I use this, it’s fine, but development on the open version is very very slow.

And they still haven’t fixed my pet bug: they introduced Unix socket listening, I found that enabling it prevented upgrades, reported the bug with details and repro, and nobody cares. The workaround is simple, delete the socket file before every start. But I remain confused why a bug that prevents upgrades remains.

By default, unencrypted, and unauthenticated, and permissions rely on IDs the client can fake.

May or may not be a problem in practice, one should think about their personal threat model.

Mine are read only and unauthenticated because they’re just media files, but I did add unneeded encryption via ktls because it wasn’t too hard to add (I already had a valid certificate to reuse)