| 2 Oct 2023 |
 osnyx (he/him) | The easiest thing would be (as long as self-signed placeholder certs are used) if it was
<nginx.conf updated> -> <acme-selfsigned service run> -> <nginx-reload-config.service> -> <acme-renew run> -> <nginx-reload-config.service> -> <acme-finished target> | 12:53:04 |
| osnyx (he/him) | Unfortunately, the same service cannot be run mutliple times within the dependency chain of a service (AFAIK). So I am thinking about duplicating the nginx reload service under 2 names to run it before and after an acme renewal.
But maybe there's a better option or I am just holding thing the wrong end here. | 12:54:38 |
| osnyx (he/him) | * As nginx is reloaded even after failing acme service runs, the next retry of the service succeeds and after a few minutes, the certs are successfully validated. But the initial switch-to-configuration exits with a failure code. This is not very useful if you call taht switch as a part of a deployment script. | 13:02:42 |
| osnyx (he/him) | * Unfortunately, the same service cannot be run mutliple times within the dependency chain of a service (AFAIK). So I am thinking about duplicating the nginx reload service under 2 names to run it before and after an acme renewal.
But maybe there's a better option or I am just holding things the wrong end here. | 13:15:34 |
| 3 Oct 2023 |
|  @pederbs:pvv.ntnu.no changed their profile picture. | 21:04:38 |
| 4 Oct 2023 |
| @pederbs:pvv.ntnu.no changed their profile picture. | 22:20:32 |
| 5 Oct 2023 |
 hexa | https://gist.github.com/mweinelt/3993fdc7be3caf81bcff1bc506f44922 | 12:04:19 |
| hexa | m1cr0man: 🙂 | 12:04:22 |
