Thanks for calling those points out! You are 100% correct. I think I take it for granted that at this point, all of this “just works” on my setup :)

The audio should not be affected, as far as I’m aware. I get all my stuff from Usenet

Also check out Tdarr! I convert everything to HEVC using that. Shrinks down some files to literally 50% of their original size

Seems like the intro clears some things: https://gamevau.lt/docs/intro It looks like you install the server component on your NAS/server etc and store your game files/binaries/installers there. Then you can download client applications and download from that location to install on your gaming PC or whatever

Ah perfect! Exactly what I was looking for! Thank you so much for that explanation. Definitely trying to understand more about security and your explanation just made something click in my brain :)

Just curious, why not a full VM accessed through Guacamole? On the other hand, I have never considered a browser based full desktop experience, so I’ll probably also play around with these suggestions 😂

Wow I hadn’t even thought of custom dashboards for each user. I use Homepage for my internal dashboard, and Homarr for users. It’s got a nice, simple interface with big buttons

Hey man, so I’ve been thinking about this and doing a lot of reading since I read your comment… Question: what makes an SSH tunnel any more secure than an SSL connection through a browser? I only have port 443 opened on my home network for reverse proxy and wouldn’t want to open anything more to the internet. Am I missing something fundamental in terms of security? I would definitely like to understand this more.

So from reading the site, is this an IPV6 end-to-end encrypted p2p network? That’s super interesting, but I’m sure my work firewall would be hardened against any incoming traffic. Will definitely experiment with this though. And I love the name

Yes that’s what someone else said below. I will try that

Looks like that’s blocked on my work network too

It can be

My work’s network is pretty locked down, which is why I’m trying to think of other solutions that would work.

Should have mentioned, Tailscale is blocked on my work network

Jellyfin/Plex etc are all media server software, so they will all play audio and video from whichever device you’re opening the apps from. Not sure what OS you have on your Dell, but you could enable a GUI and then remote into that to play stuff directly off it. That’s a bit of a mission for something simple though! Take a look at this GitHub page. It always has something useful that I haven’t heard of: https://github.com/awesome-selfhosted/awesome-selfhosted#media-streaming

Or swag ;)

I’ve always personally hated localhost and just opt to use the IP directly, which I guess was my downfall this time :)

OMG I figured it out. It was actually my last comment that got me thinking in the right direction. The problem was that I was using the EC2 public IP address to point the tunnel to. EC2 also has an internal private IP address. Switched the tunnel to point to that, and it works! I felt like such a dummy when I thought about it. The tunnel is trying to hit the app internally. Why would it need to go out to the internet and retrieve a firewalled public address? Seems so obvious now.

Not yet. I did a fresh install on a new EC2 server. Cloudflare tunnel seems to be connected correctly i.e. the handshake is successful, and when I hit the URL, I get the cloudflare 404 page that shows the app is down. @lilshalom (is that how you tag in Lemmy?) I’m having trouble figuring out EC2 logs - I’m pretty new to AWS. But I’m pretty confident at this point that the tunnel is setup correctly, but for some reason, it cannot connect to the app. For what it’s worth, I did have it all working on my local raspberry pi. I’ll tinker a bit more and then I’ll probably try the app’s GitHub issues page and see if the dev can chime in

Yep all outbound ports are opened, per default. Tunnel does show as healthy in the dashboard. The cloudflared logs say the tunnel is established correctly but cloudflared cannot reach the application. I only have my home IP address set on inbound for both ssh as well as the application and port I’m trying to access. I’ll look into this into more detail again in a couple hours and look at your and lilshalom’s suggestions