I figured it out!!

It was simple. I just told Plex to allow the 172.18.0.0/24 subnet. It’s always something simple huh.

Thanks for pointing me at the logs. Sometimes it all looks like gibberish when you’re learning, then you stop and read and search. Have a wonderful evening! (and the 10000 years of excellent luck, too!)

The only logs from Pangolin are from me accessing https://overseerr.dom.tld/. From Plex’s GUI console though, I get this:

Request: [172.18.0.2:46974 (WAN)] GET / (6 live) #18eb GZIP Signed-in
Completed: [172.18.0.2:46974] 401 GET / (6 live) #18eb GZIP 0ms 464 bytes (pipelined: 1)

That 172.18.0.2 is the IP of the Newt container (that subnet is its bridge network, anyway). So it’s making some request to Plex and receiving a 401?

From Mozilla:

The HTTP 401 Unauthorized client error response status code indicates that a request was not successful because it lacks valid authentication credentials for the requested resource.

So what would cause Plex to throw a 401?

Oh hell yeah, we get to see him go ham on some Clair Obscur music.

Looks like a good resource to read, thanks! As you may know there are a billion and one guides for doing the same thing across a plethora of systems, and even more variables in between. Appreciate your time.

Fellow Bazzite-to-CachyOS user! I agree, Cachy is so much better, especially for learning Linux. Bazzite was great, but layering packages with RPM-OStree was just too esoteric for me.

Synology has walked back their HDD decision (for now…), but as a DS224+ owner I actually just bought a new system, because I find the Synology software ecosystem to be kind of clunky and limiting.

I don’t mean to add to the discourse here or to keep giving you hypotheticals but, while learning to self host is fun and cool, you really do not want this thing on public Internet. Even if you can delete files to prevent uncouth things, what if someone uploads something while you’re asleep, or away from your computer? Do you have others monitoring the instance to take down CSAM or other illegal material? What if someone uploads malware and it executes on your machine? If you must leave it exposed, you should allow only family and friends to access via a strongly passworded account(I think that is configurable with copy party).

If you really want to expose services, try a media server like Plex or Jellyfin. You don’t want strangers to upload things to your machines.