- cross-posted to:
- plex@lemmy.ca
- cross-posted to:
- plex@lemmy.ca
cross-posted from: https://poptalk.scrubbles.tech/post/2333639
I was just forwarded this someone in my household who watches our server. That’s it folks. I’ve been a hold out for a long time, but this is honestly it.
They want me to pay to stream content that I bought from my hardware transcoded also on my hardware.
I’ll say it. As of today, I say Plex is dead. Luckily I’ve been setting up Jellyfin, I guess it’s time to make it production ready.
Edit: I have a Plex Pass. More comments saying “Just buy a plex pass” are seriously not getting it. I have a Plex Pass and my users are still getting this.
And for the thousandth person who wants to say the same things to me:
- YES I know I’m unaffected as a Plex Pass owner.
- My users were immediately angry at it, which made me angry. Our users don’t understand what plex pass is, and they shouldn’t have to, that’s why I had it. The fact that they were pinged even though it should have kept working is horribly sloppy
- Plex is still removing functionality. I don’t care that “People should pay their fair share”. If Plex wants to put every new feature behind a paywall, that’s completely okay. They are removing functionality.
- “But they have cloud costs”. Remote streaming is negligible to them. It’s a dynamic DNS service. Plex client logs in, asks where server is, plex cloud responds with the IP and port of where server is located. That’s it.
- “Good luck finding another remote streaming” - Again, Plex just opens up an IP and port. Jellyfin also just opens up an IP and port (Hold on jellyfin folks I know, security, that’s a separate conversation). All “remote streaming” is is their dynamic dns. Literal pennies to them. Know what actually is costing them money? Hosting all of that ad-supported “free” content that they’re probably losing money on.
In short, I don’t care how you justify it. Plex is doing something shitty. They’re removing functionality that has been free for years. I’m not responding to any more of your comments repeating the same arguments over and over.
It’s not exactly difficult if you use Tailscale or really any VPN. So I really don’t see the value for the cost; if you’re even considering self hosting a Plex server/instance, there’s a list of basic knowledge you should have or learn (like what you mentioned).
Its not difficult for technical people like you or me, but my friend who just wants to watch their favorite show on my Plex on their TV won’t know how to traffic engineer the traffic over a Tailscale network to my network. My mom won’t be installing Tailscale on her laptop and phone.
I’m also not particularly happy with giving a bunch of people VPB access to my setup. Or other potential complications that come with that setup.
I know enough to be able to lock it down, but I dont want the hassle. And other people will want it less.
As long as the technical person does all of the setup on their end, the non technical person only has to enter a domain and port in their jellyfin client.
If you want to be on the hook for all IT requests from folks you share with, this is a fine approach. There are people out there who honestly don’t have a problem with that and more power to them. I doubt they are the majority, and a lot of selfhosters completely ignore this aspect of software. There is a reason non-free services exist beyond just “capitalism bad.” I mean, capitalism indeed bad, but your time is worth something.
I guess I haven’t noticed that. The non technically literate folk I know use smart TVs, or can download Jellyfin from an app store. Then they just use the URL when the app asks for it.
There’s no other configuring to do on their end.
They also need to run a VPN client.
Because you’re not putting bare jellyfin on the internet, right? You shouldn’t be doing that for most services in the first place, but doubly so for something that has a bunch of APIs that require no authentication: https://github.com/jellyfin/jellyfin/issues/5415
Put it behind a reverse proxy!
I’m not sure if you know this, but…that doesn’t fix most of the security issues in the linked list. All the reverse proxy does is handle hostname resolution and TLS termination (if you are using TLS). If the application being proxies still has an unauthenticated API, anyone can access it. If there’s an RCE vulnerability in any of them, you might get hacked.
I run Jellyfin publicly, but I do it behind a separate, locked-down reverse proxy (e.g., it explicitly hangs up any request for a Host header other than Jellyfin’s), in a kubernetes cluster, and I keep its pod isolated in its own namespace with restricted access to everything local except to my library via read-only NFS volumes hosted on a separate TrueNAS box. If there is any hack, all they get access to is a container that can read my media files. Even that kind of bothers me, honestly.
The overwhelming majority of Jellyfin users do not take precautions like this and are likely pretty vulnerable. Plex has a security team to address vulnerabilities when they happen, so those users would likely be a lot safer. I appreciate the love for FOSS on Lemmy, but it is scary how little most folks here acknowledge the tradeoffs they are making.
Getting everyone that streams from your server to use tailscale or any other VPN every time they want to watch stuff from your server on any device they own is very difficult and basically a no-go. As someone that tried getting people who are using my plex server to use Tailscale so they could access my Overseer to request movies/shows, and basically no one would, it’s a deal breaker.
I paid for a lifetime license years ago which is significantly cheaper than that.