From another poster above, it seems only Windows machines are affected.

I get your feeling :) Don’t worry the silent majority is on your side. However they won’t comment because they fear from being banned or backslashed…

While It can’t be proven or disapproved, I also had my share of strange coincidence where my mind goes “Huh? How is that even possible?”… Kinda strange feeling! But that feeling gave me the push to the privacy route maybe in a rather to extreme direction? Always follow your guts when there’s to much noise to make a clear decision.

• RethinkDNS (block every in/out request except those manually allowed)
• Degoogles android (Shizuku+canta, magisk, debloater)
• Only open source apps and delete everything else (no exceptions here) -…

You will never get full 100% privacy or anonymity, however you can make your data as much as difficult to get and waste some of their resource and time :).

Good luck !

I think it was… Cyberwar/crime is the new kind of war, it can be deadly and put a whole country/system on halt with a lot of consequences (human and resources).

Most people would call out conspiracy theory, but I do firmly believe that those higher ups are doing WAY more bad things behind our backs than we can imagine.

But hey we have no proofs, except those lost trails left by good people who need to hide their own asses because the government are looking for them for crime against the government?

That’s exactly why I value privacy and doing everyday my best to leave as less information about me as possible. Sure they have the mean/money to find where I live in seconds but they won’t get that information without a fight ! F#CK big corporations !

That’s also how my Linux download folder looks from time to time XD But since I’m on Arch bases distro I try to be more organized and clean-up that Download folder mess !!!

I’ve subscribed to YT Premium today.

If you’re on Android there’s InnerTune. It’s basically YouTube music but for free ! Just to bad you can’t directly access downloaded files to export them elsewhere. (Yeah that’s practically piracy and illegal)

I like navidrome + Tempo as self-hosted solution. Works well without any issues. However, I read about horror stories people losing all their media or fucking up their media library ?

Also, that’s a huge song library (20.000?)… Not sure this can be easily handled over to a self-hosted solution? But first you need to organize your songs

I guess it’s all a question of point of view and reference point. 💁 I can’t argue against your opinion on the other side.

I do agree though that from this point of view it also make sense.

Not the whole code but only the part that triggers those flags. Not everyone is versed in C to “verify the code” himself… That’s a stupid take, It’s like saying to a toddler to change his diapers on his own when it’s dirty.

Strangely enough It went from 1 trigger to 29 triggers after 1 update? Seems rather sketchy :/ In the past (pirated games/software) I would have ignored those warnings and add an exception into my firewall… But nowadays with all the crypto schemes and obfuscated code, I won’t go near anything like that.

VLC is still the best media player… But only on Windows systems. When I switched from Win->Linux I had to relearn a lot of new things that were common knowledge on Windows but work differently on Linux.

Specially Win11… Eewww !

Hi there ! Sorry my English is not that good, but I’m doing the best I can !

Actually, I do not have a VPS. I use an old spare laptop as server which handles everything.

I have Wireguard barebone installed with a a second external wireguard interface and some iptables to send all traffic to ProtonVPN.

All my containers,on the same laptop, are directly reachable via this configuration and HTTPS is handle by Treafik with my self-signed local certificates (root CA with intermediate CA).

Eg: From my mobile over WiFi or 4G I can access all my containers where ever I’m. My endpoint in my Wireguard’s confirguration (on my phone) being my home’s public IP.

I hope I answered your question? If not I’m willing to give you a diagram of my setup, this will probably clear up the confusion/question? And will probably be way more explicit than my broken English 😄.

Probably what you’re looking for is the following setup:

docker <-> services <-> reverse proxy <-> VPN <-> Internet

1. Your next step is to chose a reverse proxy to handle your requests and serve your services on port 80 and port 443. There are several choice and you have to somehow stick with it, because each reverse proxy has it’s up and downsides and learning curve:

• Treafik (that’s the one I use and is specifically made for containers)
• Caddy (Never used it but heard only good things about it)
• Nginx (this one is a beast to tame, however I heard it’s easier to setup with nginx proxy manager)

Those are the 3 big players I’m aware of.

2. You reverse proxy ready and functional you need something to access them outside your LAN. There are also several ways to achieve the same goal. The one I use and are happy with is to configure Wireguard on your server and only open the port needed to connect to it.

This is also a big part and probably this is the route of a tinkerer and have lot of personal time to spare… There are easier AIO routes that will probably save you time and energy. (Others will point you to the right direction)

3. Bonus tip

You will rapidly understand the necessity of DNS. Reaching out to your services by IP:PORT will annoy you over time, even if you save them as bookmarks. Also if you don’t assign a static IP to your containers they will change every time you restart them or reboot your server. Not very practical !!

Here you have 2 choices:

• personal mini certificate authority (totally free and personal local domains but harder to setup)
• cheap domain name with automatic certificate generation.

I personally chose the tinkerer route and learning process. But I have time to spare and while I prefer this route… It’s very time consuming and involves a lot of web crawling and books reading.

If you are interested I can recommend you a good ebook on how to setup your own mini-CA :).

Hope it helps, you are halfway through !

Trying to add a direct path to files doesn’t work.

Dunno what’s wrong here, but I do add a files direct path to /etc/ssl into a docker container and works as expected.

I think It’s related to miniflux and have my self-signed certificate in its truststore to communicate with wallabag (inter-docker communication).

I can’t give you a snipped of my compose but will gladly edited my comment when home.

I have no idea what streamlabs or Android TV boxes uses as backend player, but after a lot of debugging MPV solved all my subtitles issues on mobile (android) and desktop (Linux).

It made me kinda sad because VLC was the defacto application I installed on Windows for years !! But since I’m on Linux, MPV is the new standard in my default applications.

Maybe have a look if you can change the default player?

Haha I’m to late :( Not available anymore. You sure it isn’t about the external player used by jellyfin on mobile?

Cauz’ I remember I had issues with .ASS subtitles only on mobile when VLC was used as external player.

Ohhh? I tried to make it work even adding the certificate into de /data folder of MPV (rooted android) but it didn’t worked… (source)

I remember I even checked the logs via ADB and while I can’t remember the exact error logs, it wasn’t accepting my certificate.

Also android MPV is the only application on Android that doesn’t accept my self-signed certificate. Navidrome, HTTP shortcuts, bitwarden, Tempo… They all accept without any problems.

If you have some juicy info to share I’m all ears 👍 !!

Edit: It’s probably related to android 14 (god I hate it here…) But can’t revert to 13… The Stock firmware builds are Bitwise different.

Being able to stream my shows on an unstable or lower bandwidth internet connection like on a train

Oh yeah good point wasn’t thinking of that kind of use case. Internet is available everywhere now and I’m so used to gigabit Ethernet and high-speed WiFi/5g that I forgot the low speed of public WiFi or locations where the connection can get unstable.

You could argue I should adapt my habits to my means but I frankly really think it should be the other way around, and transcoding solves that for me.

In the past I probably would ^^" but today it’s nearly impossible if you want a balanced life in a daily working/study routine. There’s so much to do, to much to think of, to much information… Automating stuff is where you can gain hours in the long run, so I totally get it !

Thanks for your answer !

What kind of stylized subtitles? I do not have a big library so I have never encountered this kind of trouble. But I’m curious to know to circumvent in advance.

Most anime have .ASS subtitles and are kinda complex sometimes with singsong related subtitles, but never had any issues on android with them.

And most movies have simple plain text subtitles.

Just a personal use case, maybe it isn’t an advantage. But the official android app is just a web wrapper and the use of MPV as external player don’t allow self-signed local certificates (and they never will…).

Findroid does the job for you while using MPV under the hood and you can connect to your local DNS with self-signed certs without any issues :).

May I ask why? Maybe I haven’t been in your actual case so I probably can’t relate.

However having everything in a format that every device can read and disable transcoding on jellyfin, saves resources and power usage.

Nobody ever talking about lychee ?

Yes okay it’s not GPL or written in a fancy new language (PHP is still alive xD). But it’s simple, elegant, no UX bloat, no ML or IA stuff… Just a plain simple self-hosted photo manager.

One thing I really liked about it, you can import you external photo’s with .xmp files, just one checkbox away.

The tag feature is simple but working as expected. Nothing fancy but it does best what’s it’s supposed to do !!

Call me old boomer but I really like the simplicity of lychee. It’s a bit like how reading an article from miniflux or wallabag… Simple html files without bloating your eyes or your brain…

Just my 2c, nothing to see here !

For those interested, John Hammond did a video a few months ago about .lnk extension (and other 16 hidden extensions on Windows).

He doesn’t go to much or to deep into the subject, but you get a general view how this could be exploitable.

YouTube link

Piped Link