JRaccoon

Other users cannot. Your instance admin can obviously see it if they want. Then, it depends on the settings of your instance if all media downloads from other instances are proxied through your instance (hiding your IP from other instance admins) or not. I’m not sure if it’s enabled by default or not.

Agreed

I use Caddy and it’s great. ACME is very easy to configure, as is everything else. I haven’t tried running it in a container tho but they have official images published so it should work without issues.

Slowing down enough is the same thing than being unavailable. Imagine someone is sending you 1000 text messages per minute from different numbers all over the world. Your phone handles it fine but you have to manually read every single message to check if it’s spam or something important. By the time you reach that one real message where your crush asked if you wanna hang out, it’s way too late and they already asked someone else.

I’ve had a good experience with mailcow. It’s not the most lightweight tho, and spins up quite a few containers.

Obviously I’m not a lawyer but I don’t see what law they could use to shut it down. All it’s doing is accessing publicly available data via a proxy. It’s not like it’s exploiting Instagram somehow.

If they wanna stop it, they can do what Twitter did and start requiring an account to see almost anything. Personally I suspect Meta is slowly going towards that.

Awesome! Got it running and seems to work well. Also I love the CLAUDE.md file you got there in the repo 🐈

I chose one from this list: https://github.com/forwardemail/awesome-mail-server-providers?tab=readme-ov-file#vps-and-dedicated-mail-server-provider-comparison-table

I recently set up the whole stack (Postfix, Dovecot, OpenDKIM) on a VPS. I wanted to do it from home, but my ISP won’t provide a static IP or open ports 25/465/587 for consumer customers, no exceptions.

It took me about two days to get everything working, but most of that was because I went in with very little knowledge of how email even actually works. If you’re looking for a learning experience, I’d say go for it. If you just want a working email setup quickly, I wouldn’t recommend it.

I haven’t noticed any deliverability issues so far. Just make sure you have SPF, DKIM, DMARC, and PTR records all set correctly from the start.

Obviously what he did was wrong but I can’t help but feel a bit sorry for him. I’m glad he seems to have mostly gotten his life back together.

I see everyone in this thread recommending a VPN or reverse proxy for accessing Jellyfin from outside the LAN. While I generally agree, I don’t see a realistic risk in exposing Jellyfin directly to the internet. It supports HTTPS and certificates nowadays, so there’s no need for outside SSL termination anymore. (See Edit 2)

In my setup, which I’ve been running for some time, I’ve port-forwarded only Jellyfin’s HTTPS port to eliminate the possibility of someone ending up on pure HTTP and sending credentials unencrypted. I’ve also changed the Jellyfin’s default port to a non-standard one to avoid basic port-scanning bots spamming login attempts. I fully understand that this falls into the security through obscurity category, but no harm in it either.

Anyone wanna yell at me for being an idiot and doing everything wrong? I’m genuinely curious, as the sentiment online seems to be that at least a reverse proxy is almost mandatory for this kind of setup, and I’m not entirely sure why.

Edit: Thank you everyone for your responses. While I don’t agree with everything, the new insight is appreciated.

Edit 2: I’ve been informed that infact the support for HTTPS will be removed in a future version. From v10.11 release notes:

Deprecation Notice: Jellyfin’s internal handling of TLS/SSL certificates and configuration in the web server will be removed in a future version. No changes to the current system have been made in 10.11, however future versions will remove the current system and instead will provide advanced instructions to configure the Kestrel webserver directly for this relatively niche usecase. We strongly advise anyone using the current TLS options to use a Reverse Proxy for TLS termination instead if at all possible, as this provides a number of benefits

Cool, thanks for the explanation.

a single application that gets bundled with all necessary dependencies including versioning

Does that mean that if I were to install Application A and Application B that both have dependency to package C version 1.2.3 I then would have package C (and all of its possible sub dependencies) twice on my disk? I don’t know how much external dependencies applications on Linux usually have but doesn’t that have the potential to waste huge amounts of disk space?

Sorry to ask, I’m not really familiar with Linux desktop nowadays: I’ve seen Flatpak and Flathub talked about a lot lately and it seems to be kinda a controversial topic. Anyone wanna fill me in what’s all the noice about? It’s some kind of cross-distro “app store” thingy?