How are u running it? Bare metal? Docker?

So nginx, traffic, and cloudflare are both reverse proxies that can do SSL termination. Now cloudflare hijacks all SSL connection it proxies (essentially a mitm) and has configuration for if u would like SSL connection from cloudflare to ur own server.

All reverse proxies pass along headers to backend services indicating all sorts of things most importantly the remote client IP, and info about if the service is behind an ssl proxy.

I use client -> cloudflare -> nginx -> my services. The client makes an encrypted pipe between itself and cloudflare, cloudflare then terminates SSL does some scanning on the raw unencrypted packet makes an encrypted connection to nginx and attaches headers about the client. I have a SSL cert on my server where nginx does SSL termination of the cloudflare connection. Nginx then attaches more headers and does routing to passes it back to a backend service ie searxng (the service itself) the docker compose for searxng comes with a packaged traffic reverse proxie its not necessary here and will in fact cause all sorts of problems.

Here is the service in my docker compose for searxng:

searxng:
    container_name: searxng
    image: docker.io/searxng/searxng:latest
    restart: unless-stopped
    networks:
      - local_bridge
      - proxy
    volumes:
      - ./data/searxng:/etc/searxng
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
      - SEARXNG_SECRET=${SEARXNG_SECRET}
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID

Here is the docker compose for my nginx config

  certbot:
    image: certbot/dns-cloudflare
    # Command to obtain certificates (run once manually or integrate with a web server's startup)
    # Replace 'yourdomain.com' and '*.yourdomain.com' with your actual domain(s)
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot # A dummy webroot, not strictly necessary for DNS challenge but good practice
      - ./data/certbot/secrets:/etc/letsencrypt/secrets:ro # Mount secrets read-only
    command: certonly
      --dns-cloudflare
      --dns-cloudflare-credentials /etc/letsencrypt/secrets/cloudflare.ini
      --non-interactive
      --agree-tos
      --email ${LETS_ENCRYPT_EMAIL}
      --dns-cloudflare-propagation-seconds 60
      -d example.com
      -d *.example.com
    environment:
      - TERM=xterm # Required for certbot to run in non-interactive mode gracefully

  nginx:
    image: nginx:latest
    container_name: nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx/cache:/var/cache

      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/nginx.conf:/etc/nginx/nginx.conf
      
      - ./data/sites-enabled:/etc/nginx/sites-enabled
      - ./data/sites-available:/etc/nginx/sites-available
      - ./data/snippets:/config/nginx/snippets
      - ./data/www:/var/www/html

    depends_on:
      - certbot
    extra_hosts:
      - "example.com:127.0.0.1"
      - "*.example.com:127.0.0.1"

I use certbot to issue SSL certs for my domain locally this is the cert that do SSL connection between nginx and cloudflare.

Then nginx can route connection to the searxng instance (ur gonna need a bunch of nginx config and I couldn’t be bothered copy pasting that when an LLM can gen that it can probably gen all this tbh).

Also how u doing auth for searxng? Cos if ur opening it to the internet as a whole u might end up with lots of traffic from randos.

That’s the problem with discussion like this I talk about x you hear y you respond with z and I hear w. Happy news to you to.

I’m counting western capitalism Europe, USA, western aligned Asia pacific nations etc as I think that’s a fair comparison to make in the context of communism given I only considered the USSR and not other “communist nations”.

I’m aware of the nitpick I’m purposely presenting technically true facts in a manner most advantageous to my argument (same as any journalist does). I’ve done plenty of research I even went and read the communist manifesto so I could understand its true intentions (they got the societal diagnosis correct just the treatment is complete bullshit imo).

60million dead people is bullshit hey? That’s 10x what Hitler did in the holocaust. Being predictable doesn’t change the facts that your supporting and pushing an ideology responsible for 60million dead people. That’s literally 10times as bad as supporting Nazism if we are going by human lives taken.

Ownership is simply the word we use to describe the person who ultimately controls and is thus responsible for any particularly thing. Please describe a system in ownership isn’t a thing. The only one I can think of is anarchy until someone finds a gun and announces that everything now belongs to them and that their is nothing u can do about it

If only their was a system that incentivised competition and used that as a power to drive innovation and progress.

That is possibly the worst faith interpretation of my statement. Everything is owned by someone not necessarily the same someone. For instance I own and am thus responsible for my property, someone else is responsible for their property hence everything is owned by someone.

What’s the functional difference between communism and a monarchy? In both cased all property is owned by “the state” and can exercise control over that property however they please. Democracy doesn’t work cos the people have no control of any property and thus are completely beholden to the state. Good luck protesting against the government when you have no food, water, means to communicate, and travel. What are u gonna do about the inevitable authoritarian takeover? Die?

U clearly have no idea how NASA actually accomplished man in the moon. Most of the rocket and infrastructure was built and designed by private companies being paid by NASA. NASA just did the integration, design, and analysis. Its the perfect example of a socialist policy taking advantage of capitalist industry.

Capitalism, communism, socialism, and feudalism have nothing to do with democracy. They for the most part only refer to property in how its owned, who owns it, and what is property. Marx says everything that is not a person or a person labour is property owned by the state.

This is a direct analogue to feudalism and its structure of property ownership. Under feudalism the state owns everything including you, under communism the state owns everything except you. Marx himself comments on the similarity and how that relationship can be leveraged to bring in a communist regime.

The USSR never put a man on the moon. And what your implying here is that the USSR was communism? If so the genocides and mass starvation it caused should be enough evidence against communism.

Yeah but being a serial killer doesn’t add anything to society. Bourgeois ownership of property and the competition that creates (capitalism) put a man on the moon and given you a better life than the aristocrats the bourgeois overthrew. How many people have serial killers raised out of poverty?

OK Marx sure. So what do u replace it with? Someone has to “own” ie control all the things and if u just hand it all over to some entity “the state” you have just reinvented aristocracy.

Its all well and good to hate on the Bourgeois until you become one at which point the proletariat are your problem.

Well I got a piece of Berlin wall and would like to acquire a piece of the twin towers so can u grab me a piece of Moscow radioactive glass?

Did can be served by your own server as just a json blob or federated between multiple identity servers or on the blockchain. A did is did:source:publickey and their are multiple different sources u can use.

Someone claimed it contained hallucinations. I read through the entire thing as well as doing all the research and understanding of the concept being talked about. If someone is claiming that their are issues I expect them to be able to prove that. I’m not asking for a fact checker I’m asking for someone to provide evidence of the thing they verbatim claimed. If u wanna tell me that my research showing the sky is blue is wrong I would appreciate u pointing out my error otherwise ur just making baseless claims.

That’s exactly what I did. Its essentially a translater from 3 pages of dotpoints and notes that would be incoherent to anyone but myself to normal English.

Did also allows portable identity so ur home instance is whatever instance u feel like. Did has been tested and proven reliable its in use by lots of different applications including bluesky.

Its both. It can we a json file served from some webserver. It can be a peer hosted thing where a bunch of instances host it on your behalf. It can be something that exists on your designated identity server. It can be a transaction on a blockchain. And as long as the software knows how to resolve it they all work.

So Activpub needs an actor with an inbox and outbox to send and receive content. A did is a virtual actor that reroutes to a real actor and collects content across real actors. Ideally can send an activity to a did which is resolved to the current home instance. And the did stores ur profile picture a public key display names bio etc etc. U could use pgp as the key in the did if the devs want to support it as a cryptography protocol. The did is also used to sign each message similar to pgp. U simply need more functionality than what pgp provides

I did the research I looked at many different way to get the desired solution. I learned how ATProto works i looked into other services with did got an llm to put those ideas in the required format for the issue. Can you please point out the hallucinations in the issue so i can go and fix them