I’m okay with seeing it from time to time - but when my /all would get flooded with PAGES, and PAGES of the stuff with no normal articles in between, I started muting those users.
Why? It’s too much bandwidth, too much upkeep, I already modded/ran communities larger than lemmy; I DON’T want to do it again, especially if I’m paying out of pocket for it. Having to deal with whiny cry-bitches when you DON’T ban something that they don’t like it almost as bad as having the stuff banned in the first place.
Nah fuck that. Mods are power hungry fat morons who exert the editorial discretion of a wet noodle. Almost every community in the fediverse is full of this crap. Things aren’t removed because they’re harmful, they’re removed because some mod disagrees.
There’s also the problem with every instance admin having access to deeper internals; I’m waiting for the day people start getting banned for upvoting the wrong thing.
I found that a total of like 5 people post basically all of the lemmynsfw stuff. Once I blocked them, it almost all went away. Pretty sure the internet is nothing but bots now.
Also, if you’re on the internet expecting all sunshine and rainbows – leave now. The internet is not a place for that. Everything now is rage-bait designed to get more clicks, and the internet has always been the wild west with major hostilities all the time. It’s not a good place to spend your time if you’re looking to relax.
Something is awfully weird here, because Linux literally runs the worlds infrastructure for the internet. It is not unstable by any stretch of the imagination. Something you’re doing between all distros has got to be the culprit - something you do differently than other people.
And again - if you put those behind a fail2ban; and you 404 5x in an hour, which is likely - you’ve solved that issue. Had my jellyfin instance publicly available for 2 years on its own VM with passthrough GPU, and haven’t had any issues. People poke around quite often, and get blackholed via the firewall for 30d.
It wouldn’t stop a dedicated attacker, but I doubt anyone’s threat model here is that intense. Most compromised servers happen from automated attacks probing for vulnerabilities in order to get RCE; not probing for what movies you have – Because having movies on a media server doesn’t prove that you didn’t rip them all off of blu-ray…it just means you have movies.
You’re not going to have 100% privacy when you put up ANY service on your network. Everything leaves a trace somehow; but I’m starting to think half of you are Chinese spies or something with the amount of paranoia people here show sometimes. :P
Hmm, that’s a good point. I just checked my Jellyfin, and I don’t put any of the cert data into its config, I’m using caddy as my reverse proxy to serve it and I didn’t even think about this. No reason it has to be a self-signed cert, it could technically be local only and still be a Let’s Encrypt cert.
If they need SSL certs, they’ve got to. Jellyfin doesn’t accept self-signed certs, which means DNS entries in a domain, and access from the internet.
Really, honestly - what they need to do is just install Jellyfin on the Raspberry Pi and ditch the encryption requirement altogether. There’s no reason to have it on a LAN-only environment. They aren’t going to need it, nobody is going to MITM their lan environment, and VPNs will regularly allow LAN passthrough.
If ProntonVPNs own client doesn’t allow LAN connections, they either need to swap to the Wireguard vanilla client (if that’s allowed on free tier), or upgrade their VPN service.
OR switch VPNs altogether.
There isn’t a way to do this without breaking one of their requirements
Only options here are to publicly host with real SSL certs, on a domain and tunnel out – Or swap VPN providers/software so that you can achieve LAN access and forego HTTPS altogether.
Edit: And sorry – the previous post is gone regarding their only needing access within the home, there’s no way I could have known that.
There’s a bit of paranoia going on here to begin with - There’s no reason they need this level of “security” within their home network on the LAN side anyhow. They could possibly buy a managed switch and make the jellyfin server only visible to a specific vlan that didn’t include the router, but that doesn’t quite match up with what it sounds like they’re needing.
Do. And make sure your logs are piped through fail2ban.
All of these “vulnerabilities”, require already having knowledge of the ItemIDs, and anyone without it poking around will get banned.
The rest of them require a user be authenticated, but allows horizontal information gathering. These are not RCEs or anything serious. The ones which allowed cross-user information editing have been fixed.
Tailscale is only for the server/host. You’re not changing all of your VPN services over to this, you’re using it in a ‘reverse’ fashion. You’re VPN-ing the server out to the world so it’s reachable and you have port forwarding options, etc.
From there, it can be reached by any client on the internet as a service. From there though, I don’t know how you’d get to it securely without a domain and SSL (Let’s Encrypt/Caddy) certs.
A domain is only like $16/year. So it’s not prohibitively expensive.
If it does not meet the open source definition from the OSI, it is not open source. Source-available, is not the same thing. It is a ploy used by morons to hijack the meaning of the word, in order to gain the benefits of the communities surrounding open source.
OSI defintion requires:
Free Redistribution
The license shall not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources. The license shall not require a royalty or other fee for such sale.
Source Code
The program must include source code, and must allow distribution in source code as well as compiled form. Where some form of a product is not distributed with source code, there must be a well-publicized means of obtaining the source code for no more than a reasonable reproduction cost, preferably downloading via the Internet without charge. The source code must be the preferred form in which a programmer would modify the program. Deliberately obfuscated source code is not allowed. Intermediate forms such as the output of a preprocessor or translator are not allowed.
Derived Works
The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.
Integrity of The Author’s Source Code
The license may restrict source-code from being distributed in modified form only if the license allows the distribution of “patch files” with the source code for the purpose of modifying the program at build time. The license must explicitly permit distribution of software built from modified source code. The license may require derived works to carry a different name or version number from the original software.
No Discrimination Against Persons or Groups
The license must not discriminate against any person or group of persons.
No Discrimination Against Fields of Endeavor
The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
Distribution of License
The rights attached to the program must apply to all to whom the program is redistributed without the need for execution of an additional license by those parties.
License Must Not Be Specific to a Product
The rights attached to the program must not depend on the program’s being part of a particular software distribution. If the program is extracted from that distribution and used or distributed within the terms of the program’s license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the original software distribution.
License Must Not Restrict Other Software
The license must not place restrictions on other software that is distributed along with the licensed software. For example, the license must not insist that all other programs distributed on the same medium must be open source software.
License Must Be Technology-Neutral
No provision of the license may be predicated on any individual technology or style of interface.
Nice! Another person who did this for their son. There’s an open source hoverboard hack software which means you don’t even have to go through all of this motor controller junk like he did. No reason to waste good electronics with proper power stages and stuff.
I didn’t end up removing the pedals like he did, what I ended up doing was adding an encoder wheel to the pedals, so that my (then 4) year old son wasn’t having to work so hard to pedal through the rocks/sand/grass. So I turned mine into more like an electric-assisted pedal car.
Also, the big benefit of using the old electronics is also that it has the proper charging circuitry, and is basically ‘free’. I didn’t own any hoverboards prior to this project, I bought a bunch of them on Facebook Marketplace for like $20/ea
I sync my watch history with trakt.tv – I believe there are plugins for both Plex and Jellyfin which can transfer those watch histories via that service. I don’t know of any other way.
Even mainstream media has said the same thing. CNN themselves have said that Democrats failed to be the party of the people and that Republicans somehow managed to take up that mantle. They did. They won all of the swing states. Dems weren’t about the people at all; they were about maintaining the status quo and being controlled opposition.
I’m okay with seeing it from time to time - but when my /all would get flooded with PAGES, and PAGES of the stuff with no normal articles in between, I started muting those users.