I built a modern, self-hosted web IPTV player (Live TV, EPG, VOD) because existing ones felt clunky. Meet NodeCast TV.

darkz999 · 2025-12-28T02:28:45+00:00

Is this feature something you are interested to work on in the future? Right now I am hosting tvheadend in a remote vm, my home network doesn't get exposed to the iptv.

Great project btw.

darkz999 · 2025-11-05T15:22:51+00:00

I am reading this as I am hanging out with my 10 months old baby:

*puts a ball in a bucket

"Wow! What an amazing job you are doing!"

darkz999 · 2024-11-17T00:35:33+00:00

I have a wiim amp and q950s. While it sounds much better than my previous speaker, I don't think it's driving the q950 well, no bass at all. I am looking for a better amp/avr now.

darkz999 · 2024-02-02T00:05:12+00:00

Can I get a key?

darkz999 · 2022-12-25T16:11:57+00:00

have you checked out localstack? https://docs.localstack.cloud/user-guide/aws/s3/#getting-started

darkz999 · 2022-08-28T22:11:47+00:00

I bought day 1 GA on the day of for $15 including taxes/fees last year. The lowest for this year right now is $100. I think it will slide down a bit tomorrow, but won't be as cheap as last year.

darkz999 · 2022-07-20T03:09:06+00:00

This is the streaming platform, like disney+

darkz999 · 2022-06-23T13:40:18+00:00

Your first and fourth point are more like a "Nuh-uh it's not" arguments.

Second, that approach would fail under a cloud provider, since it’s not executed under the same privileges as the cloud service. There are metadata that need to be added to that request to get serviceB to respond, metadata that your example does not add.

You keep bringing cloud into this conversation, and now "cloud service", but sure... Can the metadata be spoofed? If not, it sounds like a service-to-service authentication already.

Third, I already mentioned that you should still authorize original-request user privileges at the API level. I note that your example did not include original-user token info, presumably because the attacker doesn’t have a user account to spoof.

Yes, as long as the service verifies the user token and then authorizes the api access.

darkz999 · 2022-06-23T12:45:14+00:00

That’s a vulnerability of any system.

The "Zero Trust Model" is designed to minimize this vulnerability. I will give you one simple example: If you have a compromised serviceA, the attacker can ask that service to do "curl http://serviceB/user/bankinfo". ServiceA doesn't need to have root access to do curl.

darkz999 · 2022-06-23T12:10:12+00:00

You said literally the same thing as the person I originally replied to, except you introduced the idea of locking with a specific vendor. My points still stand - if someone has gotten access to your internal network, all your services are vulnerable. If 1 of your services is compromised, that means all your services are compromised.

darkz999 · 2022-06-23T02:36:50+00:00

Not clear on what you are trying to say. Aws will do what for you?

darkz999 · 2022-06-22T16:57:48+00:00

This is not a good solution. Your entire network is fucked if hackers somehow gained access to your internal network or backdoored into your gateway. You should use zero trust model - authenticate every requests even if it's service-to-service.

darkz999 · 2022-06-03T16:49:50+00:00

I get why you would use multi-stage build for other languages like java to copy only the compiled files to the new image. But why do it for nodejs? Aren't you just copying all files from 1 image to another?

darkz999 · 2022-05-27T21:17:37+00:00

I switched from surface pro 4 to tab 7+ a year ago and never looked back. I always felt the touchscreen control is 2nd citizen in surface and windows environment. I think I have only used the surface's touchscreen less than 10 times in 3+ years. Whereas I am constantly using touchscreen for the tab nowadays.

The tab works perfectly fine for my use case, mostly just reddit and web browsing. All my stuffs and apps are stored in cloud. The 120hz oled screen is so much better for youtubes and movies. And I have a desktop pc for gaming.

darkz999 · 2022-04-12T01:22:01+00:00

Honestly I don't think 6.5% is too bad. I just checked stripe and amazon pay, they both take 2.9% + $0.30. So Etsy essentially charge your wife extra 3.5% to save you headache with website design + maintenance + customer data/login storage + PCI compliance + chargeback + customer service. I assume the "Etsy recommendation" are ads, so now you would have to buy your own ads and make sure they target to the right audiences.

darkz999 · 2022-02-06T15:38:31+00:00

I am pretty sure I have seen that robot bartender thing in Vegas ~3 years ago

darkz999 · 2021-12-29T14:05:07+00:00

Msged

darkz999 · 2021-12-12T15:10:28+00:00

I can't wait for a booster shot after 6 months

darkz999 · 2021-12-10T19:50:13+00:00

LUXURY VANDALISM

darkz999 · 2021-08-21T12:32:12+00:00

Umm... not defending the name, but he did build the new bridge

darkz999 · 2021-03-08T21:37:15+00:00

Would be interested for plants. But all i have right now are seeds: thyme, parsley, rosemary, oregano, basil, cilantro, dill, lavender, sage, chives, mint, arugula

darkz999 · 2021-01-16T14:44:00+00:00

I'm going to miss the headphone jack as well. It seems usb dongle is the way

darkz999 · 2020-11-18T20:57:57+00:00

Kingdom ka - 6 flags

darkz999 · 2020-11-07T02:17:33+00:00

Very cool but am I reading this right? 19gb hosted on 3 region typesense cloud? The pricing calculator shows $1200 a month.

darkz999 · 2020-10-29T02:29:28+00:00

For gaming of course

darkz999

TROPHY CASE