!MthpOIxqJhTgrMNxDS:nixos.org

NixOS ACME / LetsEncrypt

96 Members
Another day, another cert renewal41 Servers

Load older messages


SenderMessageTime
20 Nov 2023
@chayleaf:matrix.pavluk.orgchayleaf joined the room.18:15:07
28 Nov 2023
@chayleaf:matrix.pavluk.orgchayleaf what do people here think of adding certspotter integration? I'm currently using the following certspotter config, and I thought it would be nice if something like this got added to something like security.acme.certspotter.enable = true 01:19:45
@chayleaf:matrix.pavluk.orgchayleaf * what do people here think of adding certspotter integration? I'm currently using the following certspotter config, and I thought it would be nice if something like security.acme.certspotter.enable = true got added 01:20:11
@hexa:lossy.networkhexa

Certificate Transparency Log Monitor

14:16:18
@hexa:lossy.networkhexa I don't think we need to tie it into security.acme 14:16:52
@hexa:lossy.networkhexa * I don't think we should add it into security.acme 14:17:30
@hexa:lossy.networkhexa it can live in services.certspotter and you can still common names and san from security.acme 14:19:00
@hexa:lossy.networkhexa * it can live in services.certspotter and you can still attach to common names and san from security.acme 14:19:09
@hexa:lossy.networkhexaalso allows monitoring more than one machine that way14:19:24
@hexa:lossy.networkhexa * also allows monitoring more than one machine's certs that way14:19:31
29 Nov 2023
@k900:0upti.meK900 ⚡️The test broke for real this time :( https://hydra.nixos.org/build/242636049/nixlog/85/tail06:12:59
1 Dec 2023
@moritz.hedtke:matrix.orgMoritz Hedtke set their display name to Moritz Hedtke.11:08:05
16 Dec 2023
@raitobezarius:matrix.orgraitobezarius (DECT 2128)Hi there, I'm trying to use the ACME test server stuff15:21:21
@raitobezarius:matrix.orgraitobezarius (DECT 2128) and it's exploding with error: The option nodes.acme.services.bind.zones.".".master' is used but not defined.` 15:21:29
@raitobezarius:matrix.orgraitobezarius (DECT 2128) * and it's exploding with
error: The option `nodes.acme.services.bind.zones.".".master' is used but not defined.\
15:21:35
@raitobezarius:matrix.orgraitobezarius (DECT 2128)I didn't do any weird resolver stuff so I'm a bit confused15:21:46
@raitobezarius:matrix.orgraitobezarius (DECT 2128)I actually followed the docs15:22:17
@raitobezarius:matrix.orgraitobezarius (DECT 2128)
# A configuration example of a full node setup using this would be this:
#
# {
#   acme = import ./common/acme/server;
#
#   example = { nodes, ... }: {
#     networking.nameservers = [
#       nodes.acme.networking.primaryIPAddress
#     ];
#     security.pki.certificateFiles = [
#       nodes.acme.test-support.acme.caCert
#     ];
#   };
# }

15:22:19
@raitobezarius:matrix.orgraitobezarius (DECT 2128) Also, it seems to occur during evaluation of … while evaluating the option nodes.acme.warnings':` 15:24:43
@raitobezarius:matrix.orgraitobezarius (DECT 2128) * Also, it seems to occur during evaluation of … while evaluating the option `nodes.acme.warnings':\ 15:24:48
@raitobezarius:matrix.orgraitobezarius (DECT 2128)hah it's a bug15:26:40
@raitobezarius:matrix.orgraitobezarius (DECT 2128)BIND maintenance is really meh15:26:56
@raitobezarius:matrix.orgraitobezarius (DECT 2128)or ACME common code maintenance is meh15:34:26
@raitobezarius:matrix.orgraitobezarius (DECT 2128)It can go both way, anyway, found a bug15:34:30
@raitobezarius:matrix.orgraitobezarius (DECT 2128)the parser of /etc/hosts is also more generically broken16:03:02
* @raitobezarius:matrix.orgraitobezarius (DECT 2128) found another one character bug16:08:08
18 Dec 2023
@m1cr0man:m1cr0man.comm1cr0manI would take acme common code maint being meh, it hasn't been touched in ages06:55:50
@m1cr0man:m1cr0man.comm1cr0manneeds a whole rewrite, too unreliable06:56:05
23 Dec 2023
@raitobezarius:matrix.orgraitobezarius (DECT 2128) changed their display name from raitobezarius to raitobezarius (DECT 2128).22:22:39
26 Dec 2023
@sugi:matrix.besaid.desugi 📞8658 changed their display name from sugi to sugi 📞8658.00:55:57

There are no newer messages yet.


Back to Room ListRoom Version: 6