Fork their project :) CLI clients are easy enough to use on PC Mac and Linux, All we need is for someone to build Android and iOS clients.

They have enough open source code out there to make the CLI clients and server.

It could be forked right now and turned into a separate project. BSD3 license. Rerelease with modifications. A couple of multi-platform devs could manage it.

DAS is 1:1, It’s more or less like just connecting en external hard drive to your computer.

SAN can do some crazier stuff. You can take arrays and attach them to LUN’s and to sign luns to separate computers. You have fiber optic routing and virtual networks, sometimes iSCSI. But that stuff is extremely expensive and power hungry and did I mention extremely expensive

NAS is basically just a computer with disks attached to it sharing the data through one of her protocols you need.

For home gaming, even sharing with a extended family, truenas, unraid, or just a computer with ZFS is ideal.

ZFS is the elite but slightly harder way to do it. Your volumes all need to be the same size even if your disks are different sizes. There’s regular maintenance that needs to be applied, But it’s very fast and very flexible and very easy to expand.

Unraid is very slow but very flexible, the discs aren’t in a raid they’re in a JBOD, so really really slow, But if you lose one disc all you’ve lost is the data on that disk, and you can run up to two parity discs. As long as your parity drives are larger than your largest data drive.

Truenas is more of an unraid type situation but with a ZFS. Both unraid and truenas support virtualization and/or containers for running applications and give you nice metrics and meters and stuff.

You can hand roll with Debian, ZFS, docker and proxmox.

I think DAS is pretty much dead. If you have a ton of ephemeral data, and you need to do high speed work on it It’s a reasonable solution. But I think for the most part eight terabyte nvme has made it pretty niche.

Porque no los dos?

There is no functional difference between them scraping you systematically and them coming to you on behalf of user. They’re coming to scrape you either way, being asked by someone is just going to make them do it in a smarter fashion.

Also, if you’re not using Gemini, damned if Google.com doesn’t search you with it anyway. They want these AIs trained bad, sooner or later almost all searching will be done through AI. There will eventually be no option.

You are correct that blocking all AI calls well eventually make your search results not work.

So if you want organic traffic, you have to allow ai scraping eventually. You’re just going to get diminishing returns until a point.

Oh, Plex has the risk. A vulnerability in Plex is how LastPass lost all their source code. A vulnerability in Tautulli which he had ported outside surfaced his auth token, then he was able to use the auth token to get into Plex and they were able to hit an rce vulnerability and pull the entire git repo the guy had locally.

The key difference is Plex at least has a security team and their name on the line with their investors.

but, think of it… RACING STRIPES!!! or FLAMES!!!

You use bamboo skewers to mount the things off the bottom and dampen vibration. mabey use an internal flap and bent the disks out the front and the PSU out the back. If you have enough cardboard, you could even bend it a bit and do like a jet engine with the fan sticking out the front.

cardboard papercraft homelab… I almost want to get rid of my 42 U rand and make a voltron now.

Just needs a 10" cardboard box with proper holes

A lot of neophyte self hosters Will try running the binary in Windows instead. Experienced self hosters will indeed use docker.

Then out of the ones that are using docker some of them will set it up as privileged.

And then how many of those people actually make read-only versus how many just add the path and don’t think about it.

Don’t confuse your good practices with what the average person will do.

I’ve heard jellyfin has a lot of security issues

The biggest known stuff I saw on their GitHub is that a number of the exposed service URLs under the hood don’t require auth. So, it’s open-source with known requirements, you can tell easily from the outside that it’s running, and you can cause it to activate a LOT of packages without logging in. That’s a zero-day in any package that can be passed a payload away from disaster.

AS far as TVOS, I’m kinda surprised swiftfin doesn’t service you.

Location sensor would be a good minimum bar.

A custom card for your app that is just basically a iframe into your app with auth would also be pretty decent. Your version of a map looks really nice.

Maybe surfacing metrics of distance traveled or number of geolocations.

I’ll have to install the app and play around with it to make other recommendations but those are the first things that come to mind.

AWS has an r4.8xlarge 244gb ram with 32 vcores for $2.13 an hour If they can handle Linux. $2.81 an hour for windows.

Choosing the right hardware is complicated. If you are transcoding 4K video on jellyfin you probably want a Nvidia 1080 or higher video card.

If you’re running Intel, 10th gen and higher with internal graphics has some pretty good encoding efficiency so you consume less power for a lot more work done.

I’m still rocking a 7th gen i7 with a 2070 super. It still gets the job done for me.

Been in it since the web was a thing. I agree wholeheartedly. If people don’t run auto updates and newbies will not run manual updates, You’re just teaching them how to make vulnerabilities.

Let them learn how to fix an automatic update failure rather than how to recover from ransomware. No contest here.

Not OP, and I don’t particularly hate PHP but I certainly understand why everyone else does. It had a ton of horrible issues that didn’t get fixed until 8. Just really awful stuff like a23+n7=30 , inconsistent syntax, It’s just had a lot of holes over the years. Post perl, It had the next greatest number of plugins and was reasonably rapid so it took off with the inexperienced crowd, But we ended up with a lot of code written by a lot of inexperienced people and a lot of best practices were eschewed. Most of the big software names that run PHP have had a constant stream of really bad vulnerabilities, more so than a lot of other languages. (WordPress, PHPBB, vbulletin, a million horribly written WordPress plugins)

Personally, in a pinch I’ll still do something in PHP. It’s so incredibly rapid and gives you marginally decent debug right out of the gate with nothing installed.

It would cover all phones, pcs and maybe Android TVs.

The barrier to entry would be having to replace the cert every year since we now made that a thing. Maybe spin up a self-sign shirt server and start issuing people 10 years certs

unless there are ways to do injection with the known bugs/a new 0day

TBH, that should be enough right here. That is a JUICY target for hacking.

You can tell outside that someone is running JF.

You know what packages are used.

You have full access to the source.

You know what endpoints are exposed and available.

All you need is a whole in ffmpeg, a codec, a scaler, or something in libAV. There are a hundred different projects in there from everyone and their brother. And all somebody with experience needs is one of them to have an exploit in a spot where you can send it a payload through an endpoint that doesn’t require authentication.

We need something to gatekeep. Some form of firewall knocking, or VPN. We don’t need JF to be as publicly accessible as Netflix; we just need a way for our friends and family to get in, prove they’re who they are, and reject all anonymous traffic.

Entirely fair, I generally can’t stand him, hence just reading his caption data :)

He hit the mark on a few things but his hot takes were pretty hot.

Yeah, it’s still in use. It’s still slow. I think the real take away is that if you’re going to do things that are going to get you in true State trouble tor is not a reasonable solution.

If you’re not doing something to draw the ire of a government agency, It’s reasonably safe. Other than they fact that you are passing tor data, no one in your house or your ISP or Google has any idea what you’re actually doing.

I think one of the big problems is that there’s not so many tor nodes that a well-funded agency couldn’t stand up enough nodes to catch your entire conversation.

Putting a video file somewhere and letting 10,000 people watch it at the same time is no small feat.

You could probably get away with doing it on peer tube but it has no facilities to lock people out or make them pay.

Even if you don’t use patreon for payments payments aren’t free.

I just use down sub to pull the transcript from his video It’s only 60% as annoying.

He has the normal privacy versus cost worries which are reasonably valid. Then he rambles on, plugs a product that he’s shilling that’s unrelated to the subject matter, says he’s replacing Google search with a local LLM, does some hot takes on alternatives, does some reasonable takes on some alternatives.

To be honest, this is probably the least helpful de-googling video I’ve seen, other than the fact that he’s a major influencer and is telling everyone they should be doing it.