I tried testing a movie from my home server in plex through firefox and repeatedly got this message, even after reloading.
I knew that they had paywalled the apps on mobile and streaming from outside the network but now they have also blocked watching your own movies through your own hardware.
I do get the point that making software should be able to sustain people but I dont see the move of plex as a fair thing to do. Yes, they have made great software but taking your home server hostage feels like the wrong move.
Even a pop up that says "we need you to donate please" would have been fine. make it pop up before every movie, play donation ads before any movie but straight up disabling the app is kinda cruel.
Anyway, i have switched to jellyfin and it is insanely good. please give it a try. you can run it alongside plex with not issues (at least i had none) and compare the two.
In any case, good luck. Let me know if you need help.
This is how I do it: https://codeberg.org/skjalli/jellyfin-vps-setup
My primary worry for this is that something in the jellyfin stack gets an open vulnerability, like there's an overflow you can use on a post call to a piece of media allowing remote code execution.
Tautulli had a leak once that provided the user's private token. Then there was a way in Plex with a private token to pull data from elsewhere on the server. That's how LastPass got nuked I hear.
I get you and I know that there can be security issues (especially in Jellyfin) that might give you access. This is the reason I only mount the media and config folders, and nothing else into the docker container. The media folders are mounted as read only and don't contain sensitive information. For the config folder I created a separate user. Plus I block non-German IP addresses which already blocks quite some bots. If your friends have fixed IP addresses you could also just whitelist them and block everything else.
You could also probably sniff the network and define more strict rules on 'allowed' requests in fail2ban but this is bridle because requests might change with different versions.
They actually do a small login f2b effort right in JF, but it appears to be quite limited.
The container is more secure by default, and if people set up their docker well it reduces the dangers substantially. A lot of people don't go docker though.
Yeah the link I posted does everything via docker and explains what should be mounted and how.
That's awesome and thank you for sharing that
Thanks. That's well laid out, straightforward. I have resources at home that I want access to through my vps. This is a good blueprint.
That is pretty much how I imagined it. Sadly, its A TON of work. I have most of this set up in many VPSs for both me and customers (with other services of course) and I can imagine its probably the best solution. I still hate my life when thinking of implementing it. :D I bet its gonna be easier than I think but you may get my point here. Thank you very much for sharing.
Hell I know what you mean, it was so much trial and error until it worked, hence this guide/template to help others. Plus at some point it feels more like work than a hobby 😅
You're an absolute champ! Thanks for walking the walk. Its refreshing meeting people who do stuff. Feel free to check out my kodi peertube app at some point ;)
Or just get a Mikrotik router and run Back to Home and baaam you got a similar to tailscate fuction with 3 clicks.
https://www.youtube.com/watch?v=CJ1PZkTNvzI
Yeah, or not.