Did you just suggest Linux has no vulnerabilities in any of its distros, and neither does any of the self-hosted services?

Afraid people will use known vulnerabilities in common self-hosted software.

So every answer is as good as you can get?

I’m afraid of security bugs in the software I’m using, so that containers don’t contain, read-only doesn’t prevent writing, mounting directories doesn’t restrict access to those directories, etc.

I’m a nobody, I can’t imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)

I’m kinda disappointed with this thread, I’m in a similar position to OP, but all the responses are just like “use a reverse proxy and make your URL hard to guess” and other measures which are not very secure. \

It seems like that’s about as good as you can get at the moment, because the mobile apps barf if you try to add in auth in front of the reverse proxy, but a lot of people seem to be providing this advice like it’s good enough rather than as good as you can get.

Some reverse proxies have an authentication layer.
But this typically breaks the jellyfin Mobile app.

Idk if geo whitelisting is really good enough. I can’t speak for OP, but I’m in the same position and I don’t. I had high hopes for the post but everyone seems to just brush over the “secure” part

How do you get the mobile app to connect?

Yes the rest of the world needs to move around equipment and trailers. And they can do it without obscene trucks like this lol.

What makes America so incompetent that they need a truck like this to do it?

“openclaw” 👀👀👀

The reason people use SaaS is because they have someone to sue when something goes wrong and you lose days of revenue.

How do you set up private resources to reverse proxy like public resources? I don’t want to have to change URL when I turn on my pangolin client

I may end up doing extra reverse proxies just because complicated configuration is better than complicated use. It kinda feels like there should be a way to do it right in pangolin, it seems like it’s right there lol.

Pangolin is built on traefik, and does all the reverse proxying I need (X sub-domain goes to Y port on Z home server).

I don’t really like the idea of n metroyska reverse proxis, both because conceptually it bothers me, but also because my needs seem simple and doesn’t seem like it deserves the extra complexity. The public resource reverse proxy works for everything I have.

I’m looking for a way to configure pangolin, which already routes property, to skip auth when the auth can be provided by the pangolin client.

Idk why people are downvoting you.

Back when I put eggs directly into boiling water, and then ice bath, this didn’t happen.

But I’ve found it’s easier to get a perfect egg by putting them in cold water, bringing it to a boil, then taking it off the heat for ~10m.
Unfortunately this always seems to result in shells sticking

Reverse proxies like the one specifically mentioned, pangolin, have auth and user access rules.

I think that’s one of the major reasons to use pangolin over something like nginx - built in auth and support for oidc.

Of course, the native jellyfin apps don’t like the auth layer so idk if it helps if you’re trying to install it on your dad’s tv

what about that convinced you it’s nature?

All those boys were raised in a similar culture with similar influences regarding how boys should behave. You don’t have a control group.

What is your argument that that phase of boyhood is nature rather than nurture?

Kids that age are typically emulating their older peers, and things they’ve seen at school, in media, at home, in public, etc. if anything, I think that the behaviour difference we observe between adolescent boys and girls suggests that kids absorb gender roles very early. Even from before they can walk, the typical common toy selection differs greatly; girls get toys that teach them about working with people and caring, but get toys that teach them about manual labour(?!?!). Even if you don’t do that with your children, at school and daycare they’re surrounded by kids who are raised like that.

When my son was a preschooler, he loved to wear dresses, but as he approached school age he would wear them less and less, and completely stopped since he started school. I don’t think he grew out of it and we didn’t tell him to stop, but he learned that lesson from his peers.

All the abilities that set humans apart from other animals are social in nature, humans evolved to help each other (at least in small groups)

I agree with everything you said except that I think too much nurture is attributed to nature. I don’t think it’s human nature, i think this is the nature of our culture. To say it is human nature is, imo, unnecessarily fatalistic.