

Totally. Why should anyone care about whether their clothes were made by slaves or prisoners or children? Only the tightness of the stitching and fabric is a valid measure of clothing’s quality. 🙄


Totally. Why should anyone care about whether their clothes were made by slaves or prisoners or children? Only the tightness of the stitching and fabric is a valid measure of clothing’s quality. 🙄


This. I’ll never understand how a person can hold simultaneously the values of freedom and of seeking to punish or exclude the Other. Promoting DRM-free games feels like a freedom-respecting move. Same with the undercurrent of xenophobia/homophobia/transphobia that exists within some FOSS spaces. It’s utterly confusing.


I’m aware of this (that’s why I described a potential breach as Jellyfin -> LXC escape). What it does provide me is a static IP to point my domain at that I don’t have to worry about updating via whatever DDNS service and that isn’t tied to my home address. That and the wireguard tunnel gives me plausible deniability should my ISP ever decide to enforce its rules against hosting servers. 😀


I have a very cheap ($11/yr) us-based vps through racknerd I got via low end box. I’ve got 12 users but only 5 really active ones and I’ve never come close to hitting the 1tb transfer. I serve several services through that one vps (all just reverse proxy to my homelab).
I did just pick up another u.s. based vps through low end box the other day- $12/yr and unmetered Gbps. 1 CPU only, but a reverse proxy doesn’t need a lot of compute. :)


Depends on what you mean by “secure.” My personal setup is Jellyfin LXC on proxmox --> Wireguard to VPS -> Nginx reverse proxy on VPS.
This setup relies somewhat on Jellyfin’s auth, but I’m comfortable with that risk. The LXC is blocked from sending local traffic on my network by firewall rules. Yes, someone could exploit a vulnerability in Jellyfin (though looking through the CVEs I’m not overly worried about that), then escape the LXC and fuck with my server. But that’s a lot of work for no profit.
For more protection (in sense of reducing traffic that even interacts with your server), I’d recommend getting a wildcard cert for the domain so that the actual subdomain jellyfin is on is undisclosed to anyone not using your service.
Security isn’t about making everything impregnable, it’s about making attacks more trouble than they’re worth. Otherwise, we’d all live in fortified bunkers surrounded by landmines. 🙃


Never had stability issues. It doesn’t do asynchronous messaging without the mailbox app though. IIRC, it also doesn’t have an iOS app due to apple’s insistence that no apps run in the background


Navidrome. It’s lightweight and works with any subsonic app.


There are ways to make that irrelevant. I use a cheap vps and just have it funnel raw traffic for the ports I need to my home server via wireguard. All my SSL certs live on my machine and the VPS can’t see any of the traffic contents. I suppose they could redirect traffic elsewhere or start serving whatever on that domain, but I would know immediately and there are some limits to my paranoia.
I’ll still respond for the sake of anyone else reading this. What I used was an analogy. I’m pointing out that you were dismissing the potential for moral objections to the use of AI. That is not the same as equating, but you probably know that.
You, like, other AI boosters are unable to fathom that folks’ moral objections are both truly held and legitimate so you feign ignorance and shut down any critique by simultaneously clutching pearls and claiming that the thing we find morally repugnant is “inevitable.” Happy to avoid future interactions. ❤