I don’t understand it either, I have a friend who’s parents were deported in trumps first term because their visas lapsed and they had been here for 25+ years working and paying taxes and opening businesses. My friend last year said there was no difference in who he voted for they were both terrible choices and I was dumbfounded, one is clearly going to have more direct negative consequences again but they wouldn’t budge.
Phew thankfully that’s how its always done so just don’t need to point it out ever again and keep with the status quo
Oh interesting, thanks for the information, I did poke around homeboxs documentation but didn’t see anything mentioning QR codes where as ShelfNU has it as a main feature. Since I can’t seem to get the latter up on unraid may have to givehome box a spin soon.
I’ve been attempting to test shelf.nu . they have a docker container but not working for me after a bit of tinkering. What made me want to try shelfNU is they sell QR codes you can put on boxes and assign that as an entity and say these items are there so it’s easy to find what’s in what storage container.
I have 3 athom.tech US plugs, they are ESPHome and HA picks them right up after they get connected to a network. Only drawback seems to be they cannot join a hidden SSID like my IOT vlan network has.
Been selfhosting the official Bitwarden stack for the last 7 years now and it’s been running great.
Them missing out on a dozen sales because of that isn’t going to change their ways either.
I don’t but searching online there’s a couple of YouTube videos. Also there’s a couple recent threads on AV forums talking about the device. Seems like it gets plenty of updates and attention but no I haven’t gotten a solid recommendation yet. I’ll probably give it a shot here in a few months assuming that US store price doesnt go up further
There are a couple of devices, a few months ago during a similar discussion on Lemmy I saved this but doesn’t seem to be many videos or reviews out in the wild
Ooo I’ve had this wish listed on GOG for a while, didn’t realize it was early access. Going to snag it soon
I have been trying to use jellyfin locally but subtitles have issues some times depending on the show or format. Also recently my wife watched 2 episodes more than me so we needed to go back 2 episodes and only way to do that from the Up Next or Resume screens was to start a new search of the show and click into the season and then find the episode. In Plex that takes 2extra clicks to get to the season and find the episode. I get supporting open source but for my jellyfin only has 70% of the features I use weekly on Plex. Definitely supporting it and trying to use it but it’s not feature parity for me
Just did that, honestly didn’t know lifetime was always available, thought it was only during sales or certain times, should have gotten it years ago
I just upgraded to lifetime and also use jellyfin but right now it only does 80% of what Plex does in my workflow so gonna use it until I can’t anymore.
I’ve been testing out jellyfin for the last couple months but it doesn’t really fill the void of this specific feature that’s being locked behind a pay wall. If anyone has good recommendations for securely and reliably hosting jellyfin behind SSL and auth with email password resets where I don’t have to worry about it as much as Plex.
I use jellyfin locally but for a handful of remote clients I have I may well block off their access they’re not going to be able to figure out my hand spun services and wall of text.
Heres what I’m running:
authentication_backend:
file:
path: '/config/users_database.yml'
watch: false
search:
email: false
case_insensitive: false
password:
algorithm: 'sha2crypt'
access_control:
## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
## resource if there is no policy to be applied to the user.
default_policy: 'deny'
networks:
- name: 'internal'
networks:
# - '10.10.0.0/16'
- '192.168.1.0/24'
- name: 'VPN'
networks: '10.0.1.0/24'
rules:
## Rules applied to everyone
- domain: '*.mydomain.com'
policy: 'one_factor'
session:
## The secret to encrypt the session data. This is only used with Redis / Redis Sentinel.
## Secret can also be set using a secret: https://www.authelia.com/c/secrets
secret: 'insecure_session_secret'
## Cookies configures the list of allowed cookie domains for sessions to be created on.
## Undefined values will default to the values below.
cookies:
# -
## The name of the session cookie.
- name: 'authelia_session'
## The domain to protect.
## Note: the Authelia portal must also be in that domain.
domain: 'mydomain.com'
## Required. The fully qualified URI of the portal to redirect users to on proxies that support redirections.
## Rules:
## - MUST use the secure scheme 'https://'
## - The above 'domain' option MUST either:
## - Match the host portion of this URI.
## - Match the suffix of the host portion when prefixed with '.'.
authelia_url: 'https://auth.mydomain.com/'
storage:
postgres:
....
identity_providers:
oidc:
## Cross-Origin Resource Sharing (CORS) settings.
cors:
## List of endpoints in addition to the metadata endpoints to permit cross-origin requests on.
endpoints:
- 'authorization'
- 'token'
- 'revocation'
- 'introspection'
# - 'pushed-authorization-request'
# - 'userinfo'
## List of allowed origins.
## Any origin with https is permitted unless this option is configured or the
## allowed_origins_from_client_redirect_uris option is enabled.
allowed_origins:
- 'https://mydomain.com/'
- 'https://grafana.mydomain.com/'
- 'https://wiki.mydomain.com/'
- 'https://foodz.mydomain.com/'
## Automatically adds the origin portion of all redirect URI's on all clients to the list of allowed_origins,
## provided they have the scheme http or https and do not have the hostname of localhost.
allowed_origins_from_client_redirect_uris: true
## Clients is a list of known clients and their configuration.
clients:
- client_id: 'grafana'
client_name: 'Grafana'
client_secret: 'XXXXXX'
public: false
consent_mode: 'pre-configured'
authorization_policy: 'one_factor'
require_pkce: true
pkce_challenge_method: 'S256'
redirect_uris:
- 'https://grafana.mydomain.com/login/generic_oauth'
scopes:
- 'openid'
- 'profile'
- 'groups'
- 'email'
userinfo_signed_response_alg: 'none'
token_endpoint_auth_method: 'client_secret_basic'
- client_id: 'wiki'
client_name: 'Wiki'
client_secret: 'XXXX'
consent_mode: 'pre-configured'
public: false
authorization_policy: 'one_factor'
require_pkce: true
pkce_challenge_method: 'S256'
redirect_uris:
- 'https://wiki.mydomain.com/oidc/callback'
scopes:
- 'openid'
- 'profile'
- 'groups'
- 'email'
userinfo_signed_response_alg: 'none'
token_endpoint_auth_method: 'client_secret_basic'
....
Then my users_database.yml looks like:
users:
authelia:
disabled: false
displayname: "Test User"
password: ""
email: authelia@authelia.com
groups:
- admins
- dev
user001:
disabled: false
displayname: 'User 001'
password: "$6$rounds=50000$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
email: test@gmail.com
groups:
- admins
- users
Certainly, I’ll post it tomorrow
I used to run key cloak backed by LDAP. Few months ago moved to Authelia and after many hours of tinkering and setting up sites I haven’t had to touch it except to add a new URL or user.
I slightly disagree with the other commenter I didn’t find it easy or straightforward but once I finally found what worked for my setup its been great.
Imagine Authelia is the caddy of SSO. Powerful, intimidating but very efficient. Also all configs are in like 3 files and things aren’t going to change without FS access which only I the admin have.
maybe I missed something but who has 5 messenger apps installed??
Caddy can do the same and there is a steep learning curve but I switched about a year ago and only need to touch the config file when I add a host. Can even bring that config to a new server and it will stand up once it starts and picks up the config.
Generally representing freedoms to express any and every religion and not just one.