!MthpOIxqJhTgrMNxDS:nixos.org

NixOS ACME / LetsEncrypt

103 Members
Another day, another cert renewal42 Servers

You have reached the beginning of time (for this room).

SenderMessageTime
29 Jan 2024
@lehmanator:tchncs.deSam Lehman joined the room.11:03:10
@lehmanator:tchncs.deSam Lehman set a profile picture.11:06:04
31 Jan 2024
@atra1n:matrix.org@atra1n:matrix.org

Whenever I try to get a certificate, it always tries to use my local DNS:

lego --email email --dns domain --domains domain run
2024/01/31 13:09:58 [INFO] [domain] acme: Obtaining bundled SAN certificate
2024/01/31 13:09:58 [INFO] [domain] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/XXXXXXXXXX
2024/01/31 13:09:58 [INFO] [domain] acme: Could not find solver for: tls-alpn-01
2024/01/31 13:09:58 [INFO] [domain] acme: Could not find solver for: http-01
2024/01/31 13:09:58 [INFO] [domain] acme: use dns-01 solver
2024/01/31 13:09:58 [INFO] [domain] acme: Preparing to solve DNS-01
2024/01/31 13:09:59 [INFO] [domain] acme: Trying to solve DNS-01
2024/01/31 13:09:59 [INFO] [domain] acme: Checking DNS record propagation using [127.0.0.53:53]
2024/01/31 13:10:01 [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]
2024/01/31 13:10:01 [INFO] [domain] acme: Waiting for DNS record propagation.
2024/01/31 13:10:03 [INFO] [domain] acme: Waiting for DNS record propagation.
2024/01/31 13:10:05 [INFO] [domain] acme: Waiting for DNS record propagation.
2024/01/31 13:10:07 [INFO] [domain] acme: Waiting for DNS record propagation.
2024/01/31 13:10:09 [INFO] [domain] acme: Waiting for DNS record propagation.
2024/01/31 13:10:11 [INFO] [domain] acme: Waiting for DNS record propagation.
19:13:23
@atra1n:matrix.org@atra1n:matrix.orgIs it normal to use a loopback address such as this one: 127.0.0.53:5319:13:48
@atra1n:matrix.org@atra1n:matrix.org * Is it normal to use a loopback address such as this one: 127.0.0.53:53?19:17:30
@ajs124:ajs124.deajs124if you're using systemd resolved, yes22:02:01
1 Feb 2024
@m1cr0man:m1cr0man.comm1cr0man
In reply to @atra1n:matrix.org
Is it normal to use a loopback address such as this one: 127.0.0.53:53?
Yes and you can also set it through the ACME options :) 		00:36:31
7 Feb 2024
@netpleb:matrix.orgnetpleb joined the room.21:27:59
@netpleb:matrix.orgnetpleb i am getting : 2024/02/07 21:34:52 Could not create client: get directory at 'https://acme-v02.api.letsencrypt.org/directory': Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp: lookup acme-v02.api.letsencrypt.org: Temporary failure in name resolution with self-hosted bind (followed the manual) dns-01 validation 21:38:12
@k900:0upti.meK900Sounds like DNS21:39:09
@netpleb:matrix.orgnetpleb
In reply to @k900:0upti.me
Sounds like DNS
right, so I just thought of one thing which might fix it (i feel like i have tried everything already)...but this server actually gets its public ip via a wireguard interface, and I used wg-quick in that interface and did set the dns = [ <some server> ] option. I am going to remove that and cross my fingers! :-) 		21:40:35
@netpleb:matrix.orgnetplebhmm, sadly that did not seem to solve it21:44:40
@netpleb:matrix.orgnetplebwhat logs should i post which would help diagnose?21:44:54
@netpleb:matrix.orgnetplebRedacted or Malformed Event21:46:52

Show newer messages

Back to Room ListRoom Version: 6