this post was submitted on 19 Sep 2023
115 points (93.9% liked)

Selfhosted

40183 readers
493 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
all 31 comments
sorted by: hot top controversial new old
[–] [email protected] 14 points 1 year ago (1 children)

The Apple TV is quietly the best little streaming box. It is very capable, and according to my PiHole it's far less chatty than my Roku or Android TV devices.

Also, I love Tailscale. I love how this press release reads like it was written by nerds for nerds rather than by writers for investors.

[–] [email protected] 1 points 1 year ago (1 children)

Have you managed to avoid ads on YouTube? Does it work well for streaming games from a PC?

[–] [email protected] 2 points 1 year ago

I have a YouTube Premium family plan. We use it so much that it’s easy for us to justify.

The Steam Link app is exceptional. the Apple TV natively supports Xbox and PlayStation controllers so it all works pretty seamlessly.

[–] [email protected] 9 points 1 year ago

This is just great! Tailscale is doing ALL the right things it seems. So happy to try this out

[–] [email protected] 7 points 1 year ago (2 children)

Are there used for this outside of video streaming? Ive found Tailscale too slow for decent quality video streaming myself

[–] [email protected] 8 points 1 year ago (1 children)

You can use one of your nodes as an exit node for another device and route your traffic though it as an alternative to a public VPN, depending on your needs.

I use it for remote management, video streaming, and the occasional file transfer without publicly exposing my NAS. You could achive all this by setting up your own wireguard server but that's more work.

I'm surprised you're finding it too slow for video streaming. I use it just fine and can saturate my 300 Mbit connection when doing file transfers.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

Wait. I can use my Apple TV as a VPN server? Did I understand you right? That would be a nifty redundancy tool for me if my main wireguard server goes down.

Edit: I guess I should’ve just RTFarticle:

But look at it this way: your Apple TV device is a capable little computer, and it stays connected to your tailnet even when it’s not in active use. Download and configure Tailscale now and you can securely route any of your other devices’ traffic through your Apple TV — and by extension, through your home internet connection — even when you’re on the other side of the planet. Whether you want another layer of security and privacy on sketchy Wi-Fi networks or just want to connect back through your personal internet connection when you’re on the road, you’re set with the Apple TV as an exit node.

So sounds like the tv doesn’t act as a server natively but I can use tailscale to leverage the tv to do that. I’ve never seriously looked at tailscale as wireguard generally worked well for me. Guess it’s worth a look.

Edit: I’ve now switch to Tailscale and am happy with it BUT the Apple TV support is lacking. While you can make it a node, you can’t get subnet access through an Apple TV node yet. So you can’t use an Apple TV to access other machines using their subnet IPs — i.e. no home LAN access.

[–] [email protected] 2 points 1 year ago (1 children)

yeah I'm not sure what the point of this is tbh.

[–] [email protected] 11 points 1 year ago (2 children)

If you run a media server that isn't publicly exposed, it lets you jump in to browse stuff w/o needing to forward additional ports.

Another use is if you want to bring the device with you on vacation. You can VPN back home and have your traffic exit out of your house which may be useful for streaming services that require traffic be "in the same household".

[–] [email protected] 1 points 1 year ago (1 children)

Have we figured out if this solves the Netflix password sharing limitation yet?

[–] [email protected] 0 points 1 year ago (1 children)

I haven't tried it. AFAIK Netflix won't work on iOS if you have a VPN active so I don't have high hopes for Netflix.

[–] [email protected] 3 points 1 year ago

I think that’s only if they detect that you’re connected to an IP address that they recognize as part of a commercial VPN service, since i’m sure they have a list.

I use netflix when connected to tailscale VPN on both my phone and apple tv and it works fine, since the exit node that netflix is receiving my connection from isn’t a commercial VPN IP

[–] [email protected] -1 points 1 year ago (2 children)

I'm surprised any VPN would be strong enough for streaming video of anything other than potato quality

[–] [email protected] 2 points 1 year ago (1 children)

The bulk of the traffic between two Tailscale nodes is direct between the nodes. They mainly use the Tailscale servers to help them find each other (NAT hole punching) and establish a connection.

[–] [email protected] 2 points 1 year ago (1 children)

You're kidding! I thought all the traffic went through tailscale. So it's basically just establishing the connection, then I'm only limited by upload/download speed of the NAS and the client?

[–] [email protected] 2 points 1 year ago (1 children)

Usually yes! There will be some minor overhead from both nodes keeping in touch with the Tailscale command server but mostly they talk to each other.

Read this though to see if there's a case where direct connection might not be possible: https://tailscale.com/kb/1181/firewalls/

[–] [email protected] 1 points 1 year ago (1 children)

Man, that's great news. Though I may have some extra set up to do because I tried once with a decent internet connection and couldn't get plex working over tailscale.

[–] [email protected] 1 points 1 year ago (1 children)

Plex has issues with VPNs unfortunately. It wants you to go through them whenever you connect to your server, and this means it needs to know where your server IP/domain is. But if you have situations where the IP/domain changes, like a VPN, it can get confused.

It's one of the reasons that made me give up Plex back in the day. (Holding your accounts hostage was the other one.)

[–] [email protected] 1 points 1 year ago (1 children)

oh wow, thanks for that insight. So jellyfin in this use case would be superior?

[–] [email protected] 2 points 1 year ago (1 children)

Jellyfin or Emby, yeah. But it's more of an artificial limitation for Plex so it's worth checking that they haven't fixed it by any chance since the last time I tried.

The way these apps work is that the mobile app scans the local network for the server. That works when you're connected on WiFi at home but typically not when you're connecting over VPN, because a VPN isn't usually configured with broadcast. So the app for all three (Plex/Jellyfin/Emby) will discover the server just fine on WiFi but choke on VPN. To work around this, the mobile app [should] allow you to also enter the server address manually. Plex used to have this too but removed it at some point, so now it only relies on autodetect. 🤷

So now the only way it can work on Plex is if you keep the same server address/name when you're on WiFi and when you're on VPN, let the app detect it once on WiFi, then it "just works" on VPN too... but that can be problematic if the address/name is different on VPN, which is 90% of cases.

Between Emby and Jellyfin it's a toss-up, the main reason I'm using Jellyfin (I used to use Plex and Emby too) is because it's 100% free. Emby switched essential features like transcoding behind paywall at some point, and Plex locked pretty much everything useful behind paid Plex pass and you have to login to their website every time, so you can't use it if your external internet connection drops even if your local network is fine.

Here's an in-depth comparison of all three: https://github.com/Protektor-Desura/Archon/wiki/Compare-Media-Servers

[–] [email protected] 1 points 1 year ago (1 children)

Thanks! I'll look into this. I had jellyfin installed but I always used Plex just due to a better experience on my Apple TV. The Jellyfin client can barely get subtitles right so I stopped using it

[–] [email protected] 2 points 1 year ago

At the end of the day it's always a trade-off. If you're willing to give up some control and privacy Plex is going to be a very smooth experience. If you don't like to give up privacy but still want a smoother experience and are willing to pay, Emby is probably best for you. If you don't want to make any privacy compromises and want a free, community-supported and fully open-source solution, you have to use Jellyfin.

Don't forget to check out Kodi on that list. It's not a media server, it's an indexer that runs on the client + a friendly interface. It can be a very nice solution if you mainly access your media on a single device, like a living room TV attached to your NAS.

[–] [email protected] -1 points 1 year ago (1 children)

It's going to depend on the devices involved, but I get about 600 megabit or so between two computers over tailscale on my network (really, wireguard). That's what, 10 HD video streams? Of course, it's going to depend on device cpu capability and network bandwidth.

[–] [email protected] 1 points 1 year ago (1 children)

On your own network? I'm not sure the reason to use tailscale between computers on the same network, nor if that's really relevant to the discussion. If tailscale was capable of 600mbps from outside the network then that would be another story

[–] [email protected] 2 points 1 year ago

That 600mbps is the throughput of the encryption on those devices. It's no different crossing networks, but the speed will be limited by the network speed. The benefit of a p2p vpn is that you don't need to shut it off when you join the same network. The devices remain accessible at the same ip whether they are on the same network, or if one is somewhere else. The overhead is negligible and you gain the security isolation that would normally require subnets and a firewall.

In the end, yes, I can stream HD video just fine from another network. For most people, the limitation will be their home ISP's uplink speed.

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
IP Internet Protocol
NAS Network-Attached Storage
NAT Network Address Translation
PiHole Network-wide ad-blocker (DNS sinkhole)
Plex Brand of media server package
VPN Virtual Private Network

6 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #151 for this sub, first seen 20th Sep 2023, 13:35] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 3 points 1 year ago (1 children)

VPN but do they allow useful apps?

[–] [email protected] 1 points 1 year ago (2 children)

What useful apps would it need? This is a streaming box first and foremost. Branching out a little bit, it has the ability to play some ported (basically) iPhone games. It can run Steam Link. There’s some stuff like Speedtest.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

I deleted my last comment.

I have an iPad but use android for phones.

But I can't imagine apple has any apps that "need" a VPN. Unless your using the VPN solely because you want all your data hidden.

Vpns are kinda moot anyway in terms of personal security. If anyone wants to see your shit they can install something on your telephone pole that can supercede a VPN anyway. Gangs use stuff like that. It's fucked up but I've seen people use that shit to fuck up lives. Humanity sucks.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

If anyone wants to see your shit they can install something on your telephone pole that can supercede a VPN anyway.

False.

My WireGuard VPN uses pre-verified encryption keys and all data between the nodes is encrypted with them.

Nothing (whether put there by the cell carrier, public wifi provider, or some gang member who climbed the telephone pole) can decrypt that communication except the devices which already have the keys.

I'm not sure what makes you think VPN security is moot, but you are misinformed.

Using a VPN is always more secure than not using one, particularly if you control the server on the other end.

The only time a VPN wouldn't help is if your device itself is compromised at which point you have other problems than a VPN anyway