Never in my life hage I known people (in Germany, but probably everywhere) to he happy with politics. I would also argue that for the vast majority (again, here in Germany) life has improved over the past decades.

IMO the reason for right wing surges aren’t actual real-world problems or failings of ruling parties (though flawed they are), but the new forms of propaganda and outreach that right wing parties have mastered, and left wing parties have failed at.

We did a rewatch just in time. S1 is as phenomenal as ever. S2 as such a jarring contrast.

That being said, E3 was SLIGHTLY less shit. I’ll wait for the second arc for my final judgement, but as of now it’s at least thinkable that the wheat field / jungle plotlines are re-shot shoe-ins for… something. The Mon / Dedra plotlines have a very different feel to it. Certainly not S1, but far above the other plotlines.

I’m not filled with confidence though. Had a look on IMDb, and basically the entire crew was swapped out between seasons.

Yeah. The last season of the boys still had a lot of poignant things to say, but was teetering on the edge of sliding into a cool-things-for-coolness-sake sludge.

Not the usual topic around here, but a scream into the void no less…

Andor season 1 was art.

Andor season 2 is just… Bad.

All the important people appear to have been replaced. It’s everything - music, direction, lighting, sets (why are we back to The Volume after S1 was so praised for its on-location sets?!), and the goddamn shit humor.

Here and there, a conversation shines through from (presumably) Gilroy’s original script, everything else is a farce, and that is me being nice.

The actors are still phenomenal.

But almost no scene seems to have PURPOSE. This show is now just bastardizing its own AESTHETICS.

What is curious though is that two days before release, the internet was FLOODED with glowing reviews of “one of the best seasons of television of all time”, “the darkest and most mature star wars has ever been”, “if you liked S1, you will love S2”. And now actual, post-release reviews are impossible to find.

Over on reddit, every even mildly critical comment is buried. Seems to me like concerted bot actions tbh, a lot of the glowing comments read like LLM as well.

Idk, maybe I’m the idiot for expecting more. But it hurts to go from a labor-of-love S1 which felt like an instruction manual for revolution, so real was what it had to say and critique, to S2 “pew pew, haha, look, we’re doing STAR WARS TM” shit that feels like Kenobi instead of Andor S1.

I still find it hilarious that since dd-wrt and OpenWrt are just… Linux, you could install Super Mario Bros on there. I checked, nobody seems to have tried.

Oh, definitely, but there are varying degrees of difficulty, esp. with what kinds of packages / package management you have available :D

Ah, that make sense. Is Wireguard P2P?

Yes, in the sense that each node/device is a peer. But the way I’d suggest you configure it in your case is more akin to a client/server setup - your devices forward all traffic to the “server”, but it never takes initiative to talk “back” to them, and they do not attempt to communicate with each other. Unless you have a separate usecase for that, of course.

You both are perfect for each other, so don’t screw it up!

❤️

Closing in on 8 years

I’m actually surprised nobody suggested simply using the Pi with OpenWrt as my own router. Though, that would make it hard to host Jellyfin.

A brief internet search shows that surprisingly, hosting Jellyfin on OpenWRT should work… No idea how well though. Come to think of it, having OpenWRT on the pi might make it a lot easier to configure, with graphical settings available and so on.

Could you explain Wireguard vs. Tailscale in this scenario?

I’ve never used tailscale, I’m afraid. Normally I would say: just use whatever seems easier to set up on your device/network; however, note that tailscale needs a “coordinate server”. No actual traffic ever goes through it, it just facilitates key exchanges and the like (from what I understand), but regardless, it’s a server outside your control which is involved in some way. You can selfhost this server, but that is additional work, of course…

Thank you all so much for your help! This is likely the solution I will go with, combined with another one, so again thank you so much!

Glad I could help, after being so unhelpful yesterday :)

P.S. I don’t care if you wrap an ethernet cord around her finger, get going!

Eh… Marriage is not really common in either of our families. We agreed to go sign the papers if there ever is a tax reason, lol. Sorry if that’s a bit unromantic :D Nice rings though ^^

Hi again.

How about the following idea:

Set up ProtonVPN on the raspberry pi.

On all other devices (or at least those you want to use Jellyfin on), switch from using Proton to using Wireguard. Unlike your phone, the raspberry pi has no trouble running multiple VPNs. I think the ProtonVPN limitations in regard to not allowing split tunneling don’t apply here, since all outgoing traffic will still go via Proton.

Essentially, the Pi would function as a proxy for all of your traffic, “and also” host Jellyfin. You would still connect to http://192.168.20.10:8096/ (or whatever) on your devices, but that address would only resolve to anything when you are connected to the pi via Wireguard. No HTTPs, but “HTTP over Wireguard”, if you will.

Nots that this requires you trusting the pi to the same degree that you trust your phone.

For your static devices (PC, TV) this should solve the problem. Devices which you take with you, like your phone, unfortunately will loose internet connectivity when you leave your home until you switch off Wireguard, and switch on Proton, and not be able to connect to Jellyfin when you return home, until you switch them back.

Essentially, you would have a “home” VPN and a “on the go” VPN, though you never need to connect to both. There might be ways to automate this based on WiFi SSID on Android, but I have not looked into it.

The Pros:

• this should meet all your requirements. No additional expenses, no domain, no dynDNS; no selfsigned certificate or custom CA; traffic is never unencrypted; works on all common devices.
• Wireguard is sufficiently lightweight to not bog down the pi, normally
• this is actually well within the intended use-cases for Wireguard, so no “black magic” required in configuring it
• if you ever do decide to get a domain, you can configure everything to always be connected to your pi via Wireguard, even on the go! Not required though.

The Cons:

• when you are new to selfhosting, Wireguard is a bit daunting to set up. It is not the easiest to debug (don’t worry, it’s easy to tell IF it is working, but not always WHY it isn’t working). Some manual route handling is probably also required on the pi. It should definitely be doable though, but might turn this Jellyfin thing from a weekend project to a 2 week project…
• I have no experience with how well the pi runs Jellyfin. If the answer is “barely”, then adding multiple concurrent Wireguard sessions might be a bad experience. Though in this case, you could only switch Proton to Wireguard whenever you want to watch Jellyfin.
• the manual switching might be annoying, but that is the price to pay here, so to speak

Edit: someone else already mentioned setting up your own trusted network with a second router. IMO that is the better, more hassle-free option IF you are willing to shell out the money. My suggestion is the “free” version of that, essentially 😄

Hi again. Sorry for being so rude yesterday. Your new post actually clears the situation up a lot.

We might have an idea for you, will comment on the new post.

Hi. I am a software engineer with a background in IT security. My girlfriend is a literal network security engineer.

I showed her this thread and she said: don’t bother, just use http on your local network.

Anyways, I am going to disengage from this thread now. Skepticism against things one doesn’t fully understand can be healthy, but this is an insane mix of paranoia and naïveté.

You are not a target; the things you are afraid of will never happen; and if they did, they would not have the consequences you think they would.

Your router will NOT magically expose your traffic to the internet (what would that even mean?? Like, if it spontaneously started port forwarding to your Jellyfin server (how? By just randomly guessing the port and IP???), someone would still need to actively request that traffic, AND know your login credentials, AND CARE).

Your ISP does not give a shit about you owning or streaming copyrighted material over your local network. It has no stake in that.

Graphene is not an ultimate arbiter of IT security, but the reason it “distrusts networks” is because you take your phone with you, constantly moving into actual untrusted networks (i.e. ones you do not own).

Hosting Jellyfin on Graphene will not make it more secure, whatsoever.

If every device is assumed compromised, and compromising devices with knowledge that you watch media is a threat in your model, then even putting an SD card with media in your phone and clicking play is dangerous. Which is stupid.

If you actually assume your router is malicious, then please assume that when you initially downloaded your VPN client, it was also compromised and your VPN is not trustworthy.

The way I see it, you have two options:

1. educate yourself on network security to the point of being able to trust your network setup; or
2. forget about hosting anything

Huh, didn’t know. Thanks. I guess Hetzner is the right answer in both cases then 😄

Do you want all of that to be managed (DB, mailboxes, web-hosting,…) or just reliable hardware in “the cloud”?

For the latter, Hetzner.

Yeah!! A house only has speculative value! There’s no fundamental value in a house! Just like bitcoin, if you can’t sell your house, it’s worthless!

… .what do you mean, “a place to live in”?

The title gave me a stroke

At this point, package management is the main differentiating factor between distro (families). Personally, I’m vehemently opposed to erasing those differences.

The “just use flatpak!” crowd is kind of correct when we’re talking solely about Linux newcomers, but if you are at all comfortable with light troubleshooting if/when something breaks, each package manager has something unique und useful to offer. Pacman and the AUR a a good example, but personally, you can wring nixpkgs Fron my cold dead hands.

And so you will never get people to agree on one “standard” way of packaging, because doing your own thing is kind of the spirit of open source software.

But even more importantly, this should not matter to developers. It’s not really their job to package the software, for reasons including that it’s just not reasonable to expect them to cater to all package managers. Let distro maintainers take care of that.

I have been listening to SO many audiobooks since getting Audiobookshelve ❤️

You can self-host Firefox sync

Sorry to hear that that’s been your experience! :( My installation has been running for ~5 years without any problems

Yeah no worries - I discovered Prowlarr from that exact same comment years ago so jumped at the opportunity to post it here 😆

Real question is, why Jackett instead of Prowlarr? 😄

Now judge it by how good the end result looks

But also… The fuck?