Agreed! I stayed with Plex for a long time because Jellyfin had a rough time with live TV (antenna) and I already had a PlexPass because of a sale a long time ago. Now Plex is only still running because I love Plexamp.

My first thought is Scrubs… https://www.youtube.com/watch?v=LK0fU6Kq4xU

The setup wasn’t too bad but I did bang my head against the wall a little. The docs on your site have an incomplete callback uri (it’s missing the /auth/ part of the URL) and I didn’t notice at first (its right in your example env on github though). My only real complaint is I can’t seem to find a way to disable external signups but still allow OIDC auto provisioning.

All in all though, this is great and I can’t wait to use it more.

It looks really good, I’m definitely going to be spinning this up once I get a chance. Having OIDC right out the gate is a huge plus in my book!

I couldn’t agree more, I join selfhosting communities all over and not just because I need more stuff to host, because of the community. I love getting to read through the questions and answers, even when they are questions that could be answered by just reading the man page… Maybe it just reminds me of the good old days as I’m getting older and remember asking a lot of similar questions.

That’s why permissions are important, so many people want full control of everything then seem to forget when they launch a program, it runs with their permissions. If I want to wipe out everything on a drive I have to elevate my permissions to a level with rights for that, running a program with the rights to wipe their data was definitely a choice.

Oh yeah, I’ve killed mine a couple times. Usually it’s because I didn’t keep it updated and jumped too far ahead too quickly. Rolling it back and walking it forward fixed it for me once, another time there was something I was supposed to run first and I didn’t read the release notes (that one was a really long time ago though).

I like OAuth for simplifying my login process mainly. I use Authentik for a lot of my home services (calibre, nextcloud, freshrss, etc), and not having to deal with Plex’s authentication service would be awesome. In fact a few months ago my work started blocking Plex, not my home domain though so I can access the webplayer but not login now (so no more morning local news in the background now that I’m back in the office).

Yeah, been a lifetime Plex pass holder for a long time, it was fun but it still doesn’t support OAuth and now they are forcing ads before local TV streams now. I realize the latter is probably more on the Roku side of the house as my shield hasn’t started doing that yet.

Really live TV is the last thing holding me onto Plex, well that and I really do love Plexamp and the sonic analysis bit Plex can do. Plex’s days are sadly numbered for this selfhoster.

OAuth is one thing I hate to see locked behind a paywall; it’s one thing for the pretty, management-geared stuff (dashboards and charts) to be a paid feature, but not security.

I’d argue that I bought the car, if they are maintaining a cellular connection to the vehicle to collect telemetry data, I should be allowed to access it as well (I own the car), alternatively they could let me pay for the data connection and not collect stuff.

There is a youtuber that ate some, he also talks (and tries) a lot of natural drugs. While I’d never recommend someone do it, almost anything is toxic in the right dosages (even water).

I would put that more on the ad networks, if the ads were related to the article, it may generate a few more clicks. The ads are completely random and built off a profile they assume would contain relevant info about me… but it doesn’t really seem to be accurate (this is kind of by my own choosing though).

Instead articles about rebuilding cars should have ads related to perhaps rebuilding cars and not some fucking nutritional supplement or some other unrelated thing.

I have used both but just started using jotty (jotty.page, github link on the bottom). The SSO setup with Authentik was seamless and it seems really snappy so far and the Dev seems active and involved.

I personally like to use a proxy for that like NPM (a handy dockerized nginnx proxy setup). Not as secure as a VPN but I really like being able to access my stuff from anywhere I’m likely to be. I’ve combined it with a few other things to try and add simplicity (in use) and a little extra privacy by using Authentik for SSO. My main goal with the use of NPM though was to limit the number of ports I had punched.

Yes indeed! There are a lot of tricks old Windows admins still hold onto to get stuff done and sometimes it’s so damn frustrating (like resorting to BITS to move files at times).

My Windows skills are slowly leaving me… and I work in a Windows environment. Thanks for the words of confidence, given how long I’ve been the computer guy I guess it’s a bit of a shot to the ego to be real about it at times!

Thanks for this! I’ve just got mine setup and will set up the SSO tomorrow. Seems like exactly like what I’m looking for, you rock!

Edit: just wanted to add, setting it up in authentik was insanely easy and worked perfect! Thank you for what is really an awesome piece of software!

I got a ‘dangerous site’ warning and then prompts for crap on my Vaultwarden instance (didn’t see it on Immich but this was a while ago). I think I had to prove I owned the domain with some DNS TXT records then let them “recheck” the domain. It seems to have worked.

Eventually I’ll get around to fixing it, right now it will power up find and then will cut out after a few minutes… Or at least that’s what it was doing last time I messed with it so it’s just been unplugged and back in the box for nearly a decade now.

Thanks for all the info, definitely let’s me know not to just toss it in an oven (that was the original plan, then I shelved it).