this post was submitted on 08 Jun 2026
251 points (94.7% liked)

Selfhosted

59746 readers
912 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
251
Why I moved my Plex library to Jellyfin after 14 years (the.unknown-universe.co.uk)
submitted 1 day ago by TheIPW@lemmy.ml to c/selfhosted@lemmy.world
141 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Evotech@lemmy.world -5 points 19 hours ago (3 children)

What's the worst that can happen. Someone watches your movies

[–] deafboy@lemmy.world 11 points 17 hours ago (2 children)

Someone breakes in, then moves laterally to your home assistant running frigate to watch you sleep at night. Then uses your residential uplink as a proxy to resell on an open market.

After that, the possibilities are practically endless.

[–] klankin@piefed.ca 3 points 11 hours ago* (last edited 11 hours ago) (1 children)

No reason to connect jellyfin to any sort of local network, router will still hairpin for local connection.

With that setup its honestly more secure than 99% of IOT devices, and like 50% of routers.

edit: and if youre running it in the pentagon or something just toss authentication like keycloak in front of it, plus a bit of crowdsec/fail2ban and an IP whitelist, I'd be surprised if you'd even get an attack, much less one violating that strict of a threat models.

[–] kalpol@lemmy.ca 1 points 6 minutes ago (1 children)

Good grief. If you're doing all that, just set up Wireguard

[–] klankin@piefed.ca 1 points 2 minutes ago

I mean containers make the networking pretty easy, everything beyond that is optional based on your threat model.

Same as hosting anything networked, you can do it easy or do it safe.

(but also wireguard is kinda an O(n) problem while exposing to wan is an O(1) problem - at least IT man hours wise)

[–] Evotech@lemmy.world 3 points 15 hours ago* (last edited 15 hours ago) (1 children)

It's a rootless container. Chances are they are not going to do any of that.

Things are on the internet all the time.

[–] InputZero@lemmy.world 2 points 11 hours ago

Yeah docker isn't the isolation sandbox some people make it out to be. It's not meant for that. You very well may have a setup that's meant for that but it's more than I'm willing to expose.

[–] InputZero@lemmy.world 2 points 17 hours ago (1 children)

Yup! That's the worst thing that can happen. Now would you be so be kind as to send us the link to your private unsecured Jellyfin server?

[–] Evotech@lemmy.world 2 points 15 hours ago

I'm tempted to. But I'm not. Just because I dont want to fox my domain here.

Is running in a rootless podman container. I'm confident