

Sorry, saw this only just now. I don’t really have any guides to point to, so just the basic steps:
- host jellyfin locally, e.g. on http://192.168.10.10:8096
- configure some reverse proxy (nginx, caddy, in my case it’s haproxy managed through OPNSense)
- that proxy should handle https (i.e. Let’s Encrypt) certificates
- it should only forward https traffic for (for example) jellyfin.yourdomain.com to your Jellyfin server
- create a DNS entry for jellyfin.yourexample.com pointing either to your static IP, or have some DynDNS mechanism to update the entry
90% of this is applicable to any “how to host x publicly” question, and is mostly a one-time setup. Ideally, have the proxy running on a different VM/hardware, e.g. a firewall, and do think about how well you want/need to secure the network.
In any case, you then just put in https://jellyfin.yourdomain.com in the hotel TV.
Which shouldn’t really be an issue since you should only host on 443, which tells bots basically nothing.
Configure your firewall/proxy to only forward for the correct subdomain, and now the bots are back to 0, since knowing the port is useless, and any even mildly competent DNS provider will protect you from bots walking your zone.