| 26 Dec 2021 |
 Winter (she/her) | ahh | 17:11:30 |
 m1cr0man | it's also fully doc'd in that PR, in case you were looking for docs too lol | 17:11:38 |
| m1cr0man | I specifically document how to make use of the nginx vhost stuff for DNS-01 validation, which includes making use of that webroot logic | 17:12:27 |
| m1cr0man | Wrote a test for caddy to cover https://github.com/NixOS/nixpkgs/pull/147973 . Once it passes I'll push + we'll be good for merge | 17:24:13 |
| Winter (she/her) | Is there any reason the acme user doesn’t have a preset UID/GID like other modules’ users do? | 20:01:48 |
 hexa | because it doesn't really matter? It is always referenced by name. | 20:11:20 |
| Winter (she/her) | that’s fair | 20:20:50 |
| m1cr0man | It did up until recently, but then some other maintainer removed its fixed UID. I was not against it - for the reason hexa says but also you're not transporting certs between systems anyway and the UID will never change when randomly picked. | 20:34:44 |
| m1cr0man | * It did up until recently, but then some other maintainer removed its fixed UID. I was not against it - for the reason hexa says but also you're not transporting certs between systems anyway and the UID will never change once randomly picked. | 20:34:50 |
| m1cr0man | so it turns out my tests found a bug in caddy ;D | 20:35:11 |
| Winter (she/her) | In reply to @m1cr0man:m1cr0man.com
It did up until recently, but then some other maintainer removed its fixed UID. I was not against it - for the reason hexa says but also you're not transporting certs between systems anyway and the UID will never change once randomly picked.
the UID will never change once randomly picked.
unless you’re wiping your rootdir on every boot (hi), which regenerates /etc/passwd, so then you’re at the mercy of JSON ordering
| 21:07:07 |
| Winter (she/her) | * In reply to @m1cr0man:m1cr0man.com
It did up until recently, but then some other maintainer removed its fixed UID. I was not against it - for the reason hexa says but also you're not transporting certs between systems anyway and the UID will never change once randomly picked.
the UID will never change once randomly picked.
unless you’re wiping your rootdir on every boot (hi), which regenerates /etc/passwd, so then you’re at the mercy of JSON ordering
| 21:07:14 |
| Winter (she/her) | * In reply to @m1cr0man:m1cr0man.com
It did up until recently, but then some other maintainer removed its fixed UID. I was not against it - for the reason hexa says but also you're not transporting certs between systems anyway and the UID will never change once randomly picked.
the UID will never change once randomly picked.
unless you’re wiping your rootdir on every boot (hi), which regenerates /etc/passwd, so then you’re at the mercy of JSON ordering | 21:07:23 |
| m1cr0man | you can always set your own UID :) | 21:07:36 |
| m1cr0man | just set user.users.acme.uid = 123; | 21:07:48 |
| hexa | yeah, I'm reluctant to spend fixed uids on something if we don't have to 🙂 | 21:08:06 |
| m1cr0man | We also can't solve for every case, which is a lesson I've learned the hard way with this module | 21:08:29 |
| hexa | bingo | 21:08:47 |
| Winter (she/her) | In reply to @m1cr0man:m1cr0man.com
you can always set your own UID :) yeah of course | 21:10:14 |
| m1cr0man | My logic at this point is if it can be done easily, we don't need to reimplement it. This is a case like that. If someone was trying to override the user itself, that would be more complex (and why I added useRoot in the PR, lol) | 21:12:15 |
| m1cr0man | speaking of the PR | 21:12:17 |
| m1cr0man | finally rebased :D | 21:13:17 |
| hexa | waiting for aanderse to take a look 🙂 | 21:49:11 |
| m1cr0man | ok | 21:49:38 |
 aanderse | which one? | 21:49:44 |
| m1cr0man | this one https://github.com/NixOS/nixpkgs/pull/147784 | 21:53:39 |
| m1cr0man | I found an issue with caddy, at least I'm 80% sure I did | 21:53:49 |
| aanderse | thanks! I'll look tonight | 21:54:41 |
| aanderse | hmmm ok
my cert takes 30 minutes to renew (no, I'm not being sarcastic at all ... between 20 and 30 minutes) so i actually haven't tested that it worked - i cannot properly | 21:56:28 |
| Winter (she/her) | tf lol | 21:59:24 |
