| 24 May 2025 |
 woobilicious | m1cr0man:
Yeah I'm wanting to use nixos-rebuild test-vm, I used to use it before I hooked up ACME but I knew instantly it would cause issues, so I just started testing in production lol.
My real issue is that I still need certs for some of my config to work correctly. I guess I'll have to look in to profile system and how ACME works to have it generate certs but not try sign them. | 03:49:08 |
| woobilicious | I want to add anubis to my server, so it's going to be a whole ordeal getting the proxy setup and the certs working correctly. | 03:54:13 |
 Benedikt | In reply to @woobilicious:matrix.org
m1cr0man:
Yeah I'm wanting to use nixos-rebuild test-vm, I used to use it before I hooked up ACME but I knew instantly it would cause issues, so I just started testing in production lol.
My real issue is that I still need certs for some of my config to work correctly. I guess I'll have to look in to profile system and how ACME works to have it generate certs but not try sign them. This might be overkill for your use case, but we set up an additional acme and name_server nodes that we can use to replace the real acme servers in tests | 08:13:07 |
| Benedikt | The souce is here: https://git.foss-syndicate.org/vhack.eu/nixos-server/tree/tests/common/acme | 08:13:29 |
| woobilicious | oh interesting, yeah might be a bit overkill, but maybe it'll be some good insperation. | 08:15:33 |
| woobilicious | I could probably just disable the acme renewal service. | 08:17:33 |
| 25 May 2025 |
 m1cr0man | In reply to @soispha:vhack.eu
This might be overkill for your use case, but we set up an additional acme and name_server nodes that we can use to replace the real acme servers in tests That's nice. Seems to be based on the acme tests in nixpkgs? | 11:36:45 |
| Benedikt | In reply to @m1cr0man:m1cr0man.com
That's nice. Seems to be based on the acme tests in nixpkgs? Yes, initially I used the acme files directly, but had to vendor and significantly alter them to work as a drop in server (i.e. I did not understand how nixpkgs test acme stuff sets the CA root from pebble and they seemed to lack the dns server support) | 14:58:10 |
| m1cr0man | I never considered this use case. I might look into making the test suite stuff reusable and having some form of support for nixos-ebuild build-vm | 19:19:31 |
| 27 May 2025 |
|  @irenes:matrix.org left the room. | 08:58:16 |
