

I don’t really agree. If you have a tool to do a thing, share it in case someone else could benefit, just be open about what it is.


I don’t really agree. If you have a tool to do a thing, share it in case someone else could benefit, just be open about what it is.


I’m generally anti-ai but this is kind of exactly what vibe coding is for.
Someone has a problem right now and there is no tool to fix their problem how they want it fixed, so they throw some shit together for personal use and maybe someone else can use it if they want idgaf.
Why would they maintain that? It does what they need it to, when they need it. Usually these tools are very basic.


I actually commented a solution on a pangolin ticket, and they were like “good idea!” And implemented it, but then made it an enterprise only feature 😭


I can’t get it working with the app unless I disable auth in pangolin, but it works beautifully with web


Y’all looking for a reason to be mad



That’s an unnecessarily rude response. Even in the baking community, it should be fine to ask what goes into their decision to bake bread, or why they choose to bake bread instead of spending their time baking other things instead. Even if he already made up his mind, it’s fine to be curious about the motivations others.
He didn’t tell you what you can or can’t do, or what you should or shouldn’t do. He didn’t jellyfin is bad or that self hosting in general is bad. He wasn’t rude.
You say it’s an important life lesson to get that it’s ok for other people to have different tastes and priorities, but it’s also healthy to ask people about those tastes and priorities.


I just let each docker stack get its own.
Often different services need different versions or update between versions at different cadences, so I don’t want to deal managing all that.


Did you just suggest Linux has no vulnerabilities in any of its distros, and neither does any of the self-hosted services?


Afraid people will use known vulnerabilities in common self-hosted software.


So every answer is as good as you can get?


I’m afraid of security bugs in the software I’m using, so that containers don’t contain, read-only doesn’t prevent writing, mounting directories doesn’t restrict access to those directories, etc.
I’m a nobody, I can’t imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)


I’m kinda disappointed with this thread, I’m in a similar position to OP, but all the responses are just like “use a reverse proxy and make your URL hard to guess” and other measures which are not very secure. \
It seems like that’s about as good as you can get at the moment, because the mobile apps barf if you try to add in auth in front of the reverse proxy, but a lot of people seem to be providing this advice like it’s good enough rather than as good as you can get.


Some reverse proxies have an authentication layer.
But this typically breaks the jellyfin Mobile app.


Idk if geo whitelisting is really good enough. I can’t speak for OP, but I’m in the same position and I don’t. I had high hopes for the post but everyone seems to just brush over the “secure” part


How do you get the mobile app to connect?
It seems similar in purpose to pangolin, how do they differ?
That’s true to an extent, but I’d disagree wrt something like dockerhub.