642: Tunneling Home for the Holidays

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:11):
Hello, friends, and welcome back to your weekly Linux talk show. My name is Chris.
My name is Wes.
And my name is Brent.
Hey, gents. Well, coming up on the show this week, I have finally cracked it.
I love Jellyfin, but there's been one thing that's been lacking that's kept Plex around.
Well, I have a wild remote access trick for private self-hosted services like Jellyfin.

(00:34):
And now I can share my Jellyfin instance with friends and family who can't join my Mesh network.
It's simple, It's absurd, and it's shockingly effective.
And then we'll round it out with some great picks, some boosts, and more.
So before we get into all of that, we've got to give a shout-out to our virtual
lug. Hello, Mumble Room. Time-appropriate greetings.
Hello. Hey, Chris. Hey, Wes. And hello, Brent.

(00:56):
Hey, guys. Hello up there in the quiet listening tune. I see a little crew up
there hanging out with us.
Mumble Room is always rolling. JupyterBroadcasting.com slash mumble.
And a big good morning to our friends at Defined Networking.
Go meet Manage Nebula from Defined Networking.
It's a decentralized VPN built on the Nebula platform that we just absolutely love.

(01:19):
Every now and then a darling comes along, I think it was Wes,
caught it first, and then we lock in and we track it from basically birth to, you know, product.
And it started in 2017 to secure the Slack network, which had to have robust
security and decentralization from the very beginning.
I mean, this is Slack's bag, right?

(01:39):
And so Nebula has the best-in-class encryption.
And what really matters for me
is the design. You can use the managed product for up to 100 free hosts.
No credit card required. Support the show. It's a great product.
And if you think to yourself, this is something I'd like to build my business's
network around, they can help you with that.
Maybe your home lab. But maybe get to the point where you want to manage the

(02:00):
entire thing. Everything can be completely self-hosted.
It's not something they begrudgingly support that's available that doesn't have all the features.
It's what they build their product on top of. And when you think about your
network infrastructure and long-term planning, those little things,
that 10-20% gap, really makes all the difference.
And it's such a fantastic product because it puts very little load on your machine.

(02:24):
Low load on the network and low load on the CPU. so your battery life lasts
longer on your laptop and your mobile devices and your server isn't busy with
a bunch of that nonsense.
You got to go check it out. Get started for 100 hosts absolutely free,
no credit card required.
Go to defined.net slash unplugged. Redefine your VPN experience at defined.net slash unplugged.

(02:48):
All right, we have decided to do it. The Great Holiday Home Lab is coming up.
Pay attention because we're going to need you to submit your home lab to this special.
And I will have links. I'll have all of it set up for you.
It's something we're doing in place of the tuxies this year.
It's our first, very first edition of the Great Holiday Home Lab special.

(03:10):
And we want to see your setups. It's a magical time of year.
It'll be coming up before you know it. It's just a couple of weeks away.
So it is our first community showdown of your questionable wiring your crazy

(03:33):
tinkering uh maybe your downright impressive builds i don't know maybe you got
a real clean setup i want you to enter your home lab big or small to linuxunplugged.com slash holiday.
And it is a Google form.
Don't think you have to log in, but if you hate Google forms,
I have a solution for you. It's all available. You can just copy and post into an email.

(03:54):
Go to linuxunplugged.com slash old fart.
That's linuxunplugged.com slash old fart. If you just want the markdown version,
I'd like you to submit a couple of photos, a short description,
your hardware list, and tell us what your home lab actually does.
And then you're in. And we're going to have a couple of different categories
we're going to have the grand rack award which will be 100 000 sats

(04:14):
we'll have the silver pseudo award which will be 50 000 sats the best effort
award he doesn't have to be perfect the best effort 10 000 sats and then the
lup rescue mission one home lab that's in such bad shape maybe you tried a lot
of heart went into that home lab a lot of effort,
The three of us, the boys, we're going to get connected on a remote call.

(04:37):
We're going to run down what's going on. We're going to help you get things
in working order and do a little LUP rescue mission, for better or for worse.
I feel like you're talking about my home lab here. Oh, wait,
we've already done that rescue multiple times. What's going on?
Why won't that stick?
You know, it's like the shoemaker whose kids have horrible shoes.
So, you know, we're probably going to record that session.

(04:59):
And depending on how it goes, we may turn that into an episode as well.
If you end up on the LUP rescue mission tier.
So we're going to have each home lab, we're going to look at its functionality,
your design, your ingenuity, your creativity.
Efficiency is a big one too. If you have documentation, that'll matter.
Your personality, your creative solutions you've come up with.
We're going to have a zero to 10 per category score. Each one of us will give scores.

(05:23):
You know, we'll have things like the lowest functionality, but best personality.
Maybe a disaster story might earn the rescue, something like that.
So the entries are open right now. I want you to submit your homelab,
show us what you got, even if it's totally chaotic.
Hey, my wiring often looks horrible.
No shame in that. We may judge you and call you out for it, but don't worry.
A lot of us have it like that.
We really want to see what you got. So submit it. We'll have links in the show notes.

(05:46):
And again, it's linuxunplugged.com slash holiday or linuxunplugged.com slash
old fart for the great holiday homelab extravaganza.
And do get them in quick, because we're going to be recording our holiday episodes
before you know it. And I can't wait to see what you guys have come up with.

(06:09):
We cannot participate ourselves, unfortunately. We'll have to do our own rescues later on our own.
Been disqualified already. Jeez.
Okay, so I wanted to solve something that's really kind of been eating at me
since about two years ago when Alex and I did the Jellyfin January Challenge, I think it was.
And it'll be two years, I think, this January. And Jellyfin's been fantastic.

(06:32):
The migration to Plex was really smooth.
I use infuse on an Apple TV, which sounds like a, why would you do that kind of setup?
But it actually, after trying all the things really has been just a fantastic
way to consume media really flawless.
The two combination are great. And I do take advantage of some jellyfin plugins
and I use the jellyfin web interface from time to time.

(06:53):
I've had to keep one Plex instance around because friends and family like to
sometimes check in on the old media library.
Maybe they're traveling or whatever, and Plex is installed on a lot of stuff,
or it's easy to get going on anything that has a web browser.
And so once or twice a week, friends or family are streaming things from a Plex
server that I don't actually use for myself.
And I thought about this problem because when you're at a hotel or,

(07:17):
you know, it's a friend's computer, you don't necessarily want them to just
randomly join your mesh network.
And I don't necessarily just want to build a public Jellyfin server that's available
on a VPS all the time that's going to get banged on.
And I don't want to have my ports forwarded on my firewall permanently to my Jellyfin instance.
And I might want to solve this for other self-hosted software that isn't Jellyfin.

(07:40):
And so this is a problem that I have tried to figure out for quite a while.
And obviously something Plex handles really well.
I know neither one of us none of us are really big Plex users but occasionally,
you know we might dip in just because of the share feature.
Yeah absolutely and it's one of those things right where you just kind of got
maybe folks who were less technical still kind of had a Plex account because

(08:04):
they had other friends who were sharing Plex just there was a lot of stuff that
ended up meaning you could get tangentially sucked in and that meant that it
was also very easy to take advantage of them doing sort of hey,
we're the SaaS company that's willing to do free proxying for you and host the auth and make it easy.
Wes, you've had a really nice solution to this that you've used historically.

(08:24):
I know I've used it a couple of times.
What, his randomly spin up a jellyfin server, watch a TV show and then destroy it move?
Quite on demand too. I think you've optimized it as well.
Yeah. I mean, I did think about this.
I have a tip. I'm later in the show. I have a tip for how to do this.
I haven't adopted yet, but that's even better.
I wanted something that would let us continue to watch the TV shows that we've been watching.

(08:49):
Like right now, we're watching the first season of Mary Tyler Moore while we eat dinner.
And if we go out somewhere that has an internet connection on a web browser,
I would like to be able to stream my Jellyfin instance.
And so ideally, I wanted to set up with no special VPN required,
no weird stuff for the user to do, no weird stuff for me to have to do.
And there's a lot of ways to crack this. And we're going to talk about some after I tell you mine.

(09:12):
And if you have Tailscale, for example, you could use a Tailscale funnel.
If you're a pretty big Cloudflare user, you could probably use a Cloudflare tunnel.
But I wanted to try solving this with something I've never used before but I've
heard a lot about, and it's a service called Ngrok.
And it looks pretty straightforward. That's one of the things that appealed to me.

(09:33):
And it's a self-hosted sort of ingress as a service or a secure tunneling platform on demand.
And you do run a small agent on your box, and it opens up the outbound connection
to ngrok's cloud, and then ngrok generates a public URL that forwards traffic
back to your local service, whatever you might be pointing it at.
And it also, very conveniently...

(09:54):
It handles the HTTPS certs. So if you're using it for free, you can use three
online endpoints and a gigabyte of bandwidth and 20,000 HTTPS requests a month.
And then they have paid tiers that start around $8 or $5 a month that give you more.
And that's particularly convenient for a Jellyfin, right?
Just because not every app, but some combos of certain apps really prefer your

(10:18):
Jellyfin server to have a TLS certificate.
Yes. Even if you don't really need one or you don't even care because you're
just trying to stream media that isn't secret at all, but.
Yeah, a lot of the mobile apps and a lot of the basic kiosk web browsers,
which was one of the things that was a requirement is this would work on a basic
Chromium kiosk browser.
Also helps for some casting situations if you're going that route.

(10:41):
Mm, yeah, right, of course. So that was something that I wanted to try,
but I also needed a way to toggle this on and off because I don't want to leave
it running when I'm not personally watching TV.
And this proposes an interesting challenge because a situation we find ourselves
in, we're at an Airbnb or a hotel and we want to watch some Star Trek.

(11:02):
I don't want to have to SSH in or I want to be able to toggle it on really quick
or my wife. I want my wife to be able to do it as well.
Right. You wanted something where you didn't have to like go manually stand
up infrastructure or wire stuff together, like not have to set it up with an
intention before like a big trip. You want to be able to like on a whim on a Saturday.
Yeah, I didn't I don't want to have my jellyfin server on the public Internet

(11:24):
all the time, you know, so something I could easily toggle on and off remotely.
It was really kind of what I was going for.
So this still feels like you're exposing yourself to the public internet, really.
Because if you didn't feel like there was some kind of risk,
you wouldn't need the toggle, right? You just leave it on all the time.
So does this feel like the ultimate solution or just a step towards?

(11:46):
Yeah, you're right. I mean, it is still a problem. I mean, it's a really crazy
ngrok URL, so there's a little bit of obscurity there.
But then, of course, I do the right thing. And I have a DNS redirect that makes
it a really simple URL. so that way I don't have to type a crazy NGROC URL into
a kiosk device, which probably makes it easier to discover.
This is something I'd be curious to know what solutions I could employ at this stage.

(12:10):
I could do IP whitelisting, but the issue there is I don't know what IP I'm
connecting from. It could be cellular network.
Yeah, and you won't if you're at a random Airbnb or hotel or wherever your cell
phone gets assigned today.
And if it was just you, you would use your mesh network, right?
That's the obvious solution here.
But yeah do.
You want to let wes and i connect whenever we want to or whenever we can convince

(12:30):
you to flick the switch right.
Yeah it's so that that is i think the
downside to this setup is for for a period of time there is a way public internet
could discover your jellyfin server now the way ngrok works is when you go to
the url at least on the free tier there's a page you have to go through first
to say yeah i know what i'm doing so that might slow down some automation i I doubt it, though.

(12:54):
Ultimately, what I rely on is keeping my Jellyfin server secure and up-to-date and isolated still.
Yeah, I was going to say, like, obviously defense in depth, but there's also,
you should be realistic about what your actual particular threat scenarios are,
and, you know, how do you, does your Jellyfin have, uh, is it all just guest accounts and, um...
Default passwords uh is it does it have access to the rest of your box or is

(13:17):
it in some sort of container or virtual machine or thing that just has access
to the media and do you have sensitive stuff in your media or are all things
to yeah that may make you care more or less depending on
how you've got it set up if it's just like a dedicated virtual machine that
only has like a limited stuff mounted in from the host maybe it's not a huge
deal if it's you know running on your box where you also do all of your backups

(13:38):
and stuff then maybe it's a bigger deal.
It does seem like in terms of application complexity because it is a very complex
application with a lot of stuff under the hood, a lot of FFmpeg,
and it has access to hardware acceleration.
You know, of the apps, I'm going to make temporarily public.
It feels like maybe the dumbest one to actually make temporary public because

(14:00):
there's, honestly, there's a large attack service, there may be auth bypasses
for all I know, ways to trigger the server to do all kinds of crazy DDoS indexing
and transcoding. I mean, who knows? Right.
I mean, it has to be something you consider in the setup, I think,
which is why the toggle I felt like was so important, because then I'm at least,
you know, I'm watching a half hour episode of Mary Tyler Moore.

(14:21):
Or, okay, so I have a 40-minute window where I have this really crazy obscure URL and all of that.
But something I would really like input on is layers of protection I could do
here or some other maybe second-order authentication I could do to enable this,
to authorize certain connections.
Like if you have any ideas to boost in or give me a little bit of feedback on

(14:44):
this because that is something that is not ideal and I do want to disclose it's a risk here.
But ultimately, I was very, very happy with the setup that I ended up with.
Unraid.net slash unplugged. Unleash your hardware and unlock your system's full
potential this Cyber Weekend.
Unraid Cyber Weekend sale is almost here. So the Black Friday through Cyber

(15:06):
Monday sale runs November 28th, as you're listening, that's this Friday, to December 1st.
You can take 20% off starter licenses and 25% off the Unleash license and upgrades.
Every starter or Unleash license also gets you a voucher to the Unraid merch
store, where you'll find an all-new graphic tees, jackets, hats,
and backpacks, 20% off the entire lineup.

(15:30):
And that's through the new year.
It's not just a sale, though. It's really a celebration. Remember,
Unraid is celebrating 20 years of freedom, performance, and control.
Is your system unleashed, and are you? Well, it is the time right now, so get started.
Support the show. Go to unraid.net slash unplugged.
Unlock your system's full potential and take advantage of the Cyber Weekend

(15:52):
Sale. running November 28th through December 1st.
Take 20% off starter licenses and 25% off that unleashed license and the upgrade.
That's a great deal, plus the merch voucher. So check it out, support the show.
It's unraid.net slash unplugged.
Well, you mentioned wanting to be able to turn this on and off,

(16:14):
I'm assuming from the sofa or any sofa in Airbnb or at home and have the wife
be able to do it, which is,
it sounds like quite a challenge, Chris, but you said this, you pulled this
off in a nice way. So I'm waiting to see. What do you got?
You know, as the years go by...
My go-to solution more and more for this type of stuff is make a button in Home Assistant for it.

(16:40):
It's such a flexible, powerful platform.
Should have guessed.
Yeah, it works great for this kind of thing.
And, I mean, maybe not for everyone, but you are already committed to having
it available and plumbed to basically all of your devices, right? You want that.
So you're not paying a cost for like a new separate whole, you know,

(17:00):
bookmark and a whole bunch of stuff.
True. And it's something I'm already maintaining and making sure it's highly
available and et cetera.
But also the thing that played a big factor in my decision making is it's on
the wife's phone, right?
The kids know how to use it. So it already has family workflow.
So I'm adding a button to a thing they're already using. I'm not asking them to go use a new thing.

(17:20):
And I cannot tell you what a difference that makes in family adoption.
It's the difference between them using it and not using them.
So plus it's just really awesome. I wanted a small little button,
and I already have a dashboard that's for our media playback that has a mock
remote control, and it has our music assistant controls.

(17:41):
You can control the different speakers in the house from this one dashboard
already. So this is where you already go to do TV stuff.
I'm almost imagining like you have a TV button on the wall that you hit,
you know, and then it starts the TV up, and then the TV turns on,
and then the switch is toggled, and you're ready to go.
Well, I absolutely could. I absolutely could map it to a button,
right? I could conceivably even map it to just a hardware button that I take with me in my bag.

(18:03):
Or for the kids, it has a little countdown, and then the button turns red again, and the TV's cut off.
Yeah, the tunnel turns, yeah.
I would like to know what you called the device in Home Assistant.
You probably came up with a good name, or you need a better name, right?
No, it's just, well, yes, I do. It's just Jellyfin Tunnel.
Lame.
Maybe it could be like Media Conduit. I don't know.

(18:24):
I like that. I tend to give Star Trek names, because then it sticks out.
You know, like, you know, like media subspace relay subspace media relay,
something like that could work.
But the other thing, too, that I didn't want to have to deal with is I didn't
want to have to do the crazy Ngrok URL every time because I'm not going to remember that.
And I'm picturing like an Airbnb. I'm picturing a kiosk.
I'm picturing a basic web browser. Or I'm telling a family member over the phone.

(18:48):
And I don't want to have to give them this crazy URL.
So when I hit this button, not only do I want the tunnel to initiate on a different
box, but then I also want to retrieve the crazy rando Ngrok URL I just got.
And then I want to go update my Cloudflare DNS entry with a redirect to point
a static DNS name at this new crazy URL.

(19:10):
And all of that happens with a push of a button.
And it's so great. And honestly, it was really made possible because I created
a little REST API with a tiny little Python server.
I vibe coded. I'll just admit that.
Oh, yeah.
Very simple. It's only got like
four functions. So it's not like it's very powerful or very complicated.

(19:33):
But what it does is it listens for essentially an HTTP rest request from Home Assistant.
And that either tells it to start, stop, or check the status or get the URL.
So in Home Assistant, I can show if the tunnel is active. I can light the button
up when the tunnel is up or down.
And I have history of how long the tunnel's been active, when it was activated,

(19:57):
and I can also display the ngrok URL in Home Assistant if I wanted to.
Ooh, that's nice.
Yeah. That's really, really fantastic. I did play around with Cloudflare because
they don't have the bandwidth limitations until you go too far.
And because I'm hosting the DNS on Cloudflare, it kind of made sense to just do it all in one place.

(20:18):
But honestly, the complexity is more significant. And so, and I've just found
Ngrok to work really well.
And then in Home Assistant, I created a manual REST sensor.
And it's just something you add to the Home Assistant config.yaml file.
And it's probably five lines of YAML.
And it just identifies a new sensor type.

(20:38):
And I give it the URLs for the sensor endpoints to go talk to the Python server.
And then that's how it triggers and reads the state.
And while it sounds kind of like hacking a bunch of scripts together,
it's because it's so simple and because I'm using the Home Assistant automation
and architecture, it works really well.

(20:58):
So I have the Home Assistant dashboard, which has a switch for the ngrok tunnel,
which then sends the rest command to start or stop the ngrok tunnel.
Then using the API, it pulls back the status of the tunnel. It updates the...
My dns record with that new url from the.
Status home assistant doing that or your python automation my.

(21:20):
Python is when the api when after the python script starts the tunnel it retrieves
the url and updates the dns just right back to each other.
Gotcha yep.
Uh but then it delivers that back via the api to home assistant as well.
And then how does do you have to like set certain stuff in home assistant in
terms of like fields to pick out of the response is there a standard protocol
in terms of like you know reading like use this field to tell if it's up or down kind of yeah Yeah.

(21:42):
Because it's just giving back really simple JSON, like, yes,
up, down, you know, status is active, inactive. That's basically it. That's all it is.
It's so nice. But by that, I essentially get status monitoring.
By looking at the button, I can tell if the tunnel's up or down.
But then if I want, I can go into the button and I get an additional history
of all the time the tunnel was used. Right.

(22:03):
And then what I did is I essentially start that Python API server with a systemd unit.
So when the system boots, it's just running via systemd, that little Python listener.
And then that guy also is what interfaces with ngrok's API, right?
Which is sort of like, hey, toggle this tunnel on.
And then as long as you have separately that little tunneling daemon running
and available, it'll pick up on that automatically.

(22:26):
Yeah.
Cool.
And then it's using the Cloudflare API, which I had to go create an API key,
obviously, for the different zones it needed to manage and whatnot.
And it's using that to do all the DNS and redirect on my subdomain that always remains the same.
So I always just go to the same URL and I never have to, I always have a vanity
URL for it. I never have to worry about any of it.
And then when we're done, I just pull up the Home Assistant app on my phone,

(22:49):
tap the button on the media card, on the media dashboard.
And it takes about 10, 15 seconds and then the tunnel closes.
That's it. And I had you boys try it this morning and I just told you what URL
to go to and you do get an NGROC screen. But I'm curious to see what your impressions were.
I'll start with you, Brantley, since you were probably on the most remote sketch
connection out of the two. Well, it's just what it is.

(23:12):
Yeah, I have to say it just felt like the native experience.
Aside from that NGROC screen that you...
To say, yeah, yeah, I, you know, I trust the person who sent me this weird,
crazy link, which I'm not sure I should have answered that.
But then I just got the, you know, usual Jellyfin interface and stole your credentials
and it seemed to work perfectly fine.

(23:33):
There was a little bit of buffering on my end, but I think we figured out that
that's because it was your box was doing a little bit of transcoding to send it my way.
Not because necessarily of bad connections, but just because of hardware.
Is that, was that your assessment as well?
Yeah, just that Spaceballs was 4K, UHD.
That was the only thing to test with. Yeah, I couldn't find anything else.

(23:55):
No, of course not. No, I don't know. So, Wes, I know it's not the most performance
solution, but if you took out that Ngrok prompt screen, which I think would
go away if I paid for it, it feels like a pretty seamless solution.
You wouldn't even know. You just go into any web browser and Jellyfin just comes right up.
Yeah one thing i wasn't sure that i didn't check when i was looking at it was
um are you doing like a cloud for flare proxy to apply a correct cert name like

(24:18):
on that level or does ncroc get that right yeah or maybe jellyfin just doesn't
care no jellyfin cares but do you tell them because then you're adding your
own like wrapping layer right i.
Wonder if maybe it is it is probably also solved it via it must have been solved
at the cloud level it's just,
I don't recall going through that process.
But in any case, at least doing it in the browser, I didn't do a complicated app or Chromecast test.

(24:41):
You don't have to do a fake search. But it worked just fine.
Yeah. And it is interesting. You mentioned possible limitations with bandwidth.
Again, you're using a free plan from a thing, so there's risks with that.
And I think, as far as I knew, I've never used them extensively,
but I think Ncroc started from making it easy to expose staging developer stuff.
I'm working on something developing over here, and I want to do a demo and share that.

(25:03):
So yeah, so here's my API on my private box is really, yeah, and I, you're right.
And I do think if you were going for raw performance, Cloudflare is probably
better because their network's a little more robust.
And additionally, they don't have that one gigabyte limit on the free plan.
So there's that. However, I really like Ngrok, so I'm not necessarily inclined to change it.

(25:25):
Well, and as you saw, right, like it was, the UX was good.
It was well supported out there. There's a lot of examples. There's API integrations
for it and all that. So there's a lot of benefits too.
The cool thing is because I kept the configuration and Home Assistant itself
to something really basic, it's four or five lines of YAML, I can change out.
Ngrok and cloudflare and keep the home assistant part working because i just

(25:49):
keep the api endpoints the same if it's if it's ngrok or cloudflare and then
i don't have to readjust anything in home assistant and it keeps working i tested
this i swapped out to cloudflare tunnels temporarily,
and uh you know just kept the api url
endpoints the same even though now it's not ngrok and it
works so that flexibility i really love in a sense

(26:11):
it's modular right the jellyfin the media server it could be plex it could
be sync thing it could be my my my documentation
it could be my lube logger it could be any app
and it can be any it could be ngrok it could
be funnels it could be channel tunnels it could be any tunneling technology
you want and then with home assistant it that just stays agnostic as well but

(26:34):
they all really seamlessly work together and i don't ever manually start this
tunnel even though i know the command to start the tunnel i don't ever i just
Oh, I just bring it up on Home Assistant and start it.
Like this morning when you guys wanted to try it, I just asked the station to that box.
I'd open up my tab and went over to Home Assistant and I started to tell that one.
Hit the button. Yeah.
Yeah, hit the button. Yeah. Well, like you said.

(26:55):
Right, you get the dashboard, you get the metrics, you get the state keeping,
all that kind of stuff for free.
It's nice to solve this problem, but it's not the only way. And Wes,
you played around with something called Jelly Swarm.
Yeah. You know, you kind of touched on it earlier. Like you transition to Jellyfin
and it does a lot that we love. But there's some kind of areas that it doesn't

(27:18):
really compete with Plex in the same way or kind of offer the same functionality.
And so I just took this as an opportunity to go look around and see what tooling
folks were building and working on that might sort of fit.
And so we'd been kind of curious around like proxies or ways to share servers before.

(27:38):
So jelly swarm advertises itself as
a reverse proxy that lets you combine multiple jellyfin
servers into one place if you've got libraries spread across different locations
or just want everything together jelly swarm makes it easy to access all your
media from a single interface multiple servers yeah i haven't done that remote
yeah i've only just got it uh set up but yeah so you can proxy one server or proxy multiple servers.

(28:03):
Oh i could see us using this for a different uh let's say, purposes.
Yeah. Unified library access. Browse media from multiple Jellyfin servers in
one place. Play content straight from the original server.
Yeah, do you want to try it?
Yeah. Yeah, I want to try it. You got it up? You got it up right now? Is it working?
I bet you it's running off his laptop right now.
Yeah, it is. So don't go crazy.

(28:25):
I see it.
Don't go crazy.
Great. All right. All right. All right. I'm going to just use the traditional
login. Go ahead and remember. Oh, no. Is that not the traditional login? Oh, is it Chris F?
No space in the password, too.
No, of course not. We don't do spaces. We're not here for stinking spaces.
There we go. I'm in. Boy, it's fast, Wes. That's on your laptop?
Yeah.
And then you should, if you, I don't know if you, if you can mute the tab or

(28:46):
something. I don't know if you want to try it to see if the video will load.
It's spinning and loaded, boom, right into Deep Space Nine.
Yeah, all right.
Season 2, episode 13.
Armageddon game.
Wes Sneaky had me test this last night without your knowledge,
Chris, because he knew he was working on a competing solution,
and I think he wanted to win.

(29:07):
I got to say, between the two, Wes is a little smoother.
There's no, like, yes, I need to trust this crazy human URL,
and also it loaded pretty quick.
But the coolest feature I saw was user mapping. Wes, you want to write us through that?
Oh.
Yeah, actually, Chris, if you pull that URL back up, if you add slash UI to it,

(29:29):
I think it'll take you to the management interface.
Oh, yes, it does. The Jelly Swarm admin interface.
And then same password, but use Wes as the username there.
I do love our security practices. Okay. Is it Wes P or is it just Wes?
No, just W-E-S. It should be. Oh, no, it's admin. Sorry, it's admin.
Now we know what Wes's password is. All right, now we are in.

(29:52):
I see. So I have one server listed. Yeah.
Yeah, so this is Jelly Swarm. It's a Rust-based app.
It's got like just a little minimal web server that it hosts as well as being
a proxy that shows its own full Jellyfin UI and so it's pretty simple right
now, really early days for the project I think.
But yeah, you've got servers you can configure users and then some basic settings.
So the first thing you do of course is well what are you proxying?

(30:15):
And so this is where it's being proxied over a mesh network back to my laptop.
But you can see here where you could add multiple ones. They have a priority
field which I haven't played with.
How are you getting this public to the internet?
For this demo, the proxy is running on a VPS.
A VPS. I see.
And then talking over the mesh network back to my server at home.

(30:35):
That is a very nice solution. So you have a VPS that's got a mesh network interface,
and then it can proxy these. And it works really well.
And it's like three fields to add a new Jellyfin server to this,
as long as it can access it.
And then if you go to the users tab, you'll see one thing that's interesting is,
it does a layer of mapping. So it has its own directory of users,

(30:57):
and then you choose how to map those onto the credentials to the actual Jellyfin
servers that it's being proxied to.
So I was able to map both of your guys' fake proxy accounts onto the one Wes
account that I have on my actual Jellyfin server.
Yeah.
And you could do it other ways too, right? But that gives you a lot of flexibility, I think.
Wow, that's great. This is really, really cool. Huh.

(31:20):
Now, one downside I saw in this early version, I don't know if they're going
to try to fix that or what.
One part, I did have to still set up like a full forward to my Jellyfin instance,
because everything worked in terms of being fully proxied through JellySwarm,
except when I would try to play the media.
And it looked like for that, it was still ultimately getting served a link to

(31:41):
the backing Jellyfin server.
So if you knew the right, if you were watching the network traffic,
you could go figure out like where the backing server is that's being proxied
from that same VPS, but you don't have an account for it because you have credentials
that are only valid for the proxy.
And I think eventually, right, it could be that this is able to proxy the media too.

(32:01):
I don't know what the full plans are there. So there are some caveats, but...
I was impressed, honestly, with how well it worked. I was able to test it with
doing a Chromecast here at the house. That was totally fine.
And it works just fine with the Android Jellyfin app, too.
Well, I see it's still actively updated. It's kind of a new project,
but it's under active development. Last four days ago, things were created in
last week, a bunch of stuff.
And it's GPL 2.0. It is Jelly Swarm. Bring all your Jellyfin servers together.

(32:26):
I think this is the route I'm actually going to go for Jellyfin.
Because then we could also, over time, we could add each other's servers,
which sounds like a lot of fun.
And then this tunnel thing I've come up with seems useful for other types of
self-hosted services that I want to temporarily make available.
I like Jelly Swarm a lot. So it's LukeS22 on GitHub and we'll put a link to this in the show notes.
I did also see just a quick smattering of other things that we should,

(32:49):
that maybe were worth checking out.
Yeah, yeah.
Sadly, it has not been updated yet for the latest, like Jellyfin just had that
big new release with the database upgrade and all that.
So 10.11, that doesn't support it, But there is a flake out there called declarative jellyfin.
Oh, this is up your alley.
Yes, right? So basically you can define all your jellyfin stuff in your NixOS setup.

(33:12):
So once that's updated for the new 10.11 version, I think that's going to be
killer, especially if you wanted to quickly automate standing these kind of
things up, or you just wanted to have a more maintainable jellyfin.
You found some good ones. You got a couple of other good ones in here, Wes.
So check out JellyHub. It's a web app that allows you to fetch media from all
of your jellyfin servers and regroup it into one place.

(33:32):
So there's one place to search for a specific media and tells you on which server
the desired media is located.
So you could kind of see some combo of like Jelly Swarm and Jelly Hub.
Maybe that starts to get you a little more to like the Plexus.
Oh my gosh, this is so great for me because I have a couple of disparate,
smaller Jellyfin servers and then ideally- Subfins.

(33:53):
Of course.
Right, subfins. And then you'd have like a central fin at the server,
like the main fin, the main that. And it's also GPL3, JellyHub.
I also found Jellyman and Jellyroller, which are both like a set of scripts
and or CLI utilities meant to like help manage your Jellyfin.
So if you do start automating and rolling things out, you can check those out.

(34:16):
And the docs were entirely in Chinese. So I did my best to translate it.
But MB to local player, which is something I've wanted before,
because one of the great things about Jellyfin, right, is it makes it super
easy to just download or to get direct stream access to the media without having
to fuss with its UI or anything.
Well mb to local player basically automates doing that but with hooks to like

(34:39):
go back and try to sync your watched status which is what you lose if you take
things out of the whole system.
Oh that's brilliant.
So imagine just like using mpv to watch your video locally while you're working
at your desk and then still have that data in the system.
Wow nice finds very nice we'll have links to all of that in the show notes of
course also would love to hear your

(35:00):
crazy network tunneling solutions and security solutions for my setup.
Like, you know, maybe if I keep using this, I should build in some security.
So boost in and let us know. It's a great way to support the show and share
the knowledge and links to all of this in the notes.
1password.com slash unplugged. Take the first steps to better security for your

(35:24):
team by securing credentials and protecting every application,
even the ones you don't know about.
Learn more at 1password.com slash unplugged. That's the number one password
and it's all lowercase unplugged right there.
You just go there and learn more because this is something that would have changed
the game for me when I was in IT.
If you're in IT, if maybe you're in security as well, Well, you know what a

(35:44):
mountain of different assets.
There's physical hardware. There's user identities. There's applications.
And it's a lot. And it's always growing. Well, you can conquer this continuously
growing mountain of security risk with 1Password extended access management.
This is a huge issue. You're not alone. This has been identified as a major problem out there.
And this is where 1Password is trying to make life better for both users, IT, and security.

(36:10):
And they have Trellica. This is something that can discover and secure access
to all of your apps, managed or unmanaged.
Trellica by 1Password inventories every app and usage at your company.
It has pre-populated app profiles so it can assess the different SaaS risks.
It'll let you know who has access to what. You can manage that.
You can optimize the spend. You can even enforce security best practices across

(36:32):
every applications your employees use.
And now you're going to know which ones they're using, even the shadow IT.
I also really appreciate this because I know so many companies struggle with
onboarding and offboarding employees.
You have a process that lasts for a little while.
This needs to be better. And this is an area where 1Password can help.
It can help you meet compliance goals.

(36:54):
It provides a complete solution for SaaS access governance. Trelica by 1Password
is just one of the ways that extended access management as an entire suite helps
teams strengthen compliance and security.
You know about their award-winning password manager. I use it. Family members use it.
It's trusted by millions of people. I was really thrilled when they came to Linux.
Businesses all over the world use it. This goes way beyond that.

(37:17):
They're securing more than just passwords with 1Password extended access management.
This is something that would make life easier for me, and I think it'll make life easier for you.
So take the first steps to better security for your team by securing credentials
and protecting every application, even the unmanaged ones.
You can learn more by supporting the show and going to 1password.com slash unplugged.

(37:37):
They have a video there you could watch. That's the number 1password.com slash
unplugged. All lowercase. Go learn more.
1password.com slash unplugged.
Join CrowdHealth.com and use the promo code unplugged.
Making informed decisions about health care is getting tougher and tougher.
It's also becoming a political football, which makes it very frustrating.

(37:59):
But it is open enrollment season. That's the season where the health insurance
companies are going to hope you'll just sign up again and just swallow those
overpriced premiums and the confusing fine print.
This is where CrowdHealth comes in. I have been a member for over three years.
And don't take my word for it. Go check it out. go to joincrowdhealth.com.
It's a healthcare alternative for people who make their own decisions.

(38:22):
I'm a small business owner, very small business. This was a absolute must do
for us. My wife and I both own our own businesses.
We have saved thousands of dollars using CrowdHealth.
Stop playing that insurance game. Go join CrowdHealth. It's a community of people
that fund each other's medical bills directly. No middlemen,
no networks, no nonsense.
I see so many success stories on social media all the time.

(38:45):
But as a member myself, You know, just being in the system, I've watched the
process work and I love it.
You know, I'm very comfortable with it. It gives me peace of mind.
I have seen the system work over and over again.
And they have a great app to manage all of it. It's very straightforward when
you're going to start the process or if you have an emergency situation or,
you know, you just want like kind of like somebody to ask some questions.
They have an app that handles all of it.

(39:07):
This is CrowdHealth. It's a health insurance alternative.
It's health care for under $100. You get access to a team of health bill negotiators,
low-cost prescriptions, and lab testing tools, as well as a database of low-cost,
high-quality doctors vetted by CrowdHealth.
If something happens, you pay the first $500, then the crowd steps in to fund the rest.

(39:28):
This is how things should be, and it lets you take power back here.
The system is betting you're just going to stay in the same stuck,
overpriced, continually overpriced system.
And if those subsidies expire, which they seem like they're going to,
prices could go sky high.
CrowdHealth has saved members over $40 million in health care expenses because
they just refuse to overpay for health care. It's open enrollment, so take your power back.

(39:51):
Join CrowdHealth. Get started today for $99 for your first three months. Can you believe it?
And it's real. It's real. I've done it.
It's great. Go to joincrowdhealth.com. Use the promo code unplugged.
It's joincrowdhealth.com and then promo code unplugged.
CrowdHealth is not insurance. opt out and take your power back.
This is how we win and make a difference. Join crowdhealth.com promo code unplugged.

(40:17):
Well, we've got a nice round of boosts here and it all starts with the dude
who's abiding. 87,654 sats.
Thank you very much. It says, greetings to all, long time no boost.
I'm left behind, currently in the middle of episode 639 and slowly crawling

(40:38):
my way to the most recent one.
Chris, not sure you decided on a home assistant machine, but I have the blue
and it's been rock solid for four years?
Yeah.
Wow.
It's an Odroid N2+, which on paper it sits at 2.2 watts idle and 6 watts at
full load. I have it connected via PoE and I can see it sips 2.32 watts right now.

(41:02):
As for Zigbee, I have an Ethernet adapter.
Not sure you can go that route, though.
Yeah. Yeah. And also, he says, do you still use Plex?
Yes, because of the remote streaming. Well, so far. But check out WatchState, which will sync them.
A tool primarily to sync your backends. User PlayState, which is really the

(41:23):
thing that's really the big deal.
Yeah, and traps a lot of people where they are.
Plex, Jellyfin, and Embe. Embe.
Embe.
How about that? Yep. And they hit their version 1.0 stable release on October 29th.
There's another great tip. That's a good one. I didn't know about that.
There's no reason not to have your watch state synced.

(41:44):
Yeah, you've been manually syncing it yourself, watching the episode twice, the whole thing.
Fucking animal. Yeah, I just watched them again. I don't know.
By the way, just a quick aside. The Home Assistant Blue is what runs the studio's
Home Assistant automation.
And it has been very solid. It's not crazy powerful, but the needs here are not as much.
So, yes. So I will say, I don't know if they sell it anymore,

(42:05):
but I will say it has been a very solid machine.
I've been very grateful for the Blue. And I bought it as soon as they announced
it. Don't tell you that much.
Marcel's here with a row of McDucks. How about that?
22,222 sats.
That was way too cheap of a baller boost, so I have some more sats.

(42:26):
Thanks for taking a look at my setup last week after the show and the post-show.
You had a refreshingly balanced take. Still not sure what I'll do.
I'm really reluctant to run it in a VM. So far, I've needed that software again. Oh, yeah.
Right. At the end of the last episode, we took a look at STM32CubeProgrammer,
which was proving quite difficult to run on Nix.

(42:48):
Indeed. Indeed. Indeed. Let us know. Keep us posted. VM could be a way.
Maybe a container. I don't know.
Our pal and buddy Jeff comes in with 14,000 sats.
Simple request this time i want to hear that live pew sound yeah that hits thank.

(43:10):
You pj appreciate that.
Well distro stew came in with 11 101 sats,
is that a row of sticks thanks for roasting my
configs i use git a little differently though sync
thing is my source of truth my desktop is kind
of the command center so i mostly edit the configs from my
other headless servers there then in a server

(43:33):
terminal i just have it run the rebuild switch since the configs instantly sync
every month or so i'll actually commit to git but this is mostly just for sharing
i generally think git is too much overhead i don't want to think about commits
merges or reverts just to update a package on the system oh.
Fighting words wes fighting words.

(43:54):
Actually.
I was going to say, I love this. Thank you for sharing, DistroStu.
I love that we have the kind of audience that takes the tools and uses them
however they want, right? Yeah, sure. Totally great for this.
But when I do it that way.
You can combine the two in a variety of useful ways.
It's fine for them, just not for me.

(44:15):
Well, hey, I've got to be the Chris config bar raiser. DistroStu's got lots
going on already. She's got a great config.
All right, all right. Okay, all right. A dude trying, thank you Distro Stu.
A dude trying stuff comes in with a row of ducks. That's 2,222 sats.
Well, I love the idea of the home lab holidays. I'm currently trying to get
everything into IAC and pivoting my home lab to Bootsy.

(44:40):
Oh, interesting. That's awesome.
Side note, how many sats to add that bit of Chris saying IDK how the world works
to the soundboard? I find that too relatable.
Well, somebody's got to track it down. Did I say that? Because that does feel...
Yeah, if you've got a flak file for us, I mean...
Send us a flack.
I can bribe the soundboard guy.
Yeah, Wes does have connections. Thank you, dude, trying stuff. Appreciate that boast.

(45:01):
Retro Gear comes in with 8,555 sets.
Gents, check out GitHub, SalmonNet, it's called, it's a project under that org,
Proxmox-NixOS, because it actually works pretty well.
I'm running a few VMs on there that can't be done with modules or Docker containers. Cheers.

(45:24):
Oh, and on SoundBytes, have any of you seen Spies Like Us with Chevy Chase and Dan Aykroyd from 1985?
Full of absolute crackers.
Check it out. I do know of the movie. I have not seen it. I have not seen it.
But I think there's going to be...
Well, maybe you could just go put it on your shared jellyfin for us.
Right? And sit down with the clip machine and just watch the movie,
it sounds like. That's pretty great. Thank you, Retro Gear. Good to hear from you.

(45:48):
Yeah. I mean, I have not yet dared to try Proxmox Next OS.
But if I was going to go Proxmox, obviously, that's how I'd want to do it.
And so having an experience report is super useful.
Okay. All right. This is Proxmox Next OS. us.
We have a boost here from Dirt Ferguson, 13,333 sets.

(46:10):
For the home lab holidays, consider a category of systems that do the most with the least.
Oh, yeah. I definitely think you don't have to have a crack and crazy home lab to enter the contest.
You know, it could be a laptop or a pie. It could, you know,
it's just, it's sort of a little bit about what you're getting done with it
too. Now, of course, We'd love to see the crazy cool setups.

(46:33):
I mean, you know, sometimes your home lab's a tiny computer in a drawer. Still send it in.
Crazy cool doesn't preclude the eccentric. I'm open to that.
No, I think it, in fact, should encourage the eccentric. That's how I'll be scoring, personally.
Thank you, Turd. Appreciate that. Chloroflore is here with 8,000. One, two, three sats.

(46:54):
How about that? I don't know, Brent. I think there might be a message in there.
Best secret port boost.
Oh.
Ooh, I think he's giving me a message there. You know what I mean?
Hey, I know that board.
Because that's the 8123, the Home Assistant?
The Home Assistant board.
I think it's the Home Assistant board, isn't it? Let me double check.
I got it right here. 8123, yeah.

(47:15):
I got it in a tab. All right, thank you everybody who boosted in,
including those of you who streamed them sats as you listened.
In fact, 28 of you collectively helped to stack 53,513 of them Satoshis.
When you bring it all together, we got 221,137 sats. That's a pretty cool number.

(47:36):
221-137. We really appreciate it. There's a lot of ways to support the show
because it's a value for value podcast.
Your time, your talent, and your treasure are all very much appreciated.
Show's been going on for a long time now, y'all. And one of the reasons is because
our audience has made it possible between the interactions we get in the community,
the support we get via the boost and the membership, but also your listenership.

(47:57):
It means a lot to us. We really appreciate it.
Fountain FM makes it really easy to boost these days. There's also ways you
can go on the self-hosted Sovereign route with AlbiHub.
Go pick out a new podcast app at podcastapps.com. Not only do you get a lot
of new features like the live stream, instant updates, and all that, but you can also boost.
It's podcastapps.com. Thank you, everybody, who boosted episode 642 of your Unplugged program.

(48:33):
Let's keep it on topic this week. We've been talking a lot about media servers,
so let's just wrap it up with a pick.
It's right on point. It's called Subgen, and it auto-generates subtitles,
Subgen, for your media, be it Jellyfin, Plex, XMBC.
I don't know what you're using these days with your Xboxes and your media centers, but it'll do it.

(48:54):
It'll generate subtitles and create a .srt subtitle for any media file that
you add, and it can be then read by your, assuming you've got something that
understands SRT files. It's pretty nice.
You found this, Wes, and of course it's a Python app. It's been a minute.
I'm assuming the way to use this is to process all your media files ahead of
time or trigger it if you're getting some new stuff.

(49:16):
But I'm assuming with some of the Whisper models being so efficient,
you can also use this in real time if you have the right pipeline.
Yeah.
Ooh, special. I like it.
I think you could. I think you could. Again, can we all just get on board with buffering?
Like start your movie and i'm not now for your land you shouldn't have to but

(49:37):
when it comes to content or anything that's getting auto-generated or internet
streaming can we just buffer a little bit let me buffer so many media apps kill this why.
Am i paying for this ram if you're not going to fill it with pre-cached.
Video a lot of the media services used to buffer more and now they buffer less you.
Know i think we bring back that um flash youtube player because it would buffer.

(49:57):
Bring back buffering i.
Feel like if you just played an ad before you got your jellyfin media playing
then you could do the buffering during the ad time have you considered this.
That would be really really cool we need a jellyfin.
Plugin that adds our own dynamic ads into.
It yeah,
so there is speaking of jellyfin though west there is some jellyfin like integration
you can kind of do with the jellyfin webhooks plug-in.

(50:19):
Yeah i'm impressed with this thing just because it is like you can use it
in bizarre or plex or mb but with jellyfin you pretty
much just use the webhooks plug-in which is standard i think
that's just to like be able to communicate like when
you add new media jellyfin find stuff it can go ping subgen and
then as long as subgen has like the same mounts for the file so
it has the same paths that jellyfin shares then it

(50:39):
can go off and generate the SRTs and like
you know obviously this software like there's robust support for
subtitles especially if you're getting them from sources or standard media
items that have those out on the internet or if you're doing pinch flat
and your youtube sucking in software like does that for you but if you're like
me and you frequently go crazy and stand up wild jellyfin servers you might

(50:59):
not have signed in to open subtitles you might not have copied everything you
know like you might having a subtitle method of last resort or for random mp4
files you want to stick there. It just seems great.
Very often. And, you know, like one of my kids, they just prefer to watch the
movies with the subtitles and not all of it has it. So it's really nice to have this as an option.
It's MIT licensed, 98.8% all snake.

(51:21):
And you can find a link to subgen in the show notes.
Now, Wes, if we said something that somebody wanted to go back and find,
or if they wanted to replay a segment, we probably have resources they could
take advantage of, right?
Yeah, they just run subgen on our file. No, actually, we do that already.
So you go check out the RSS feed with a podcasting 2.0 capable client,

(51:43):
which is the easiest way to do it.
And we got chapters baked right into the MP3, but also in a JSON file we keep
in the cloud. So you get the latest and greatest chapters.
But you can also get an SRT or VTT file of your very own and follow along with a transcript.
And it's probably worth mentioning, guys. This is going to be our last few episodes of the year.
We're coming in we have a few things planned still it's

(52:05):
not like we're wrapping up yet but as far as it gets to like
episode planning for us we are in we are now planning
our last few episodes which means we only have a
few more live streams of this year and as we get into mid-December some of them
are going to be double live stream recording episodes we will have the holiday
home labs coming up it'll happen faster than you think so if you get a little

(52:25):
time when you're around on a
Sunday join us over at jblive.tv we do the show at 10 a.m. Pacific 1 p.m.
Eastern but you can have the robot convert it to your local time at jupiterbroadcasting.com.
It is a special live vibe thing. It's unique in the world of podcasts.
It's not something we brag about or talk about a lot, but do you know any other

(52:45):
podcast in the world that has an open mumble room that anybody with a working
mic and headphones can join and share their opinion?
Now, people don't abuse it, obviously, but it's available. If they tag me in
the chat room and they have something they want to say, they can talk.
And that is open to all types of people. Now, of course, you abuse it.
You probably get kicked out. But it's a really unique aspect to the show.
And then you combine that with the live people that are watching and giving

(53:08):
us feedback and helping title it in real time.
And then the members that finance it and the boosters who give value to each individual episode.
It is a very unique thing we are doing. And then to have been going for so many years.
I mean, we're breathing down on 700 episodes of doing our absolute best every

(53:29):
single Sunday to give you the best Linux coverage.
And our only bias and motivation is to give the best coverage to our number one customer.
And the number one customer is always and has been our audience.
And I just think when you combine the mumble room, the way the show is supported,
the ingredients, how long we've been going, our focus and our goals as presenters

(53:51):
that we are all three aligned on. It's something very unique.
And only a few more episodes of this year will be live.
And it gets extra special and fun when you can participate live.
JBLive.tv or if you just want to plug it in on a web browser,
JBLive.fm. We're also on the commercial video platforms for the live stream.
And, of course, members get the entire bootleg. They get a sense of it,

(54:12):
but it's a whole other thing when you hear live.
I wanted to make that plug just as we roll into the holiday season and as we
bang out all these episodes and we have all this stuff. Like we're going to
get moving quick and I might not get a chance to remind you again.
And it is something very unique and it will not last forever.
And it is here right now. And it's something very special in media, in my opinion.

(54:32):
Of course, I'm a little biased on the topic. So go check out the show notes
for more info for what we talked about today. A lot of good resources.
Consider a membership. I will probably have a Black Friday sale soon,
but I don't have one right now.
But we'd still appreciate if you had a membership or wanted to boost the show.
Again with how to secure my crazy tunnel
solution and if you have any questions about it too also send those in as well

(54:54):
and check out linuxunplugged.com just so that way we have a reason to have a
website after all it's not all about the podcast app although we try to make
it as good as possible also links to our matrix our mumble other community resources
over at linuxunplugged.com and that submission form,
that's linuxunplugged.com slash holiday for the automatic form.

(55:15):
And linuxunplugged.com slash oldfart for the Markdown version you can send in via email.
Thank you so much for joining us on this week's episode of Your Unplugged Program.
And we'll see you right back here next Tuesday, as in Sunday.

All Episodes

Episode Transcript

Popular Podcasts

Dateline NBC

Are You A Charlotte?

Stuff You Should Know

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}642: Tunneling Home for the Holidays

Episode Transcript

Popular Podcasts

.css-r6mb8g{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:1;overflow:hidden;}Dateline NBC

Are You A Charlotte?

Stuff You Should Know

All Episodes

642: Tunneling Home for the Holidays

Dateline NBC