Using a relay server to separate online from home connection

It’s not, not directly at least, and that’s what everyone is ignoring here. You probably understand the value on Authelia/Authentik but you’re failing to see that the Plex relay server is taking that same mantle here, so even if someone managed to compromise the relay server it’s still not on your home server, whereas exposing jellyfin directly to the internet only requires one service to be compromised.

In some way is different from directly, on Plex you’re behind a relay server so it’s akin to being behind a VPS running Authentik/Authelia in front of the service on your home. Compromising the relay server does not necessarily compromises your home server, so it’s not direct like putting Jellyfin on a reverse Proxy would be.

That exposes Jellyfin to the internet

That exposes Jellyfin to the internet, so it’s not the same feature

That exposes Jellyfin to the internet, so it’s my option 1.

How do you do this on Jellyfin? The only ways I’m familiar with is to expose Jellyfin to the internet or access it through Tailscale, would love to hear alternatives.

Edit: From the replies I think that either I don’t understand how this feature works or many people here don’t, so I’ll give an overview of my understanding and explain why this is different from anything you can do on Jellyfin and what’s the closest you can come.

You are running Plex-home in your house, Plex-home connects to Plex-server hosted by Plex and establishes a reverse connection that’s only accessible by Plex-server, i.e. you can’t access your Plex-home outside of your house. When you login on Plex you’re logging in to Plex-server and if you’re in the same network as Plex-home you get redirected to form a direct connection with it, if not (and for me Plex keeps failing this verification) you connect to Plex-server and every request you make gets forwarded to Plex-home and when you ask for media it gets routed through Plex-server. This is very different from exposing Plex-home directly to the internet, in order for someone online to access your Plex-home they need to have taken control of Plex-server and then they’re limited by the API between those two (whichight be different from the Plex-home API) to try to escalate into your machine.

With Jellyfin there’s no server side component, you access Jellyfin directly every time, so in order to access Jellyfin outside of your house it needs to be accessible for everyone. The closest you can come up with is using a third party authentication server, for example by having a VPS running Authentik/Authelia/etc and hosting Jellyfin behind that authentication. This gets you a similar level of security because someone would need to compromise your Auth and then your Jellyfin to get into your server. However I’m not sure Jellyfin clients would know how to handle a third party authentication service, and would probably just crap their pants and prevent you from logging in. You could still access it in a browser, but not on native clients like the one on your TV or Fire Stick.

If you don’t have this VPS with authentication you’re exposing Jellyfin directly to the internet, which means that any flaw in Jellyfin security immediately compromises your home server. And while I don’t expect there to be many big or obvious flaws, there’s a reason why stuff like Authelia or Authentik exists, and besides the convenience of a SSO they exist because proper authentication is hard and has many pitfalls, and they offer security in the knowledge that their main focus is authentication, whereas on most other services authentication is just one of the features they offer so it might not be as secure.

Why would you expect this to NOT be paid? It requires them to be running servers to stream the media through, I wouldn’t expect this to be a free feature.

I dislike Plex for several reasons, but asking for payment for stuff that costs them money is completely justified.

Kodi and Plex do different things, both of them organize your media and give you a pretty interface to access it, but Kodi is a program running locally and Plex is a webservice that you can access remotely. Jellyfin is the open source program that does the same thing as Plex, i.e. a media server manager that can be accessed remotely through a web interface.

I mean, Factorio’s early access is the middle point between now and when God of War 2 was released. Meaning that when Factorio was on early access God of War 2 was as old then as Factorio is now.

I tried Authelia but couldn’t set it up, so I’ve been using Authentik and have been quite happy. The only downside is that I had to configure it using the GUI instead of with config files, which I think would have been a point for Authelia, but couldn’t get it to work properly.

I always find this so pedantic, yes, America is the continent but it’s also the name of the country, just like you probably say Argentina, Mexico or Brazil for the countries you mentioned instead of Argentinian Republic, United States of Mexico, or Federative Republic of Brazil. By that same token when you said United States I could have assumed you were talking about Mexico, heck until very recently in history Brazil was also named United States of Brazil so if I or you were old I could also asume Brazil. But I know what you meant by US and you know what he meant by America, stop being pedantic.

What’s your GPU? Nvidia’s you will need to use the proprietary drivers, AMD it depends on how old it is but newer ones should be good with the default driver.

From the issues you mentioned on Ubuntu I think it’s likely you have an Nvidia since it doesn’t play completely nice with Wayland all of the time, which sucks because X11 is halfway out of the window.

Another thing I think you probably know but just in case, you can install different Desktop Environments on the same distro, no need to change distros for that. So you could install Plasma (and yes, Plasma is KDE) or Gnome on your existing mint installation.

Honestly I think Mint is great for beginners and if you’re happy with it there’s no reason to switch. One thing I always recommend though is keeping /home in a separate partition so you can reinstall or switch distros without deleting your data.

When I started my home server was an old laptop, eventually it became an old desktop, and now it’s server specific hardware. My recommendation is use whatever you have at hand unless you have specific reasons. I went from laptop to desktop because I needed more disk space, and went to specialized hardware for practical reasons (less space, less electricity, easily accessible hot swappable hard drives). But for most of the stuff I have there an old laptop would still be enough, heck, a raspberry pi would be enough for most of it.

That sounds like an awful system to use. I have Arch systems that date back years with unassisted updates, why does it break so much?

No, I drink Earl grey daily, but I didn’t even knew (until a couple of moments ago) that it was Picard’s drink. I first had one on a train in Russia, and fell in love with it. The ones I have today are not the same as that one but still very good.

Maybe stop and listen to what I said, unless you have lived in very specific cities it’s almost assuredly I’ve had more risk to my life walking home in a week than you ever did in your entire life, having lived for a good chunk of my life in one of the most dangerous cities in the world.

I’ve lived in places where you can get shot because you turned the wrong corner, places where you need to talk to people with machine guns to let you pass. Maybe you should unshove your head out of your own ass and see that other people also have problems, and alienating them is not going to make any friends. Unlike you I recognize the struggle that minorities face, I’m not looking only at myself and forgetting others exist and trying to pretend they don’t suffer. If your first response when someone says “I suffer” is “your suffering doesn’t matter because I suffer more” the person will reply (or at least think) “if you don’t care about my suffering, then I don’t care about yours”, and that’s not constructive, everyone suffers and everyone deserves to be treated equally.

Sure you can, it’s like saying you can’t be racist against white people, and having lived in a neighborhood that was 99% black I can assure you that’s a thing.

People need to decouple the ideas of discrimination and institutionalized discrimination. Discrimination can happen in any direction and it’s on an individual level, institutionalized discrimination can only happen from the people “in control” towards the rest, e.g. cis, hetero, white, males. Obviously institutionalized discrimination is way worse and should be fixed, however antagonizing people and claiming you can’t discriminate against them will lead them to close down into “well, if I can’t be discriminated against then neither can you”. It’s important to teach people that anyone can be discriminated, and to show how our society as a whole discriminates certain groups, this way the message becomes less of “you’re an asshole for being in the same category as people who are assholes, and there’s nothing I do to you that will make me an asshole” and more “it sucks when some people are assholes to you, imagine if the majority of people treated you like this”

First to answer your main question if I were you I would try NixOS, because it’s declarative so it’s essentially impossible to break, i.e. if it breaks for whatever reason a fresh reinstall will get you back to exactly where you were.

That being said, I know it’s anecdotal but I have been using Arch for (holy crap) 15 years, and I’ve never experienced an update breaking my system. I find that most of the time people complain about Arch breaking with an update they’re either not using Arch (but Manjaro, Endeavor, etc) and rely heavily on AUR which one should specifically not do, much less on Arch derivatives. The AUR is great, but there’s a reason those packages are not on the main repos, don’t use any system critical stuff from them and you should be golden. Also try to figure out why stuff broke when it did, you’ll learn a lot about what you’re doing wrong on your setup because most people would have just updated without any issues. Otherwise it really doesn’t matter which distro you choose, mangling a distro with manual installations to the point where an upgrade breaks them can be done on most of them, and going for a fully immutable one will be very annoying if you’re so interested in poking at the system.

While I think that’s a great way to view the question, and can definitely see the reasoning and sort of agree with it, there’s one test that can be made for some arguments to know whether they’re inherently prejudiced or not, that is the black switch. This works because our society has internalized racism, at least the talking of it, to a point where we can easily recognize racist statements, while the same is not true for sexist statements yet.

With that in mind how would it be if the question was “would you rather be in a forest with a bear or a black person?”. You immediately recognize the inherent racism there, and the person asking that question could very easily show statistics on the number of crimes committed per ethnicity to prove his point of why he would choose the bear, and even argue the same you did that a bear is predictable humans are not. Still you understand that the question is inherently racist.

This is not to say there’s no issues to be discussed here, or that women don’t suffer at the hands of monsters out there, and if you can’t understand why women would choose the bear you need to read more into what they go through… But still, regardless of all of that, the question is inherently sexist.