Yes, but AFAIK that’s only for local multicast discovery. If you have a server listening for connections somewhere, those aren’t password protected and anyone can connect to them unless you restrict the accepted keys.
- 0 Posts
- 17 Comments
I’ve never heard of this, but looks pretty cool. I use Yggdrasil in my homelab and on the surface this looks pretty similar in that both are decentralized mesh VPNs. The goals are somewhat different though and I think that shows in some choices the projects made.
Just reading through the docs of AWL it looks pretty good. They use libp2p for transport encryption and NAT traversal. libp2p itself is a spinoff from the IPFS project and pretty widely used. Compared to that Yggdrasil does not have any NAT traversal built in, instead every node is capable of relaying traffic and it will find the best route through the network.
The bootstrapping in AWL relies on community nodes, though you can host your own. Yggdrasil similarly has public peers if you want to participate in the official network, but you can just not configure those and use one or two of your own publicly reachable servers to build a separate network. That’s how I have mine configured, with a VPS and another public server being the primary relay nodes.
In AWL you must explicitly allow other peers to connect to you. That’s pretty good, otherwise you could just reach any other server on the network. Yggdrasil has similar functionality in that you can specify which public keys can connect to the server, but defaults to allow any member so potentially less secure than AWL.
Edit: Yggdrasil allows you to set a password to connect to your nodesI’d be curious to know which ip ranges AWL uses for its address scheme. I could only find reference to
10.66.0.2for the public test server. Yggdrasil used ipv6 addresses in the0200::/7range, that’s technically reserved by IETF but has been deprecated since 2004. With this you’re certain to not have conflicts, the usual ipv6 local range isfc00::/7For other interesting projects also Nebula. It is completely self hosted but not decentralized. You need one or more special nodes called “lighthouses” which are used for the initial handshake between nodes. This has some advantages like ACLs for different nodes.
Another fully decentralized project I’ve looked at but never tried is EasyTier. I think last time I checked it did not have any ipv6 support
Imo the best app for Jellyfin i Finamp, make sure to use the beta release for the updated UI and general huge improvements. It’s been in the works for a while and works great as a daily driver.
Jellyfin can use a bunch of sources to get metadata for music, some by default others by installing a plugin, but it’s much more hit-and-miss than movies or series. That’s just due to how much more music there is and how relatively worse metadata for music generally is.
Personally, I add a few albums at a time and make sure the metadata is correct using kid3.Maintainability is probably similar between the two options. Jellyfin obviously can handle other media as well so if you need something to watch movies that would result in less maintenance needed overall.
I used to run Navidrome for a bit, but soon after the Finamp beta started so I didn’t feel the need to go with the broader app selection of Subsonic.
exu@feditown.comto
Selfhosted@lemmy.world•The prices differences of different providers for the same domain is crazy.English
7·16 days agoDo note that njalla isn’t a real registrar like all others. With normal registrars you are the legal owner of a domain name and your registrar has to follow ICANN rules. If you rent through njalla they own the domain and can do whatever they want with it.
The closest one I know is FlyingCarpet. All others need devices to be on the same network
Undeclared AI images. This makes me trust less that all of the text was written by the author himself.
exu@feditown.comto
Selfhosted@lemmy.world•Question: What are some alternatives to a Raspberry Pi good for a small home server?English
64·1 month agoGet a NUC or old laptop and install your distro of choice on it. Much less hassle than barely supported ARM boards with ancient kernels.
exu@feditown.comto
Selfhosted@lemmy.world•How many and how much are your subscriptions?English
1·2 months agoI don’t want to worry about my password manager being down if I ever have a total outage for any reason
exu@feditown.comto
Selfhosted@lemmy.world•How many and how much are your subscriptions?English
1·2 months agoI’m in the same boat and looking for alternatives.
The first one I tried was Psono, basics worked ok but I didn’t like how there was no keybinding to auto fill passwords. Another negative was the session handling, you’d either need a complete login including 2FA or keep the session active at all times without any prompt for the master password even after a restart.
exu@feditown.comto
Selfhosted@lemmy.world•How many and how much are your subscriptions?English
2·2 months agoIt really depends on which services you need besides whatever hardware you have lying around.
For me it’s a bit higher, as I used to host all my stuff on a rented dedicated box. Having an always on server in my bedroom didn’t work for me, I have moved out since and built a local sever.
- Dedicated Hetzner server + 10TB storage box: ~75€/month
- Netcup VPS (external monitoring): ~6.50€/month
- Kavita+ subscription for additional features: 5 USD/month (I think)
- Various domains: not sure, I have ~7 domains so another ~100€/year
- Mail: 90USD/year
- VPN: ~50USD/year (forgot to track this expense, oops)
- Backblaze B2: ~2€/month
If you only need a public IP to reach your stuff, an even cheaper VPS should suffice.
Edit: forgot some stuff in the first pass
exu@feditown.comto
Selfhosted@lemmy.world•Raidz2 or btrfs for important document storage?English
1·2 months agoYou’d create two mirror vdevs in the same zpool to get the raid 10 equivalent
exu@feditown.comto
Selfhosted@lemmy.world•Raidz2 or btrfs for important document storage?English
6·2 months agoMaybe you could switch to a raid10 (mirrored striped vdevs) for faster rebuild time.
BTRFS is relatively similar to ZFS when it comes to their raid implementation, though using raid5 or raid6 comes with some caveats.
exu@feditown.comto
Selfhosted@lemmy.world•How would you expose Jellyfin securely without a vpn?English
36·2 months agoJust leaving this here
Now, let’s address this clearly once and for all. What is possible is unauthenticated streaming. Each item in a Jellyfin library has a UUID generated which is based on a checksum of the file path. So, theoretically, if someone knows your exact media paths, they could calculate the item IDs, and then use that ItemID to initiate an unauthenticated stream of the media. As far as we know this has never actually been seen in the wild. This does not affect anything else - all other configuration/management endpoints are behind user authentication. Is this suboptimal? Yes. Is this a massive red-flag security risk that actively exposes your data to the Internet? No.
https://github.com/jellyfin/jellyfin/issues/5415#issuecomment-2825240290
exu@feditown.comto
Selfhosted@lemmy.world•Jellyfin to quadruple their prices following Plex's price increasesEnglish
15·2 months agoYeah, some dude named jellyfin on Github keeps uploading the latest versions
Do you know any? I’ve never really looked beyond ntfy.sh until now
exu@feditown.comto
Selfhosted@lemmy.world•I accidentally became a FOSS maintainer and all I got was this lousy new perspective on librarianshipEnglish
1·6 months agoI wanted to contribute a while back and found a bunch of duplicate authors. Unfortunately there wasn’t any way to merge them and the relevant issue has been open for years.

Oh cool, I somehow missed that in the docs