I tried testing a movie from my home server in plex through firefox and repeatedly got this message, even after reloading.
I knew that they had paywalled the apps on mobile and streaming from outside the network but now they have also blocked watching your own movies through your own hardware.
I do get the point that making software should be able to sustain people but I dont see the move of plex as a fair thing to do. Yes, they have made great software but taking your home server hostage feels like the wrong move.
Even a pop up that says “we need you to donate please” would have been fine. make it pop up before every movie, play donation ads before any movie but straight up disabling the app is kinda cruel.
Anyway, i have switched to jellyfin and it is insanely good. please give it a try. you can run it alongside plex with not issues (at least i had none) and compare the two.
In any case, good luck. Let me know if you need help.
- Jellyfin is great, but in defense of Plex, they announced that remote streaming would require one of the two parties to have a Plex pass was coming back in March so I don’t know if it’s fair to say they are holding anything hostage. - I started down the Jellyfin path after they made that announcement. It’s super easy to install, and in many ways the UI is nicer than Plex. But I ran into challenges getting my server safely accessible for users outside my LAN. And I haven’t had the time to look into that further. - Would be great if there was a clean, easy way to set up the webserver portion so it’s as easy to share content entirely as Plex. But I get they are a volunteer project with a lot on their plate. - I have had great success with tailscale in this regard. - The same tailscale that announced last week that they are going to start charging? - Took a quick look at the free tier, - 3 users
- 100 devices
- Basically all tailscale features
 - That seems pretty reasonable to me. Main account and two accounts to share. With just friends and family, I doubt most people will reach the 100 device limit. - Creating a tailnet using a custom domain is considered for business use. - Well, that sucks for me. I was planning on using my domain name. - custom domain - From what I gather, this refers to the email address you sign up with. - If you use something like a non-gmail email address when signing up, it starts you off on the business plan with a trial (which you can instantly change to free). (Note: they’re gonna change this auto-detection thing with shared domains soon due to a security hole.) - I believe you can still use a custom domain (instead of the randomised *.ts.net provided one) with DNS lookups in your tailnet, on the personal (free) plan. 
- I have it set up so that my custom domain is pointing to the local ip of my server. 
- The tailnet domain doesn’t really matter that much if you have your own. I just use tailscale IP for everything that’s not in adgaurs with a host name already - Or even just use the tailnet domain you can generate. 
 
 
 
- Says personal is still free? Not seeing what you’re saying 
- I’m willing to recommend Tailscale because I run headscale and it does basically everything a selfhoster needs. When the free version is passable, it’s harder to enshitify the commercial version. 
- announced - What announcement? There’s been a new Personal Plus plan around for several months already - introduced without much fanfare, and simply brings the user count from 3 to 6 for a fixed small fee. Presumably this is due to feedback from personal users wanting to contribute something other than nothing. - Where do you see the free Personal plan has changed at all? 
- It’s kinda the same as it was before, as far as I can see, for the personal plan. Looks like they’ve just added more the ability to add more than 3 users for a fee. 
 
- That’s great until you try and get it working on your <insert person here that doesn’t live with you>’s TV via their streaming device. - My mom’s tv surprisingly has WireGuard so I set that up for her. - Out of curiosity, what TV and what OS? - TCL with Google IIRC - Because it’s android. 
 
 
 
 
 
- deleted by creator 
- But I ran into challenges getting my server safely accessible for users outside my LAN - FWIW: - vps + domain (optional?)
- connect vps to home server with wireguard (eg Tailscale)
- reverse proxy on the VPS forwarding to jellyfin (eg Caddy)
 - Obviously not as trivial or seamless as Plex. Also I wouldn’t try to complicate this setup by using docker for everything. But once its up you can basically host whatever you want on the WAN from your LAN. - Awesome, thanks for the tips! 
- What added security do you get by using a VPS besides obscuring your home IP? I can definitely see benifits to not leaking your home address, but otherwise the reverse proxy and wireguard tunnels don’t actually add any increased security for the extra steps. You could just host a reverse proxy at home, and any flaws Jellyfin could have in their app would still be exposed. - I’m not knocking your solution, I’m just in a similar place and considering if I want to go through the extra hurdle for a VPS if I don’t need one. - Obscuring home IP is the big one. You also don’t have to fiddle with opening ports on your router and maybe getting ISP attention for hosting on a residential network. But really obscuring home IP address would work. - Dirt simplest solution is caddy on the same jellyfin server and port forward 443 and 80 on your router to that host. Hopefully letsencrypt will work without a domain but I’m not sure. - That’s basically what I do right now except I do have a domain and my ISP doesn’t restrict inbound ports like 443 so it works fine. - Just trying to sort out if I want the headache of a VPS if I don’t need it (costs, maintenance, point of failure, etc). - Sounds like you don’t need the VPS then. Add a subdomain to your home IP. Port forward 443 and 80 to the sever. Run caddy to route the subdomain to localhost:8096. You will also need to tell jellyfin to accept on the new domain. 
 
 
 
- So an additional 10 bucks a month…. - 5 actually because you can use minimal hardware. You can probably just port forward your router and run caddy on the same jellyfin server but then expose your home IP address. 
 
 
- I use wg-easy, which is a web ui bundled with wireguard and it works great. I only have to port forward a single wireguard port on my router. 
 
- If they’re calling it remote streaming when you’re on the same (local) network, that’s not exactly intuitive. I’d say OP’s phrasing was fair. - OP has a misconfigured server and isn’t connecting to their server over LAN. - But I keep hearing the value of Plex is that anyone can use it. - Yes anyone can use it even people who don’t know how to configure their server - The OP might disagree from what I’m seeing. - OP is also in the allegedly ultra rare camp of “successfully configured Jellyfin and lived to tell the tale.” Not what I’d expect of someone unable to configure Plex correctly. I’ve not set up a Plex server myself but my guess is it wasn’t clear that it was misconfigured - it did work previously, after all. - Well, with Plex constantly changing allowed abilities and such, it seems to me that this is the expected outcome. 
- I can’t speak for OP, but I self host lots of stuff, have literally dozens of services running, have an Ansible repo to manage it all and routi some stuff through a VPS, not to mention my day job has included managing services in one way or another for a long while. This is to say, I know what I’m doing. I couldn’t setup Plex to work the way I wanted to, they expect it to run in a docker with network set to host mode, I couldn’t find any way to tell Plex that my living room TV was in the same network, it just wouldn’t accept any connections as local. I know I shot myself in the foot here by not letting it run with network on host mode, but I shouldn’t have to, the port was exposed, I could reach it through the local network IP, but I wasn’t able to stream any content locally. 
 
 
 
 
- Just because the destination IP address is not a LAN address? That’s not misconfiguration, that’s a legitimate use of NAT reflection/loopback. If that’s how it determines who is streaming remotely then just run it behind nginx that forgets to set the correct headers. - Edit: Apparently Plex centrally relays all the traffic? Self-hosted my 🍑, it’s not self-hosted if you need to rely on their server. - It doesn’t relay all traffic, that’s a fallback if a connection can’t be established. 
 
 
 
- Yeah, there is no defence on enshittification, sorry. I have jellyfin now. Its also not remote which makes this a huge dick move too. - Wait its not remote? You’re on your local network? - OP has set it up wrong so it’s ALL going remote, even when he’s in the same house. - I have it set up in a way. That does not make it wrong. This is an option that plex gives you without warning so its their problem in the first place. They also just paywalled that feature that worked for years and they’re not considering the consequences or they dont care. The least they could have done is put a link “if youre seeing this on your home network, you need to do THIS.” - You set it up in the wrong way if you want to stream locally on your network. - It’s ok to admit that you made a mistake and it’s not plex’s fault. Just take some responsibility for your actions. - You’re now using mental gymnastics to blame me for someone else’s actions. Sorry mate but I’m not into that mumbo jumbo. good luck somewhere else. - Someone else set up your Plex server? 
 
 
 
 
 
 
 
- Every non-Free Software will betray you eventually. It’s only a matter of time. - well, except WinRAR - What do you mean WinRAR isn’t free?! - “Free software” is different from “software that is free” - True, though WinRar is technically neither. 
 
 
 
- I just wonder if plex will ever sell the list of movies and IP address of everyone. Many people have the ARRs to auto download, even stuff still in theaters. What good is a VPN when plex knows your email and IP. - Honestly, I’d be rather shocked if this wasn’t already the case. - Moreover they probably have a database of everything you’ve ever watched and your IP and email address, just waiting to be leaked to the internet through sale or ransom. 
- Sell or get subpoena’d; tomayto, tomahto. 
 
- A little oversymplified but i’ll take it. :) 
- I thought free software was when you were the product and non-free software actually supported developers. - Or do you mean non-OSS? - “Free Software” is a defined term: https://en.wikipedia.org/wiki/Free_software 
- Free as in freedom, not as in free beer. - I thought we switched to libre for that definition and since then used free only as in free beer. - I thought we switched to libre - Maybe some people did. Thing is there’s a whole rest-of-the-world out there, and they didn’t necessarily get the memo or are happy with the existing way. 
- Libre (from French) is sometimes used to solve the ambiguity of the word free in the English language, but it sounds kinda awkward in English and there’s certainly no consensus that this should be the official replacement, or that the term free even needs replacement. - Furthermore, the FSF who originally came up with the idea of “free software” still exists and is still called the Free Software Foundation, though Stallman uses both terms interchangeably. 
 
 
- Yeah, the wording is confusing. A long time ago, there was no paid software, there was only software where you got the source code and other software where e.g. it was pre-installed on some hardware and the manufacturer didn’t want to give the source code. - In that time, a whole movement started fighting for software freedom, so they called their software “free”. 
- I mean non-Free Software. 
 
 
- In this thread: - An OP that doesn’t understand how their network is working
- People rushing to suggest a solution that they fawn over because it’s open source. I have yet to see anyone recommend Emby.
- “Tailscale will solve all your problems!” Great - how do I make that work on an LG TV that’s 100 miles away?
 - Open source has high immunity to devs making changes at the expense of the user for their benefit because anti-features can be removed. Recommending another proprietary alternative here would be like saying they aught to leave an abusive partner but then recommend someone with the same red flags.
 - It’s also the most complex to set up, and for many people the threshold is “walking your tech-illiterate mother-in-law through side loading it over the phone, because she lives 100 miles away… She’s afraid to touch her computer for anything except email and Facebook. And then resetting her password every 30 days, because she keeps locking herself out of it.” Suddenly the “just fucking sign into Plex and it automatically discovers your server” option becomes a lot more appealing.
 - Jellyfin is the most complex to set up, right? (Just making sure I’m reading this correctly) - To set it up “correctly”, yes. It’ll require owning your own domain, being able to configure it properly (with either a static IP, or DDNS to point to your server at home), knowing how to automate https certificate refreshes, and a few other things. Plex just requires forwarding a port in your router. - I thought self hosting was about learning networking basics like DNS and setting up let’s encrypt. - So much whining in here about the most simple stuff being too complex. - I disagree; Self-hosting is for a variety of things, and plenty of people (in fact, I’d say probably the majority of Plex users) just want to be able to pirate Netflix without a ton of setup. - Is learning some networking inevitable? Yeah, probably. But I also think this xkcd is apt. The reality is that what may be simple for you and me actually requires a lot of studying for a complete novice. Plenty of people will need to google what a port is, let alone how to forward one. And that’s assuming they even know the word “port” to google. Plenty of people won’t even know where to start. - And true novices are hopefully going to be extremely wary of any info they find online. It’s easy to fuck something up without even realizing it, and leave your entire system exposed; especially when the braindead “lol just forward your Jellyfin port and use your public IP” advice is posted somewhere in every single advice thread. 
 
- Worse. Exposing Jellyfin to the internet is a bad idea given the teams stance on security. https://github.com/jellyfin/jellyfin/issues/5415#issue-824791596 - The only safe way to host jellyfin is with a vpn. - Lots of those issues have been blown out of proportion, and would never be a real concern for the “just a dude running a server in his closet for his friends” setups. Which, to be clear, is the vast majority of setups. - For instance, virtually all of the worst issues require that the attacker already has a valid login token. So unless they stole your buddy’s credentials, the only one to truly worry about would be your buddy directly. But yes, Jellyfin has some gaping holes, and letting it touch the WAN at all is always a risk. You’re giving attackers a new potential vector of attack that didn’t exist before, so that’s worth noting. - unless they stole your buddy’s credentials - Thank God trolls never steal people’s credentials so they can hack a small server because they’re bored. 
 
 
- Right. - Even though I could do those things, I just want something that works. - Plex (or even Emby) fits that request. - Plus they both have an AppleTV app for fee that doesn’t suck. 
 
 
- My tech-illiterate mom uses my Jellyfin instance with no issues. I sent her a link to the app store, her credentials, my server’s hostname and that was it. And once it’s set up, Jellyfin is much more straightforward to use than Plex. - Sure Jellyfin has issues and doesn’t support as many types of devices, but Plex is far from perfect. I use it like twice a year, and the UI gets more and more confusing with each update IMO. - Jellyfin doesn’t have an app on every App Store. On some, you have to sideload it, by enabling developer mode and connecting to a PC that is running an App Store server. Then the TV downloads it from the PC. - Yep, that’s what I meant. 
 
 
- To continue the metaphor: a partner can have many alluring qualities (income, hobbies, looks) but what does that matter if the relationship is abusive? Leaving (and dating someone “worse”) can be more difficult that just staying in the relationship, but the priority should be clear. 
 
 - Thank you Internet stranger for reminding me of this sketch. - What’s it from? - From a time when the jerk motion was used en mass. https://www.dailymotion.com/video/x2jvcd5 
 
 
 
 
- Welcome to “People rushing to suggest a solution that they fawn over because it’s open source.” - How do you personally 100% beyond a shadow of a doubt know that Jellyfin is the right solution? Why not a VPN, shared folder, and VLC? What about running a DNLA server? - Edit: All of you downvoting don’t know; and it makes you salty. - Jellyfin has a DLNA plugin 
- You mean a morally “right” solution? 😇 
 
 
- 3 - An OpenWRT router with Wireguard connecting to another router 1000 miles away will do the trick. - Great; how do I get my Mother to do that over the phone? - It’s not a cake walk, but I’ve something similar for a friend who can barely turn on his PC. - The OpenWRT router was fully configured before shipping it to him and the existing router’s needed Wireguard port was opened by me using the Comcast Android app. All he had to do was connect his TV to a new wifi network. That wasn’t easy, but he ultimately succeeded. - Ok, so you didn’t walk someone through it; you shipped them something preconfigured. - That’s not going to scale as I share out my server. - That’s not going to scale… - How many mothers do you have? - None of your business, insensitive clod. - [email protected] wrote: - Great; how do I get my Mother to do that over the phone? - That’s not going to scale as I share out my server. - Are you incapable of recognizing that in this context my comment was a joke? What the fuck is wrong with you? 
 
 
 
 
 
 
- If #3 is your use case, then yeah, pony up the fees. Or learn to code I guess. - So, like every other jellyfin fanboy, no real actual answer. - Why would there be an answer? - How do I load and configure Tailscale on my TCL Roku TV? - This is an answer im looking for. - Natively, you can’t. Hackishly, you could put a small VPN capable router in front of it that would manage the connection. - That’s according to Dr Internet, so I haven’t tried it, but it seems very likely to be accurate. - So instead of a service that works, I now have: - an inferior (and incomplete) client experience, unless I spend money
- an additional device to allow the client to connect to Jellyfin, because I can’t safely expose it to the internet
- the responsibility to keep all that additional stuff working for myself and everyone of my friends/family members
 - sounds like a great deal - Your complaining that the free stuff isn’t as good as the paid? 
 
 
 
 
 
 
- Seriously. I hate when people assume default settings are the only option. You don’t even need a Plex account to set up Plex. It will just be less seamless and user friendly. Never adopt the server, configure these via localhost (ssh tunnel works) and then set up your networking. Don’t even need to update it, it will run for as long as the database stays stable. Which should be years or more.  
 - Thanks. - One of my pet peeves is when people immediately jump to whatever their fanboy program of choice is regardless of if it’s actually the right program to run in the situation given. - It’s also always the Jellyfin fans that get emotional about this. Liking Plex is like a cardinal sin to them and I should be happy to migrate my entire viewership to a new solutions that requires them to install a vpn client on their device. - Every post I see here about Plex is some variation of Gotcha! or Schadenfreude where they expect everyone to say, “oh no, guess I’ll pack it up and start fresh” - 2000%. - I used to have a list (I might still) of all of the features I was looking for in Jellyfin: if they had all of them I would migrate over. Spoiler Alert: Jellyfin doesn’t have 8/10ths of the features. - I think I’m just going to start blocking the rabid Jellyfin fans and save myself the trouble. 
 
 
 
- I’ll add to #2 (IDK if it’s open source, though): - Give Stremio a try. Once you set it up (basically just add the Torrentio plug-in then whatever content catalogs you want), the workflow is much better and simpler than Plex. - You just browse it like Netflix: see something you want to watch, select it with your remote, then stream it immediately. No server to run, you don’t have to build libraries, you don’t even have download the content beforehand. Just select and watch. Could not be easier. - Is it torrenting in the background? Because, if it is, then you need a VPN and I don’t know how to set one up on my LG TV. Would you happen to have a guide? - If you live in an area where you need a VPN to keep your ISP off your ass, well you’re in luck because the Torrentio plug-in is compatible with Debrid services (Real-Debrid is a good one). They’re cheaper than a VPN (less than €3/mo) and get you direct downloads which ISPs don’t care about since you’re not distributing files like you would with a torrent client. What’s nice is that they work with any torrent—not just video—so you can download wherever you want at 1gbps speeds so long as the torrent has at least one seed. Since you’re not actually interacting with the torrents themselves, there’s no need for a VPN. - Setup is easy. The only thing you need to do is install the Stremio app on your TV, then open it and install the Torrentio plug-in. From there you configure your preferences like preferred resolution, language, etc, enter your Debrid service credentials if you have them; after that you install additional plug-ins for the kind of content you want. I’d recommend starting off with the Streaming Catalogs (lists popular content from Netflix, Amazon, Disney HBO, etc.)and Trakt.tv plug-ins (recommends content based on your viewing habits). There’s also plug-ins for anime if that’s your thing. Once you install the plug-ins you like, the only thing left to do is pick something to watch and enjoy. :) - You can also download the Stremio app to your phone and configure everything from there if you don’t want to fumble with doing all of this with the TV remote. I’d recommend doing it this way so that all you have to do on the TV is fire up the Stremio app and enjoy. - If you live in an area where you need a VPN to keep your ISP off your ass - Uploading copyrightes material is illegal pretty much everywhere I know of. - Many places don’t enforce those laws for simply torrenting. - Some countries (US) ask the ISP to send warning letters and might disable the internet. In other countries law firms get personal details from the ISP and send a costly letter of a thousand Euro for a single infraction like in Germany. - That’s true, but ISPs have logs. And if something happens that makes the police change their mind about enforcing the law, you might be fucked, retroactively. - Again, not an issue if you use a Debrid service, because no files are being uploaded. 
 
 
- Exactly, which is why you don’t need a VPN if you use a Debrid service. No files are being uploaded. The Debrid service handles that for you by downloading the torrent to a remote server, than giving you a direct download link to the file. Nothing is being uploaded from your end. 
 
 - Bro you asked for a guide, I gave you a guide. The fuck you want from me? (For convenience sake I even made as short as possible. Literally less than a 45 second read.) - I put a lot of effort into that comment to help you out, and instead of saying “thank you”, you respond with this bullshit? What the hell is wrong with you? - Ungrateful prick. - I asked for a guide on how to setup a VPN on my LG TV. - Please specifically point out where in your long repo se you provided a guide on how to run a VPN on my LG TV. - Again, you don’t need a VPN if you follow my guide. Your reading comprehension is worse than mine, and I have ADHD. *sigh* 
 
 
 
 
 
- Is Streamio considered safe/private? I remember looking into it a while back and saw something about needing an account on their servers or something. - I used Kodi with addons for ages but switched to jellyfin because kodi felt too clunky and slow for my wife. - I’m not the person to ask this kind of question to. I use DNS-level tracking protection in my router (via NextDNS), but I’m not a privacy expert. - If you’re living in a country where censorship is a thing and/or privacy is of upmost importance, then you should still use a VPN in addition to a Debrid service with Stremio. Or you can nix the Debrid and just use a VPN if you don’t mind more buffering and all the downsides that come with torrents. (VPNs can be setup to run on a TV through DNS settings either on your router or TV itself, though this may not be 100% secure. Again, I’m not an expert.) 
 
- I always see people advocate for Stremio. But my experience was always very mixed. Half the time it would just buffer all the time. I guess it’s s my own fault for having little interest in the latest Marvel/Hollywood movies, but alas. I way more prefer my jellyfin/jellyseer/arr stack. Once it’s available I’m (99%) sure it works from everywhere in the world. - Are you using a Debrid service with it? It’s a much better experience if you are. Give Real-Debrid a try with Stremio. It’ll change your opinion. 
 
 
- Actual answer for 3: - put jellyfin behind a proper reverse proxy. Ideally on a separate host / hardware firewall, but nginx on the same host works fine as well.
- create subdomain, let’s say sub.yourdomain.com
- forward traffic, for that subdomain ONLY, to jellyfin in your reverse proxy config
- tell your relatives to put sub.yourdomain.com into their jellyfin app
 - All the fear-mongering about exposing jellyfin to the internet I have seen on here boils down to either - “port forwarding is a bad idea!!”, which yes, don’t do that. The above is not that. Or
- “people / bots who know your IP can get jellyfin to work as a 1-bit oracle, telling you if a specific media file exists on your disk” which is a) not an indication for something illegal, and b) prevented by the described reverse proxy setup insofar as the bot needs to know the exact subdomain (and any worthwhile domain-provider will not let bots walk your DNS zone).
 - (Not saying YOU say that; just preempting the usual folklore typically commented whenever someone suggests hosting jellyfin publicly accessible) - @smiletolerantly @AtariDump 
 https://en.m.wikipedia.org/wiki/Certificate/_Transparency
 Makes sure bots will hit you as soon as the certificate for your domain is issued- OK, add step above: use wildcard certificate for your domain. - Terminating the TLS connection at your perimeter firewall is standard practice, there’s no reason your jellyfin host needs to obtain the certificate. 
 
 
- For #3, subnet routing. - Where do I find Wireguard for my LG TV? - You can’t expect my relatives living 100+ miles away to start monkeying around with their router. That be like asking you to set the spark plug timing correctly using a timing gun. - Did you even read the link? You don’t need it on every device. It’s not really that difficult to understand. - I AM A 48 YEAR OLD FORMER FUCKING TRUCK DRIVER FOR FUCKS SAKE, and yet, I still managed to set up tailscale on my phone and a computer, and then access my stuff that ISNT running tailscale in any way, shape or form, from my phone, simply because I decided to figure it the fuck out. - Stop being so damned lazy. - I am so fucking tired of this “cater to the lowest common denominator” bullshit. - Stop being so dam lazy and do all the things you pay someone else to do. - Mow the lawn. Fix the plumbing. Run new electrical. Neuter the cat. Clean your teeth. Do your taxes. Properly segment your network into several VLANs so that your IoT devices can’t talk to your internal network. - I do all of those things except neuter animals. Most rural folks do. - If you’re cleaning your own teeth, you’re missing several. 
 
 
 
 
 
- The condescension in your first point is brutal. I suggest you apologize. - And I would suggest learning how to configure your software before coming here and stirring shit. But we can’t always get what we want - Yeah sure. Because a company paywalling functions has anything to do with network configuration. - What people like you dont understand is that there is no minimum requirement of knowledge to selfhost. It is completely braindead how often i have to tell people how a network works and now i have to explain to people why software configuration is not network configuration. - And if you can wipe the foam from your mouth for a second, you’ll notice I wrote ‘software’ not network. - But in the end all you’re here for is a pad on the back from the Jellyfin guys for “seeing the light”. So you do you and maybe I won’t have to read more of you Plex posts, since you’re now in happy Jellyfin land 
 
 
 
 
- Remote, yes, they announced you need Plex pass one side or the other for it to work. - Local, no, that shouldn’t happen. Your device isn’t reaching your Plex server locally. - To work around the remote issue, you can VPN to your local network. - But you’re better off in the long haul with Jellyfin as you’re doing now. - Yeah no. That is local. But thanks for the suggestion. Jellyfin works well. - It isn’t hitting it locally is the issue. Not an uncommon problem with plex unfortunately, its going out to come back in, so the server and client see it as remote. - Without playback you wouldn’t even be able to see that in the dashboard, which just makes the direction Plex is going so much more problematic. - Like I said, better off using JF. - Yeah, i assume it isnt. It got pointed out a couple times that it is a plex configuration problem which plex doesnt point out either btw. - In any case, thanks for helping and participating. Have a good one. :) 
 
- Its not a local connection if you’re getting this message. You might be in the same network, but for some reason it’s not connecting directly. - You’re assuming something that you just cant. I run this network alongside 5 others, some of them professional, for years. My configuration is standard and i’m using the software the same way i did for years. - If plex redirects my call to their server, that is their problem, not mine. I dont care what their inner workings are. I use a local address and this has happened for the first time. - Is it possible that it is an honest mistake on the side of plex? Yes. - That does not absolve them from the end result. 
 
 
 
- Someone else already said it and you’ve already swapped but I’ll say it in detail: - when setting the server connection up you selected “ServerName (long string of numbers)” and not “ServerName (your IP - SECURE)” - this routes your connection through the Plex servers and makes it not a local connection anymore. this is extremely easy to do and forget you’ve done because it barely impacts performance - In other words, it’s a dark pattern that tricks users into letting Plex MITM their connection. - It gets around port forwarding/firewall issues that most people don’t know how to deal with. But putting it behind a paywall kinda kills any chance of it being a benevolent feature. - Labeling it as “SECURE” (implying the other option is insecure) is enough to make it seem underhanded to me. 
- port forwarding/firewall issues that most people don’t know how to deal with - This sort of thing makes me want to tear my hair out when I hear “Why bother rolling out IPv6 when IPv4 just WORKS!?” - NAT, port forwarding and the problems they cause are seen as expected, just the way the internet works instead of the dirty hacks they actually are. Most people aren’t old enough to remember the time when everything connected to the internet had a routable IPv4 address. 
 
- dark pattern - Nope, not at all. Its extremely forward, your local IP is listed first every time IME, and your lower-down comment has it backwards as it’s your local IP that had “secure” written on it - it’s not a dark pattern at all, people are just stupid and don’t read (including me, I fucked this up too at first) 
 
 
- Old news, but time for Jellyfin. I made the switch a couple months ago. Some minor teething issues, but better, IMO, especially now as my family all have LDAP users and that just works. - I made the switch a few months back as well. Have you had the issue where"Recently Added" just straight up doesn’t work? It’s about 50/50 for me whether my new downloads show up there or not, and if they do, it’s usually inserted somewhere down the list between other things I added months ago. Not sure if there’s a workaround, but it’s my #1 complaint with Jellyfin. Otherwise, it’s been great. - How is your underlying file system set up? - It’s an Unraid share on a local NAS, and the array is formatted as xfs. - Hmm, shared how? NFS? - I’m actually not 100% sure how to answer that. It’s just a “share” configured through the Unraid UI, being accessed by a docker container running on the same machine (binhex’s Jellyfin image.) I think that the “share” in this context is essentially just a mount point, but it’s also (optionally) exposed as an SMB share externally. - Ahh OK, a Docker bind. 3 things to check: - 
That you added the folders in that weird way Unraod requires, see: https://forum.jellyfin.org/t-solved-jellyfin-not-detecting-media-in-unraid (this probably isn’t it, but worth checking) 
- 
Make sure for newly added, Jellyfin is configured for Date File Scanned into Library, vs the Created Date on the file 
- 
Ensure the Arrs aren’t set to change the date on file import. By default they modify created/modified dates to be the release date, which can put things in an unexpected order. 
 - Thank you! I checked #3 and it’s not that. I haven’t found the setting for #2 yet, but I just wanted to say I really appreciate your help. 
 
- 
 
 
 
 
 
- awesome. thanks for chiming in. I will have to check how to do external streaming without opening my network up to the world (metaphorically). - …wireguard - (there are android TV apps for wireguard, not that any normie can actually move a client file to it and turn it on, or could be bothered to) - Thats not what I meant. I of course have wireguard set up for administration and my own streaming needs. But friends of mine who were able to use plex by just making an account but now they cant because of course there is no relay server etc. I’ll have to think of a way to make it available to them (easily!) without putting my network at risk. - This is how I do it: https://codeberg.org/skjalli/jellyfin-vps-setup - That is pretty much how I imagined it. Sadly, its A TON of work. I have most of this set up in many VPSs for both me and customers (with other services of course) and I can imagine its probably the best solution. I still hate my life when thinking of implementing it. :D I bet its gonna be easier than I think but you may get my point here. Thank you very much for sharing. - Hell I know what you mean, it was so much trial and error until it worked, hence this guide/template to help others. Plus at some point it feels more like work than a hobby 😅 - You’re an absolute champ! Thanks for walking the walk. Its refreshing meeting people who do stuff. Feel free to check out my kodi peertube app at some point ;) 
- Or just get a Mikrotik router and run Back to Home and baaam you got a similar to tailscate fuction with 3 clicks. 
 
 
- Thanks. That’s well laid out, straightforward. I have resources at home that I want access to through my vps. This is a good blueprint. 
- My primary worry for this is that something in the jellyfin stack gets an open vulnerability, like there’s an overflow you can use on a post call to a piece of media allowing remote code execution. - Tautulli had a leak once that provided the user’s private token. Then there was a way in Plex with a private token to pull data from elsewhere on the server. That’s how LastPass got nuked I hear. - I get you and I know that there can be security issues (especially in Jellyfin) that might give you access. This is the reason I only mount the media and config folders, and nothing else into the docker container. The media folders are mounted as read only and don’t contain sensitive information. For the config folder I created a separate user. Plus I block non-German IP addresses which already blocks quite some bots. If your friends have fixed IP addresses you could also just whitelist them and block everything else. - You could also probably sniff the network and define more strict rules on ‘allowed’ requests in fail2ban but this is bridle because requests might change with different versions. - They actually do a small login f2b effort right in JF, but it appears to be quite limited. - The container is more secure by default, and if people set up their docker well it reduces the dangers substantially. A lot of people don’t go docker though. 
 
 
 
- Mine is public, but I block every state but the one all of my users live in(family) and I never get unwanted visitors. Couldn’t say the same if I lived in NY or CA. - If they have static IP addresses, you may be able to whitelist them in your proxy, or maybe there’s some sort of dyndns client/relay software you can run if their ips change. - yeah, thanks. but thats not gonna work for me. i live in a big city and none of us (me and my server included) have static IPs nor am I gonna get them (at all) and I dont want to pay for them either (because ISPs here want you to pay for them). in any case, thanks for trying to suggest something. it might help someone else who has a different setup. :) - Welp, I guess they’ll just have to start their own servers or you’ll have to get out your credit card. Pity. - yeah no. there are a lot of other solutions to this. they’re just a little annoying. others have confirmed there are similar setups like plex is doing with a relay server, but selfhosted. 
 
 
 
 
 
- You’ve got options. 
- Can your router open ports from a hostname vs an IP? If so, clients could run dynamic DNS. - WG client side isn’t really that hard, though. All the fam run WG 24/7 on devices, and only traffic for the internal network goes through it. - I know. the issue is my friends dont have networks run by me. So I have to gain access to them and have to change setups which makes the situation likely to blow in my face. its just not a good solution imo. People have already suggested a relay server which will likely be the best solution. 
 
- I used synology and reverse proxy. It was pretty easy to set up. The tricky part was going into jellyfins setting and connecting your reverse proxy to the path you made. - Overall my kids and family can now access it anywhere. - I run a reverse proxy too. are you talking about a public one? I’m probably gonna use a relay server for it which essentially is the same I guess. - Yes, the public one. I just use synology ddns as the public address. I’m good with programming, but when it comes to IT stuff, I’m dead in the water. So, their infrastructure helped - Neat. Thanks for suggesting. 
 
 
 
 
- Give me a package that runs on my ds214play and I’ll switch in a heartbeat - https://github.com/SynoCommunity/spksrc/issues/5941 ? - I really wanted Jellyfin working in my DS214Play with DSM6, and I noticed that a package for these evansport CPUs doesn’t exist and it’s officially not supported, so I tried myself and I succeeded. - Thanks for the link. It seems they got it somehow working on DSM6, but if I check the thread, it’s a lot of ducttape and locktight involved especially to run with DSM7. Might try it out on a rainy sunday 
 
 
 
- It’s pretty rare that a company starts taking away free features and doesn’t end up fucking payers in the end. - The biggest bar to Jellyfin is TV clients, the second biggest is security. - TV clients can be fixed with a one-time purchase of a $20 android TV stick. If viewing your familys ARR content isn’t worth $20 you probably don’t need to do it anyway. - Security for remote streaming is a harder thing to handle. Most people are capable of port forwarding, But just hanging a smallish public project out there in the open is always a dicey proposition. It honestly needs real fail2ban, probably SSL, 2FA and password complexity requirements. - We could probably make a jellyfin helper container to handle some of this. Walk people through Let’s Encrypt, dynDNS, port forwarding tests, add fail2ban with a firewall, maybe even slap suricata in it. - We need to convince the project to add 2FA and password complexity requirements. - I don’t know guys what do you think is it crazy? does it make sense? Would anybody actually use it? - I access my stuff via VPN. As for sharing with others, I simply don’t do that. VPN is still an option though. Or temporary client whitelisting, etc. - Now that’s an interesting thought. - A web page with Authelia, login and a firewall. - If you’re not logged in, All you get is a login page. If you are logged in, It passes you straight through to jellyfin. - So any device and client would be able to access it without issue once a phone or computer on the network had logged in just once. - The web page modifies the HA proxy ACL and forces a reload. - This will work fine over the web, but won’t work with clients. - They have instructions on jellyfin forums on setting up HAProxy, that part totally works. - But you don’t put 2FA on the jellyfin server, for that you just deny all IPs except whitelisted. - You did the 2FA on the whitelister only using path-based routing. - You don’t have access to the root site, you go to a path and login to a separate database to whitelist yourself then your client should work from that IP. - This will work fine over the web, but won’t work with clients. - They have instructions on jellyfin forums on setting up HAProxy, that part totally works. - But you don’t put 2FA on the jellyfin server, for that you just deny all IPs except whitelisted. - You did the 2FA on the whitelister only using path-based routing. - You don’t have access to the root site, you go to a path and login to a separate database to whitelist yourself then your client should work from that IP. - edit: - I just tried it, it appears to work so far. - I can send websocket traffic inbound to 8096: to the JF server and it loads on web, Android and Roku clients with an ACL limiter on originating ips. and send 8096/whitelist to another server altogether with no ACL limits. - On that process, I’d load nginx, authelia, fail2ban and what flask? Surely someone has a python longin/admin framework that I could hijack for this. Then have that app reack over in shared container storage to twiddle the haproxy config to add some ip’s and reload it? - I wonder if I could do something to the haproxy side to detect non-use of an IP and remove it. 
 
 
 
- Yeaaah ! Most people anyway have some kind of VPN installed on their device… Just slap in a wireguard VPN config to tunnel your traffic home… bOOm jellyfin everywhere and 99% secure ! 
 
- I think you make a hugely important point and I would definitely use it and I might even be able to help making it. - Current Idea: - Traefik does most of this through plugins, except the whitelist modifier, - Whitelisted? - user: https://bob.com:9901/ -> jellyfin
 - Not Whitelisted? - user: https://bob.com:9901/ -> 404
 - Whitelisted or Not whitelisted? - user: bob.com/whitelist -> nginx/python, authelia, fail2ban, traefik whitelist modifier
 
 
- You can address the 2fa by putting it behind something like authelia, but still, the project needs to step it up - Authelia is super easy, if the clients can handle it 
- I thought that you can still access media directly via the URL without any authentication, how would authelia change that? - Yes! You just have to set up your reverse proxy to send everything through it and it’ll block the unauthenticated access. - The downside is that apps stop working since they don’t have a way to authenticate with authelia. I’ve installed it as a PWA on my phone and use an old laptop with the TV interface on my TV, but it’s not perfect - Are you sure that works? I’m pretty sure they mentioned that reverse proxies are an unsupported (and not working) use case with Jellyfin, but I might have to look into authelia some time then. - I just put it behind an HAProxy a few minutes ago, It appears to be fine. You just need something capable enough to handle web sockets. I’ve made it all the way through an episode of The real monsters without any problems. - Again, you’re not going to be able to 2FA it that way, what I’m looking at doing is IP whitelisting it in HAProxy using a small web helper that is 2FA, accessed via the same port but on a separate path. 
 
 
 
 
- What are my realistic security concerns with a jellyfin server that I let friends and family watch while trying to minimize the troubleshooting and steps they need to take to get started? 
- Security for remote streaming is a harder thing to handle. Most people are capable of port forwarding, But just hanging a smallish public project out there in the open is always a dicey proposition. It honestly needs real fail2ban, probably SSL, 2FA and password complexity requirements. - Yeah. - It’s tough because I get they’re an open-source project, and they’re volunteers, but at the same time, security is something that should be the highest priority. - Though, you could just make it so that it’s not accessible via WAN and instead has to go through a VPN, though that’d make it harder to share with others. 
- As someone who is … lazy and took advantage of some Amazon Black Friday Fire TV stick deals, and who doesn’t want to drop the $200 for a Shield: - Any Android sticks/players you might recommend? - Bittorrent join the room. 
- The Onn dongles from Walmart are probably the cheapest. The firestick should work fine and there are also Chromecasts from Google. 
- Basic functionality, I’ve heard good things about the crappy Walmart ONN branded ones. - I know there are Alibaba options, But I’m awfully afraid of a lot of those have worst security issues than opening up jellyfin. - +1 for Walmart Onn, very easy to debloat and degoogle, supports SmartTubeNext, S0undTV (Twitch), Jellyfin, Plex, whatever else you want. 
- Thanks- was hoping there was something out there that’s a bit less tied into some large Amazon-y or Google-y type anything - For all their lack of privacy, the Fire Sticks perform pretty well 
 
 
- probably SSL - *TLS - SSL has been deprecated for a decade at this point 
 
- Welp, i killed mine yesterday as it wouldnt let me stream while offline. Modem died so no Internet for me. Why do i have everything local if it dosent work while offline… - Exactly. Thats why i use jellyfin now. Try installing it alongside. For me it worked well. - Its already installed, but missing features, i was waiting for them to finish the db changes, because thats whats blocking them… - what features are you missing? - security 
 
 
 
- FYI you can definitely watch while your network is offline. You just net to tell it that you’re happy with that (it’s not activated by default for security reasons). - 
In your Plex server settings, go to Network, enable “Show Advanced”. 
- 
Near the bottom, find the textbox that says List of IP addresses and networks that are allowed without auth
- 
In this field, enter the local IP address of any Plex client(s) you want to keep using if your internet (or the Plex cloud) is down. 
- 
A example: 192.168.0.50
- 
Save the setting, done. 
 - #Important thing to be aware of: - What this setting does is tell your local Plex server to simply give any Plex client that connects from that specific IP full admin access to your Plex server, ignoring any account restrictions. This means that if you have things in place to restrict access to some libraries (kids blocked from 18+ movies etc) those restrictions will have no effect. Also if you have the option set to allow file deletion, then any client from that IP could also delete items. And they could of course change any settings in your Plex server. So your kids can watch anything on your server, if you have a guest in your network and they browse to the Plex web interface, they can mess with things. - Because of that I would recommend to limit the amount of IP’s you enter in that field to the absolute bare minimum. For example, only whitelist the “main living room device” plus one device you to admin the server, such as a laptop. - If you want to whitelist multiple devices, this is a example: - 192.168.0.50,192.168.0.77,192.168.0.80- If you want to whitelist a entire network, these would be examples: - 192.168.0.0/24 (this means 192.168.0.0 - 192.168.0.255) 192.168.0.0/16 (this means 192.168.0.0 - 192.168.255.255)- And of course those involved network devices should use static IPs in your home network. 
- 
 
- Plex has pay walled FREE servers streaming to FREE clients only. - If you have a plex watch pass (for client) you’re good and can stream from any server. If you have a plex pass (for server) any one can stream from your server. But you have to have one or the other. 
- What about switching to Jellyfin? 
- Why anyone still uses Plex for new setups is beyond me. - pretty much the only reason I still use Plex is because I like to be able to watch stuff during downtime at work and plex.tv isn’t blocked on the work network while my private domain is. - And no, using a hotspot off my phone on a personal computer isn’t an option, both because the security requirements of my job site prevent us from using personal devices in the main area where I work and because the building itself is a massive concrete structure that blocks most cell signals. - Strange that plex.tv isn’t blocked while a “personal” categorized website is. Have you looked to see what category your domain is shuffled under? You could try submitting a recategorization request to Cisco Umbrella or Fortinet databases. Requests for recategorization are free to do. - I’ve tried submitting recategorization requests through the links provided by my workplace on the block pages. The requests have been denied. - If I’m remembering right, it’s a Symantec web filtering solution that we use and they’ve decided that my domain is in the “personal blog” category. Which is a blocked category. Jeff Geerling’s website actually falls under the same category, which also kind of sucks, because I like reading some of the stuff he puts out. - I would go around them and go directly to the source of categorization. It looks like this is the Symantec categorization website in case it’s different from what you’re workplace provides - https://sitereview.bluecoat.com/#/ 
 
 
 
- Well, i didnt. Its a legacy install and i had jellyfin already running parallel because of the remote streaming paywall they introduced. 
 
- Plex has paywalled my server! - Skill issue tbh. - Yeah but not on my end. 
 
- I’ve never been a Plex user. Always been with Jellyfin. I’ve heard that plexamp is a killer app but finamp has always been sufficient for my pretty basic needs. But I have a question for you (meant in good faith). You say, - I do get the point that making software should be able to sustain people but I dont see the move of plex as a fair thing to do. Yes, they have made great software but taking your home server hostage feels like the wrong move. - If Plex needs a sustainable business model, asking for donations isn’t enough. So what is the move for them? What do they do to both fulfill their need for a sustainable business and also not upset their userbase? (I’m not defending Plex or this move of taking your server hostage, in any way.) - I’m genuinely curious how, with the benefit of 20/20 hindsight, they should have played this or at a minimum, made better moves than they did. - Very glad you’re with jellyfin btw. You can check out some cool plugins at awesome-jellyfin. - Donations isn’t going to cover the hunger of a 40 million dollar VC round. Those investors want more than a return, they want plex profitable ASAP - Investors are like parasitic leeches to any business model. As soon as you add them, the business has to grow in order to satisfy the leeches who provide no benefit to the model other than to be attached to it. If you ignore the leech, they’ll drain all your lifeforce, so your only option is to satisfy them and feed them. Unfortunately, they are also ravenous creatures who are never satisfied. If you feed them a little, they’ll want more next time in an endless cycle. - Once you are infected by investors … eventually they will destroy whatever you created. - You have this semi-backwards. The VC isn’t really a leech because Plex pitches the venture fund with a well developed enshittification plan already in place. Assuming everyone is acting in good faith (i.e. the VC doesn’t just want to just shut it down and sell Plex for parts), Plex’s (enshittification) plan is the reason it makes sense for the venture fund to invest in the first place. Plex promises their plan is why the VC will make an outsized return on their investment and it is what the VC validates as part of their pre-investment due diligence. But that plan is created (and sometimes even put into operation) before any VC investment occurs. - Yes, you got this bang-on. Plex made the decision long ago. - And they likely made it because without VC funding they would have gone under, because people that use services like Plex tend to not want to pay to use said services. 
 
 
 
- Exactly. Plex could have been “profitable” in the sense that revenue covered infrastructure and paid a handful of full time employees, but that’s not what VC money needs. 
 
- So what is the move for them? - Plex has a two-pronged VOD service. They have ad-supported “live television” and they have content to rent. - I don’t know if that’s enough to sustain them but I don’t really care. I’ve been a PlexPass owner for over ten years. I have only asked that they resolve bugs and made requests for things like proper organization of classical music (which they’ve explicitly stated they will not consider). - You do bring to light something I hadn’t considered; that they see Plex as a business model. From my perspective, I want to buy a fully developed product with the expectation of bug fixes and security patches etc over time. I genuinely can not think of a single thing the developers have added to the service that I’ve used in the past ten years. - So, what kind of business model charges money to do things that don’t have an apparent impact on the user experience? - Plex has been one of my most used applications in the past decade. However, it has its limitations and they are actively imposing more limitations on the experience in favor of “a sustainable business model”. - The issue is that their sustainable business model is interrupting the users’ sustained use of a platform they’ve already paid for. I’ve had to go through all of my devices and disable all auto-updates to ensure I do not get the “New Plex Experience”. - What we should be asking is why “selling a product” is no longer a business model. - What we should be asking is why “selling a product” is no longer a business model. - Such a good question. Off the top of my head, I can think of two reasons: one cynical, one a little more practical. - Cynical first lol: Maxmize profits. Why charge once when you can charge monthly. I’ll move off this bc it’s a topic that’s been beaten to death, esp. here on Lemmy. - The more practical reason is probably because most software interacts pretty directly with the internet in some way. When we were just installing MSOffice98 with clippy, software didn’t need constant security updates, patches, etc. Remember when there was an update for MSOffice and you’d install Service Pack 1? That was one of the first patches I downloaded from the internet and it was a big deal back then. Now updates come out at least monthly, many times more often than that. I guess that means that you have multple product cycles occuring concurrently, which creates a financial model with a lot more unknowns… which in turn makes it harder to forecast what a product should cost, considering it would be the only revenue generated, per license for the life of the product. - I think selling a product is still a very viable business model, but you have to be a lot more accurate about revenue forcasting and product pricing. I guess it means you have a lot less room for error (from a business perspective). - This is not Microsoft. I haven’t updated my plex software in over six months and it runs fine. Still, yes, I would expect updates to any software I purchase as new patches are needed for OS updates, etc. That shouldn’t be more than two updates a year for a given OS - if at all. - Selling a product, generating revenue, using revenue to improve products or create new products is how we used to run businesses. - If they’re unable to maintain software updates with the revenue they get, then they should discontinue support of less popular products. - As I’ve stated on the plex forum, plex is no longer a media management and consumption platform. It’s a video on demand service. That’s their prerogative and that’s fine. The issue is that they’re discontinuing a product that people have purchased and use on a regular basis. I paid money for a product and that product can no longer be used if I change the device I use that product on. They should have left the existing product alone and released something wholly new. 
 
- What we should be asking is why “selling a product” is no longer a business model. - Because they’re not selling a product, they’re selling an ongoing service. They run the relay servers, and those cost money every month. - I bought a media management and consumption platform running on my own server using my own clients. For what reason do I need a relay service to watch content in my house on my server? - No idea, you’re the one that bought it. I did the same thing for a few years and never bought a plex pass. 
- What media management and consumption platform did you buy? 
 
 
 
- There are a few ways Plex could have played this: - By attrition. Stop the sale of plex pass, but leave those users and their access alone. New sign-ups get new rules about features/$.
- By using some of their revenue to paywall Premium features, keep a cut-down but functional version for non-paying plebs. It doesn’t have to be all-or-nothing, even for streaming outside your network (which you could cap at X number of hours per month)
- Start making Plex features a-la-carte, meaning, $2/mth for HDR, 4$ for streaming, etc. Or bundles.
 - The point is there are lots of companies who do this right and don’t have such a blatant disregard for the user. In the long run, this will not help Plex, it will help other streaming service helpers who are actually willing to respect users. - I know you’re not defending Plex and I acknowledge that. However, I see a lot of “How are they supposed to make their money?” arguments here, hence my description above of just a few models Plex could have chosen instead of f**king the customer. - Yeah. “How are they supposed to make their money” is a question that I’m grappling with right now. OSS is hard enough with a straightforward MIT license but figuring out how to monetize in the OSS space (that doesn’t always reward nuance), adds a lot of complexity. I’m starting fresh, so I’m not changing anything on anyone… but getting a monetization strategy that is 100% perfect out of the gate is not likely so seeing this vs. a response like Pangolin’s is helpful. - That’s a good point, and it’s one that isn’t solved yet in the foss space. - There are some success stories like Blender, and other projects like Thunderbird and KDE who have recently made their model work through voluntary donations, albeit by hiring competent management of such donations. And there are lots and lots of projects somewhere in between. - The interesting questions to me aren’t so much about Plex, but the infrastructure behind all the tools we use: NTP on Linux, build tools, ffmpeg libraries, etc. Lots of other companies make products that make money, yet kick back nothing to these. - Would a royalty system work? I dont know. 
 
 
- From my view, a sustainable business model is very different from the way things are done lately. I built and managed multiple successful businesses and making them sustainable is doable without fucking over your customers. - They could absolutely have done a lot better things to gain more income. The important base question here is “how much do they need?” Because software does not have huge ongoing costs but massive initial costs and lower sustaining costs. Of course, large changes or complete makeorvers will be intense but they are not needed in every company. - Once that is clear, they could have started with better public relations, engaging people about the need for a specific sum or recurring revenue. They could have gamified it by selling badges, additional functions, tiers, restrictions on new installations, etc. But they didnt. They chose to paywall existing functions. one. After. The. Other. - Dick move. - So yeah, building a business is no joke but thats not for me. - Saying software does not have huge ongoing costs shows you’ve never worked on any huge software system. My works ongoing costs for hosting/scaling/storing data are millions of dollars a year. - You’re both right and wrong. - Its like saying “saying a company is easy to run shows you have never run an huge company.” - Both are false dychotomies. The amount of hosting costs, manpower, etc does not come from the project but how it is set up. - If you have to run servers for a software at all determines the cost for hosting for example. Same for every other aspect. - Linux is a huge software project I’m working on. Yet the cost of it is a joke compared to its size. It has way more users than plex. - You were the one that made the claim that “software doesn’t have huge ongoing costs”, which is what I said is wrong. Lots of software does, as you now agree. 
 
 
- Really glad you replied. Thank you. Your points are really good ones. I want to build something (software) for myself and the community but also struggle with where to draw the line when it comes to making my product generate revenue too. It’s a thing we don’t really talk about when it comes to OSS. Maybe we should create a new category called SOSS, (sustainable oss) lol. - Some FOSS projects are supported by having a for-profit company offer turnkey packaging and support for those projects. Look at TrueNAS. They sell nice NAS hardware preconfigured with their software and the profits support the development. - Good point. I wanna point out that plex is not foss. Its closed source software which makes those moves even more idiotic because they could have paywalled new servers and accounts instead or weaned people off from their servers if they use local only, etc. - But yes, one only needs to look at foss projects like lemmy, pixelfed, kde, gnome to see how it is done. This absolutely means you have to have more people than just yourself or you will definitely burn out. - Tldr: some use gov funding, kickstarter, additional features, turnkey hosting, explain and ask for donations, etc. 
 
 
 
 
- Are you saying that you’re on your home network with your Plex server and it won’t let you play your media without paying? That’s not true if so. You must be outside the network. - deleted by creator 
- I’ve had that happen to me with plex, it was probably 100% my fault because I specifically changed things during the setup of the docker file, but apparently Plex can’t figure out that is local if it’s running inside docker with non-host network, it probably only accepts local connections from the docker network, and I was never able to make it treat my actual home network as local. - Under Settings > Network there is a configuration item exactly for this. I’m running host network, but you can add the docker networks here as well.  - LAN networks is only available for plex pass users - It all starts to make sense then. I need to set Jellyfin up soon. It’s only a matter of time before they come after the “Lifetime” purchasers like myself. I bought it over a decade ago at this point. - the actual problem here is that OPs network is not configured correctly and that Plex detects that the physical local client is actually accessing the server from a totally other network. - Fairly common when you use docker to run Plex and have the container run in bridge mode. This will put the container in the docker network that will then be different to your local network. - Plex determines if a stream is local or remote based on the network so when your container is in bridge mode, the physical local client will be a remote connection because of the different networks. - And since remote streaming requires Plex pass since end of April, you will see this. - Yup, that’s exactly the problem I have, it’s ridiculous that it doesn’t let me stream from a local network just because it thinks that it’s local network is only the docker one, it should be fairly simple for Plex to figure out it’s accessible via a direct connection and it doesn’t need to route through the Plex servers for this. But it won’t get fixed because it pushes people to pay, hell from what people are saying here the config to fix this is paywalled so they create a problem for which they sell you the solutions. 
 
 
 
- I don’t have that configuration:  - As someone else mentioned, this is only available to PlexPass users. Sorry for the confusion! I bought my lifetime sub over a decade ago at this point and forget about these inconsistencies that used to just be part of the product. - Therefore it’s literally impossible for me to watch my media locally, way to go Plex. - Are you running in docker? Change from bridged mode to host mode on your container which should resolve this. - Yes I am, but I don’t want to give full control of my network drive to a closed source application because it paywalled me out of being able to access my media on my local network. It’s ridiculous that I have to do that. It breaks ECI, and is a security risk. And yeah, it’s a bit paranoid, but the fact that they can fix it with a simple config and put that behind a paywall is VERY worrisome, so I now need to pay if I want to isolate Plex from the host where it’s running. 
 
 
 
 
 
 
- That is exactly the case. It is absolutely true and accusing me of lying is not okay. - You’re not lying, you’re just not good at networking and/or setting up Plex. - Plex does NOT charge for streaming on your own network. If it is saying that you need to pay it’s because you’ve set your network(s) or Plex up wrong. - And the next wrong assumption. It’s beginning to get really tiring. Maybe try to stop individualizing systemic problems. I know it is counter to our society but it is the only healthy way. - I’m building networks for a living. The situation I’m in has zero to do with my skills and assuming so is highly disrespectful. - But yes, as others have pointed out, it is likely that a configuration back when setting the service up years ago led to it using an outside connection which has only now become an issue because of plex’s switch to blocking remote streaming. - No matter because plex works just as well. - Cool, so you can finally admit you set Plex up wrong. Good job. - But somehow it’s still Plex’s fault 
 
 
 
 
 
- Plex really needs to do a Tailscale style connection to your server. But instead they chose to keep their outdated method of funneling all of their traffic through their servers, and need to charge lots of money in order to pay for it. - Considering both Plex and Tailscale are going toward VC exits, Headscale and Jellyfin is the only FOSS way atm. - I just use nginx on a tiny Hetzner vps acting as a reverse proxy for my home server. I dunno what the point of Tailscale is here, maybe better latency and fewer network hops in some cases if a p2p connection is possible? But I’ve never had any bandwidth or latency issues doing this - If you are using wireguard from the VPS to your home server, it buys you nothing more. If you have mobile devices connecting directly to the home server, Tailscale will let them connect directly in most cases, which is nice. - The direct connection is cool, I just wonder if a P2P connection is actually any better than going through a data center. There’s gonna be intermediate servers right? - Do you need to have Tailscale set up on any network you want to use this on? Because I’m a fan of being able to just throw my domain or IP into any TV and log in - I have Tailscale (actually headscale) set up on all my devices and the performance is good enough I don’t turn it off when I’m home and on the same lan as my server. The connection is p2p so it’s just a little encryption overhead. When I travel to other networks like my mobile network, or various corp wifi networks, it continues to try to get a p2p connection. Only sometimes corporate wifi networks block p2p and the traffic round trips through my VPS. It does take a lot of load off the VPS compared to the old way with openVPN. It also continues to work “for a while” if the VPS is down. 
 
 
 
 
 

































