How are u running it? Bare metal? Docker?

So nginx, traffic, and cloudflare are both reverse proxies that can do SSL termination. Now cloudflare hijacks all SSL connection it proxies (essentially a mitm) and has configuration for if u would like SSL connection from cloudflare to ur own server.

All reverse proxies pass along headers to backend services indicating all sorts of things most importantly the remote client IP, and info about if the service is behind an ssl proxy.

I use client -> cloudflare -> nginx -> my services. The client makes an encrypted pipe between itself and cloudflare, cloudflare then terminates SSL does some scanning on the raw unencrypted packet makes an encrypted connection to nginx and attaches headers about the client. I have a SSL cert on my server where nginx does SSL termination of the cloudflare connection. Nginx then attaches more headers and does routing to passes it back to a backend service ie searxng (the service itself) the docker compose for searxng comes with a packaged traffic reverse proxie its not necessary here and will in fact cause all sorts of problems.

Here is the service in my docker compose for searxng:

searxng:
    container_name: searxng
    image: docker.io/searxng/searxng:latest
    restart: unless-stopped
    networks:
      - local_bridge
      - proxy
    volumes:
      - ./data/searxng:/etc/searxng
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
      - SEARXNG_SECRET=${SEARXNG_SECRET}
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID

Here is the docker compose for my nginx config

  certbot:
    image: certbot/dns-cloudflare
    # Command to obtain certificates (run once manually or integrate with a web server's startup)
    # Replace 'yourdomain.com' and '*.yourdomain.com' with your actual domain(s)
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot # A dummy webroot, not strictly necessary for DNS challenge but good practice
      - ./data/certbot/secrets:/etc/letsencrypt/secrets:ro # Mount secrets read-only
    command: certonly
      --dns-cloudflare
      --dns-cloudflare-credentials /etc/letsencrypt/secrets/cloudflare.ini
      --non-interactive
      --agree-tos
      --email ${LETS_ENCRYPT_EMAIL}
      --dns-cloudflare-propagation-seconds 60
      -d example.com
      -d *.example.com
    environment:
      - TERM=xterm # Required for certbot to run in non-interactive mode gracefully

  nginx:
    image: nginx:latest
    container_name: nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx/cache:/var/cache

      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/nginx.conf:/etc/nginx/nginx.conf
      
      - ./data/sites-enabled:/etc/nginx/sites-enabled
      - ./data/sites-available:/etc/nginx/sites-available
      - ./data/snippets:/config/nginx/snippets
      - ./data/www:/var/www/html

    depends_on:
      - certbot
    extra_hosts:
      - "example.com:127.0.0.1"
      - "*.example.com:127.0.0.1"

I use certbot to issue SSL certs for my domain locally this is the cert that do SSL connection between nginx and cloudflare.

Then nginx can route connection to the searxng instance (ur gonna need a bunch of nginx config and I couldn’t be bothered copy pasting that when an LLM can gen that it can probably gen all this tbh).

Also how u doing auth for searxng? Cos if ur opening it to the internet as a whole u might end up with lots of traffic from randos.

They flag u as a bot if u start blocking trackers.

Nolonger works with current api check out https://www.deadlink.com/dontevenclick#migrate for how to update

Is the fediverse starting to get rolled into the mainstream content farm. Might help our cause and get more people on the bandwagon.

There is a web version i beleive but they have support for basicly all platforms nativly.

If flask is frontwnd then im a full stack developer and definatly not some little code monky server raw html forms written by chatgpt with normatting.

Huge fan of logseq

Its black magic that takes docker images so its actually a pretty simple once u got all ya shit dockerified

Why?

Can someone please pick up florisboard and make a fork i dont have the time but i really am loving it so far except predictive typing still dont exist.

I reccommend debian headless and docker compose. Set up ssh but i would only open ssh to the internet if your using certificate authenticarion. Chatgpt will be able to help you with most of this except installing docker just copy paste install commands from the docker docs

Surly u can use rust these days?

Most of my things are open to the web but thats kinda nessasary for them to be functional file shairing links, link shortening, mc server etc etc

If i needed speed i wouldnt be programming in python.

U might be able to get chatgpt to write a greesemonkey script to improve the experience

I been using rethink dns but ik their are other for android at least. Works by making a local vpn magic.

What about on mobile? Those of us who use dns filtering on mobile.

There is nothing more perminant than a temporary solution.

The insanity that mojang keeps adding shitty mobs to keep us distracted and refuses to aknowlege that multithreading is a thing thats possible.

With ahit like that its not microsoft java its now microsoft javascript