| 22 Feb 2025 |
 ThinkChaos | I'm looking into the ACME account registration as part of the setup, and did the ACME change locally, the part I'm unsure about and need to investigate more is that creating the account as part of the setup service means the setup requires the internet, and being offline will block the self signed services from starting
I think we can have a service per account instead of relying on the single setup one, but it's bringing back more complexity, so not sure how I feel about it yet | 22:35:31 |
| ThinkChaos | * I'm looking into the ACME account registration as part of the setup, and did the ACME change locally, the part I'm unsure about and need to investigate more is that creating the account as part of the setup service means the setup requires an internet connection, and being offline will block the self signed services from starting since they depend on the setup.
I think we can have a service per account instead of relying on the single setup one, but it's bringing back more complexity, so not sure how I feel about it yet | 22:36:14 |
| ThinkChaos | * I'm looking into the ACME account registration as part of the setup, and did the ACME change locally, the part I'm unsure about and need to investigate more is that creating the account as part of the setup service means the setup requires an internet connection, and being offline will block the self signed services from starting since they depend on the setup.
I think we can have a service per account instead of relying on the single setup one, but it's bringing back more complexity, so not sure how I feel about it yet, need to see if it's still an improvement over the locking. | 22:37:03 |
| ThinkChaos | * I'm looking into the ACME account registration as part of the setup, and did the ACME change locally, the part I'm unsure about and need to investigate more is that creating the account as part of the setup service means the setup requires an internet connection, and being offline will block the self signed services from starting since they depend on the setup.
I think we can have a service per account instead of relying on the single setup one, but it's bringing back more complexity, so not sure how I feel about it yet, need to see if it's still an improvement over the leader/follower certs. | 22:37:48 |
| ThinkChaos | * I'm looking into the ACME account registration as part of the setup, and did the lego change locally, the part I'm unsure about and need to investigate more is that creating the account as part of the setup service means the setup requires an internet connection, and being offline will block the self signed services from starting since they depend on the setup.
I think we can have a service per account instead of relying on the single setup one, but it's bringing back more complexity, so not sure how I feel about it yet, need to see if it's still an improvement over the leader/follower certs. | 22:41:49 |
 m1cr0man | Ah yeah that's frustrating. It would indeed mean more services, and additionally slower initial renewals (since you would have to get an account then renew, whereas the current situation would create account + renew in one lego call). | 23:08:46 |
| m1cr0man | Did I mess something up trying to test the test suite rewrite PR, or is there actually no x86_64-linux builders available on ofborg right now? | 23:15:59 |
| 23 Feb 2025 |
 emily | there are no x86_64-linux builders available on ofborg right now | 02:12:26 |
| 25 Feb 2025 |
 K900 (Old) | So how are we doing on the test rewrite? | 10:48:00 |
| K900 (Old) | I just had to bonk it a third time | 10:48:06 |
| emily | I thought there was a PR up | 13:32:57 |
| emily | https://github.com/NixOS/nixpkgs/pull/378705 | 13:33:10 |
| ThinkChaos | That PR depends on this one: https://github.com/NixOS/nixpkgs/pull/355087
Both are ready to merge as far as I'm concerned | 16:22:19 |
| 26 Feb 2025 |
| K900 (Old) | Merged those | 07:29:25 |
| K900 (Old) | OK I'm tilted | 07:46:15 |
| K900 (Old) | 0/5 | 07:46:20 |
| K900 (Old) | On the old tests | 07:46:25 |
| K900 (Old) | I'll just start a new eval with the tests fixed | 07:46:38 |
| K900 (Old) | Aaand eval failed | 07:48:17 |
| K900 (Old) | Ugh | 07:48:19 |
| K900 (Old) | Fixing... | 07:48:26 |
| K900 (Old) | FIxened | 07:53:15 |
| K900 (Old) | https://hydra.nixos.org/build/291163302 | 07:58:45 |
| K900 (Old) | First successful test | 07:58:50 |
 Arian | Exciting | 08:30:14 |
| m1cr0man | In reply to @k900:0upti.me
Aaand eval failed Out of interest, Why did the eval fail on the way I had it? | 08:49:55 |
| K900 (Old) | You were missing the acme attrset | 08:50:24 |
| K900 (Old) | So they ended up as just nixos.tests.http-01 | 08:50:32 |
| K900 (Old) | Instead of nixos.tests.acme.http-01 | 08:50:37 |
| m1cr0man | Oh right I thought it was referencing by value. Didn't think the path had to be mirrored | 08:51:29 |
