How are u running it? Bare metal? Docker?

So nginx, traffic, and cloudflare are both reverse proxies that can do SSL termination. Now cloudflare hijacks all SSL connection it proxies (essentially a mitm) and has configuration for if u would like SSL connection from cloudflare to ur own server.

All reverse proxies pass along headers to backend services indicating all sorts of things most importantly the remote client IP, and info about if the service is behind an ssl proxy.

I use client -> cloudflare -> nginx -> my services. The client makes an encrypted pipe between itself and cloudflare, cloudflare then terminates SSL does some scanning on the raw unencrypted packet makes an encrypted connection to nginx and attaches headers about the client. I have a SSL cert on my server where nginx does SSL termination of the cloudflare connection. Nginx then attaches more headers and does routing to passes it back to a backend service ie searxng (the service itself) the docker compose for searxng comes with a packaged traffic reverse proxie its not necessary here and will in fact cause all sorts of problems.

Here is the service in my docker compose for searxng:

searxng:
    container_name: searxng
    image: docker.io/searxng/searxng:latest
    restart: unless-stopped
    networks:
      - local_bridge
      - proxy
    volumes:
      - ./data/searxng:/etc/searxng
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
      - SEARXNG_SECRET=${SEARXNG_SECRET}
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID

Here is the docker compose for my nginx config

  certbot:
    image: certbot/dns-cloudflare
    # Command to obtain certificates (run once manually or integrate with a web server's startup)
    # Replace 'yourdomain.com' and '*.yourdomain.com' with your actual domain(s)
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot # A dummy webroot, not strictly necessary for DNS challenge but good practice
      - ./data/certbot/secrets:/etc/letsencrypt/secrets:ro # Mount secrets read-only
    command: certonly
      --dns-cloudflare
      --dns-cloudflare-credentials /etc/letsencrypt/secrets/cloudflare.ini
      --non-interactive
      --agree-tos
      --email ${LETS_ENCRYPT_EMAIL}
      --dns-cloudflare-propagation-seconds 60
      -d example.com
      -d *.example.com
    environment:
      - TERM=xterm # Required for certbot to run in non-interactive mode gracefully

  nginx:
    image: nginx:latest
    container_name: nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx/cache:/var/cache

      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/nginx.conf:/etc/nginx/nginx.conf
      
      - ./data/sites-enabled:/etc/nginx/sites-enabled
      - ./data/sites-available:/etc/nginx/sites-available
      - ./data/snippets:/config/nginx/snippets
      - ./data/www:/var/www/html

    depends_on:
      - certbot
    extra_hosts:
      - "example.com:127.0.0.1"
      - "*.example.com:127.0.0.1"

I use certbot to issue SSL certs for my domain locally this is the cert that do SSL connection between nginx and cloudflare.

Then nginx can route connection to the searxng instance (ur gonna need a bunch of nginx config and I couldn’t be bothered copy pasting that when an LLM can gen that it can probably gen all this tbh).

Also how u doing auth for searxng? Cos if ur opening it to the internet as a whole u might end up with lots of traffic from randos.

Thats too much effort now that some morons killed the tldr bot

What does the new policy say?

Had a look at the relevent github issue and it seems that it simply back links each individual post to its originating instance so we unfortunatly dont get combined domain ranking for the fediverse as a whole just each post.

Weve put ourselves in a bit of a pickle with seo. Cos either google continues to treat us like spam gaming the system or they dont. If they dont we will effectively be gaming the system. What would be nice is an easy way for engined to identify fedi content and treat it as a single site for ranking purposes. Then again fuck search engines we need something foss.

We arnt much better our censorship is arguably worse since it isnt applied equally.

Huh whats the issue people saying u said something fucked and u couldnt prove otherwise cos it was deleted. Bro who cares what random fuckers on the internet say?

Is that legal under gdpr?

Im sure they are but users cant see it and ive been noticing a lot of deleted content in reddit chains when googling for answers its nice to contribute to the destruction of human knowlege now and then.

Huh i deleted all my content i got some js code to do it somewhere if ya want it.

Bro u gotta go delete all ur old content give them nothing

Nolonger works with current api check out https://www.deadlink.com/dontevenclick#migrate for how to update

Is the fediverse starting to get rolled into the mainstream content farm. Might help our cause and get more people on the bandwagon.

There is a web version i beleive but they have support for basicly all platforms nativly.

If flask is frontwnd then im a full stack developer and definatly not some little code monky server raw html forms written by chatgpt with normatting.

Huge fan of logseq

How do i short this shit

Its black magic that takes docker images so its actually a pretty simple once u got all ya shit dockerified

I reccommend debian headless and docker compose. Set up ssh but i would only open ssh to the internet if your using certificate authenticarion. Chatgpt will be able to help you with most of this except installing docker just copy paste install commands from the docker docs

Most of my things are open to the web but thats kinda nessasary for them to be functional file shairing links, link shortening, mc server etc etc