What security holes? I think the bigger problem here is relying on a media platform to also maintain security protocols. Use authelia or plug some other well maintained and hardened security mechanism on top of jellyfin. Then put it in front of everything else like the arrs, etc. Its weird to me to just setup jellyfin, make it Internet facing, and believing everything is just gonna be safe and secure with no issue. Frankly id prefer if all these services came without security. Its a royal pain to bypass it for localhost or proxying with something like authelia.

I’ve never had this issue but I run basically everything through docker and presumably it bundles this by default.

I would recommend just using caddy. It removes the complicated part of ssl management. For a local network it’ll setup a local self signed certificate authority and you can just install those certificates to any devices on your LAN that you want to have access. For a public setup it’ll use letsencrypt. You will still need to setup dns if you want wildcard routing.

Ddns-updater and porkbun.

I funnily had the same use case. Two different jellyfin servers for complete separation. Both routing through gluetun. The reason this doesn’t work is because the network mode setting you have basically makes all three containers operate in the same network. Meaning if one binds a port the others can no longer bind the same port. Their different hosts but all sharing one network and port range. To expose the ports you can move that ports setting from C1/C2 to the gluetun service definition. This’ll still work because when C1 binds to 1234 it’ll be reachable through the gluetun service.

Note: as mentioned if C1 and C2 cannot use the same port if you also want to have service gluetun set. More likely than not you start C1, it binds to the port, start C2, it tries and fails to bind to the port and crashes. I fixed this by making one of my jellyfin containers use a separate port. If you can’t configure the ports of your services then there’s no real recourse FWIU.

If you want a richer login authelia + caddy is good.

That’s not helpful, these are developers… even if you think those lines are useless they can inform the code-path the devs need to trace through or help them understand why you’re facing this issue.

I disagree with this almost on principle. GitHub was a mistake. We don’t need these large, bloated, isolated forges that are just going to be acquired and converted into social networks. Forgejo> is the future. Any new forge not even trying to support federation and independent hosting out of the box is dead in the water to me. You wanna build a github style accessible platform above forgejo go right ahead, the thing github did best was make all of this accessible.

I find that claim so dubious. Like they list running on the smallest VMs as a feature but give no specific requirements for hosting or running the service. This whole article reads like buzzword salad. I question if the creators even know what a git forge is.

Its not a fronted, you don’t purely commit and manage code from github. It’s a platform for hosting git repositories that supports integration with CI/CD tools. At its heart git is simple (enough), it’s a version control software. Github is a Web platform that hosts projects version controlled with git and adds in features like pull requests and reviews or github actions for building/linting your project.

I thought you were being overly pedantic but my god, they keep repeating the point. They seem to have no idea what the difference between a platform hosting code repositories and an individual repository is or even what version control software is. What the bloody hell is this.

I have the utmost respect and appreciation for mullvad but I don’t need a vpn without port forwarding so I cancelled my sub. They are still objectively the vest vpn, this is the only sticking point.

Given how shamelessly stupid musks whole takeover has been I guarantee they wont won’t. He’ll probably assign someone to keep it renewed and then fire them.