I don’t want to be an asshole but after checking a couple of those out they all appear to be post-authorization vulnerabilities? Like sure if you’re just passing out credentials to your jellyfin instance someone could use the device log upload to wreck your container, but shouldn’t most people be more worried about vulnerabilities that have surface for unauthorized attackers?

Remember to take your Claritin before starting a sync play session

With certbot there’s probably a plugin to do it automatically, but if you just want to get something working right now you can run the following to manually run a dns challenge against your chosen domain names and get a cert for any specified. This will expire in ~3 months and you’ll need to do it again, so I’d recommend throwing it in a cron job and finding the applicable certbot-dns-dnsprovider plugin that will make it run without your input. Once you have it working you can extract the certs from /etc/letsencrypt/live on most systems. Just be aware that the files there are going to be symlinks so you’ll want to copy them before tarballing them to move other machines.

certbot --preferred-challenges dns --manual certonly -d *.mydomain.tld -d mydomain.tld -d *.local.mydomain.tld

Nah just the games and a cartridge dumper

Nah sounds like a waste of time and resources to make a game built on their multiplatform engine and then lock it down to one environment.

Technically you can nat punch with wire guard

Steam games usually use steam drm that prevents you from playing without having been on the Internet on the account.

It’s literally just drivers that enable user choice. Steam OS is great and nobody reasonable is switching, but for those that do it’s good that they have support for the hardware.

The only OLED feature I couldn’t go back to missing is the Wake Over Bluetooth functionality that lets you use your controller to bring up the system. Not huge for some, but when you’ve got a docked setup it’s heaps more convenient.