!MthpOIxqJhTgrMNxDS:nixos.org

NixOS ACME / LetsEncrypt

107 Members
Another day, another cert renewal45 Servers

Load older messages

SenderMessageTime
24 Oct 2022
@arianvp:matrix.orgArianWe should probably change that btw08:41:29
@arianvp:matrix.orgArianchannel update shouldnt cause people's certs to expire =)08:42:09
@hexa:lossy.networkhexathis is about @resources12:43:59
@hexa:lossy.networkhexaand go 1.1912:44:01
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/issues/19744312:44:34
@hexa:lossy.networkhexa * this is about @resources, setrlimit specifically12:45:24
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/19754413:11:12
@m1cr0man:m1cr0man.comm1cr0manOnly checking here now. Approved that pr 🙂13:15:09
@hexa:lossy.networkhexastill running the tests13:19:16
@arianvp:matrix.orgArianYikes13:19:38
@hexa:lossy.networkhexawonder why it failed on ofborg for x86_64-linux13:19:39
@arianvp:matrix.orgArianSo much for Go stability guarantee.13:19:45
@hexa:lossy.networkhexa * wondering why it failed on ofborg for x86_64-linux 13:19:46
@hexa:lossy.networkhexanot sure we can fault them when we do downstream hardening13:20:13
@arianvp:matrix.orgArianAlso i think Systemd already unconditionally setrlimits too13:20:19
@hexa:lossy.networkhexa
In reply to @hexa:lossy.network
wondering why it failed on ofborg for x86_64-linux
and completed on aarch64-linux 🤡 		13:21:01
@arianvp:matrix.orgArianFunnily they broke it by reading a systemd blog post13:21:41
@arianvp:matrix.orgArianhttps://github.com/golang/go/issues/4627913:21:43
@arianvp:matrix.orgArianWhich is very ironic 13:21:47
@arianvp:matrix.orgArianAh Systemd only sets the hard limit not the soft limit. I see13:22:29
@arianvp:matrix.orgArianYeh allowing services to setrlimit sounds like something Systemd should allow by default tbh13:22:45
@arianvp:matrix.orgArianMaybe file an upstream bug?13:22:49
@arianvp:matrix.orgArianOr is it just a matter of adding @resources ?13:23:00
@hexa:lossy.networkhexait's a matter of not denying @resources13:23:32
@hexa:lossy.networkhexaand yeah, allowing @resources resolves it13:23:46
@m1cr0man:m1cr0man.comm1cr0manI am not entirely sure why the x86_64 test failed. It seems the target + service didn't auto start after switch-to-configuration?15:35:56
@hexa:lossy.networkhexait completed for me locally, so I'm not worried18:36:39
@hexa:lossy.networkhexasomeone should confirmed the nixos/release changes though18:36:50
28 Oct 2022
@k900:0upti.meK900 joined the room.13:28:12
@hexa:lossy.networkhexa m1cr0man: the acme test failed multiple times on aarch64-linux on unstable-small, see https://hydra.nixos.org/build/196734769/nixlog/267 13:28:31

Show newer messages

Back to Room ListRoom Version: 6