Relaying gigabytes of traffic per user costs serious money. Rely on them to do it, and they are either going to charge you or are just waiting to charge you when their VCs come knocking.
Comment on FFS Plex, the server is on my local network
Sp00kyB00k@lemmy.world 3 weeks agoJellyfin does offer authentication and authorization. Relay can be done via nginx iirc?
Jason2357@lemmy.ca 3 weeks ago
kieron115@startrek.website 3 weeks ago
Having to set up a reverse proxy is basically a non-starter for most people, while I’ve talked extremely non-technical people into running Plex since it just works out of the box.
rumba@lemmy.zip 3 weeks ago
The authentication is lacking 2fa and has a half hearted attempt at fail2ban
If you try to properly implement either of those, the standard device clients won’t work anymore.
Plex provides default SSL.
The relay is actually a bit more useful.
You can be on a carrier grade NAT with no real external IP.
It’s more akin to running a VPS somewhere and SSH tunneling your home server through it.
They also cashe the entirety of the TVDB and EPG Services.
I’m not sore about most of this with jellyfin, and I am trying to primarily use it, but I really miss some of the features. But realistically, adding 2FA to the clients would be a huge benefit. trying to replace 2FA with wish.com fail2ban feels particularly dirty.
assaultpotato@sh.itjust.works 3 weeks ago
You can run the OIDC version and use SSO and implement MFA on the IdP. I use Keycloak for SSO w/ MFA and users sign into my Jellyfin via Keycloak. Just disable username/password auth and leave it SSO only.
The only benefit Plex really has is the relaying, but I was able to sync watch with 3 people basically as far across North America as you can get from me and it worked without issue so…
rumba@lemmy.zip 3 weeks ago
That’s fine for browser-based watching, literally no one in my group watches via the browser. Even on android it’d be a fight. Grandma’s not going to go on to a browser to auth her session.
The clients need to support it. If it were just backend, I’d fork it myself.
assaultpotato@sh.itjust.works 3 weeks ago
Neither do I - I use either my phone, or my smart TV, or my fire stick. SSO works fine there, or you can use the QR based session transfer to SSO on your phone and then “sign in on another device” or whatever by scanning the QR your other device is showing. I think they call it quick connect or something.
It does what you want.
kieron115@startrek.website 3 weeks ago
Good explanation. I’m out in the boonies with Starlink for internet right now so no port forwarding for me. I paid like $100 for a plex lifetime pass 12 years ago or something so none of my family or friends even notice most of the time. HEVC encoding helps too (you can squeeze 720p through their relay server with it).