Moving to the cloud isn’t going to solve your uptime issues, it’s still hosted on a server, just now you can’t physically touch it. Please bring critical stuff back in house so we can maintain it and know why its down.

I could, but then I would have issues getting to it from work; from the bit I’ve read about mTLS, it’s not really indended for my use case, I think I’ll just stick with TLS.

I keep mine accessible from the internet, its just more useful to me like that. I do have registration disabled though and SSO is handled by Authentik so it could be worse (my personal goal has just been to not be the easiest target, perfect security is a myth in my mind).

It looks really good, I’m definitely going to be spinning this up once I get a chance. Having OIDC right out the gate is a huge plus in my book!

I couldn’t agree more, I join selfhosting communities all over and not just because I need more stuff to host, because of the community. I love getting to read through the questions and answers, even when they are questions that could be answered by just reading the man page… Maybe it just reminds me of the good old days as I’m getting older and remember asking a lot of similar questions.

Thanks! I’ll definitely check it out!

For my son I just used APLs in group policy. Only approved apps could run. I encouraged him to be better than me and he has definitely kept me on my toes. Now he is in college for cyber security and loving it.

So far he hasn’t broken anything major on his computer or the network, well, aside from messing up his BIOS a couple times… But then he got to teach me how to program EEPROM (like I said, he has kept me learning stuff I normally wouldn’t).

Oh yeah, I’ve killed mine a couple times. Usually it’s because I didn’t keep it updated and jumped too far ahead too quickly. Rolling it back and walking it forward fixed it for me once, another time there was something I was supposed to run first and I didn’t read the release notes (that one was a really long time ago though).

I like OAuth for simplifying my login process mainly. I use Authentik for a lot of my home services (calibre, nextcloud, freshrss, etc), and not having to deal with Plex’s authentication service would be awesome. In fact a few months ago my work started blocking Plex, not my home domain though so I can access the webplayer but not login now (so no more morning local news in the background now that I’m back in the office).

Yeah, been a lifetime Plex pass holder for a long time, it was fun but it still doesn’t support OAuth and now they are forcing ads before local TV streams now. I realize the latter is probably more on the Roku side of the house as my shield hasn’t started doing that yet.

Really live TV is the last thing holding me onto Plex, well that and I really do love Plexamp and the sonic analysis bit Plex can do. Plex’s days are sadly numbered for this selfhoster.

OAuth is one thing I hate to see locked behind a paywall; it’s one thing for the pretty, management-geared stuff (dashboards and charts) to be a paid feature, but not security.

While I do agree GitHub is a place where people collaborate, it’s also a pretty handy place to store stuff without having to host your own. If the project doesn’t invite people to contribute, don’t expect a polite response forever. It’s like stopping your neighbor on the street corner to tell them they should paint their house white for the thermal benefits, yeah people collaborate on the street, yeah you are right, it’s their house though.

All those things they listed I would also consider selling my data. Even if you are offering my info in exchange for peanut butter cookies, you are trading it for something else.

I have used both but just started using jotty (jotty.page, github link on the bottom). The SSO setup with Authentik was seamless and it seems really snappy so far and the Dev seems active and involved.

I personally like to use a proxy for that like NPM (a handy dockerized nginnx proxy setup). Not as secure as a VPN but I really like being able to access my stuff from anywhere I’m likely to be. I’ve combined it with a few other things to try and add simplicity (in use) and a little extra privacy by using Authentik for SSO. My main goal with the use of NPM though was to limit the number of ports I had punched.

That makes sense! I always forget about those types of salads lol. Thanks!

I feel like he might be referring to Miracle Whip as it is (or at least was when I was paying attention in the 80s/90s) sold as “salad dressing”. No clue why they called it that but it was a cheap alternative to mayonnaise that had a tangy zip.

Now I have real mayonnaise made with eggs in my house (my mom was always weirded out by non-refrigerated egg products).

Thanks for this! I’ve just got mine setup and will set up the SSO tomorrow. Seems like exactly like what I’m looking for, you rock!

Edit: just wanted to add, setting it up in authentik was insanely easy and worked perfect! Thank you for what is really an awesome piece of software!

I got a ‘dangerous site’ warning and then prompts for crap on my Vaultwarden instance (didn’t see it on Immich but this was a while ago). I think I had to prove I owned the domain with some DNS TXT records then let them “recheck” the domain. It seems to have worked.

Eventually I’ll get around to fixing it, right now it will power up find and then will cut out after a few minutes… Or at least that’s what it was doing last time I messed with it so it’s just been unplugged and back in the box for nearly a decade now.

Thanks for all the info, definitely let’s me know not to just toss it in an oven (that was the original plan, then I shelved it).