| 11 Nov 2024 |
 ThinkChaos | Anyways the cert dir structure was different I think so would still break users | 19:04:52 |
 emily | In reply to @thinkchaos:matrix.org
I took a quick look at other ACME clients listed in https://letsencrypt.org/docs/client-options/ and pretty sure I saw one could migrate Lego data but don't find it again nothing really exists that meets requirements and is superior to lego IMO | 19:04:55 |
| emily | Caddy builds on CertMagic/ACMEZ and is a better implementation with a much better model (a proper daemon), but it doesn't quite have the shape of the thing we need | 19:05:18 |
| ThinkChaos | Yeah that was my conclusion from a quick look, hence the custom tool proposal :) | 19:05:20 |
| emily | https://github.com/https-dev/docs/blob/master/acme-ops.md essential reading | 19:05:47 |
| emily | (primarily from the Caddy/CertMagic/ACMEZ author) | 19:06:00 |
 Arian | My website still runs 21.05 lol | 19:06:06 |
| emily | 😱 | 19:06:31 |
| Arian | If it ain't broken.... | 19:06:31 |
| emily | anything with that many CVEs is broken by definition | 19:06:43 |
| emily | or at least I can break it for you if you'd like | 19:06:48 |
| Arian | Disagree | 19:06:49 |
| Arian | It's just a static website if someone owns it I'll just make a new server 😂 | 19:07:08 |
| Arian | I don't have the ssh key anymore. If you are bored and wanna try to break in you have my consent | 19:07:30 |
| emily | it sounds like you need me to break in to get you your SSH key back | 19:08:08 |
| emily | like smashing someone's windows to unlock the door from the inside for them | 19:08:19 |
| Arian | Normalize machines with 10 years of uptime and some php 5 | 19:08:53 |
| Arian | I need this to cope with npm version bumps during day job | 19:09:18 |
| emily | that makes me feel old because I remember PHP 4 being the hot new thing | 19:24:23 |
| 12 Nov 2024 |
|  pfhuh joined the room. | 05:55:11 |
| ThinkChaos | I toyed with GNU parallel to replace the locking, but it's not great to say the least. It tries to re-login as the user running it to start a daemon, and can helpfully do that over SSH for you... Doesn't work well with namespaces/locked down services. And it's Perl, so anyone using the "perlless" setup it'll cause forbidden deps issues | 22:51:32 |
| ThinkChaos | As they say, never meet your heroes, nor look at a popular program's code | 22:52:04 |
| emily | did you remember to cite it? | 22:52:33 |
| ThinkChaos | Where? | 22:52:52 |
| emily | it infamously nags you to cite it in academic publications if you use it. you have to promise it that you'll cite it. | 22:53:21 |
| emily | https://git.savannah.gnu.org/cgit/parallel.git/tree/doc/citation-notice-faq.txt | 22:53:25 |
| emily | some distros patch it out. | 22:53:30 |
| ThinkChaos | I'm not going to make a PR with that, it's just not worth pursuing | 22:53:52 |
| ThinkChaos | lol didn't know that | 22:53:57 |
| ThinkChaos | I'll cite it's name in vain is what I'll do | 22:54:22 |
