What security holes? I think the bigger problem here is relying on a media platform to also maintain security protocols. Use authelia or plug some other well maintained and hardened security mechanism on top of jellyfin. Then put it in front of everything else like the arrs, etc. Its weird to me to just setup jellyfin, make it Internet facing, and believing everything is just gonna be safe and secure with no issue. Frankly id prefer if all these services came without security. Its a royal pain to bypass it for localhost or proxying with something like authelia.

God I want this for atop my kills witch case ❤️ .

Not to even mention valve is just flagrantly violating open source licenses. They’ve patched things like sddm to support the steamdecks specific gameplay style login screen but those patches are not public. At one point I tried installing an alternative mutable os but a lot of functionality was just broken because of things like this.

This is a lot of condolences but doesn’t mention at all how she died.

I’ve never had this issue but I run basically everything through docker and presumably it bundles this by default.

I would recommend just using caddy. It removes the complicated part of ssl management. For a local network it’ll setup a local self signed certificate authority and you can just install those certificates to any devices on your LAN that you want to have access. For a public setup it’ll use letsencrypt. You will still need to setup dns if you want wildcard routing.