No reason to connect jellyfin to any sort of local network, router will still hairpin for local connection.
With that setup its honestly more secure than 99% of IOT devices, and like 50% of routers.
Comment on Why I moved my Plex library to Jellyfin after 14 years
deafboy@lemmy.world 1 day ago Someone breakes in, then moves laterally to your home assistant running frigate to watch you sleep at night. Then uses your residential uplink as a proxy to resell on an open market.
After that, the possibilities are practically endless.
klankin@piefed.ca 1 day ago
kalpol@lemmy.ca 17 hours ago
Good grief. If you’re doing all that, just set up Wireguard
klankin@piefed.ca 16 hours ago
I mean containers make the networking pretty easy, everything beyond that is optional based on your threat model.
Same as hosting anything networked, you can do it easy or do it safe.
(but also wireguard is kinda an O(n) problem while exposing to wan is an O(1) problem - at least IT man hours wise)
Evotech@lemmy.world 1 day ago
It’s a rootless container. Chances are they are not going to do any of that.
InputZero@lemmy.world 1 day ago
Yeah docker isn’t the isolation sandbox some people make it out to be. It’s not meant for that. You very well may have a setup that’s meant for that but it’s more than I’m willing to expose.