I would recommend instead jellyfin, immich, and maybe just plain sftp for all the rest. You can sync (err, become distributed) by way of git, syncthing, or rsync.
What I haven't seen yet is a good self hosted identity manager, SSO sort of thing. I believe bluesky is working on one but I dont know if it will be self hostable (Freudian autocorrect: self hostage)
Another thing I haven't figured out yet with my homelab/private cloud is how to be my own CA and manage access to my machine without teaching my counterparties ssh. I want something like NordVPN offers in their meshnet: anyone logged into the family plan can see each other's machines as if they were local network. Can wireguard accomplish this? I think this is what yggdrasil is too but haven't dug into it.
Isn't this a library for building your own applications? I don't see how jellyfin etc is relevant here.
By "good" identity management I guess you mean something other than OpenLDAP or 389? Not sure how well these work with Windoze if you care about that.
Being your own CA is easy. Installing that CA in all the machines you want to is the sucky bit. It all works if you use let's encrypt.
Wireguard can let you join two LANs together over the internet but you'll probably want two wireguard capable routers on each end (like pfsense or something). Otherwise you'll have to install special routing configs on to each client machine. Forwarding avahi (for auto-discovery) over the link is something I haven't figured out yet.
I see what you mean, I was just going off the byline Works offline.Store music, photos, video.Actually delete stuff.Temporary documents.Live syncing.Use one or many identities.Sneakernets.Always self-hosted.
I’ve been struggling creating clientside certs for mTLS, seems like it will work for most browsers that let you install certs, but not for an app (like the immich and jellyfin apps) so I’ll probably end up with a VPN solution, easy enough to tell my sister to open this app and hit the button before trying to connect.
I’m going to dig into Headscale with Authelia for OIDC, that’s pretty close to what I was imagining, found this tutorial [0] (wow posted just 4 days ago). Thanks ya’ll.
What I haven't seen yet is a good self hosted identity manager, SSO sort of thing. I believe bluesky is working on one but I dont know if it will be self hostable (Freudian autocorrect: self hostage)
Another thing I haven't figured out yet with my homelab/private cloud is how to be my own CA and manage access to my machine without teaching my counterparties ssh. I want something like NordVPN offers in their meshnet: anyone logged into the family plan can see each other's machines as if they were local network. Can wireguard accomplish this? I think this is what yggdrasil is too but haven't dug into it.