
you are right, my bad. render publishes fixed CIDR ranges per region, you can get them from the dashboard and allowlist those in atlas instead of 0.0.0.0/0. updating the readme

you are right, my bad. render publishes fixed CIDR ranges per region, you can get them from the dashboard and allowlist those in atlas instead of 0.0.0.0/0. updating the readme

posting to every community at once was dumb, yeah


i did read it — popup fix is in now. removed allow-popups from the iframe sandbox so embeds cant open new tabs. worth retrying if you want


popups came from the embed iframes, not the site itself. removed allow-popups from the sandbox so they cant do that anymore


yeah same answer as the other comment — render free tier has no static IPs so you cant restrict by IP at all. strong credentials are the actual protection, not IP allowlisting

fair point. render free tier has no static IPs so you literally cant restrict by IP, its 0.0.0.0/0 or pick a different host. but yeah the README made it sound like a feature rather than a tradeoff, updated it to be clearer that strong credentials + TLS are what actually protect you here

spamming too many communities was a mistake, wont do that again


believe what you want


got me on the emdash lol. fair points though, working on it

popup ads are fixed btw if that’s what set you off


Fair point — it’s not a Jellyfin replacement, more of a “just open and watch” option for people who don’t want to run their own server. Different use case but the overlap with this community is people who care about self-hosted / open alternatives to Netflix.


popups were coming from window.open() inside the embed iframes, removed allow-popups from the sandbox so that cant happen anymore. should be good now


yeah you were right, my bad. embeds were calling window.open() and the sandbox let it through. removed allow-popups so they cant do that anymore, video still works fine. give it another try if you want


sure, what specifically bothered you


haha thats just whatever movie was on the homepage when i took the screenshot, it pulls the backdrop from tmdb. enjoy the backrooms lol
you are right, my bad. render publishes fixed CIDR ranges per region, you can get them from the dashboard and allowlist those in atlas instead of 0.0.0.0/0. updating the readme