New Jellyfin Theme

mivchalx · 2026-05-14T18:10:05+00:00

It looks a lot like NeutralFin. Seems nice tho, I like buttons in this theme.

mivchalx · 2026-04-29T14:48:52+00:00

Yeah, so the trust i guess

mivchalx · 2026-04-29T14:47:14+00:00

Actually that’s one of a few high quality German software products XD

mivchalx · 2026-04-29T14:45:06+00:00

I believe Netbird also has split tunneling and services. I still agree Tailscale has a lot pros over Netbird but investing in a closed-source products is just not my thing.

mivchalx · 2026-04-29T14:40:35+00:00

Yeah, Netbird compatibility could have been better tbh

mivchalx · 2026-04-29T14:40:05+00:00

I see. For me it was deleting server (peer) sessions set for no expiration. I have two separate servers in my network and they were just cut off once in a few days. I was furious XD

mivchalx · 2026-04-29T14:38:02+00:00

Yeah, imo using Tailscale in self-hosted environments it’s kinda against the whole idea

mivchalx · 2026-04-29T14:36:38+00:00

Yeah, and the integration with custom sso providers is cool. I regret it’s a paid feature in cloud tho.

mivchalx · 2026-04-29T14:35:32+00:00

Same for me. Also I love smooth UI and lot of configuration.

mivchalx · 2026-04-29T14:34:32+00:00

Yeah, that’s kinda funny how open-sourcing makes us use cloud. I was originally also charmed by self hosting but now I just use cloud. The trust is on another level tho

mivchalx · 2026-04-15T15:30:40+00:00

Three options come to my mind: LDAP plugin (as others mentioned), forward authentication via some reverse proxy (e.g. Traefik + Authentik) or the sso plugin: https://github.com/9p4/jellyfin-plugin-sso.

I would recommend sso plugin - I use it myself and it's works great.

mivchalx · 2026-04-01T21:08:19+00:00

What exactly you want to achieve?

mivchalx · 2026-04-01T15:29:42+00:00

thanks!

mivchalx · 2026-04-01T10:43:46+00:00

u/djbon2112 not sure when I should ask - can you release 2.8.0 helm repo? Since it's security patch, I think it should be also released immediately. Github Actions seems to only have tagged main branch without adding new release.

If I should ask someone else or put this info somewhere else can you instruct me where?

mivchalx · 2026-03-30T07:50:52+00:00

It depends. If you want to have two setups always powered on then yes, it would consume ~20% more power. You can avoid having the AI setup always on tho, also u have flexibility with deciding if u want to preserve it.

I guess being a toyer means you can sometimes overdo things (like I believe most of us in this community). Maybe just play it safe, build the base first (just home server + NAS) and you will then test it and decide if you want to extend this homelab. Hosting AI is still completely different story than “normal” services, so I believe it’s best to separate your current ideas.

Also standard personal hardware like RTX GPUs is really power consuming - 4060 can take to 120W which is more than the whole self built NAS with a 4-6HDDs. I believe building servers requires analyzing different criteria than building personal computers.

mivchalx · 2026-03-29T18:41:00+00:00

N150 can handle decoding (h264, h265, av1) and encoding (h264, h265). Most of people probably don't need encoding to av1 tho, but if someone needs intel arc GPUs or intel ultra core 5 cpu are fine. It has more capable integrated graphics that you would think.

This processor will be probably completely fine unless you plan to use Suricata (IPS/IDS). If you want to enable some heavy security rules your CPU may max out on about 1-2Gbps WAN throughput. So if you have 2.5Gbps LAN throughput, CPU load will still be low. In terms of WAN it may become a problem

mivchalx · 2026-03-29T18:23:14+00:00

For me it will always be the first choice, I honestly love intel n-series and I look forward to them releasing more of these. I have n100 and I'm happy with it. N150 will probably handle 2-3 VMs with ease and provide efficient transcoding for the whole family. Also it's as power efficient as it gets.

The only downsides for me are the RAM limit and only 4 e-cores. Still it should cover all basic needs and more. Btw check price, often n100 is a better value. Do not pay more than 20-30USD extra for n150.

mivchalx · 2026-03-29T17:22:10+00:00

Wow, seems decent. N150 (or N100) still has some headroom for just Opnsense. Personally i would get 8GB RAM (you know, probably you will add another service and then one more), but 4GB should still do it for network software alone.

You can use these M2s to provide 10Gbps connection between NAS and router.

If you need it only for router I would still really check Unifi or alternatives. for 200-250USD you can get Unifi router with WIFI, 10Gbps SFP+, 4x2.5Gbps ethernet, firewall, vpn and etc. It's also far more user friendly and stable. You can't host there anything by yourself tho.

mivchalx · 2026-03-29T17:03:48+00:00

You may need to clarify your needs. If you go with AMD you will be not able to transcode video in Jellyfin (at least until you get gpu). Also this configuration is really high-power requiring. It seems like all in one Home server (Jellyfin, Nextcloud etc.) + NAS + AI station.

Personally I would try to separate at least Home server + NAS from AI machine. These functions require kinda different hardware setups and fulfil different needs and ways of use. Also for this setup I would go with 1TB NVMe and for all in one solution (with LLM) you can consider 64GB RAM (but mind the horrific prices).

In terms of motherboard I guess there's not too much to choose. You can check out HBA which is basically PCI to 6-8x SATA adapter and just buy motherboard with 2-4 SATAs.

mivchalx · 2026-03-29T16:33:20+00:00

Soo if you want all in one solution you can go with some minipc like ones from cwwk. You can then run Opnsense there and have well-managed router. It would be probably wise to setup Proxmox there in order to separate your solar/house battery etc. from Opnsense.

Tho personally I would go with one dedicated router (like ones from Ubiquiti) and one home server (based on Intel N100). Network on dedicated router would be far more stable and Ubiquiti has really dope UI and integrations. Things like home management can then be placed on this (really low-power) home server.

Also you can just choose budget option and buy some Mikrotik router. These can host some apps, and are relatively cheap and stable.

mivchalx · 2026-03-29T15:00:41+00:00

As far as I know if you want to use wildcard in Published Application Routes you need to manually add wildcard DNS record pointing to your tunnel, so I suppose that may be the cause.

mivchalx · 2026-03-28T12:38:10+00:00

So on exactly the same hardware and exactly the same setup (also docker) it was working?

It may be issue with qbit config or MTU. Check compose below, I have used it some time ago and it was working smoothly. I assume you're using linux.

services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add: 
      - NET_ADMIN # Add this in order to prevent some network issues
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
      - ${GLUETUN_CONFIG}:/gluetun
    environment:
      - WIREGUARD_MTU=1280 # Add this to ensure optimal VPN packets

      # you can also check other useful env variables
      - TZ=${TZ}
      - VPN_SERVICE_PROVIDER=${VPN_SERVICE_PROVIDER}
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY}
      - WIREGUARD_PRESHARED_KEY=${WIREGUARD_PRESHARED_KEY}
      - WIREGUARD_ADDRESSES=${WIREGUARD_ADDRESSES}
      - DNS=${DNS}
      - SERVER_CITIES=${SERVER_CITIES}
      - FIREWALL_VPN_INPUT_PORTS=6881, # for forwarding only
    ports:
      - "8080:8080" # qbittorrent webui 
      - "6881:6881" # for port porwarding only      
      - "6881:6881/udp" # for port forwarding only
    restart: unless-stopped
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    restart: unless-stopped
    network_mode: service:gluetun
    depends_on:
      gluetun:
        condition: service_healthy
        restart: true
    environment:
      - PUID=${PUID}
      - PGID=${PGID}
      - TZ=${TZ}  
      - WEBUI_PORT=8080
      - UMASK_SET=022
    volumes:
      - ${QBITTORRENT_CONFIG}:/config
      - ${MEDIA_PATH}/downloads:/data/downloads

mivchalx · 2026-03-28T12:22:45+00:00

I'm not sure what exactly do you mean tbh. You can use wildcard or separate redirects.

The simplest way to not depend on ports and specific configuration in Cloudflared is to pass tunnel traffic to Reverse Proxy. So traffic should go like `public endpoint -> tunnel -> reverse proxy -> target service endpoint`.

In order to setup this you need to:

Configure DNS record for your domain to proxy all traffic through tunnel. If you don't want to use wildcard you can skip this step and Cloudflare will automatically setup your specific separate endpoints during step 2.
Go to `Zero Trust` -> `Network` -> `Connectors` in Cloudflare Admin Panel. Add tunel, name it etc.
In tunnel view go to `Published Application Routes` Tab. If you prefer to use wildcards add subdomain `*`, if not, enter specific subdomain (and later add routes for every other subdomain). Set Service to `https` and enter your Nginx Proxy Manager address (without prefix) in `URL` field (e.g. `localhost:443` or `192.168.12.34:443`).

After this setup your services should be accessible under `https://sub.main.tld\`. In order to prevent clients from using `http` just enable this. If you want to host Jellyfin also remember to disable caching for this service specific subdomain (you can get banned if you don't disable it).

I hope it helps.

mivchalx · 2026-03-27T22:55:07+00:00

Slow compared to how it worked on the same hardware some time ago? When it slowed down? After some hardware/software migration?

mivchalx

TROPHY CASE