this post was submitted on 01 May 2025
1350 points (96.5% liked)

Selfhosted

46596 readers
1325 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

cross-posted from: https://poptalk.scrubbles.tech/post/2333639

I was just forwarded this someone in my household who watches our server. That's it folks. I've been a hold out for a long time, but this is honestly it.

They want me to pay to stream content that I bought from my hardware transcoded also on my hardware.

I'll say it. As of today, I say Plex is dead. Luckily I've been setting up Jellyfin, I guess it's time to make it production ready.

Edit: I have a Plex Pass. More comments saying “Just buy a plex pass” are seriously not getting it. I have a Plex Pass and my users are still getting this.

And for the thousandth person who wants to say the same things to me:

  • YES I know I'm unaffected as a Plex Pass owner.
  • My users were immediately angry at it, which made me angry. Our users don't understand what plex pass is, and they shouldn't have to, that's why I had it. The fact that they were pinged even though it should have kept working is horribly sloppy
  • Plex is still removing functionality. I don't care that "People should pay their fair share". If Plex wants to put every new feature behind a paywall, that's completely okay. They are removing functionality.
    • "But they have cloud costs". Remote streaming is negligible to them. It's a dynamic DNS service. Plex client logs in, asks where server is, plex cloud responds with the IP and port of where server is located. That's it.
    • "Good luck finding another remote streaming" - Again, Plex just opens up an IP and port. Jellyfin also just opens up an IP and port (Hold on jellyfin folks I know, security, that's a separate conversation). All "remote streaming" is is their dynamic dns. Literal pennies to them. Know what actually is costing them money? Hosting all of that ad-supported "free" content that they're probably losing money on.

In short, I don't care how you justify it. Plex is doing something shitty. They're removing functionality that has been free for years. I'm not responding to any more of your comments repeating the same arguments over and over.

you are viewing a single comment's thread
view the rest of the comments
[–] semperverus@lemmy.world 24 points 1 day ago (1 children)

You can stream remotely via jellyfin if you expose your server to the internet. VPN is safer but not the only option.

[–] MaggiWuerze@feddit.org 1 points 1 day ago (2 children)

Yeah, no way. Jellyfins Backend is like an open barn door. And with the kind of content most of us here offer through either Jellyfin or Plex, I wouldn't want to open up like that.

[–] Dave@lemmy.nz 2 points 16 hours ago (1 children)

Isn't there an assumption it would be behind a reverse proxy... At least I hope that's the assumption.

[–] MaggiWuerze@feddit.org 1 points 9 hours ago (1 children)

Doesn't do shit when large parts of the Backend are not authenticated

[–] Dave@lemmy.nz 3 points 9 hours ago (1 children)

What kids of things?

I've never worried that much because it's not critical data and it's containerised in Docker, but I am curious about specifics because large numbers of people expose it to the internet (through reverse proxies).

[–] MaggiWuerze@feddit.org 2 points 8 hours ago (1 children)
[–] Dave@lemmy.nz 1 points 7 hours ago* (last edited 5 hours ago)

Cheers for that. Many of these issues allow an authenticated user to do admin actions if they do the right things, so it seems you should never allow a user that you don't fully trust to have an account.

But outside of this, there isn't anything in there that on its own worries me given the nature of the platform (that is, that if it all burnt down I could retrieve all data from other sources). I'm no expert but a cursory look shows a bunch of potential issues that may be layered with other issues but no clear attack path except with prior knowledge.

These should obviously be fixed but there's nothing that makes me want to rip my server off the open internet in a hurry.

[–] NotSteve_@lemmy.ca 5 points 1 day ago

Anecdotal but I’ve run Jellyfin publicly without any issues for around 5 years. It even has its own domain name.