| 26 Feb 2025 |
 K900 | Yeah it's referencing paths kind of within itself | 08:51:51 |
| K900 | It's a pretty cursed setup | 08:51:55 |
 m1cr0man | In reply to @k900:0upti.me
https://hydra.nixos.org/build/291163302 The eval time improvement is a nice win too. Looks like the old suite took 9+ minutes. The new http01-builtin took 2 minutes, and dns01 took 1 minute | 08:53:34 |
| 27 Feb 2025 |
|  w changed their display name from w to w - out for 🚬. | 18:34:07 |
| w changed their display name from w - out for 🚬 to w. | 19:25:29 |
| 28 Mar 2025 |
|  Rayane Nakib (ريّان نقيب) changed their display name from Rayane Nakib (ريان نقيب) to Rayane Nakib (ريّان نقيب). | 22:52:02 |
| 1 Apr 2025 |
|  Sandro 🐧 changed their display name from Sandro 🐧 to Sandro 🐧 [c3d2]. | 13:57:36 |
| Sandro 🐧 changed their display name from Sandro 🐧 [c3d2] to Sandro 🐧. | 13:59:16 |
| 4 Apr 2025 |
|  qbit left the room. | 15:55:33 |
| 5 Apr 2025 |
|  underpantsgnome removed their display name underpantsgnome. | 15:53:09 |
| underpantsgnome left the room. | 15:56:20 |
| 19 Apr 2025 |
 hexa | ok, so bummer | 22:48:50 |
| hexa | enabling ARI caused lego to keep waiting | 22:49:54 |
| hexa | 2025/04/19 22:39:09 [INFO] [music.lossy.network] acme: renewalInfo endpoint indicates that renewal is needed
2025/04/19 22:39:09 [INFO] [music.lossy.network] Sleeping 21h43m27.656213001s until renewal time 2025-04-20 20:22:37.463135258 +0000 UTC
| 22:49:56 |
| hexa | but that resulted in nginx not starting up | 22:50:03 |
| hexa | because it depends on all the acme-${domain}.service units | 22:50:28 |
 emily | hm, I thought we were going to set it to just not wait? | 22:52:10 |
| hexa | and we did not set it to anything in nixpkgs | 22:54:08 |
| hexa | but I set it to something on my private infra | 22:54:16 |
| emily | right | 23:00:12 |
| emily | I think the current format will only work well when set to not wait at all | 23:00:19 |
| emily | (which should be fine as the cron job runs often anyway, though we might want to bump it) | 23:00:29 |
| 21 Apr 2025 |
| m1cr0man | There was some talk about bumping it when they announced the lower lifetime certs. Wouldn't be the worst thing to do. | 19:18:58 |
| 22 Apr 2025 |
| hexa | now 47 days was announced to be the next shorter lifespan | 23:08:50 |
| hexa | and I don't think it warrants trying more than daily for 7-14 days | 23:09:13 |
| hexa | * and I don't think it warrants trying more than daily | 23:09:33 |
| hexa | for 6 days that changes of course | 23:09:45 |
| 28 Apr 2025 |
| m1cr0man | https://github.com/NixOS/nixpkgs/pull/376334#pullrequestreview-2801003367 this is ready to go. I tested it too. | 21:26:09 |
| 29 Apr 2025 |
|  @ygt:matrix.org left the room. | 23:42:45 |
| 5 May 2025 |
 netpleb | hi everyone, does anybody have a workaround that fixes this pesky dns resolution issue when acme.certs... and BIND are running in a declarative nixos container?
Could not create client: get directory at 'https://acme-v02.api.letsencrypt.org/directory': Get "https://acme-v02.api.letsencrypt.org/directory": GET https://acme-v02.api.letsencrypt.org/directory giving up after 6 attempt(s): Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp: lookup acme-v02.api.letsencrypt.org: Temporary failure in name resolution
| 17:59:16 |
