I am a bit befuddled over what the best practices are for an internet connected or local server running the *arr stack.
Should we be using cosmos for security, reverse proxy, and container management or other tools like nginx, traefik, authentelia, authentik, and portainer?
Furthermore what’s the advantage of using proxmox containers to host docker instead of installing docker on conventional Linux?
Just a note about piracy: Please don’t give the corporate overlords any reason to legally go after a Lemmy admin. There are plenty of dark web sites that I won’t mention but they are a better fit.
sites that I won’t mention but they are a better fit.
I would be very interested, too. Could you send me a link?
I think 2 good concepts come to mind to help you make choices:
- Least privilege - Only give things/people just enough access/authority to get the job done. A good example is sonarr doesn’t need access to your personal photos to do it’s job, so don’t give it access if to them.
- Defense in layers - Nothing is perfect and you can make mistakes in configuration. Don’t rely on a single point of failure to protect you. If you want remote access use a VPN. But also take steps in your network like putting a password on the logins.
I’m also interested :)
What I can add is that if you selfhost locally your arr stack with jellyfin or cie, there is no need for reverse proxy, authelia…or whatsoever !
If you going to host you stack and make it available over the net and open ports in your router, yeah it’s mandatory ! With a wireguard tunnel and cie (I think portainer is the way to go for most user).
Locally you can just connect to your jellyfin’s private ip without to much complicated overheat.
Just secure and isolate your torrent connection and use a good VPN (like proton VPN).
What’s a cie?
Edited! XD maybe that wasn’t the best acronym ?
An other way to express “etc” xD
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters IP Internet Protocol Plex Brand of media server package VPN Virtual Private Network
[Thread #446 for this sub, first seen 23rd Jan 2024, 00:25] [FAQ] [Full list] [Contact] [Source code]