| 4 Mar 2023 |
 raitobezarius | It seems like minica is doing this and I have no real control over this | 19:42:14 |
| raitobezarius | CN=*.test.nix and SAN=[*.test.nix] * | 19:44:03 |
 m1cr0man | have you passed the snakeoil root CA into the CA bundle for curl? | 20:01:33 |
| m1cr0man | oh wait I see what's wrong - you actually can't use a wildcard for 2+ nested domains | 20:01:51 |
| m1cr0man | noproxy.test.nix would work, direct-noproxy.test.nix would also work, but what you have is invalid, you would need a wildcard for that subdomain | 20:02:16 |
| raitobezarius | Aaaaah | 22:52:53 |
| raitobezarius | Thanks m1cr0man:! | 22:53:21 |
| m1cr0man | No bother! :) | 22:53:36 |
| 6 Mar 2023 |
 hexa | https://hydra.nixos.org/log/fn9hp25w7h8na36gfyqkrfpfmlrffksj-vm-test-run-acme.drv | 08:15:38 |
| hexa | on unstable-small | 08:15:41 |
| hexa |
https://hydra.nixos.org/log/fn9hp25w7h8na36gfyqkrfpfmlrffksj-vm-test-run-acme.drv
| 08:15:46 |
| hexa | *
Test "Can request certificate with Lego's built in web server" failed with error: "unit "acme-finished-http.example.test.target" is inactive and there are no pending jobs"
| 08:15:51 |
| m1cr0man | Amazing thank you for catching that | 11:25:34 |
| hexa | the log is gone | 20:16:52 |
| hexa | I'm stupid | 20:16:57 |
| hexa | should've dumped it | 20:17:00 |
| 15 Mar 2023 |
| m1cr0man | that one line is literally all I should need to reproduce it :) | 20:37:07 |
| 24 Mar 2023 |
| hexa | Reliability via Automated Renewal Information - https://letsencrypt.org/2023/03/23/improving-resliiency-and-reliability-with-ari.html | 22:18:45 |
| 25 Mar 2023 |
| m1cr0man | Yeah so that's interesting. We do an offline check to get around an issue where ACME would fail in containers that didn't have networking at startup. THere's an old (closed) issue about it lying around, I could probably find it through the git blame. Other than that, we do invoke lego to check renewal and that (as found during that same ticket) already does some online check. I think this is mostly a no-op for us, we already support it as best we can but we kinda need to keep the offline check to avoid that old bug. | 19:28:56 |
| m1cr0man | https://github.com/NixOS/nixpkgs/issues/85794 fixed via https://github.com/NixOS/nixpkgs/pull/114752 | 19:29:40 |
| m1cr0man | what would be really nice is if I would hurry my ass up and PR some sort of offline-ok check into lego renew so we can remove all our custom logic | 19:30:23 |
| 5 Apr 2023 |
|  R̴̨͕͇͍̞̮̐̅͆̌̀̉̐͋̈́̃̀͒́̎̅̚̚̚͠͝Ĕ̵̡̛͖͖̟̙̫̱͈̘̞̭͍͍͑̌̄͑̓̋̓̀̈̏̈́͊̇͊͆̉͂̏̀̃̚͘͝͝ͅͅD̶̡̢͔̱̖̮͙͉̘̺͓͍̩̮͈͍͗̃̀̏͌͘͜ͅŚ̸̬̭̯̬͙͇͓̬̩̳̤͚͓̤̩̺͉͖̉͛̓̿̎͊̿̆́̐͂̇͌̄̇̓͘ͅͅT̴̞̫̘̝͇͔̟̪̪̦͂̔̎̀̎ͅŎ̷̡̬̹̪͈̭̣͈̭̭͉̦̖̝̘̪͖͔̥̦̘̻̳Ṋ̶̛̫͈̳̘͚̜̔̋͆̅̈́͊̑͊̉̌̈́̾͑̈́̚ͅË̸̡̨̨̛͇̜̖͔͖̻̟̗̠̙͓̘̗̥͉͇̜͑͆͊͑͑̀̓͒͜͝͝ joined the room. | 05:51:14 |
| 6 Apr 2023 |
|  kadawee joined the room. | 01:02:12 |
| 12 Apr 2023 |
|  Yuddite G joined the room. | 09:12:01 |
| 16 Apr 2023 |
| Yuddite G changed their profile picture. | 23:09:28 |
| 26 Apr 2023 |
| Yuddite G changed their display name from Yuddite Pilot to Yuddite Groyper. | 04:49:18 |
| Yuddite G changed their display name from Yuddite Groyper to Yuddite G. | 21:02:56 |
| 6 May 2023 |
|  @cel:pussy.accountants joined the room. | 12:49:32 |
| 17 May 2023 |
| m1cr0man | Thanks for jumping in there emily 🙂 I always feel a pressure to respond to these sort of issues (when someone is eager to open a PR) to make sure the module stays maintainable, it's good to know I'm not the only one looking out! | 22:37:55 |
| hexa | I was talking to someone recently who kinda complained about when acme jobs would be started in bulk after a rebuild, which would cause load spikes on hosts with many certificates 🙈 | 22:41:49 |
