this post was submitted on 30 Mar 2025
174 points (100.0% liked)

Selfhosted

45515 readers
861 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
174
Selfhosting Sunday - What's up? (lemmy.nocturnal.garden)
submitted 1 week ago by tofu@lemmy.nocturnal.garden to c/selfhosted@lemmy.world
152 comments fedilink hide all child comments
 

What's up, what's down and what are you not sure about?

Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.

you are viewing a single comment's thread
view the rest of the comments
[–] kate@lemmy.uhhoh.com 30 points 1 week ago (4 children)

Finally switched from plex to jellyfin, seems to be ok so far. Needed to make some small scripts for metadata management but it's running smoothly. Finally decided I'm hosting enough software with user accounts that I've made an authentik instance for SSO with each (ofc jellyfin first)

[–] smiletolerantly@awful.systems 6 points 1 week ago (1 children)

Hey, we're also thinking about setting up authentik. Could you answer the following, where I haven't found answers to yet: does introducing SSO impede logging into Jellyfin on a TV / phone app at all?

[–] kate@lemmy.uhhoh.com 9 points 1 week ago (1 children)

no, works fine. there’s an LDAP plugin for jellyfin so you can use the jellyfin internal login page and the server will verify the login against authentik. took some setting up though.

[–] smiletolerantly@awful.systems 3 points 1 week ago

Alright, thank you!

[–] bluGill@fedia.io 3 points 1 week ago (2 children)

Ann reason you choose authenik? There are a nmber of options and I'm not sure why to choose one over the other.

[–] kate@lemmy.uhhoh.com 6 points 1 week ago

I did no research whatsoever and picked the one I'd seen the name of more often. I figured if it didn't work for me I'd try something else, same as when plex wasn't working for me so I switched to jellyfin. I have no idea how it compares to the other options but it feels pretty solid so far

[–] dan@upvote.au 5 points 1 week ago* (last edited 1 week ago) (2 children)

I'm not the person you're replying to, but Authentik:

  • Has a UI for configuring it, including adding users.
  • Supports LDAP if you need it. Authelia needs a separate LDAP server.
  • Supports practically every two factor auth protocol you'd need: OIDC (OpenID Connect), OAuth2, SCIM, SAML, RADIUS, LDAP, and proxying for apps that don't support any of them (which is getting rarer).
  • Supports permissions and permission groups, i.e. only allow certain users to access particular apps.
  • Can be used as the source of truth for Google Workspace and Microsoft Entra. Maybe not as relevant for home use.

I haven't tried Keycloak but I hear it's pretty good, albeit a heavier app to deploy.

I have tried Authelia, and it's much less powerful than Authentik. Authelia requires you to manually modify config files rather than using a web UI. It also only supports OIDC (which is in beta) and proxying. Proxying is not recommended and has several issues since it's not "true" single sign-on.

[–] sugar_in_your_tea@sh.itjust.works 3 points 1 week ago (1 children)

I'm considering Keycloak myself because it's trusted by security professionals (I think it's a RedHat project), whereas Authentik is basically a passion project.

[–] StaticFlow@feddit.uk 2 points 1 week ago (1 children)

I hear keycloak has quarkus builds as well these days which should be much slimmer than how it used to be built.

[–] sugar_in_your_tea@sh.itjust.works 1 points 1 week ago (1 children)

I hadn't heard of it, and looking into quarkus just reminded me of how complicated the whole Java ecosystem is. Gross.

Hosting Go, Rust, etc stuff is dead simple, but with Java, there's all this complexity...

[–] dan@upvote.au 2 points 1 week ago (1 children)

Nothing's as bad as trying to host and maintain a Ruby on Rails app :)

Docker has made a lot of it a non-issue though, since the apps are already preconfigured within the Docker image.

[–] sugar_in_your_tea@sh.itjust.works 1 points 1 week ago

Agreed, with the clear exception being PHP, which often requires configuring a web server.

[–] timbuck2themoon@sh.itjust.works 2 points 1 week ago (1 children)

Keycloak is very much lighter actually. Can run under half a gig ram whereas authentik uses about 1GB.

Authelia is king though in running with just about 30MB of ram.

[–] dan@upvote.au 2 points 1 week ago

That's interesting... It used to be a lot heavier.

Authelia is definitely the lightest in terms of RAM, but it's also the lightest in terms of features. As far as I can remember, they only added OIDC support fairly recently - previously it only supported proxying.

[–] AtHeartEngineer@lemmy.world 2 points 1 week ago (2 children)

The only feature I want that jellyfin doesn't have (or I haven't found it) is shuffle. Throwing on how it's made or mythbusters on shuffle is great background stuff.

[–] jagged_circle@feddit.nl 2 points 1 week ago (1 children)

Aren't there clients that support that?

[–] AtHeartEngineer@lemmy.world 1 points 1 week ago (1 children)

Maybe, i haven't seen it yet though

[–] jagged_circle@feddit.nl 1 points 1 week ago (1 children)

I do it for music

[–] AtHeartEngineer@lemmy.world 1 points 1 week ago (1 children)

Damn ok that sucks it doesn't seem available on the client for apple tv.

[–] jagged_circle@feddit.nl 1 points 6 days ago (1 children)

Yeah I dont know why any Dev wouldn't choose a cross platform framework

[–] AtHeartEngineer@lemmy.world 1 points 6 days ago

I've never done dev for apple stuff, but I think it's probably just not that friendly with more open/cross platform frameworks

[–] IronKrill@lemmy.ca 1 points 1 week ago* (last edited 1 week ago) (1 children)

I see it in the default WebUI, perhaps whatever app you're using doesn't support it?

[–] AtHeartEngineer@lemmy.world 2 points 1 week ago

Ya I don't think it's supported on the apple tv app. Damn.

[–] InverseParallax@lemmy.world 1 points 1 week ago (1 children)

Doing that switch soon.

Plex doesn't do hw accel well, which kind of defeats the purpose.

[–] kate@lemmy.uhhoh.com 2 points 1 week ago

Setting up HW accel on Jellyfin was a bit more manual than a single checkbox. You have to tell it which codecs it should HW decode and encode. I had some issues with it so left it off for now