if anyone is curious as to what was wrong, i've found and fixed the following issues:
- main nginx route had misconfigured TLS to use the wrong cert path, so even tho certbot was renewing, the new cert wasnt getting used
- media nginx route's TLS cert was configured properly, but was expired bc the cronjob broke
- the server was self-DDoSing bc the streaming API component was bootlooping as the node binary somehow became owned by root and hence inaccessible to the service user, so requests would fallback to the much less efficient REST api
- the version of masto i was on has a known issue where it is currently impossible to install with ANY version of node, bc some very specific dep with a binary module depends on a specific version of something which is no longer available online
I'm still thinking about longer term sustainability, and how that might mean that to justify the time allocation might make sense to make this a paid instance (nothing crazy, with tiers ofc) but I recognize it's pretty hard to convince people to pay for a previously free service
@locus I'd be willing to pay a couple bucks a month (cheerful price <=5) for using this instance for the next ~year
After that I'd also be willing to help with administration
@locus I’d be happy to pay a monthly charge. I’d also be happy to donate through a service if you have a link handy. I don’t expect your domain, hosting, and time to be free.
@locus if you offered an encrypted at rest email service to email@example.com using a known, trusted provider, I’d pay for that too.
a Schelling point for those who seek one