Neil Brown did quite a good write-up on the legal standing of the Fediverse late last year: https://decoded.legal/blog/2022/11/notes-on-operating-fediverse-services-mastodon-pleroma-etc-from-an-english-law-point-of-view
There's a section part way down about GDPR, but the answer is "it depends"
Posts and comments are not inherently personal data (although they might, of course, contain personal data).
A post of any sane length, though, likely is covered by copyright. Them being public is entirely irrelevant to that in terms of what others are entitled to do with them.
On the other hand, as you say, none of (gestures wildly) this works very well if people start leaning too heavily on that.