damnthefilibuster
@damnthefilibuster@lemmy.world
- Comment on Having trouble setting up Nginx 9 hours ago:
Huh. I made a big comment reply to this and missed a crucial detail. Are you trying to just make it so that sitting in your own home, you can go to plex.mydomain.xyz instead of the IP?
What are you running plex on? Windows or Linux? On Linux, you can run this thing called Avahi. With it, you can set it up so that your computer starts advertising locally as whatever domain you specify. So I have
server.local
andnewserver.local
internally. I just go toserver.local
on my browser inside my home and it takes me to the landing page of the server where I’ve got Heimdall running, which has links to plex and a bunch of other internal services I’m running.I don’t know what the equivalent is in Windows, but we can jigger something up. Let me know what OS you’re running on what boxes.
- Comment on Having trouble setting up Nginx 9 hours ago:
TL;DR - don’t do this. Plex on Cloudflare is a bad idea. Read my last notes. Get the Plex Remote Watch Pass instead.
So, regular Cloudflare DNS is not the answer here. Your homelab is almost always natted. As in, there’s a public IP assigned to your home, but your internal network (192.168…) is… internal. Cloudflare doesn’t know of it.
One solution is to expose a port on your router. That would mean that if you go to plex.mydomain.xyz, Cloudflare DNS will send it to your home’s public IP and your router will send it to your internal computer based on that port request. This is NOT recommended. For one, your home’s public IP can change at any time. It’s your ISP’s choice what IP they want to assign to you. They can and will change it when they want to. Second, this opens up your internal network to a barrage of attacks.
Seriously, don’t do this.
A separate alternative is to use something like DynDNS (only if your router supports it). Then folks will go to yourplex.dyndns.io (or something) and that will send them to your router’s public IP, no matter how many times it changes. But if you want to use plex.mydomain.xyz then DynDNS charges you money and, afaik, it’s expensive. So no real point.
The better alternative is Cloudflared and Cloudflare Tunnels. This sits under one.dash.cloudflare.com → Networks → Tunnels.
Hit “Create a Tunnel” and select Cloudflared. Give it a name. Let’s call it “homeserver” (it doesn’t matter).
Once it’s created, click on the name and click Edit. (or maybe the instructions vary if you’re running it the first time). Select Docker, and it’ll give you instructions to run cloudflared as a docker container. The command will look like -
docker run cloudflare/cloudflared:latest tunnel --no-autoupdate run --token CLOUDFLARE_ASSIGNED_TOKEN
Then, you’ll have a tunnel. Once you have it up and running, go to Public Hostnames under the same “homeserver” tunnel edit option.
Add a Public hostname. Subdomain would be
plex
and domain would bemydomain.xyz
(from the dropdown). No path.For the “service” - type is HTTP mostly (unless you’re running SSL inside your home). And the URL is the internal IP address and port for you. So for Plex it’ll be
192.168.x.y:32400 (internal IP of the computer running Plex)
Once it’s saved and Cloudflare has propagated the change (usually a few seconds), you can go to
plex.mydomain.xyz
and it’ll show your application 🙂
What’s going on here? Cloudflare’s Tunnel solution sidesteps the Cloudflare DNS feature. You still need your domain attached to your Cloudflare account. Cloudflare gets the request, realizes it’s a Tunnel request, finds the cloudflared container which you’re running inside your network, establishes a secure connection all the way to it. From there, the connection is inside your home, from your cloudflared docker container to your Plex installation and back.
NOTE: Once you do this, everyone who can go to
plex.mydomain.xyz
(basically the entire internet) will be able to see your Plex setup. Make sure to include strong login credentials. If you do not have any login credentials, you can easily end up with complete strangers streaming your Plex library.
ALSO: This is against Cloudflare TOS. If you’re just using it once in a while, you might get away with it. But if not, Cloudflare will find out and boot your domain and might even close your account.
So… If you are building this for friends and family, get the Plex Remote Watch Pass. It’s $20/year and one possible way for you to give Plex access to people. In this method, you do not need to use cloudflare tunnels or expose a port. Everyone creates a free account on Plex (or you create one account for everyone, and they create their own profiles, whatever) and you grant them access to your libraries. Then they go to app.plex.tv instead of
plex.mydomain.xyz
, login, and get to your content.Last Note: I use cloudflare tunnels a LOT. I use it for everything from RSS feeds to Calibre Web. All of my usecases are low traffic scenarios. Cloudflare is chill with those. Video streaming through their network is a whole different ballgame. Do NOT risk it.
This took me way too long to write. Cheers!
- Comment on [fluff post] If lemmy users are Lemmites, what would we like to call piefed users? 1 day ago:
Federati.
- Comment on [deleted] 3 days ago:
Showing your ID at the store and sending a copy of your ID to an entity that will most likely not have the best cybersecurity are very different things.
Sure, many people are concerned about what you mentioned. But plenty of them are concerned that the idea that you have to give personally identifiable information to these companies is what’s the worst thing about these laws.
- Comment on [deleted] 1 week ago:
I bought a miniPC from AliExpress last year expecting 8GB RAM and Intel N100. The vendor sent an Intel N50 with 4 GB RAM. I clawed most of my money back, but kept the machine for experimentation. Upped the RAM with the money I got back.
Alpine seems to work best for that machine. Though, I’m tempted to just put Debian on there so I can make docker and portainer agent work on it easily.
- Comment on Microsoft's latest Windows 11 24H2 update breaks SSDs/HDDs, may corrupt your data 1 week ago:
If that happens, it’ll finally give me the reason I need to delete windows 11 bleeding edge and go towards desktop Linux.
- Comment on Periodic reminder to get your library cards and fill out museum surveys. 3 weeks ago:
Some even have 3D printers
- Comment on I wonder how many people throughout history have confused Floaters with ghosts, UFOs, or other paranormal phenomena 4 weeks ago:
Didn’t it happen that people in LA started calling the cops one time during the pandemic because they saw the Milky Way for the first time in their lives?
- Comment on Tailscale friendly app dashboard 5 weeks ago:
Hmm. Lofi enough solution. 😆
- Comment on Tailscale friendly app dashboard 5 weeks ago:
what are mesh von ips?
Oh, you mean e.g. always using the tailscale IP? Sure, I can do that. But it sure would be a pain since at home I use the .local domain very comfortably…
- Comment on tailscale friendly app dashboard 5 weeks ago:
I know I wrote tailscale friendly, but the same applies to zerotier, Cloudflared, and dyndns, I guess…
- Submitted 5 weeks ago to selfhosted@lemmy.world | 7 comments
- Submitted 5 weeks ago to selfhosted@lemmy.world | 7 comments
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 1 month ago:
haven’t looked at Pangolin, but thanks for the info! I might explore it in the future if my current setup gives me any issues.
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 1 month ago:
pretty cheap to get a domain name through Cloudflare too - nine bucks a year for a .com , I think? Just get something completely personal or completely random! :D They even have a way to get emails routed to your general inbox. It’s fugly, but it works!
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 1 month ago:
huh. I knew there was a reason for me to go back to ZT. mdns, you say? Nice to know!
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 1 month ago:
You got two options which I’ve tried -
- A solution like tailscale or zerotier. Simple setup, easy to turn on and just go. Tailscale is newer and has a nicer interface and features like using an actual VPN like Mullvad as an “endpoint” (or whatever they call it). Their Mullvad connection also basically gives you a discount as they charge only $5 for the vpn instead of €5. The catch is that Mullvad charges you that price for 5 devices. So if a sixth device connects to the VPN through tailscale, you get charged $10 for that month.
- A cloudflare tunnel with zero trust on top. More work to setup. But makes it easy to access your apps without any vpn. They’re basically exposed to the internet at that point, but locked in behind cloudflare’s authentication. You can literally set it up for one or two email IDs. Yours and a family member’s. Much simpler for others to wrap their heads around. But some people dislike cloudflare for some reason or the other.
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 1 month ago:
How?
- Comment on M'ananas 1 month ago:
Add Man Go.
- Comment on The Steam controller was ahead of its time 1 month ago:
Lovely to see you share this!
- Comment on Creating similar service to AlternativeTo 1 month ago:
Good idea!
- Comment on Creating similar service to AlternativeTo 1 month ago:
Brands of what?
- Comment on How is Your day going ? 2 months ago:
Yeah
- Comment on How is Your day going ? 2 months ago:
Slow
- Comment on The hidden cost of self-hosting 2 months ago:
Thanks for mentioning SingleFile. I’m not using it right now.
- Comment on YSK: You can continue to access subscription services (even trials) after cancelation until the next billing cycle 2 months ago:
Most TV apps end your trials and even paid accounts immediately. Apple rather enforces that they have to give the paid subscription till the end of the term. That’s why I like paying through Apple.
- Comment on Advice on moving my Spotify library to Navidrome 2 months ago:
I reckon the problem with that is… what’s the source for the recommendations and then what’s the sink?
Like, first, how do you get all that information about music, type of music, musicians, year of release etc?
Then where do you store it? Then you come to the problem of building a robust recommendation engine. Sure that’s one step that seems solvable with open source. Not easy. Solvable.
Then, what does a person do with the recommendations? So you have to build ways to export to YouTube, Spotify, Apple Music, FOSS music solutions. Perhaps plugins are the way to solve this.
Not saying it’s not doable. Just difficult.
Though I also believe someone would have tried to tackle it in their capacity in the FOSS world. Don’t know how Fedi plays into this. Maybe an online radio station?
- Comment on Advice on moving my Spotify library to Navidrome 2 months ago:
Spotify scrobbles to LastFM. Maybe they have an API or export solution? All you would have to do is play your playlist straight through once after connecting to LastFM.
I don’t know about importing it further as I don’t know what Navidrome is.
- Comment on Why Decentralized Social Media Matters 2 months ago:
“Content creation” IS shitposting. Interacting on social media, on the other hand, is actual posting.
- Comment on It's impossible to block every community you don't want to see on Lemmy. 3 months ago:
Seems like what you’re describing is that people are really into politics and porn. Are we really that surprised?
And yes, new ones keep popping up because people don’t like the mod, or think they can do better, only for that effort to fizzle out in a week. Then someone else comes along.
I also ride the waves of All/Global and hate having to block those weird “thigh anime” communities. But the alternative is an eco chamber.
I know you’re just kvetching but hang in there, one day you’ll go into Subbed and be surprised how vibrant it is (if you still keep subbing to new communities).
Or make your own community and ignore that instead. 😅