Nah fuck that. Mods are power hungry fat morons who exert the editorial discretion of a wet noodle. Almost every community in the fediverse is full of this crap. Things aren’t removed because they’re harmful, they’re removed because some mod disagrees.

There’s also the problem with every instance admin having access to deeper internals; I’m waiting for the day people start getting banned for upvoting the wrong thing.

I found that a total of like 5 people post basically all of the lemmynsfw stuff. Once I blocked them, it almost all went away. Pretty sure the internet is nothing but bots now.

Also, if you’re on the internet expecting all sunshine and rainbows – leave now. The internet is not a place for that. Everything now is rage-bait designed to get more clicks, and the internet has always been the wild west with major hostilities all the time. It’s not a good place to spend your time if you’re looking to relax.

Removed by mod

Removed by mod

Removed by mod

Something is awfully weird here, because Linux literally runs the worlds infrastructure for the internet. It is not unstable by any stretch of the imagination. Something you’re doing between all distros has got to be the culprit - something you do differently than other people.

And again - if you put those behind a fail2ban; and you 404 5x in an hour, which is likely - you’ve solved that issue. Had my jellyfin instance publicly available for 2 years on its own VM with passthrough GPU, and haven’t had any issues. People poke around quite often, and get blackholed via the firewall for 30d.

It wouldn’t stop a dedicated attacker, but I doubt anyone’s threat model here is that intense. Most compromised servers happen from automated attacks probing for vulnerabilities in order to get RCE; not probing for what movies you have – Because having movies on a media server doesn’t prove that you didn’t rip them all off of blu-ray…it just means you have movies.

You’re not going to have 100% privacy when you put up ANY service on your network. Everything leaves a trace somehow; but I’m starting to think half of you are Chinese spies or something with the amount of paranoia people here show sometimes. :P

Hmm, that’s a good point. I just checked my Jellyfin, and I don’t put any of the cert data into its config, I’m using caddy as my reverse proxy to serve it and I didn’t even think about this. No reason it has to be a self-signed cert, it could technically be local only and still be a Let’s Encrypt cert.

If they need SSL certs, they’ve got to. Jellyfin doesn’t accept self-signed certs, which means DNS entries in a domain, and access from the internet.

Really, honestly - what they need to do is just install Jellyfin on the Raspberry Pi and ditch the encryption requirement altogether. There’s no reason to have it on a LAN-only environment. They aren’t going to need it, nobody is going to MITM their lan environment, and VPNs will regularly allow LAN passthrough.

If ProntonVPNs own client doesn’t allow LAN connections, they either need to swap to the Wireguard vanilla client (if that’s allowed on free tier), or upgrade their VPN service.

OR switch VPNs altogether.

There isn’t a way to do this without breaking one of their requirements

Only options here are to publicly host with real SSL certs, on a domain and tunnel out – Or swap VPN providers/software so that you can achieve LAN access and forego HTTPS altogether.

Edit: And sorry – the previous post is gone regarding their only needing access within the home, there’s no way I could have known that.

There’s a bit of paranoia going on here to begin with - There’s no reason they need this level of “security” within their home network on the LAN side anyhow. They could possibly buy a managed switch and make the jellyfin server only visible to a specific vlan that didn’t include the router, but that doesn’t quite match up with what it sounds like they’re needing.

Yeah, this whole thread feels like a “but I can’t do that, work around it for me”

Do. And make sure your logs are piped through fail2ban.

All of these “vulnerabilities”, require already having knowledge of the ItemIDs, and anyone without it poking around will get banned.

The rest of them require a user be authenticated, but allows horizontal information gathering. These are not RCEs or anything serious. The ones which allowed cross-user information editing have been fixed.

Tailscale is only for the server/host. You’re not changing all of your VPN services over to this, you’re using it in a ‘reverse’ fashion. You’re VPN-ing the server out to the world so it’s reachable and you have port forwarding options, etc.

From there, it can be reached by any client on the internet as a service. From there though, I don’t know how you’d get to it securely without a domain and SSL (Let’s Encrypt/Caddy) certs.

A domain is only like $16/year. So it’s not prohibitively expensive.

I mean, I haven’t seen any pedophilia, but definitely incest and other weird shit. There’s a lot of shit I don’t pick up on tho.

Wife thought the same thing about anime when I met her, now it’s almost all she’ll watch. She’s had to get used to some of the…cultural differences…that Anime includes, but she’s so used to it now that it barely registers any more.

You probably know fewer than 20 people who live in poverty yet think you know everyone who’s poor?

I’m surrounded by the dumb fucks in a deep red state in the country; nearly everyone I’ve ever interacted with my entire life lives in poverty. The fact that you have a RETIREMENT FUND AT ALL puts you well above that line.

You know what you can’t have when you’re in poverty? Retirement funds. Because it’s considered equity and you’re not allowed to have any in order to get government assistance. The only things exempt from that are your homesteaded house, and 2 cars (and only if both adults in the house are working!)

It’s not very shortsighted, it’s quite long-sighted. Everything has been shit since the 2008 crash. Absolutely dog-shit garbage. Wages haven’t changed, everyone’s already in the hole.

I’d have loved a few more years of floating it, but the writing has been on the wall for some time now. It’s going to suck for everyone, I’m sure - but the market never corrected in 2008. It was going to happen some time or another - I’m just happy Republicans are going to be on the hook for it.

It’s going to take 10 years to come back from this - but I suspect in doing so, we’ll be in a better place in the long term. Last people who did this weren’t re-elected for damn near 20 years. We’ve all said this was the last gasp of a dying political party. It’s gonna suck, sure – but I’m hopeful for the future and the rebound it will cause.

On top of it all, I’ve been using it as leverage to fuck with every Trump voter I see in my shop.

Honestly, we’ve needed this crash since back when Obama was president, and we got a bunch of propped up corporations. They socialized the losses, so to speak.

Nobody I know in poverty is affected by stocks, so fuck them all.

Venezuela has tons of billionaires I bet. It’s not about the number, it’s about the inequality at the tippy top.

Bullshit. We should be debating tax rates; because taxes for the rich need to be higher.

Ho ho ho, wait until you find out what the continent Canada is on gets called…

You’re AMERICAN too…