I like OAuth for simplifying my login process mainly. I use Authentik for a lot of my home services (calibre, nextcloud, freshrss, etc), and not having to deal with Plex’s authentication service would be awesome. In fact a few months ago my work started blocking Plex, not my home domain though so I can access the webplayer but not login now (so no more morning local news in the background now that I’m back in the office).
Yeah, been a lifetime Plex pass holder for a long time, it was fun but it still doesn’t support OAuth and now they are forcing ads before local TV streams now. I realize the latter is probably more on the Roku side of the house as my shield hasn’t started doing that yet.
Really live TV is the last thing holding me onto Plex, well that and I really do love Plexamp and the sonic analysis bit Plex can do. Plex’s days are sadly numbered for this selfhoster.
OAuth is one thing I hate to see locked behind a paywall; it’s one thing for the pretty, management-geared stuff (dashboards and charts) to be a paid feature, but not security.
While I do agree GitHub is a place where people collaborate, it’s also a pretty handy place to store stuff without having to host your own. If the project doesn’t invite people to contribute, don’t expect a polite response forever. It’s like stopping your neighbor on the street corner to tell them they should paint their house white for the thermal benefits, yeah people collaborate on the street, yeah you are right, it’s their house though.
All those things they listed I would also consider selling my data. Even if you are offering my info in exchange for peanut butter cookies, you are trading it for something else.
I have used both but just started using jotty (jotty.page, github link on the bottom). The SSO setup with Authentik was seamless and it seems really snappy so far and the Dev seems active and involved.
I personally like to use a proxy for that like NPM (a handy dockerized nginnx proxy setup). Not as secure as a VPN but I really like being able to access my stuff from anywhere I’m likely to be. I’ve combined it with a few other things to try and add simplicity (in use) and a little extra privacy by using Authentik for SSO. My main goal with the use of NPM though was to limit the number of ports I had punched.
That makes sense! I always forget about those types of salads lol. Thanks!
I feel like he might be referring to Miracle Whip as it is (or at least was when I was paying attention in the 80s/90s) sold as “salad dressing”. No clue why they called it that but it was a cheap alternative to mayonnaise that had a tangy zip.
Now I have real mayonnaise made with eggs in my house (my mom was always weirded out by non-refrigerated egg products).
Thanks for this! I’ve just got mine setup and will set up the SSO tomorrow. Seems like exactly like what I’m looking for, you rock!
Edit: just wanted to add, setting it up in authentik was insanely easy and worked perfect! Thank you for what is really an awesome piece of software!
I got a ‘dangerous site’ warning and then prompts for crap on my Vaultwarden instance (didn’t see it on Immich but this was a while ago). I think I had to prove I owned the domain with some DNS TXT records then let them “recheck” the domain. It seems to have worked.
Eventually I’ll get around to fixing it, right now it will power up find and then will cut out after a few minutes… Or at least that’s what it was doing last time I messed with it so it’s just been unplugged and back in the box for nearly a decade now.
Thanks for all the info, definitely let’s me know not to just toss it in an oven (that was the original plan, then I shelved it).
I love both my eBook reader (that 505 won’t die) and my PS3 (which could really use a reflow).
How difficult would you say reflowing one of the OG 60GB models is?
I’m kind of with you on this, volunteer has always been something done of a persons own volition without recieving compensation. Even when someone is holding a sign saying “will work for food” they are trying to barter, not voluneer for something.
I think as I get older I just get less willing to accept new uses for existing words. I grew up without a lot of social interaction so I may just not fully understand, or maybe it’s just something that was lost in translation.
As someone who wishes someone had told me… Adults don’t know what we are doing either. It took me way too long to realize I’m not an imposter pretending to be an adult, we are all just kind of winging it.
As you grow older you’ll have seen more stuff and it will be a little easier, but I can attest I don’t have a clue what’s for dinner, just like I don’t know what new headache the next meeting will bring. Live life for life’s sake, the clock will keep ticking whether you’re ready or not.
Welcome to today’s 10,000 (totally not trying to be offensive, learning is great).
TrustedInstaller is actually a service that was introduced with Windows Vista with the intention of preventing modification of system files. It typically is the “owner” of damn near everything in default Windows directories.
A fun way I typically show off the limitations of the system account is by telling people to try to delete a protected resource, like Windows Defender’s directories. Then try it again when running with TrustedInstaller’s rights and you’ll possibly find yourself just staring at your screen thinking about how useful that could be.
That looks like it would only grant a system level cmd prompt. TrustedInstaller has a bit more access.
Edit: I was scrolling back up and realized I responded to the wrong person about the psexec thing. I apologize for any misunderstanding (I’m gonna leave it because its still kind of good info in there and I suck at typing on mobile).
I’m not a fan of psexec anymore, in a lot of environments is blocked or gets picked up by overzealous AV. Might I suggest using using something like NTObjectManager to just spawn a child process of TrustedInstaller?
It works really well, I’ve never seen it flagged by AV, and it’s nice being able to remove shit that system can’t. One thing I had a hard time getting away from PSExec for was remote sessions when remote management was turned off. Thankfully you can just invoke-command to call cmd and enable WinRM remotely… Goddamn I hate Windows but love the simplicity to utilized it’s “under documented” features.
I bought my wife a cheap Lenovo laptop when she needed something that supported the “Lockdown” browser (no Linux support). Didn’t realize when I bought it what “S” meant (and I’ve been an IT guy for over 20 years). Got it home and realized what was up, it couldn’t even run that browser because it had to be the preconfigured browser from her school and not one from the MS store. An evening of fiddling and a $3 grey market key and she was back onto a normal Windows install.
On the plus side the laptop was only like $299 or $399 and really isn’t too bad on the hardware side.
Oh yeah, I’ve killed mine a couple times. Usually it’s because I didn’t keep it updated and jumped too far ahead too quickly. Rolling it back and walking it forward fixed it for me once, another time there was something I was supposed to run first and I didn’t read the release notes (that one was a really long time ago though).