Getting TLS certs will be complicated

I just use Let’s Encrypt with a wildcard domain — same certs for public and private facing domains. I’m sure this isn’t best practice, but it’s mostly just for me so I’m not too worried :)

I’m guessing it wouldn’t work for a variety of reasons, but having cameras digitally sign the image+the metadata could be interesting.

Yeah I don’t expose Jellyfin over the Internet, so it doesn’t matter for me, and wouldn’t work at all over WAN (unless VPN’d to home network).

Also, it’s all reverse proxied, and there’s nothing preventing having two Jellyfin hostnames, e.g., jf-local.mydomain.com and jf-public.mydomain.com.

Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.

I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.

…and I don’t see it motivating people to go vote.

But it can do the opposite perhaps — “motivate” people to stay home who would otherwise vote R. Not that, in general, we should be celebrating voter apathy, but I think that some of these endorsements could dishearten folks enough that they end up abstaining.

So we need to freeze our farts and thaw them out when we need them. Got it.

My university was pretty zen about this — essentially, “don’t use your own access point/router please. But if you do, please talk to your resident (University employed) student IT rep and they can probably help you set it up correctly.”

This joke is where the Led Zeppelin song name comes from https://en.m.wikipedia.org/wiki/D'yer_Mak'er

…but was it the “Windows Uninstall” button…or the “format /dev/sda1 as ext4” button?

They’re just popular ETFs which contain a lot of $AAPL. I was just commenting that even if someone doesn’t explicitly hold any $AAPL, if they own ETFs/mutual funds, they are likely exposed to $AAPL.

Doesn’t apply to you though since you said you don’t own any stock :)

…or $SPY, or $QQQ, or…

Posted this in another reply, but their entry level hardware has decreased in price over the years I think:

In 1999, the iBook was US$1599 (equivalent to $2925 in 2023) (source).

The 2010 13" Air was $1299 (more in today’s $) (source).

The current 13" M3 Air is $1099 (source).

In 1999, the iBook was US$1599 (equivalent to $2925 in 2023) (source).

The 2010 13" Air was $1299 (more in today’s $) (source).

The current 13" M3 Air is $1099 (source).

So yeah, they may well raise prices, but the cost of Apple’s entry-level hardware has decreased in absolute terms over the years, and has decreased substantially if inflation is taken into account. Not to say the margins aren’t higher (no idea about that), but it’s interesting.

deleted by creator

I’ll push back on that a little. Peloton has, from the beginning, been a very closed ecosystem.

Contrast this to the smart trainer I have which is marketed to cyclists (a Wahoo KICKR). It uses standard protocols to talk, and while they have some software available, it works independent of their ecosystem on standards compliant equipment (ANT+ and BLE). You can even talk to it using the open source GoldenCheetah software.

I would say I own this device. Sure I can’t necessarily hack the firmware easily, but I can’t hack the firmware on my microwave easily either, but I’d say I own that, too.

Any chance you have a DMZ set up on your router?

On your router, are there any settings specific to any host (other than the server maybe)? For example, a static IP or a port forwarded rule.

Do you have a VPN on the phones? Can you traceroute from your phone to the server and post that? (I like PingTools for Android.) You should have 1 hop (you -> server, nothing in between).

Can you verify that you are on the same wifi including same wifi channel? Phone on 5GHz but Linux box on 2.4GHz, for example.

Some mobile clients make it easy to accidentally downvote. I sometimes see that I accidentally downvoted a comment from time to time.

PingTools has been useful for me (though I mostly just use it for iperf).

People need to stop buying the thinnest thing

Yeah, I think one of the problems is that thin is a familiar and commonly reported spec for a display. If MTTF were reported — and it should be! — then I think the problem would sort itself out.