• @FreedomAdvocate@lemmy.net.auEnglish
    01 day ago

    Oh cool so you’re ok with opening ports on your server to the internet with no authentication. Good for you. Most of us with the technical knowledge of hosting a media server know better.

    • @Vanilla_PuddinFudge@infosec.pubEnglish
      01 day ago

      Oh no, Chinese hackers know I only like the first 8 seasons of The Simpsons!

      They would, I suppose, were my Jellyfin available to anyone living outside of my own state via geoblocking. You can’t even connect to it from the country I host the proxy from, not that they’d do anything if they could, all of the data shared is read-only.

      I would’ve just let my setup be open, but, like you said, most of us with the technical knowledge of hosting a media server know better.

        • Saik0English
          01 day ago

          Neither helps because jellyfin doesn’t work with auth in front of it. https://github.com/jellyfin/jellyfin/issues/13751

          And any auth mechanism breaks EVERY app even if you implement one that doesn’t break the web UI. (short of VPN or other similar type of auth’d tunneling).

          • ShimitarEnglish
            020 hours ago

            This is misinformation.

            I run my jellyfin behind reverse proxy and use SSO pretty well. There is a OIDC plugin for jellyfin that just works with your preferred SSO.

            Indeed Plex is easier to use, and manage all that for you, but this is self hosted community after all, there is smart people capable of running a reverse proxy and a proper SSO.

            For the others, Plex indeed is forth paying for (?).

          • @catloaf@lemm.eeEnglish
            01 day ago

            Fortunately, jellyfin loads fine behind an nginx proxy using basic auth.

            Sounds like it works fine in the scenario I was discussing.

            • Saik0English
              01 day ago

              Ah yes, single cherry picked sentence… Care to read the very next line? Where “unfortunately, […]”… Is that “shit doesn’t load right?” Weird.

              Do you know of any apps that support basic auth input for jellyfin? No… Weird? What did I say again?

              Oh right, I can just scroll up and read it.

              And any auth mechanism breaks EVERY app even if you implement one that doesn’t break the web UI.

              • @catloaf@lemm.eeEnglish
                01 day ago

                I just tested and was able to get to the login page with an nginx proxy in front of jellyfin. A login attempt causes nginx to throw an error, but jellyfin itself seems fine. If I disable http basic auth, I’m able to log in and play video. This looks like an nginx configuration issue, and if I cared enough to actually get it working I’m sure it would.

                • Saik0English
                  01 day ago

                  Try logging in.

                  This is all you’ll see. Even if you setup a “guest” account with NO password… it’s all you’ll see. This is not a Nginx issue.

                  Edit:

                  The error appears in Jellyfins toast mechanism… so you know it’s not nginx.

                  Edit2: oh and don’t forget to downvote this comment too. I see you :)

                  Edit3: actually I just realized that you think THIS is nginx’s fault…

                  It is, but it isn’t… It requires the wss target on the server to handle it.

                  Jellyfin doesn’t do this. Nginx is passing it properly.

                  • @catloaf@lemm.eeEnglish
                    01 day ago

                    No, I was getting a 401 directly from nginx. Where is that last screenshot from?