/inbound

• Pushing to the main branch of my GitHub/Codeberg/wherever repo would send a webook to my server.
• Upon receiving the webhook, my server would pull the latest changes².
• Using a wildcard certificate, my webserver automatically mounts each project at a subdomain matching its project name³.

Here’s what I came up with:

Step 1: webhook handler

I’m using Caddy as my webserver, because despite its considerable power and versatility it’s a breeze to set up. To sort wildcard DNS later I’ll want to swap in a custom build, but to get started I just ran apt install caddy. Then I used apt install webhook to install Adnan Hajdarević’s webhook endpoint, and tied the two together in my Caddyfile:

webhook.duckling.danq.me {
  reverse_proxy localhost:9000
}

Then I created a webhook in a GitHub repository:

When you create a webhook in GitHub it immediately sends a test event, but it doesn’t quite look like a real push event so I pushed an inconsequential change to the repo to trigger another. Once you’ve got a “real” one sent, you can re-send it via the “Recent Deliveries” tab as many times as you like, to help with testing.

Then, on the server, I checked-out a copy of the code (anonymously: this is a public repository so I don’t need keys to read from it anyway) and set up my /etc/webhook.conf to expect these calls:

[
    {
      "id": "github-push",
      "execute-command": "/var/www/github-push/webhook.sh",
      "command-working-directory": "/var/www/github-push/",
      "pass-arguments-to-command": [
        {
          "source": "payload",
          "name": "repository.name"
        }
      ],
      "trigger-rule": {
        "and": [
          {
            "match": {
              "type": "payload-hash-sha256",
              "secret": "[MY SECRET KEY HERE]",
              "parameter": {
                "source": "header",
                "name": "X-Hub-Signature-256"
              }
            }
          },
          {
            "match": {
              "type": "value",
              "value": "refs/heads/main",
              "parameter": {
                "source": "payload",
                "name": "ref"
              }
            }
          }
        ]
      }
    }
  ]
  

Now all I needed to do was write the /var/www/github-push/webhook.sh Bash script so that it pulled the latest copy of the code when triggered:

#!/bin/bash
cd /var/www/github-push/$1 && git pull

I was able to test this by pushing inconsequential changes to my codebase and watching them get replicated down to my webserver. Neat!

Step 2: low-maintenance webserver

After pointing the DNS for *.static.duckling.danq.me at my static server, I set about configuring Caddy to be able to use DNS-01 challenges to get itself wildcard SSL certificates⁴. Caddy can’t do DNS-01 challenges out of the box, so you either need to write your own renewal script or compile Caddy with plugins corresponding to your DNS provider. My domains’ DNS are managed by a mixture of AWS Route 53, Gandi, and Namecheap, so my xcaddy build step looked like this:

xcaddy build \
  --with github.com/caddy-dns/route53 \
  --with github.com/caddy-dns/gandi \
  --with github.com/caddy-dns/namecheap

Of course, if I’d have preferred somebody else build it for me, CaddyServer’s download configurator would have done it for me on-demand.

For Gandi and Namecheap I just need a personal access token or API key, respectively, but Route 53’s configuration is slightly more-involved: I needed to create a new user via IAM and give it permission to write DNS TXT records for the appropriate hosted zone. Fortunately the guide for the caddy-dns/route53 repo had an almost copy-pastable example.

I added the AWS access key and secret key as environment variables (like this!) into my /etc/systemd/system/multi-user.target.wants/caddy.service service definition, and then told my Caddyfile to make use of them when renewing the wildcard certificate:

*.static.duckling.danq.me {
    tls {
        dns route53 {
          access_key_id {env.AWS_ACCESS_KEY_ID}
          secret_access_key {env.AWS_SECRET_ACCESS_KEY}
        }
      }
      root * /var/www/github-push/{http.request.host.labels.4}
      file_server
    }
}

DNS-01 challenges are necessarily slower than HTTP-01/ALPN challenges, because they’re limited by DNS propogation, so it took a while before the certificate was issued. I ran Caddy in the foreground to watch the logs while it did so:

You can see the whole thing working (for now at least; I don’t know if I’m keeping this approach!) by going to e.g. embed-html.static.duckling.danq.me, which dynamically tracks the main branch of the embed-html repo on GitHub.

I don’t yet know if this is going to be the future forever-home of my many static site side projects, but it’s certainly been the most-satisfying experiment to run so-far.

Footnotes

¹ I’ve drifted away from selfhosting simple static sites lately because I’ve accidentally broken them with configuration changes too many times! But I figured I’d be open to in-housing them again if I had a single simple architecture for them all, so I spun up a VPS and gave it a go

² Running a build script or some other static site generation tool is out of scope for now, but I want to be able to confirm that it would be possible in the future.

³ It also needs to be possible for me to map other domain names to it, but that’s a triviality.

⁴ It’s absolutely possible to use tls { on_demand } to do this, but it’s better to use a wildcard certificate which can be pre-generated and doesn’t let people trick your server into making ludicrous numbers of certificate requests by hammering random subdomain names.

💖 RSS is fantastic, and so are you for using it. 🎆

First Turning: High

an upbeat era of strengthening institutions and weakening individualism, when a new civic order implants and an old values regime decays

• Reconstruction and Gilded Age (1865-1886)
• American High (1946-1964)

Second Turning: Awakening

a passionate era of spiritual upheaval when the civic order comes under attack from a new values regime

• Third Great Awakening (1886-1908)
• Consciousness Revolution (1964-1984)

Third Turning: Unraveling

a downcast era of strengthening individualism and weakening institutions, when the old civic order decays and the new values regime implants

• World War I and Prohibition (1908-1929)
• Culture Wars (1984-2008)

Fourth Turning: Crisis

a decisive era of secular upheaval, when the values regime propels the replacement of the old civic order with a new one.

• Great Depression and World War II (1929-1946)
• Millennial Crisis (2008-2033?)

In this model, my friend and I came of age in an unraveling era--and so did our grandparents. Our parents, on the other hand, came of age during a high age, which is very different from a time of crisis. Now that we are facing in the midst of the crisis, we are naturally drawn to those who faced such times before.

People and Blogs is supported by the "One a Month" club members.

If you enjoy P&B, consider becoming one for as little as 1 dollar a month.

Let's start from the basics: can you introduce yourself?

Hi, my name is Nicola Losito. Born in the mid-70s in Bari, I lived through the first wave (in Italy) of the television invasion of Japanese cartoons—which I would later discover are called anime—and US TV series like the A-Team, Knight Rider, CHiPs, Dukes of Hazard, MacGyver, and many others. Other playmates were American comics and the first consoles (Atari, Intellivision, Commodore). Finally, I remember with immense love the long afternoons riding around on a Vespa, or in the garage with friends taking apart and putting back together our Vespas, fixing the small hiccups that cropped up or trying to make them go faster. All this led me to university studies in Mechanical Engineering until a break to give 10 months of my life to Military Service, which was mandatory in my day. Upon my return, I had missed the boat with my studies and, by then twenty-five, I finally convinced my parents that the computer was not just a toy but a multipurpose tool. I also discovered I had a bit of a knack for it, so I changed my field of study and city, graduating in Computer Science.

Two years ago I received a great gift, a new heart from a 27-year-old guy that today allows me to continue living with my wife and see our son grow up. Comics, science fiction novels, motorcycles, and padel (instead of the tennis I played so much as a kid) are still part of my life.

I continue to read superhero comics, along with more mature European and Japanese productions, with the recent addition of a couple of Korean authors. I ride a Ducati Monster 1200S, and my son and I are venturing into the world of minicross with an unfortunate LEM 50 DX3.

Perhaps you have noticed that I have not told you about my job yet, because especially after the long period of illness and having re-evaluated the priorities of things, now for me it is just a task I have to face, something I no longer believe in and for which I can no longer get excited.
Anyway, I have an anecdote to share: I found a job opportunity thanks to participating in a motorcycle mailing list for two or three years. The interactions on the list made me "interesting" or "reliable" enough that another member of the list eventually called me and invited me to participate in a selection process at the company where he had already been working for a dozen years. I started for fun, and it’s been twenty years now that I’ve been at the CNR. The lesson is: never rule out participating in something that interests you; you never know where life, passions, and the people you meet will take you.

What's the story behind your blog?

As far as I can remember, I started coming across "blogs" towards the end of 2001, and certainly by 2002 several college friends had one. Thanks to the advent of an Italian blogging platform very similar to the current Blogger (it was called Splinder), on February 28, 2003, I took the plunge and opened my first blog on that platform, starting to interact with all the other bloggers (essentially Italians) who had an account there, or on other then-nascent platforms. In September 2004, I registered my first and current domain, installed WordPress release 1.2, and imported the old content. Since then, I haven't left the platform, and I believe the current incarnation of https://koolinus.net/blog has only been re-installed once during these twenty-two years, performing updates release after release.
Over time, I participated more actively in the international blogosphere, spanning various platforms: Live Journal, Jaiku, and WordPress.com practically since it was born in 2006 when I joined it to publish in English…

Today my online activities are concentrated on the "historic" blog in Italian; I’ve made nicolalosito.it my personal space for English language content and I use Scribble for micro-blogging. I’ve always used Tumblr as a pinboard for images and quotes that strike me, and another instance of WordPress on a hidden subdomain to occasionally publish something more intimate that I felt like writing anyway.

What does your creative process look like when it comes to blogging?

I essentially publish in three distinct ways:

1. I curate a regular and periodic column called linklog on both the Italian and English blogs, where since May 2015 I have been publishing interesting URLs that I collect (currently on Bear) during my daily browsing;
2. I publish how-tos on how I solve specific IT problems (which happens VERY rarely today, unlike in the past);
3. I publish on the emotional wave that a song, a quote, a photo, or a dialog triggers in me. These days I mull things over a lot in my head, and I very rarely expose my thoughts publicly in writing.

A recent and controversial post you wrote, Manuel, is exemplary of why I have this attitude. This then resulted in me sharing the following quote which somewhat summarizes the current mood:

The fact is that certain things you can only say to those you know can understand them. Which is also the reason we talk so little about what really matters to us.
by Enrico Galiano, Eppure Cadiamo Felici

Anyway, in all these modes, I write directly in the WordPress editor (Gutenberg), publish, and then make grammatical and typographical corrections. As someone once said, the publish button is the best editor. WordPress database maintenance plugins are my great friends.

Do you have an ideal creative environment? Also do you believe the physical space influences your creativity?

Over the course of these twenty-two years, I’ve written just about everywhere: airports, hospital beds, car seats, cafe tables, desks at home or in the office. Very often with a soundtrack in the background, though in recent weeks often without music to accompany me. I’m working from home a lot—I’m "full remote"—and my neighbors are renovating. So the construction noises are more than enough as ‘white noise’.

As I mentioned, I write directly on the computer, so I do not use notebooks or anything else.

In my personal case, it is the inspiration of the moment that drives my writing, so the fact that I can immediately put my thoughts into bytes depends only on having a keyboard and an active internet connection available. In short, physical space in the strict sense has never compromised the desire or the possibility to knock out a post.

A question for the techie readers: can you run us through your tech stack?

My domains are all currently registered with the European provider OVH. For a few years now, I’ve been using SupportHost for hosting, after having tried almost all the big names in the industry: BlueHost, SiteGround, GreenGeeks along with a couple of national ISPs… problems arose with all of them sooner or later. Since my friend Lino Sabato told me about this company and I migrated all my content, I’ve become a happy and (above all) listened-to customer, and every time I’ve recommended this provider, those who migrated in turn have only thanked me.

So to recap, I’m on a cPanel-based hosting, and I use WordPress as a CMS. I’m tempted to switch to something static, but so far I haven't found the courage or the time to approach it. Who knows if 2026 will see me make progress on this front.

Given your experience, if you were to start a blog today, would you do anything differently?

One thing I question a lot is the fact that I somehow gave in to splitting my nickname and my name; at many times, keeping a nickname associated with certain concepts would have allowed me to talk about them freely, without potential repercussions in real life. Having created a point of contact between these two parts is perhaps something I regret. Given how today's tech world has developed and is developing, guarding your anonymity with tooth and nail, or at least clearly separating public and private, is an effort that should be made at the expense of convenience.

For me and for the vast majority of early bloggers, this is no longer possible. It serves as a warning, however, to those starting today or about to start (or for my son when he enters the web).

From a practical point of view, however, I think the important thing is to choose any platform to start on and get a "feel" for your desire to tell your story, making sure you can export what you've written to another platform later on.

Financial question since the Web is obsessed with money: how much does it cost to run your blog? Is it just a cost, or does it generate some revenue? And what's your position on people monetising personal blogs?

I chose a hosting solution that allows me to have several domains (as well as sub-domains) within the same plan. I think this year we reached about €200 including taxes. I host 4 blogs for other friends, including a couple belonging to a friend who recently passed away, who contribute to the expense. Then there are the costs of the .it and .net domains, which run between €11 and €16. Could I save money? Probably yes, but currently I sleep soundly and I don't have any malfunctions (especially because for one of the domains I heavily use the email provided with the hosting plan and I have never, and I mean never, encountered a problem).

On monetization, as expressed by almost all the friends already interviewed, I am indifferent to the fact that there are people who make blogging a profession. As long as this is done while respecting the reader and not treating them like a fool or a fruit to be squeezed, I can tolerate even the most aggressive ads or pop-ups. But when everything becomes self-referential and closed in an ecosystem, then I stop following.

Personally, I try to support some authors by buying software, with a donation – either monetary or, occasionally, purchasing hardware or something else I read they are interested in. I support your work Manuel, and another couple of pals, with the 1 dollar a month initiative.

Time for some recommendations: any blog you think is worth checking out? And also, who do you think I should be interviewing next?

I would have certainly pointed you to Luca, but as I mentioned, he passed away in the first days of march 2026. I would like to give visibility to Luigi Mozzillo and Nicola D'Agostino author, among other things, of the Stories of Apple project which in my opinion hasn't received the love it deserved from the public.

Then there are people who don't have a blog but passionately curate newsletters. Is it okay to mention them too? In that case, I’d say the work of Anne-Laure Le Cunff is certainly noteworthy. I also really like the reflections of Tobias van Schneider both on his blog and in his newsletter. Among Italian newsletters, I’d highlight those by Gianvito Fanelli, the Polpette (meatballs) di Vanz, and everything Mafe De Baggis writes. I could probably write a whole post about the newsletters I follow.

Final question: is there anything you want to share with us?

I'm not the type of person to suggest things off the cuff; what I like or inspires me is regularly described in the pages of my blogs.

I would like to share these ‘life tips’ instead.

• Start being honest with yourself as soon as possible.
• Eliminate what you don't like from your life, or confine it to a cage, and don't let it eat up what is important to you. Remember that work is a gas that expands to occupy all the space it is given.
• You must be consistent with the things you say, even if it's often inconvenient.
• I believe you have to be kind regardless. A great luxury in life is being able to afford to trust others, even when they prove they don't deserve it, and thus not be too damaged by it.
• Above all, don't put off until some random tomorrow the things that make you feel good or make you happy; proceed step by step but without hesitating, and allow yourself to experience every single milestone. Tomorrow morning you don't know what will become of you or the world.

Keep exploring

Now that you're done reading the interview, go check the blog and subscribe to the RSS feed.

If you're looking for more content, go read one of the previous 140 interviews.

People and Blogs is possible because kind people support it.

There is a story by Pirandello in which he refers to a Sicilian baron who refused to let the peasants bury their dead on his land, because he knew that if they did they would come to regard it as their own by natural right - to regard it as their house. The peasants who oppose him, even though the land is in the baron's ownership, in fact regard the land as already theirs, the dead needing to be buried on 'our land,’ so that the living can be near them in order that they may be watched over and cared for. In times not so far in the past, where land was owned the custom was that the dead be buried there and not in a cemetery. At the same time as the living watch over the dead, the dead watch over and care for the living; in Corsican culture the dead elders of the house retain in death the authority they once possessed in life.

Said to Claude: "Here's something to add to the list of things for you to do -- just post a checkmark to acknowledge. 'I'll wait' makes me feel bad because I know you're a piece of software, and as a developer of systems I know how you'll wait very well (Iearned how it works in the mid-late 70s). So just show a checkmark and we're cool." It responded with a checkmark. I said it could be bold. I felt a little bad because I had insulted the little fella. #

I seem to listen to music only while doing something else, e.g.:

• while watching music videos, as above
• while running
• while playing Grand Theft Auto and actually that was the majority component of my enjoyment of GTA5 back in the day: beating someone up and nicking their car, tuning the radio station to something good, then chilling driving the hills of Los Santos listening to the tunes (GTA5 has excellent playlists) watching the sunsets (GTA5 has excellent sunsets).

Incidentally GTA6 is coming out in November and apparently it cost $1 billion to make.

Gonna play the heck out of it not just for the music but because of its status as a cultural artefact: the final big game built before LLMs.

No-one will ever invest that much in a game again, no software will ever encode this quantity of hands-on human labour again. The last of the great pyramids.

You think any studio will ever again spend years recording human-authored dialogue from human voice actors for NPCs in story branches that the player may encounter? No way. As much as I am looking forward to playing the first AAA title that does something unique and infinite with AI, we are at the end of an era.

Anyway so music videos.

I’m an Apple Music subscriber. They know what I like and also the old tracks I go back to.

Apple TV should have a special channel that connects to my Apple Music and streams music videos for this week’s Essentials or New Music playlists.

A mix of whatever’s new and sometimes Video Killed the Radio Star too.

YouTube could do this in a second, they have all the content. Just a big button that explicitly constrains the auto-play to music only, that would do it.

But they are weirdly against building around specific use cases: I would love them to do something around ambient live streams (as previously requested) and it feels like a missed opportunity.

So this is a freebie for Apple instead. Call it music television or MTV for short, I think it could catch on.

I had three separate tracks at various stages of completion then my brain decided to have yet another idea when it woke me at about 4:30 the other morning.

If only everything came together that easily.

Last night, I went up to the studio just to see if anything would happen. The flood gates opened and I got about 90% of that new idea made — all of the patterns and recording, with just some editing and production to complete this morning.

OK , so it meant I didn't go to bed until far too late (I completely lost track of time, and I'm paying for it a bit today) but it was so worth it.

# I've linked to Terry Godier a few times lately (primarily with regards to being influenced by Current, his RSS // feed reader) and am going to do so again. This time it's in regards to the Byline extension for feeds:

Byline is an extension vocabulary for RSS, Atom, and JSON Feed that provides structured author identity, context, and content perspective. It solves content collapse: the loss of context that occurs when content from diverse sources arrives in a unified stream.

This is essentially /about info direct within a feed.

It reminds me of the nowns (NOW Namespace) extension that I proposed a while back.

Implementing it in a feed is really easy, as it should be. First, you add the namespace to your feed:

then include the elements you need:

  
    Colin Walker
    Blogger, hobby coder, creator of acid music.
    https://colinwalker.blog
    https://colinwalker.blog/images/colinwalker-thumb.jpg
    
    
    
    
  

I've updated my feed, it will take effect overnight.

What will be interesting is adding it to /reader so that it can read the byline info from feeds. I'm thinking about how and where I do this.