tore t client to download ahem " iso"s and then I open my TV/comouert and voilà it’s there, what is easy and simplest way to do it ?.

    • shapis@lemmy.ml
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      1 year ago

      Install Plex Radarr Sonarr and Jackett.

      Select jackett as the indexer for both sonarr and Radarr.

      Select your torrent program as the main torrent program for both radarr and sonarr.

      Point the Plex library to whatever folder you selected to use on Radarr and Sonarr.

      And that’s it.

      • MeatsOfRage@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        One suggestion I might make is Prowlarr instead of Jackett. I found it to be a lot easier to work with but YMMV.

        Also I usually suggest adding Overseerr to the stack. It hides everything away behind a super easy to use app.

    • burble@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Does your TV have a USB port? You might literally be able to just download files to an external drive and go plug that into your TV.

    • warmaster@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 year ago

      Install & setup Jellyfin Install Qbittorrent

      Download movies and series, put them in the folders that Jellyfin is monitoring.

      Install Jellyfin on your phone and your TV or Streaming device.

      Play.

      After that, if you want more automation, do what others said: Radarr, Sonarr, Prowlarr, Bazarr

    • tankplanker@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      NVIDIA Shield with USB drive, and the Shield supports running Plex. Hook the Shield up to your main TV, share its content anywhere else you need it using Plex. You can even torrent directly on the Shield.

    • ours@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      10
      ·
      1 year ago

      Get a Synology NAS, put HDDs in it, easily install Torrent client and media server software, and enjoy.

      A NAS is a box for HDDs, a low-powered computer to drive them, an OS, and some bits of software you choose to run on it.

      • crashoverride@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        1 year ago

        He literally just said he didn’t want a NAS. All he needs then is to a get a couple 2-4 TB SSDs, and just stick them in his computer. Boom done

        • ours@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          1 year ago

          I got that but wondered if he knew what an NAS can be. It doesn’t need to be complicated but you are right: he can just add a bunch of HDDs to his current PC and install the necessary server apps. But I doubt someone who doesn’t want to bother with an added NAS has a PC that can host a bunch of extra SATA drives.

          • Another_Idiot@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            4
            ·
            edit-2
            1 year ago

            I know what I’m doing, and I don’t want a NAS. I have a 4Tb M.2 as my boot & games drive, and 2x 14TB HDD for Media. I have Plex installed and it’s great.

            Most people don’t need a NAS. Unless you’re running a full network setup like Linus, a NAS isn’t needed.

            I can watch stuff on my PC, or I can cast to the living room TV, while the missus casts to the bedroom PC.

            • ours@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              1 year ago

              Unless you’re running a full network setup like Linus

              I’m not sure I understand what that means but yes, a NAS is not indispensable, but it’s a great convenience. Pre-NAS that’s how I rolled until I didn’t want to have to run my full-powered gaming PC all the time.

            • ObsidianBlk@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              If you have a computer, and it’s on the internet, you have NAS… Network Attached Storage… your computer is on the network, and it has storage, then it’s network attached storage. Everything else is just software controlling it all. FFS

              • Another_Idiot@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                Yes, you’re right, pedantic, but right. Thing is, we’ve been talking about having an “on-prem” NAS.

                There’s really not any need to have a go at me, I’m just trying to help some dude who doesn’t want to spend an extra 300 quid on a NAS box, setup the software and have to play with raid.

  • GVeltaine@lemmy.zip
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    1 year ago

    Any recommendation on a NAS to take advantage of this software? The current one i have is a nightmare to get running it and will just look into another

    Edit: it’s a QNap TS-230. I’ve tinkered with the container station and i can get to the drive set up but it never sees within the library and just idles even after multiple retries

  • snekerpimp@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Wish there was a Jellyfin client that had a sort by random on tvOS, literally the only reason I use the Plex app.

    • 1hitsong@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      I’ve never seen that requested before. I’ll add it to the Roku client idea list.

      • snekerpimp@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s missing from many players. Infuse is missing it too, which I have to use because Plex on tvOS is TERRIBLE. How does everyone look at movies then? Scroll through them alphabetically? I miss the play random button too, they took that away a year or two ago.

    • TechAdmin@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      My current workaround for that is adding whatever I want to shuffle into a playlist. I have one with some sci-fi shows in it that I regularly use. Smart collections is my most missed feature from Plex.

      edit: nvm, doesn’t sound like it would help your use case, read through it too quick first time round

      • snekerpimp@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Have never been able to get into playlists. I don’t have time to sit down and scroll through my thousands of movies to pick individual ones out for a certain mood. I did that with music back in the 00s, but I had a considerably larger amount of free time on my hands back then. Should probably look into them a bit more.