after almost 15yrs my plex server is no more. jellyfin behind nginx with authentik is running very nicely.
You must log in or register to comment.
Yea, JF is getting mature enough for more people to transition.
I’ve been running it side by side with Plex for about 2 years now, and have a couple of clients (and all of my personal use) on JF, but a few users either cant run JF directly on their hardware (and don’t want to cast every time) or they are older and would struggle to learn a new app without some hands on practice with it.
The newest Plex UI update on some devices is causing some problems so I think I’ll have a few more users moving to JF in the near future.
It’s a bit of a ram hog compared to plex but that’s not a major issue.
I’ve heard jellyfin has a lot of security issues, which I don’t know if that’s accurate or not. But the BIGGEST issue is lack of a proper tvOS app. I really don’t feel like using Infuse or some other app just to use my library. Year after year I hear about people switching and yet, the gap is simply still there.
I’ve heard jellyfin has a lot of security issues
The biggest known stuff I saw on their GitHub is that a number of the exposed service URLs under the hood don’t require auth. So, it’s open-source with known requirements, you can tell easily from the outside that it’s running, and you can cause it to activate a LOT of packages without logging in. That’s a zero-day in any package that can be passed a payload away from disaster.
AS far as TVOS, I’m kinda surprised swiftfin doesn’t service you.
Yeah… that’s a non-starter for me. Not gonna risk my entire home lab when Plex doesn’t have any of that risk.
Also, running in Docker is fantastic but I’ve found Docker to be unstable at times depending on the version.
Oh, Plex has the risk. A vulnerability in Plex is how LastPass lost all their source code. A vulnerability in Tautulli which he had ported outside surfaced his auth token, then he was able to use the auth token to get into Plex and they were able to hit an rce vulnerability and pull the entire git repo the guy had locally.
The key difference is Plex at least has a security team and their name on the line with their investors.
That’s completely different. Every internet connected service has risks, but having known vulnerabilities that you just refuse to fix is different to someone figuring out a complex exploit.
Could you point me to a good tutorial for hosting Minecraft server for my kids?
