- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
We are also changing how remote playback works for streaming personal media (that is, playback when not on the same local network as the server). The reality is that we need more resources to continue putting forth the best personal media experience, and as a result, we will no longer offer remote playback as a free feature. This—alongside the new Plex Pass pricing—will help provide those resources. This change will apply to the future release of our new Plex experience for mobile and other platforms.
I’ve been testing out jellyfin for the last couple months but it doesn’t really fill the void of this specific feature that’s being locked behind a pay wall. If anyone has good recommendations for securely and reliably hosting jellyfin behind SSL and auth with email password resets where I don’t have to worry about it as much as Plex.
I use jellyfin locally but for a handful of remote clients I have I may well block off their access they’re not going to be able to figure out my hand spun services and wall of text.
I would go for a reverse proxy to get ssl running.
https://jellyfin.org/docs/general/networking/#running-jellyfin-behind-a-reverse-proxy
Handling users with forgotten passwords is, sadly, a manual chore for the administrator.
https://jellyfin.org/docs/general/server/users/adding-managing-users#profile
You can connect Jellyfin to an SSO provider. It still needs work, and client support is lacking. Ideally I think it maybe should be built in rather than a plug-in (would definitely encourage more client support). But it exists.
https://github.com/9p4/jellyfin-plugin-sso
Feature request for oidc/sso:
https://features.jellyfin.org/posts/230/support-for-oidc-oauth-sso
As it stands, you could enable both the SSO and LDAP plugins, and let users do password resets entirely through your auth provider.
Basically, this is all stuff that comes with Plex out-of-the-box, but you sort of have to glue it together yourself with Jellyfin, and it’s not yet in an ideal state. Plex is much much easier to configure. I wouldn’t allow yourself to believe that Plex doing all this for you will make you totally secure through – there’s been multiple incidents with their auth, and IIRC the LastPass attacker pivoted from a weak Plex install. Just food for thought.
Ah, that’s good to know!
My jellyfin server is only available over vpn (and locally) so I haven’t much looked into beefing up the security on the jellyfin server itself.
Authentik + jellyfin SSO plugin?
I haven’t tried it out personally, but I use authentik, for that you can just create a password policy, then add a new stage for identification (just make sure to add the email field), and an email stage, then create a flow.
More work on your end than paying someone else obviously.
Forget the Auth, use VPN profiles as access controls. Give them to trusted folks and you’re gold.
Dumb question but should there be VPNs operating on both ends, server and client? Or just the client because I’m guessing the server might change the connection address.
A VPN Server on the server or home network (look into PiVPN for instance), and a VPN Client on clients (look at openvpn for instance).
Good luck and let me know if you have any further questions - I’m more than happy to answer!