?? Chicken and egg? It’s not that i cant afford the things I like. It’s that i need to listen to it first to know if I like it enough to purchase it. If someone recommends me some band I never heard of froma genre im not familiar with, I would like to give it a chance. A heavy portion of the music I love now wasn’t something I knew immediately I would like within 30 seconds of hearing it. The likelihood is their recommendation isn’t for me, but I dont know until I listen a bit and simmer at least a short bit.

So do I just buy everything anyone namedrops outright? Or do I refuse to give a recommendation any chance whatsoever because I make a guess its not for me before I even listened?

What youre talking about is having an app refer to authentik to find out who a user is.

Internet -> audiobookshelf -> asks authentik who it is

In addition to that, you can set pangolin up so that it doesnt even hit that app in the first place at all unless the user is already signed into authentik.

Internet -> pangolin makes user log into authentik before forwarding along -> audiobookshelf -> asks authentik who it is

So if the app in question has a security vulnerability, its not a problem because no one even gets to the app at all to begin to try to exploit it unless they’ve logged into authentik first.

My baseline is a public VPS with Pangolin/Crowdsec installed. I have authentik as a login system. Pangolin let’s me put authentik in front of any service so they have to log in hit before the service in question. Helps give a bit of peace of mind with the services which themselves might not be security focused. Also, these pangolin routes are able to block anything outside my country by rules, so that trims a good portion of attacks as well.

Some things don’t like that authentik layer in front though. Audiobookshelf’s phone app for example cant handle it. For that, I route those domains through cloudflare tunnels. Their tunnels do a good job blocking lots of attacks, so not having authentik in front is more acceptable.

But then there’s jellyfin that doesnt want to be on cloudflare tunnels and doesnt want authentik in front. For that, I just have it on my pangolin side with only crowdsec helping. Not ideal, but best I can do without making my grandma install a VPN on a raspberry pi in so her TV can connect or some shit.

And lastly, I have some private services like forgejo that don’t like authentik in front and only I myself care about. I tailscale to those rather than exposing sometimes.

Only other thing I think I need to add sometime is some VLAN separations?

If you read my other post, you’ll see that i hybridize and do both.

I cant afford to buy every artist that someone flippantly recommends i check out. (8k albums in my library atm) Im not streaming. Pirating is the demo/simmer stage. Followup retroactive purchases are the “yup, good shit” support stage

When they get my support they’re getting 100% of my money rather than what drips down through Spotify’s grip. I’d say that’s a win for both sides

Lol, sure. If piracy disappeared tomorrow they’d still squeeze and monopolize until the stream payments were table crumbs just the same. That’s how corps go; has nothing to do with any of us.

Buy direct if you actually care about getting cash into a band’s hand.

Been selfhosting my music for years (was the initial push into the hobby). Bandcamp is your friend. I also don’t mind paying more for what i like nowadays. Still, I pirate stuff im not sure i like yet, like a demo of sorts. I listen to too much experimental stuff recommended by friends to know what ill love before simmering on it. Then i either go back and buy it, or just make sure to support them in more direct ways like buying more merchandise than I normally would. Pick a band that I’ve been vibing on that month and dumptruck cash on them.

Not a perfect solution, but it works for me, and I think I’ve given more money to artists overall than my table scrap stream pennies would have.

Solidarity. New people are being forced to deal with this enshittification wave. We may be immune to it (for now), but the more people involved and excited about the alternative the better it’ll be. Yeah, I got mine… but we can also be involved in something better.

I think the thing is, every news cycle there IS a few people who’s time has come. And so jellyfin is brought up

I say this as someone who has a plex lifetime and is still using plex. I appreciate everyone getting riled up and passionate, because that means the fallback will be that much more polished when my time comes.

You sound like someone pulling up the ladder and yelling at the people below to shut up. Anyone new to the space is dealing with this absurd $750 lifetime price. Of course they’re yelling

Best I’ve done so far is crowdsec + pangolin geoblocking to just my country. I cant install tailscale subnet routers at all my friends to get their TVs to work. Non starter.

Donetick is what I use for this kind of stuff. Still needs a bit of work on the OIDC systems, though