My immediate family still can’t understand that I’m just doing things. There’s no plan of action. Just a vague sense of a direction of where I want to go. If an opportunity comes up, I take it and hope it gets me closer to where I want to be.

Whenever I plan a trip, I usually plan how I get there, a few nights of somewhere to stay and plan to get back home. Whatever happens between my few nights at an accommodation and the return trip home is mystery to everyone including myself. Some of those trips have lasted months or years.

I’ve survived this far in life with no idea what I’m doing and still people get angry at me for not knowing what I’m doing. This has been me my entire life. I’m confused why they are so offended when I say “I don’t know.”

Apparently I’m supposed to know why I ate entire bag of chocolate chips. I don’t know, it just happened and I’m just as surprised as you are.

I use rsync too. It’s older and from what I understand was designed at a time when data storage was much smaller so it may not be as fast as other backup options. It also doesn’t have encrypted backups like other backup options (I think).

Rsync has been the most reliable option for me though. Every syncing option I’ve tried seems too complicated and breaks down every time I look away. Since my entire backup size is around 550gb and I’m not concerned with encrypted backups, I think rsync just works just fine.

I even created my own tool that puts my rsync commands into easy to read/modify files so I can organize my most common transfers. I can easily backup my phone, HomeAssistant server, home server and computer to my two backup locations in a single alias or cronjob now.

A bit of a pain to learning how to make proper backups that restore successfully every time, but once I figured it out, I’ve been very confident in my backup strategy.

Whenever I think about the movie Children of Men, all I can think is that the answer to the Human Project’s question was microplastics.

Instead of asking why women couldn’t have children anymore, they should have been checking men for forever confetti in their balls.

podman ps shows the following:

CONTAINER ID  IMAGE                                 COMMAND               CREATED         STATUS         PORTS                                                         NAMES
daae60bdcc65  docker.io/library/caddy-caddy:latest  caddy run --confi...  47 minutes ago  Up 47 minutes  0.0.0.0:80->80/tcp, 0.0.0.0:5050->443/tcp, 2019/tcp, 443/udp  caddy

netstat -tunpl shows the following:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:5025            0.0.0.0:*               LISTEN      3270/sshd: /usr/sbi 
tcp        0      0 0.0.0.0:5050            0.0.0.0:*               LISTEN      7342/conmon         
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      7342/conmon         
tcp        0      0 10.89.0.1:53            0.0.0.0:*               LISTEN      7336/aardvark-dns   
tcp6       0      0 :::5025                 :::*                    LISTEN      3270/sshd: /usr/sbi 
udp        0      0 10.89.0.1:53            0.0.0.0:*                           7336/aardvark-dns 

The only difference for the netstat command between Docker and Podman is that Podman show’s entries for aardvark-dns and Docker does not which is something I expect.

Ideally I would have a wing suit and I would do a loop de loop into the side of a mountain. I’ve been fortunate enough to have had the time to reflect on good memories in my life and I want to go out living purely in the moment.

But as with all plans I’ve ever made it life, it most likely will not happen. I’ll go out in a completely unexpected and unplanned way. Probably in a ridiculous way too. Sadly it won’t be a story I’ll be able to share that time but that’s just how it goes.

I finally got Caddy’s TLS working with a custom module to handle DNS challenges. Turns out all I had to do was wait 10-15 minutes and everything would sort itself out.

Now on to the next puzzle. I started with Caddy in a Docker container and it’s working as intended. Now I want to replicate that in Rootful Podman Compose but I’m running into an issue. With the exact same setup (docker-compose.yml, Dockerfile and Caddyfile) I can get my TLS cert without issue but I can’t seem to connect to my website from any external browser. Not through my domain name or even through my home’s local network.

Once I figure out how I can access my website, I’ll be one step closer to where I want to be. Next will be to get Rootless Podman working, then I can finally set up the file server and kiwix instance instead of the test page I am currently using.

After that, I can finally spend time doing what I want to do and focus my time looking into the Gemeni Protocol.

Down the road I’ll look into hosting an IRC server and Snikket instant messenger but that’s super low priority. I like tinkering with my Raspberry Pi and my constant backup/restores wouldn’t be good for reliability for such services.

I don’t need anyone to take care of me when I’m older. I decided that my retirement plan will be extreme sports. Base jumping? Wing suit? Steel toeing cops in the nuts? So many thrilling choices! Whatever happens, happens.

I sat down and managed to get wildcard certs working.

I figured I would leave my Caddyfile here in case anyone in the future needs a working reference. This is based off the Caddyfile mentioned in the original post.

Caddy Reference

# GLOBAL ENCRYPTION - DESEC.IO
{
        acme_dns desec {
                token "DeSEC.io Token Number"
        }
}

*.samplesite.ca {
        # SITE WIDE ENCRYPTION
        tls {
                dns desec {
                        token "DeSEC.io Token Number"
                }
        }
        # SUB DOMAIN #1
        @files host files.samplesite.ca
        handle @files {
                root * /srv
                file_server {
                        hide misc
                        browse
                }
        }
        # FALLBACK FOR UNHANDLED DOMAINS
        handle {
                abort
        }
}

Thanks for sharing that.

It’s nice to get extra context, it helps me understand how I can protect my devices and myself a bit better as I learn more about self hosting.

Oh no, I was just about to move forward and then you gave me another rabbit hole.

I didn’t know Let’s Encrypt had a public database, that does sound like a good idea to use wildcard certs instead.

I assume this is what I can use as a reference for wildcard certs.

How do you keep track of probing? I’ve been curious about that but haven’t put much effort into that as I’ve been focused on getting things working.

I think my confusion came from starting with NPM. The process took less than 2 minutes and everything worked as intended as soon as it was successful. That set me up with high expectations.

With Caddy, it kept adding multiple entries to the TXT record and reporting that the records didn’t match.

I think NPM uses certbot under the hood and I wasn’t sure if Caddy used something different (certmagic maybe?) since I had to build Caddy with a custom module.

In any case, it works and I now know I just have to wait a little longer.

That worked. I can finally see the padlock that says Verified by Let’s Encrypt.

I can’t believe all I had to do was wait. Thanks so much for sharing your experience.

I was considering a single user instance but I noticed just how much data was being transferred throughout the day and decided against it.

I’m drawn to IRC and Gemeni because it seems to use far less data. I’ve lately been into lowering my electrical power usage while still being able to use the internet. That also includes the type of programs my computer and devices use.

Practical or not, it’s been an interesting hobby for myself to learn.

It will only be for a select number of people I know and am comfortable with being there. This is going to be hosted on a Raspberry Pi so it’s not going to be set up for a large number of people.

I don’t want to moderate images or videos which is my main concern when it comes to moderation.

I read the experiences of moderators from the initial CSAM attack on Lemmy and that was already discouraging. I also spent time in PieFed’s matrix channel and hearing the additional tools being requested made me realize I just don’t want to deal with that at all.

I have plans to set up both an IRC server and a Gemeni site on my Raspberry Pi if I can figure out how to get security working on my preferred reverse proxy program.

The internet today is so overwhelming and all I want is the simplicity I felt when I first made my way online as a teen.

I tried hosting a lemmy/piefed instance but I soon learned that I’d have to be a moderator. After hearing stories from other moderators and seeing the types of tools required/requested by moderators, I decided that it’s just not worth the effort and loss of sanity.

I’ve been using Alpine Linux. I’ve always leaned towards minimalism in my personal life so Alpine seems like an appropriate fit for me.

Since what is installed is intentional, I am able to keep track of changes more accurately. I keep a document for complete setup by hand, then reduce that to an install script so I can get back to the same state in a minimal amount of time if needed.

Since I only have a Laptop and two Raspberry Pi’s with no intention of expanding or upgrading, this works for me as a personal hobby.

I’ve even gone as far as to use Alpine Sway as a desktop to keep everything similar as well.

I wouldn’t recommend it for anyone who doesn’t have the time to learn. It doesn’t use systemd and packages are often split meaning you will have to figure out what additional packages you may need beyond the core package.

I appreciate the approach Alpine takes because from a security point of view, less moving parts means less surface area to exploit. In today’s social climate, who knows how or when I’ll become a target.

This was a video of a frustrated person asking the same question for 9 minutes. I get it too.

It’s one of the few ways to force these people to say their lack of truth or true intentions. No name calling or labeling, avoid words that are meant for a specific group of people, no getting off topic. Talk in words that many people can understand and make them answer in words that many people can understand.

Treat them like the manipulators that they are because they are acting like manipulators.

I enjoy when I am able to verbally back someone into a corner where anything they say can only make themselves look worse.

I have a deep frustration with manipulators since they believe I am an easy target. I strongly believe manipulators do not deserve the attention or never-ending second chances they constantly demand.

I finished setting up my personal computer with Sway on Alpine so now I can’t procrastinate anymore on getting TLS working with Caddy for my RPi 5.

I decided to ditch Cloudflare since using that service makes me feel uncomfortable. TLS is a bit of a pain because I am using an uncommon port so I need to do a DNS challenge. I still haven’t been able to get it working with DeSec.io but I hope maybe sometime this week.

I might look into using a tunnel service in the future but if I can figure this out, I’ll at least be able to adapt to changes in the future if I need to deal with any changing situations.

When I figure that out, I’ll look into Gemeni protocol and host something there. I don’t want anything big, just a little space of my own in the corner of the internet. Maybe I’ll look into hosting an irc server for a small group of people too.

It wasn’t until my first job at a grocery store during Christmas time that I learned it was “Feliz Navidad” being sung.

Before that, I couldn’t figure out why the cheerful song that only appeared around Christmas time was saying “Police shot my dad”

https://github.com/rothgar/awesome-tuis

It has a list of Text User Interfaces for terminals. Handy since I work in a terminal mostly with my network devices. A TUI for file management made life a lot easier for myself.