Relaying gigabytes of traffic per user costs serious money. Rely on them to do it, and they are either going to charge you or are just waiting to charge you when their VCs come knocking.
Comment on FFS Plex, the server is on my local network
Sp00kyB00k@lemmy.world 21 hours agoJellyfin does offer authentication and authorization. Relay can be done via nginx iirc?
Jason2357@lemmy.ca 21 hours ago
kieron115@startrek.website 15 hours ago
Having to set up a reverse proxy is basically a non-starter for most people, while I’ve talked extremely non-technical people into running Plex since it just works out of the box.
rumba@lemmy.zip 21 hours ago
The authentication is lacking 2fa and has a half hearted attempt at fail2ban
If you try to properly implement either of those, the standard device clients won’t work anymore.
Plex provides default SSL.
The relay is actually a bit more useful.
You can be on a carrier grade NAT with no real external IP.
It’s more akin to running a VPS somewhere and SSH tunneling your home server through it.
They also cashe the entirety of the TVDB and EPG Services.
I’m not sore about most of this with jellyfin, and I am trying to primarily use it, but I really miss some of the features. But realistically, adding 2FA to the clients would be a huge benefit. trying to replace 2FA with wish.com fail2ban feels particularly dirty.
assaultpotato@sh.itjust.works 19 hours ago
You can run the OIDC version and use SSO and implement MFA on the IdP. I use Keycloak for SSO w/ MFA and users sign into my Jellyfin via Keycloak. Just disable username/password auth and leave it SSO only.
The only benefit Plex really has is the relaying, but I was able to sync watch with 3 people basically as far across North America as you can get from me and it worked without issue so…
rumba@lemmy.zip 18 hours ago
That’s fine for browser-based watching, literally no one in my group watches via the browser. Even on android it’d be a fight. Grandma’s not going to go on to a browser to auth her session.
The clients need to support it. If it were just backend, I’d fork it myself.
assaultpotato@sh.itjust.works 18 hours ago
Neither do I - I use either my phone, or my smart TV, or my fire stick. SSO works fine there, or you can use the QR based session transfer to SSO on your phone and then “sign in on another device” or whatever by scanning the QR your other device is showing. I think they call it quick connect or something.
It does what you want.
kieron115@startrek.website 15 hours ago
Good explanation. I’m out in the boonies with Starlink for internet right now so no port forwarding for me. I paid like $100 for a plex lifetime pass 12 years ago or something so none of my family or friends even notice most of the time. HEVC encoding helps too (you can squeeze 720p through their relay server with it).