That on it’s own is fine.

But I said no. I shouldn’t have to say no more than once because it’s annoying to continually say no. It is weird that they put nearly two weeks of effort into trying to get me to do something when I already said no.

We already worked a physically demanding job and I rode a bike to and from work. I was already happy with my body but they weren’t happy with my arms.

I’m quite fortunate enough to have found people who appreciate my hugs. Not quite bros. Or maybe they are. Depends on peoples perspective. In any case, my arms just fine as they are for them :)

I’ve had a lifetime of people labeling me as something and trying to enforce that label on me. When I eventually do something that sits outside of that label, those same people get angry at me for breaking the expectations that they set for me. Expectations that they never explicitly told me but assumed because of that label they placed on me.

As a result, I pushed back by “delabelling” myself, mostly. If I must label myself, I attempt to use the most broad term possible as to avoid cornering myself. Sometimes it’s too easy to use a label as a conversational shortcut.

As a personal result, I tend to avoid labeling others. In my mind that puts me on even level with the people around me. It avoids me talking to specific groups of people and allows others to participate in the discussion, no matter how those other people view or identify themselves.

I’ve watched how words, labels and categorizations have become weaponized and used to divide people. Which is absurdity. Words are ever evolving and dying so to me it seems pointless to allow words to strongly influence me.

These days I surround myself with people who are able to show me who they are over people who spend their energy telling me who they are. Real confidence doesn’t need to waste their time on only words. Those words should add to that person as a whole. That’s how I want to view another person.

Not trying to convince you to change your mind, I do see the value in using words or labels to find community, especially in times like these. I think you seem open to at least seeing where my unorthodox views come from.

I tend to ignore terms like neurotypical and neurodiverse because I just view everyone as neurodiverse. And if everyone is neurodiverse, then nobody is neurodiverse. That just means to me that people are people. Some more insecure than others.

I also think that everyone is gay. Which means I personally don’t really view anyone as gay, just people doing normal people things no matter who they love. Some people just happen to be insecure as fuck about loving another person.

What I do see are a lot of insecure people attempting to set and enforce normal behaviour because they are afraid of being weird while ignoring the fact that being alive is the most weird and pointless experience ever.

Gotta have a little fun with the weird, pointlessness of existence, that’s what can make life beautiful and interesting :)

I was just having some fun by pointing out that women aren’t the only mythical creature whose signals are hard to read.

I do agree with your last point thoroughly, bullshitters do be bullshittin’ it. A lot. Too much I would say.

I’m quite literally a bro they can hang out with, and have always been. I just lack the big strong arms they want me to have to cuddle them with D:

Part of the confusion is the men I have had experiences with spend a lot of time talking about women but then invest an uncomfortable amount of time trying to turn me into a man that they want me to be for them.

One guy spent nearly two weeks trying to get me to take creatine and go work out with him. Like if he wants me to cuddle him with big, strong, manly arms, he was going about it in a weird way.

It’s just as confusing when men love that I treat them as unique individual but get upset with me that I also treat women like unique individuals, almost like they are jealous.

The signals are there but I can’t read 'em!

I’m autistic as fuck so I can’t read anyone’s signals but men are just as bad. I could never understand why men worked so hard to get my attention and got all weird when I didn’t give them that attention.

They also spend a lot of time trying to shape me into the type of man they want to be around yet they would never outright say what they are doing and why I should change for them.

Then they would get all jealous when I actually hung out with women and get even weirder about it when I wouldn’t engage them in the weird conversations they wanted to have about women.

Like dude, if you want a hug or a cuddle, just say so because these roundabout games you’re playing is confusing as fuck.

So now I wander the earth thoroughly confused…

podman ps shows the following:

CONTAINER ID  IMAGE                                 COMMAND               CREATED         STATUS         PORTS                                                         NAMES
daae60bdcc65  docker.io/library/caddy-caddy:latest  caddy run --confi...  47 minutes ago  Up 47 minutes  0.0.0.0:80->80/tcp, 0.0.0.0:5050->443/tcp, 2019/tcp, 443/udp  caddy

netstat -tunpl shows the following:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:5025            0.0.0.0:*               LISTEN      3270/sshd: /usr/sbi 
tcp        0      0 0.0.0.0:5050            0.0.0.0:*               LISTEN      7342/conmon         
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      7342/conmon         
tcp        0      0 10.89.0.1:53            0.0.0.0:*               LISTEN      7336/aardvark-dns   
tcp6       0      0 :::5025                 :::*                    LISTEN      3270/sshd: /usr/sbi 
udp        0      0 10.89.0.1:53            0.0.0.0:*                           7336/aardvark-dns 

The only difference for the netstat command between Docker and Podman is that Podman show’s entries for aardvark-dns and Docker does not which is something I expect.

I finally got Caddy’s TLS working with a custom module to handle DNS challenges. Turns out all I had to do was wait 10-15 minutes and everything would sort itself out.

Now on to the next puzzle. I started with Caddy in a Docker container and it’s working as intended. Now I want to replicate that in Rootful Podman Compose but I’m running into an issue. With the exact same setup (docker-compose.yml, Dockerfile and Caddyfile) I can get my TLS cert without issue but I can’t seem to connect to my website from any external browser. Not through my domain name or even through my home’s local network.

Once I figure out how I can access my website, I’ll be one step closer to where I want to be. Next will be to get Rootless Podman working, then I can finally set up the file server and kiwix instance instead of the test page I am currently using.

After that, I can finally spend time doing what I want to do and focus my time looking into the Gemeni Protocol.

Down the road I’ll look into hosting an IRC server and Snikket instant messenger but that’s super low priority. I like tinkering with my Raspberry Pi and my constant backup/restores wouldn’t be good for reliability for such services.

I sat down and managed to get wildcard certs working.

I figured I would leave my Caddyfile here in case anyone in the future needs a working reference. This is based off the Caddyfile mentioned in the original post.

Caddy Reference

# GLOBAL ENCRYPTION - DESEC.IO
{
        acme_dns desec {
                token "DeSEC.io Token Number"
        }
}

*.samplesite.ca {
        # SITE WIDE ENCRYPTION
        tls {
                dns desec {
                        token "DeSEC.io Token Number"
                }
        }
        # SUB DOMAIN #1
        @files host files.samplesite.ca
        handle @files {
                root * /srv
                file_server {
                        hide misc
                        browse
                }
        }
        # FALLBACK FOR UNHANDLED DOMAINS
        handle {
                abort
        }
}

Thanks for sharing that.

It’s nice to get extra context, it helps me understand how I can protect my devices and myself a bit better as I learn more about self hosting.

Oh no, I was just about to move forward and then you gave me another rabbit hole.

I didn’t know Let’s Encrypt had a public database, that does sound like a good idea to use wildcard certs instead.

I assume this is what I can use as a reference for wildcard certs.

How do you keep track of probing? I’ve been curious about that but haven’t put much effort into that as I’ve been focused on getting things working.

I think my confusion came from starting with NPM. The process took less than 2 minutes and everything worked as intended as soon as it was successful. That set me up with high expectations.

With Caddy, it kept adding multiple entries to the TXT record and reporting that the records didn’t match.

I think NPM uses certbot under the hood and I wasn’t sure if Caddy used something different (certmagic maybe?) since I had to build Caddy with a custom module.

In any case, it works and I now know I just have to wait a little longer.

That worked. I can finally see the padlock that says Verified by Let’s Encrypt.

I can’t believe all I had to do was wait. Thanks so much for sharing your experience.

I was considering a single user instance but I noticed just how much data was being transferred throughout the day and decided against it.

I’m drawn to IRC and Gemeni because it seems to use far less data. I’ve lately been into lowering my electrical power usage while still being able to use the internet. That also includes the type of programs my computer and devices use.

Practical or not, it’s been an interesting hobby for myself to learn.

It will only be for a select number of people I know and am comfortable with being there. This is going to be hosted on a Raspberry Pi so it’s not going to be set up for a large number of people.

I don’t want to moderate images or videos which is my main concern when it comes to moderation.

I read the experiences of moderators from the initial CSAM attack on Lemmy and that was already discouraging. I also spent time in PieFed’s matrix channel and hearing the additional tools being requested made me realize I just don’t want to deal with that at all.

I have plans to set up both an IRC server and a Gemeni site on my Raspberry Pi if I can figure out how to get security working on my preferred reverse proxy program.

The internet today is so overwhelming and all I want is the simplicity I felt when I first made my way online as a teen.

I tried hosting a lemmy/piefed instance but I soon learned that I’d have to be a moderator. After hearing stories from other moderators and seeing the types of tools required/requested by moderators, I decided that it’s just not worth the effort and loss of sanity.

I’ve been using Alpine Linux. I’ve always leaned towards minimalism in my personal life so Alpine seems like an appropriate fit for me.

Since what is installed is intentional, I am able to keep track of changes more accurately. I keep a document for complete setup by hand, then reduce that to an install script so I can get back to the same state in a minimal amount of time if needed.

Since I only have a Laptop and two Raspberry Pi’s with no intention of expanding or upgrading, this works for me as a personal hobby.

I’ve even gone as far as to use Alpine Sway as a desktop to keep everything similar as well.

I wouldn’t recommend it for anyone who doesn’t have the time to learn. It doesn’t use systemd and packages are often split meaning you will have to figure out what additional packages you may need beyond the core package.

I appreciate the approach Alpine takes because from a security point of view, less moving parts means less surface area to exploit. In today’s social climate, who knows how or when I’ll become a target.

I use a lot of commands that either use the --delete option or require remote root access in order to preserve hard links and other attributes.

I didn’t know that was an issue. I was going from my own limited experience with linux.

I already set an option to disable the root requirement at the beginning of the script. Simply changing the value to 0 will disable it and will let rsync display it’s own errors.

What exactly makes it suspect so I know what I’m doing?