smiletolerantly

Nothing. People fearmonger

Funny - same thing here. Got 3 proxmox hosts running, all virtual machines are NixOS though.

I'd love to go full Nix, but between my GF and I, we kinda split the responsibilities: hardware is hers, applications are mine. And there's not a chance she'll give up her Proxmox hosts 😄

Got it automated to a single "provision" command though that will spin up any of my nix VMS unanttended, so I'm happy with that.

It's a goddamn stochastic parrot, starting from zero on each invocation and spitting out something passing for coherence according to its training set.

"Not understanding what is happening" in regards to AI is NOT "we don't jniw how it works mechanically" it's "yeah there are so many parameters, it's just not possible to make sense of / keep track of them all".

There's no awareness or thought.

Now THAT is something I wouldn't ever trust.

Think about it like this:

• with ansible, you are responsible for making sure that executing the described steps in the described order leads to the desired result

• with nix, you describe what you want your system to look like, and then figuring out how to get there is nix's problem (or rather, is obvious to nix thanks to nixpkgs)

?

Better open a package request (or pull request :D) then 😄

I host it publicly accessible behind a proper firewall and reverse proxy setup.

If you are only ever using Jellyfin from your own, wireguard configured phone, then that's great; but there's nothing wrong with hosting Jellyfin publicly.

I think one of these days I need to make a "myth-busting" post about this topic.

Matrix fits the bill.

Unless you don't like the federated nature.

OK, add step above: use wildcard certificate for your domain.

Terminating the TLS connection at your perimeter firewall is standard practice, there's no reason your jellyfin host needs to obtain the certificate.

Actual answer for 3:

• put jellyfin behind a proper reverse proxy. Ideally on a separate host / hardware firewall, but nginx on the same host works fine as well.
• create subdomain, let's say sub.yourdomain.com
• forward traffic, for that subdomain ONLY, to jellyfin in your reverse proxy config
• tell your relatives to put sub.yourdomain.com into their jellyfin app

All the fear-mongering about exposing jellyfin to the internet I have seen on here boils down to either

• "port forwarding is a bad idea!!", which yes, don't do that. The above is not that. Or
• "people / bots who know your IP can get jellyfin to work as a 1-bit oracle, telling you if a specific media file exists on your disk" which is a) not an indication for something illegal, and b) prevented by the described reverse proxy setup insofar as the bot needs to know the exact subdomain (and any worthwhile domain-provider will not let bots walk your DNS zone).

(Not saying YOU say that; just preempting the usual folklore typically commented whenever someone suggests hosting jellyfin publicly accessible)

Neovim, because I wanted something that would not just disappear.

I never really got along with VSCode, opting for Atom instead. Microsoft bought GitHub, which owned Atom, and promptly discontinued it.

Nvim has such an active community (and no "owner") that I'm certain that this won't happen again. At the same time, the plugin system is so flexible that I'm also certain that I will never miss out on any shiny new features.

Over the years, my config has matured, and is mine. The thought of going back to an editor, any editor, less flexible in its configuration than nvim is just... an absolute "no".

It's a steep learning curve, but well worth it.