Just learned how to do a reverse proxy
-
[email protected]replied to [email protected] last edited by
You can either set a DHCP reservation in your router, or manually set the IP on the device.
When I say private IP, I’m referring to the internal IP e.g 192.168.1.X
Means internally I just go to the domain without having to remember the IP I set.
-
[email protected]replied to [email protected] last edited by
Not really. Personally I'd allow the service account running jellyfin only access to read media files to avoid accidental deletion but otherwise no.
Also, jellyfin docs have a sample proxy config. You should use that. It's a bit more in depth than a normal proxy config.
-
[email protected]replied to [email protected] last edited by
I want to be able to upload/download/share my photos from anywhere in the world without using a VPN. Additionally, this satisfies the wife requirement. It works in the background without her needing her to turn on the VPN. I don't want her to keep asking me how do I turn on the VPN? If it's just me, then no issue, I'll use a VPN.
-
[email protected]replied to [email protected] last edited by
I just use google OAuth since everyone I know has a google account. It just can't use OAuth on private IP addresses, just FQDNs.
-
[email protected]replied to [email protected] last edited by
Authelia is great. Recently added protection for multiple domains.
-
[email protected]replied to [email protected] last edited by
I tired the same, but my router wants to be smart by filtering DNS responses that points to local IP. I guess whoever designed it considered it a security feature.
It is a stock router from the ISP, its configuration interface is minimal, borderline to non existent. -
[email protected]replied to [email protected] last edited by
Oooh. That makes more sense, thank you.
I somehow thought you’d meant your global IP addresses, lol
-
[email protected]replied to [email protected] last edited by
You set up the VPN and it's always on. There's no hassle.
-
[email protected]replied to [email protected] last edited by
Unless you’re on IOS that will shut your VPN off regularly. Or you want somebody else to be able to access what you’re hosting without having to walk theme through a VPN setup they won’t understand.
-
[email protected]replied to [email protected] last edited by
I have a couple dozen customers on ios that use their camera servers via Tailscale. Never had a peep about that sort of thing.
-
[email protected]replied to [email protected] last edited by
Don’t listen to this guy. You don’t have to turtle all your stuff inside a VPN if you don’t want to. Hosting services on the internet is what the internet was created for. It’s up to you whether what you want to host is exposed to the internet or not, and as long as you’re aware of the risks do what you want man. I will mention that Immich specifically might not be the best idea to expose since it’s so unstable, but that depends on your level of comfortability. Worst case scenario is somebody gets into your Immich and can see all your photos. Would this be a dealbreaker for you? If so don’t expose it publicly. Otherwise you’re perfectly fine.
-
[email protected]replied to [email protected] last edited by
Don’t listen to this guy. You don’t have to turtle all your stuff inside a VPN if you don’t want to. Hosting services on the internet is what the internet was created for. It’s up to you whether what you want to host is exposed to the internet or not, and as long as you’re aware of the risks do what you want man. I will mention that Immich specifically might not be the best idea to expose since it’s so unstable, but that depends on your level of comfortability. Worst case scenario is somebody gets into your Immich and can see all your photos. Would this be a dealbreaker for you? If so don’t expose it publicly
-
[email protected]replied to [email protected] last edited by
You’re hearing about it now. It’s an issue with the way iOS handles background tasks and there isn’t any way to fix it. It’s just how the OS works.
-
[email protected]replied to [email protected] last edited by
Well, apparently a bunch of farmers are smart enough to press a button without even bothering me about it.
-
[email protected]replied to [email protected] last edited by
Why would farmers not be smart enough to press buttons?
-
[email protected]replied to [email protected] last edited by
Nobody said they had to. I made him aware of the risks in case he wasn't. You seem to have an axe to grind there.
-
[email protected]replied to [email protected] last edited by
I’m not a big fan of amateur know-nothings regurgitating the same nonsense regurgitated to them by previous know-nothings, attempting to further the cycle to people finding their footing with self hosting. It was a big problem on the self hosted reddit and up to this point has been less of a problem here.
-
[email protected]replied to [email protected] last edited by
Yah, imagine my surprise, it's almost like people are smart enough to manage a VPN without you holding their hands.
-
[email protected]replied to [email protected] last edited by
Manage, but not set up. Something tells me you had to do that part for them. And while pushing a button to start your VPN back up every time you want to access your remote service isn’t hard, it’s a nuisance that can be avoided in situations where it isn’t necessary in the first place.
-
[email protected]replied to [email protected] last edited by
And yet here you are, making sure this guy knows he can expose anything he wants except the specific thing you decided is troublesome like immich. Maybe you'll be here to help him put it all back together with your wealth of knowledge and experience.
Take a hard look at yourself, you're doing all the stuff you accuse someone else of. Maybe you aren't always the smartest person in the room. In any case, I'm done with your shit. Go ruin someone else's day, you ray of sunshine.
