this post was submitted on 19 Jul 2023
405 points (96.3% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54539 readers
194 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I'm devastated! Holy fuck it's the end of such a great resource. Is there any other plex share communities active at all?

you are viewing a single comment's thread
view the rest of the comments
[–] Barzaria@lemmy.dbzer0.com 21 points 1 year ago (2 children)

I have some videos I might be interested in sharing on a Jellyfin server, as well as interest in viewing videos on someone else's shared server. I have a question: What options do you have for hardening security-wise? I have the server hosted on a local machine and don't wanna get pwned if I can help it.

[–] JasSmith@kbin.social 7 points 1 year ago (1 children)

Reverse proxy is the typical advice, but I think they're a huge pain in the ass to set up.

[–] lemmyvore@feddit.nl 4 points 1 year ago (1 children)

Check out Authelia. There are docker images with it and a proxy.

[–] JasSmith@kbin.social 0 points 1 year ago (1 children)

This helps but it still looks like a huge pain to me. Any time yml configuration is required, complexity always increases a lot.

[–] entropicdrift@lemmy.sdf.org 4 points 1 year ago (1 children)

Caddy in a docker container took me about 5 minutes to setup. Reverse proxying is a one-liner in Caddy

[–] JasSmith@kbin.social 0 points 1 year ago (1 children)

I think it was five minutes for you because you're already well acquainted with the concepts and/or tool. These are some older instructions for setting up Caddy and it's not just minutes of work for the average person. The certificate part alone would take more than five minutes, and HTTPS is a must for a smooth experience for users.

[–] entropicdrift@lemmy.sdf.org 1 points 1 year ago* (last edited 1 year ago) (1 children)

That's for Caddy 1.1

In Caddy 2 and higher it handles the cert stuff automatically with Let'sEncrypt.

Actually, looking in that guide you linked, the change to add https is a very small change in the config file as well. Perhaps you mean doing port forwarding in the router or setting up a domain/DNS is difficult? But those parts have nothing to do with Caddy itself.

Try looking at an equivalent guide for its competitors Nginx or Traefik. They're far more complex to get set up.

[–] JasSmith@kbin.social 1 points 1 year ago (1 children)

Okay this is neat, but still:

If you use any other domain name, Caddy will attempt to get a publicly-trusted certificate; make sure your DNS records point to your machine and that ports 80 and 443 are open to the public and directed toward Caddy.

First OP needs to configure his DNS service.

Then he needs to port forward 443 (if I'm reading the instructions correctly).

[–] entropicdrift@lemmy.sdf.org 1 points 1 year ago

For sure, Caddy's the easiest tool I've found for this part of the chain.

DNS stuff is somewhat easy if you get a good provider, but it depends on a couple things. Port forwarding generally is a pain in the ass.

I have my Plex server in docker container that automatically restarts with the latest image once a week. I believe most vulnerabilities will come from outdated software.

Then I have nginx reverse proxying in front, I'm sure there's additional safeguards I could throw in there but my instance is private.