Employees have to pay for basically everything in the US, so salaries have to be a lot higher here. School, childcare, healthcare, retirement, you name it. Also, all those things are more expensive here because they’re provided by companies that need to make a profit. It sucks.

Listed salaries are almost always what the employee pays, not what it costs the company. In the US, this includes the payroll tax, and cost of “benefits,” like healthcare and unemployment insurance, and is referred to as the burdened rate. This is separate from the income tax the employee has to pay to the government, mind you.

The burdened rate for most employees at the companies I’ve worked for in the US is like 20-50% higher than the salary paid. Not sure exactly how it works in France, but I do know there’s a pretty complex payroll tax companies have to pay. I think it’s something like 40% at the salary you quoted.

I’m not sure if you know this, but…that doesn’t fix most of the security issues in the linked list. All the reverse proxy does is handle hostname resolution and TLS termination (if you are using TLS). If the application being proxies still has an unauthenticated API, anyone can access it. If there’s an RCE vulnerability in any of them, you might get hacked.

I run Jellyfin publicly, but I do it behind a separate, locked-down reverse proxy (e.g., it explicitly hangs up any request for a Host header other than Jellyfin’s), in a kubernetes cluster, and I keep its pod isolated in its own namespace with restricted access to everything local except to my library via read-only NFS volumes hosted on a separate TrueNAS box. If there is any hack, all they get access to is a container that can read my media files. Even that kind of bothers me, honestly.

The overwhelming majority of Jellyfin users do not take precautions like this and are likely pretty vulnerable. Plex has a security team to address vulnerabilities when they happen, so those users would likely be a lot safer. I appreciate the love for FOSS on Lemmy, but it is scary how little most folks here acknowledge the tradeoffs they are making.

If you want to be on the hook for all IT requests from folks you share with, this is a fine approach. There are people out there who honestly don’t have a problem with that and more power to them. I doubt they are the majority, and a lot of selfhosters completely ignore this aspect of software. There is a reason non-free services exist beyond just “capitalism bad.” I mean, capitalism indeed bad, but your time is worth something.

figma balls