Nope. I don’t talk about myself like that.
Ah yes, I patrol lemmy… waiting over a month between posting on the matter… and present some solutions to the problem myself while advocating for a resolution of fixing bad unauthed endpoints?
Also, jellyfin has real downsides to Plex and security is not one of those.
Unauthed endpoints are literally a bigger security issue than anything plex has ever shipped.
No it’s not.
doesn’t work with auth in front of it
The idea is putting an auth layer in a reverse proxy IN FRONT OF jellyfin. Not adding OIDC into jellyfin itself. Adding any plugin into jellyfin won’t fix the unauthed endpoints which would be the whole point of adding another layer of auth.
There are solutions though…
Solution for what? This thread is talking about basic auth breaking jellyfin.
Adding an auth layer IN jellyfin will not fix the unauthed endpoints. We’re talking about adding an auth layer BEFORE jellyfin here.
they won’t see any difference !
They also won’t know how to use it… how to debug it when it inevitably goes down… etc.
A plus could be to even add your own dns+pihole onto their network and block some of those nasty ads :) !
Yay! more support!
Me, my brother-in-law, and friend all share our libraries with the same elderly relatives.
So grandma would need to switch between all three servers to access all content.
https://websockets.readthedocs.io/en/stable/topics/authentication.html
Maybe your proxy didn’t have websockets enabled? Jellyfin does require websockets to function correctly.
Edit: https://github.com/jellyfin/jellyfin/issues/13511
another issue with same “problem” with a major contributor saying “unsupported”
Try logging in.
This is all you’ll see. Even if you setup a “guest” account with NO password… it’s all you’ll see. This is not a Nginx issue.
Edit:
The error appears in Jellyfins toast mechanism… so you know it’s not nginx.
Edit2: oh and don’t forget to downvote this comment too. I see you :)
Edit3: actually I just realized that you think THIS is nginx’s fault…
It is, but it isn’t… It requires the wss target on the server to handle it.
Jellyfin doesn’t do this. Nginx is passing it properly.
Edit4:
Thanks dad!
Sorry, but nothing uncivil about it. Funny thing though I never called you a shill, troll, shitheel nothing… I just presented a simple rebuttal to your argument… but because it hurts your feelings to be wrong… now I’m all these names. Crazy!
Well then the obvious answer would be that if I had all these sock puppets… wouldn’t I just also upvote myself? Wouldn’t that make a malicious intent much more effective?
Don’t you need to set a static route in your router for that to work?
Hamachi definitely doesn’t work on TVs…
I’m going to be mildly honest here…
I did troll a little… In that I kept this one in the back pocket waiting for a rebuttal…
Why set port on UPnP router/firewall if you don’t want it accessible to the internet…
So maybe we’re both trolls in this specific chain? But I guess I was hoping that there was some common ground to find. I don’t know.
Edit: Oh and this one…
Edit2: Decided to gif it because it’s an opportunity to rick roll someone…https://lemmy.saik0.com/comment/4667902
It’s working fine for me with it unchecked… Okay fine, let’s say I did something nonstandard.
What about the other items? The hundreds of references by their dev team about exposure to the internet in the git? the dozens of others on the site?
Edit: My point is made even if we sans one specific one…
Edit2: or how about this… let’s replace that one with this one?
What’s the point of this checkbox if not for attempting to get the server directly internet accessible?
Edit3: Just so we’re on the same page that you’re wrong though…
Well I was taking it gracefully as a split-vpn. But yeah it’s a fair question to have if it’s misconfigured, or relying on something in your network (Eg, maybe you also setup a pihole and they lost DNS resolution due to vpn going down.) God knows with these random half-features that many consumer “routers” that are out there.
I’m suggesting that it might not be about your views specifically and more about how you choose to interact with the other people here.
I can see upvotes as an instance admin. I’m specifically talking about what I said I’m talking about… which is a group of people that always show up in the downvote list.
I’m sure I rub many people the wrong way, the happenstance bystander will downvote… however there’s a group of a few people that will always downvote me. That’s what I’m referencing with that comment.
The frustration is literally what I’m referencing as the lemmy mob.
I’m mildly confused… Am I the troll or them?
I legitimately think that they believe the service is “meant” to be use local only… but the product page doesn’t lead me to believe the same thing… While I’m likely going about it in a bit of an asshole way, I’m trying to figure out which of us is “correct” here. If there’s a disconnect I want to rectify it… if there’s a clear disagreement, then I can understand and take that… I’m just trying to hash it out.
… Check my instance… Would be weird for me to shill for someone on my own instance that I’m an admin for, no? Wouldn’t I not shill for something directly on my admin profile? Also I think there’s one other mildly active user on my instance… Nobody else here to shill with.
I suppose I could make accounts on other instances… Nothing I could do to prove that isn’t the case… Just like I could say the same that all of lemmy is tankie bots.
Can’t stop you from doing whatever you want in your own head though can I? If you think you have the breadth of someones personality and thoughts after just one conversation… Then honestly I don’t really care about what you think. People aren’t that simple, issues usually aren’t that simple.
The lemmy mob I’m referencing is actually more of a downvote campaign… it’s the same group of people nearly every time.
So far Jellyfin works perfectly, all my users are on Rokus and the app works perfectly on there.
Considering that Roku doesn’t have a VPN option… Then I hope you’ve at least obfuscated your media paths so it’s not easily guessable on the complete unauthenticated endpoints for people to abuse/probe your server.
Sorry but I edited my post seconds after you responded. My bad. Didn’t mean to edit under you.
Thinking about it… wouldn’t you have problems connecting to the tv over the wifi if you have VPN active?
Have you ever considered that it might be your personality
Nah, nobody here “knows” me. And you can’t discern “personality” traits in 3 sentences of text.
The iPad will last a whole movies worth of time streaming a screen mirror? That’s impressive I guess.
Edit: Thinking about it… wouldn’t you have problems connecting to the tv over the wifi if you have VPN active?
I mean… I’d like to see any law that can be construed that directly accessing a URL that’s unprotected is illegal. I’m not an expert in EU law on this for sure… but I’ve read many things pertaining to EU law and never found one that would lead me to believe otherwise.