I have a single Nginx setup which is the frontend for all my web services. So I only need to deploy it there (and to its HA partner). My renewal script just scp’s it to the secondary and does an nginx -s reload on both.

I do generate separate certs/keys for my non-web servers, but there’s only two of those.

You could also, if you wanted, just generate one cert and distribute it and its key to everything with a script or other automation tool (Ansible is what I used to use).

Is there a way I can get Let’s Encrypt to dole out a wildcard certificate

Yep. Just specify the domains yourdomain.com and *.yourdomain.com in the certbot request. Wildcard domains require the DNS-based challenge, but you’ve said you’re already good there. You don’t technically need the apex domain (yourdomain.com) but I always add it since I do have services running there.

Any subdomains under the wildcard can use internal DNS or internal IPs on the public DNS (I do the former, but the latter works too).

I used to run an internal CA, and it wasn’t too hard to setup a CA and distribute my root cert. Except on mobile devices. On Android it was easy, but there was a persistent warning that my network traffic could be intercepted (which is true when there’s a custom root cert installed), but it since it was my cert, it got annoying seeing that all the time. Not sure if Apple devices can even do that, but regardless, it wasn’t practical for friends who wanted to use my self-hosted services to install a custom cert when they were over.

There’s a few services (Fediseer and the Lemmy Canvas event) that auth via Lemmy. It’s awkward, but it works.

Basically you enter your username@instnace.xyz there, and it sends a DM to your account with a code (similar to an MFA token). You then complete the login on the app with that code.

I’m the Tesseract UI dev, and I just released version 4.1 today: https://dubvee.org/post/3069664

😁 Wherever I goddamned like! 😁

The first time I saw that, I just about spit out my drink. Hands down, that’s the best non sci-fi moment of the entire series.

They’re just something very ASMR about how Chrissy says “proto-molecule”

Just a regular statue, but it’s on a hinged platform so it can be a tourist attraction where you can line up to tear it down (and it resets for the next person).

It’s a free attraction, but there is a donation box with the proceeds going to help those whose lives were upended or destroyed by his regime.

Quantum immortality postulates that when you “die” in one universe, your consciousness continues in another. (in a nutshell)

What it doesn’t specify is that your consciousness can ever go back to an earlier point in time (that you remember, anyway)

Alcohol is great for nostalgia (e.g. “Hey, daytime whiskey, wanna meet my record collection?”).

Is there EV support?

Looks like it, yeah:

The UI still shows Fuel, but it seems like you can enter the kWh and it should calculate. Maybe plug some values into the demo to be sure. If you do, let us know!

I use Fireflyiii for my money and budgeting.

I don’t see why not. I haven’t stood it up yet, but I’ve played with the demo. It does have a section for parts/repairs/upgrades.

Give the demo a try, and let us know.

Yeah, building a simpler version of something like that was on my ever-growing “to do” list but came across this today. Probably going to deploy it this evening or maybe this weekend (whichever day it’s supposed to rain lol).

If you step back and think about it, so much of human society revolves around people wearing the right costume for the occasion.

Sometimes it makes sense (protective gear, etc) other times it just seems like “that’s what we’ve always worn for X [occasion | profession | etc].”

How does removing your hat imply respect? What is the purpose for standing up when the judge enters the courtroom? Just a bunch of stupid rituals that may have made sense at one time that we keep doing for…reasons.

We’re not a general purpose instance, we have a defined mission statement, and the site info clearly states the rules apply to local and federated accounts. 🤷‍♂️ And the ban syncs are no longer needed as later versions of Lemmy server do the same thing automatically (our automod just implemented something almost identical prior to Lemmy adding that natively).

If you are hosting a Lemmy instance, I suggest requiring new accounts to provide an email address and pass a captcha

Those are easy to bypass (or a human can spin up a bunch with throwaway emails and plug them into bots). I recommend enabling registration applications. While not foolproof, it gives the admins eyes on every new account. Also, consider denying any application that uses a throwaway email service.

All while the environment and electrical grid weeps.

I refuse to reward the “Create problem, sell solution” business model these tech companies are employing lol.

My instance has “Rule 3: No AI Slop. This is a platform for humans to interact” and it’s enforced pretty vigorously.

As far as “how”:

1. Sometimes it’s obvious. In those cases, the posts are removed and the account behind it investigated. If the account has a pattern of it, they get a one way ticket to Ban City

2. Sometimes they’re not obvious, but the account owner will slip up and admit to it in another post. Found a handful that way, and you guessed it, straight to Ban City.

3. Sometimes t’s difficult on an individual post level unless there are telltale signs. Typically have to look for patterns in different posts by the same account and account for writing styles. This is more difficult / time consuming, but I’ve caught a few this way (and let some slide that were likely AI generated but not close enough to the threshold to ban).

4. I hate the consumer AI crap (it has its place, but in every consumer product is not one of them), but sometimes if I’m desperate, I’ll try to get one of them to generate a similar post as one I’m evaluating. If it comes back very close, I’ll assume the post I’m evaluating was AI-generated and remove it while looking at other content by that user, changing their account status to Nina Ban Horn if appropriate.

5. If an account has a high frequency of posts that seems unorganic, the Eye of Sauron will be upon them.

6. User reports are extremely helpful as well

7. I’ve even banned accounts that post legit news articles but use AI to summarize the article in the post body; that violates rule 3 (no AI slop) and Rule 6 (misinformation) since AI has no place near the news.

If you haven’t noticed, this process is quite tedious and absolutely cannot scale under a small team. My suggestion: if something seems AI generated, do the legwork yourself (as described above) and report them; be as descriptive in the report as possible to save the mod/admin quite a bit of work.

Add to this: Intentionally loud aftermarket exhausts / fart cannons.

Add to that: Revving their motorcycle at a stop light just to be loud.