I kind of get the idea that code should be self-documenting, but at the same time, there’s so many crazy business rules that comments are basically a necessity if nothing else other than to explain why in the hell the crazed mess that provides the required functionality for the business rules exists.

Oh no… this brings back memories LOL

and the pve8to9 checklist script suggests to run this migration script if necessary

Ah, okay that makes more sense.

This is going to affect many more people who didn’t read it, then.

Although, that seems to only affect guests and not hosts?

The host machine becomes unbootable IIRC, so I think it’s something else?

I took a look but I’m not seeing any command for LVM mentioned anywhere?

It might be safer to wait, one of my IRL friends ran into an issue, and I saw some others post about it on the Proxmox forums: TASK ERROR: activating LV 'pve/data' failed: Check of pool pve/data failed (status:64). Manual repair required!

I think I didn’t run into that error because I flattened my LVM kinda, but if I hadn’t customized my setup maybe I would have run into that too.

I tell myself that every time, but I mean, I still end up doing it every time anyway lmao

edit: Just did it, it went well.

How can you debug it with a TCP dump if it’s encrypted?

Maybe I was thinking of this from back in 2024?

https://github.com/jellyfin/jellyfin-android/issues/123

“Hacking around with a reverse proxy is strongly discouraged and we won’t provide any support for it.”

Maybe I was thinking of this from back in 2024?

https://github.com/jellyfin/jellyfin-android/issues/123

“Hacking around with a reverse proxy is strongly discouraged and we won’t provide any support for it.”

Are you sure that works? I’m pretty sure they mentioned that reverse proxies are an unsupported (and not working) use case with Jellyfin, but I might have to look into authelia some time then.

I thought that you can still access media directly via the URL without any authentication, how would authelia change that?

Security for remote streaming is a harder thing to handle. Most people are capable of port forwarding, But just hanging a smallish public project out there in the open is always a dicey proposition. It honestly needs real fail2ban, probably SSL, 2FA and password complexity requirements.

Yeah.

It’s tough because I get they’re an open-source project, and they’re volunteers, but at the same time, security is something that should be the highest priority.

Though, you could just make it so that it’s not accessible via WAN and instead has to go through a VPN, though that’d make it harder to share with others.

Yeah, OpenVPN definitely doesn’t have light spec requirements 😅 thankfully hardware is unfathomably powerful these days.

Or be like me stuck in the 2000s using OpenVPN still in 2025 lol

It’s more common with mobile-based connections like satellite connections or mobile-LTE data based connections, I believe.

And here I am, still using OpenVPN in 2025 lol

Oh, right, it was basic auth (behind a reverse proxy, or even in general) that Jellyfin doesn’t support and isn’t planned to support IIRC.

Here is a GitHub issue where they said they don’t plan on supporting it: https://github.com/jellyfin/jellyfin-android/issues/123

And with ro rights to media, potential damage at least should be pretty limited.

Depends entirely on where you live I would think.

It does, yeah.

If they are providing the content, they can see that they are providing the content and that much is obvious.

If you are providing the content, you wouldn’t expect that they can identify what you are watching.

That’s the difference to me, yeah.

So I searched, and all of the results were talking about setting up a VPN or a reverse proxy or whatever.

The best thing is, you can’t use a reverse proxy with it, it doesn’t even support it.