AppoxoDec 28, 2024

As for the media, a bind mount is the way to go, and I’d also recommend doing it as a read-only mount: Jellyfin doesn’t need the ability to modify that data, and in the event of a security oopsie (or a misconfigured user, or a 6 year old that gets 5 minutes alone with your mouse or…), it keeps someone from trashing your entire media library, assuming that’s something you wouldn’t want to have to spend the time gathering again.

My way to solve this:
My main user is a regular user with no deletion permissions in jellyfin. Anything that requires editing necessitates logging out and in with the admin account.
My docker container is mapped to a non-root user. Not perfectly save but sufficient (hopefully).
But my jellyfin container has R/W because I store nfo/metadata files alongside the media file.

Show threadI understandDec 29, 2024

@Appoxo

I use 2 media folders, one for "new" media and one for existing media. Only the "new" media folder is R/W. Once it's metadata files are written out the media is moved to the existing media folder (which is mounted R-only).

Show threadAppoxo
What if you manually edit the metadata?
Seems like a hassle to me that requires too much manual input.
Dec 29, 2024 at 12:09amWeb
Show threadSailorsLifeDec 29, 2024
by the way… great discussion. I’m reading along and learning of things I didn’t think of before. So thanks.