when reading through the jellyfin with chromecast guide i realized that it would probably be less effort to just let the casting api be public, with the added bonus that i could then cast my library to any device that supports it. but that seems like it would paint a giant target on the server.
what’s the recommended way of doing stuff like this? ideally i want to be able to go to someone’s house and just play some of my media on their tv.
not that any of this is doable in the near future, since i’m behind cgnat and won’t get my colocated bounce server up until spring.
React2Shell is exactly the shitshow situation yes. Suddenly we are all at risk. But in this case, I’m sorry to say that my cats’ pictures are worthless.
Your point on nginx/wireguard makes me think that it might be better to htaccess through a reverse proxy than relying on a built in login system. For exemple, I should deactivate jellyfin’s login and put it behind an htaccess at the proxy’s level. Is that completely dumb?
Anyway, I clearly need to research “threat models” and cyber/infosec more. Thank you very much!