The main unauthenticated action is video streaming, but an attacker would need to guess the correct id by chance.

https://github.com/jellyfin/jellyfin/issues/5415#issuecomment-2825240290

Some of their I initiatives are good, like the built-in local translation tool we now have.

EV certs are mostly bullshit in my opinion

Any DNS host that doesn’t support automation either starts building now or goes out of business when short certs are implemented.

Looking forward to companies hiring “Cert Engineers” who just renew certs all day.

Joking aside, it really is time to deploy automation for those that haven’t already

Some of them can be fixed, though you don’t necessarily need to do all of them. Easiest thing is ignoring them as long as everything works.

No, it’s just something to be aware of

Just FYI, unless you absolutely need anonymity from ICANN/the country owning the TLD I wouldn’t choose Njalla. Legally any domain you purchase is owned by them, that’s how they can keep your name from law enforcement requests. However, that also means in any dispute between you and Njalla they can just refuse to service you and keep your domain without recourse.
Normal domain registrars are regulated and if you purchase a domain through them you are its legal owner, if they don’t want your service they must still allow you to transfer the domain somewhere else. Any good registrar provides domain WHOIS protection and will only give out your name to legal requests by law enforcement, so I wouldn’t worry too much about that.

I think that breaks most clients

Firefox? Mozilla are just stupid, not really hateful

I started using Quadlets recently and it’s great to have declarative configs for containers all managed with systemd. It only gets good with Podman version 5 though, 4.4 doesn’t support .pod files, which I use quite heavily.

Not sure what Plex debrid does, but anything managed by a good service manager (like systemd) is more reliable than starting a shell session and hoping it doesn’t die.

A van would be so much better for advertising. Much more space to put a logo and text plus it’s higher up and therefor more easily visible.

Nested VMs stay performant about three levels deep, so do that as well.

Most clients have it disables by default and you’ll still have to install the intro skipper plugin.

With version 10.10 they integrated chapter markers into Jellyfin. You still need a plugin to generate the intro timings, but any client I tried has support for skipping with a button.

I think it’s just using MQTT, so block network access and use HomeAssistant

I’d stick to using the host IP for communication between pods. It keeps the separation of different pods intact, makes it easier to add new services and if you ever get a second machine for containers you can continue doing it the same way just with a different IP.