Yep, completely my fault, I didn't do anything to stop all the evil in the world. I am truly worthy of contempt

I've never had a Twitter account, but this makes me want to create one just so I can quit

We, unfortunately, aren't subject to natural selection anymore. We have been left to our own stupidity

Santa Clarita Diet

I've been looking around for notes apps with similar criteria with the addition of a portable format (markdown prferably) and, ideally, the ability to add images directly from the camera. I landed on GitJournal and backed it with a self-hosted Forgejo server, but this can be any git server. This has the benefit of requiring an ssh key pair for access

When I turn off Wi-Fi, I'm not on the same network as my server, it's my carrier network so all the internet hops are expected.

The way it's working now is I have a domain (example.com) that is set up on cloudflare DNS. I added a tunnel in cloudflare zero trust, which generates certificates you add to your server to encrypt traffic from your server to cloudflare. I have added these to traefik to be served with my service url (service.example.com). Then, I added a route in cloudflare for service.example.com.

This works fine. But, what I've also done is add a local DNS entry for service.example.com so when I'm on my LAN, I access it without going out to the internet and back (seems like a waste). However, this is serving the origin server certs from cloudflare, which causes trust issues

I'm using docker for everything: traefik, cloudflared tunnel, and my services on the same hardware. The tunnel just runs, and it's configured on cloudflare zero trust to talk directly to the container:port over the docker network.

You're right, I'm using the cloudflare DNS challenge to get let's encrypt certs. I'm definitely hitting traefik. I'm testing by turning the Wi-Fi on my phone off/on and opening the page after. I get the same cert every time but it's not trusted when on Wi-Fi. This makes sense since it's the origin server cert which is meant to encrypt traffic between my server and cloudflare. To add more certainty, when Wi-Fi is on, a traceroute shows only one hop to my server and shows a bunch of hops when it's off.

I'm not using self-signed anymore, I'm getting them from Cloudflare via DNS challenge

"Sweatie"? Could be "sweetie", could be "sweaty". Stay in school kids!

Unpopular take: pain/discomfort is the only way nature can teach us what NOT to do until our brains can comprehend logic and consequence. Without the ability for a parent to cause pain or discomfort, the child (who has underdeveloped logic and concept of consequence) will percieve the parent as "that thing that makes angry noises but can't hurt me" and won't listen to them.

It's all fine and dandy to be "friends" with your kid, but you also need to be the judge, jury, and executioner too