Good explanation. I’m out in the boonies with Starlink for internet right now so no port forwarding for me. I paid like $100 for a plex lifetime pass 12 years ago or something so none of my family or friends even notice most of the time. HEVC encoding helps too (you can squeeze 720p through their relay server with it).
Comment on FFS Plex, the server is on my local network
rumba@lemmy.zip 1 day agoThe authentication is lacking 2fa and has a half hearted attempt at fail2ban
If you try to properly implement either of those, the standard device clients won’t work anymore.
Plex provides default SSL.
The relay is actually a bit more useful.
You can be on a carrier grade NAT with no real external IP.
It’s more akin to running a VPS somewhere and SSH tunneling your home server through it.
They also cashe the entirety of the TVDB and EPG Services.
I’m not sore about most of this with jellyfin, and I am trying to primarily use it, but I really miss some of the features. But realistically, adding 2FA to the clients would be a huge benefit. trying to replace 2FA with wish.com fail2ban feels particularly dirty.
kieron115@startrek.website 22 hours ago
assaultpotato@sh.itjust.works 1 day ago
You can run the OIDC version and use SSO and implement MFA on the IdP. I use Keycloak for SSO w/ MFA and users sign into my Jellyfin via Keycloak. Just disable username/password auth and leave it SSO only.
The only benefit Plex really has is the relaying, but I was able to sync watch with 3 people basically as far across North America as you can get from me and it worked without issue so…
rumba@lemmy.zip 1 day ago
That’s fine for browser-based watching, literally no one in my group watches via the browser. Even on android it’d be a fight. Grandma’s not going to go on to a browser to auth her session.
The clients need to support it. If it were just backend, I’d fork it myself.
assaultpotato@sh.itjust.works 1 day ago
Neither do I - I use either my phone, or my smart TV, or my fire stick. SSO works fine there, or you can use the QR based session transfer to SSO on your phone and then “sign in on another device” or whatever by scanning the QR your other device is showing. I think they call it quick connect or something.
It does what you want.