←back to thread

I ditched Spotify and set up my own music stack

(leshicodes.github.io)
275 points starkparker | 5 comments | 04 Sep 25 22:47 UTC | HN request time: 0.778s | source
Show context
bambax ◴[05 Sep 25 05:36 UTC] No.45135281[source]
I did the same as the OP except I use Amperfy on iOS and Tempo on Android. Navidrome is super simple to setup and finds new music immediately. Never breaks. It's not exposed to the Internet directly but via a Cloudflare tunnel (like the OP) and an obscure url that I'm the only one to use.

I also wrote a little Python script to transform Spotify playlists into Youtube lists of urls. Shazam can add songs to a Spotify playlist so it's a way to discover new music.

replies(2): >>45135320 #>>45135611 #
1. b3lvedere ◴[05 Sep 25 05:44 UTC] No.45135320[source]
I hate to be that guy. Obscurity is not security.
replies(3): >>45135344 #>>45135345 #>>45135421 #
2. delusional ◴[05 Sep 25 05:48 UTC] No.45135344[source]
There's technically no distinction between a random url, and a random prime that is part of a keypair. There's a difference of "degree" of randomness, but not of approach.

In both cases you get owned if somebody guesses your random bytestring.

3. mvdwoord ◴[05 Sep 25 05:48 UTC] No.45135345[source]
Don't worry, we hate you being that guy too ;)

Obscurity sometimes gets you enough, if only just cleaner log files. Something something threat model.

replies(1): >>45135533 #
4. bambax ◴[05 Sep 25 06:02 UTC] No.45135421[source]
You're right, but I'm not really after "security". It's not like I'm hosting state secrets.

I may move to tailscale though, which would be the same thing without exposing anything publicly. Besides I already use tailscale for other things.

5. b3lvedere ◴[05 Sep 25 06:26 UTC] No.45135533[source]
I know. I know it's way easier. And i know everybody hates that guy :)