| 31 May 2021 |
 hexa | let's see if the manual is happy, then merge and backport | 22:44:04 |
| hexa | done | 23:19:33 |
| 1 Jun 2021 |
|  [0x4A6F] joined the room. | 06:49:27 |
 Arian | grahamc (he/him) can you also me me mod of this channel? Thnx | 13:07:46 |
|  @grahamc:nixos.orgchanged room power levels. | 14:36:36 |
| @grahamc:nixos.org | :thum | 14:36:41 |
| @grahamc:nixos.org | * 👍️ | 14:36:42 |
 m1cr0man | In reply to @hexa:lossy.network
m1cr0man: I'M fixing this up now Good man thanks for doing that :) Also I like how you handled the double space comment.. I never really know what to say that comes off politely when I don't want to go through a full PR + commit for such a trivial change. Normally I just stage the changes locally so that they are captured in my next real commit | 18:28:58 |
| hexa | yeah, I think there is little harm in the double space thingy :) | 18:29:33 |
| hexa | just wanted to make sure it's part of the release notes once they come out | 18:30:04 |
| m1cr0man | https://github.com/NixOS/nixpkgs/pull/125256 This looks fine to me, I had to dig through acme module and check that there were no other dependencies on webroot and sure enough there isnt. My only thought is that you would have to go into the lego docs to find the default port that's gonna run on. Should we add a Nix option for the legoHttpPort? | 18:39:20 |
| 2 Jun 2021 |
| hexa | --http.webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge. This disables the built-in server and expects the given directory to be publicly served with access to .well-known/acme-challenge
| 00:33:03 |
| hexa | not defaulting to http.webroot sgtm, same as reuseKey, hard to remove | 00:33:26 |
| hexa | --http.port value Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port. (default: ":80")
| 00:33:59 |
| hexa | allowing to set http.port instead sgtm, and in fact CAP_BIND_NET_SERVICE could be conditional on the port being < 1024 | 00:34:30 |
| hexa | though doesn't letsencrypt check on 80/tcp? is that even an option? | 00:35:15 |
| 3 Jun 2021 |
| hexa | would love some feedback or a merge on https://github.com/NixOS/nixpkgs/pull/123258 | 03:25:49 |
| hexa | PSA: update-owner-name in knot 3.0 is "case-sensitive", so a.example.com will not match a.example.com. | 17:25:11 |
| hexa | This will break our DNS01 based ACME setup, if you haven't used fully qualified names before. | 17:25:37 |
| hexa | https://www.knot-dns.cz/docs/3.0/html/migration.html#acl | 17:27:17 |
| 4 Jun 2021 |
| m1cr0man | well assuming you're using knot? | 15:36:20 |
| hexa | of course, that's why I linked the migration docs | 15:42:20 |
| hexa | it broken for me and I only noticed because I set up a new machine and it wouldn't work | 15:42:33 |
| hexa | so the older machines that were not yet up for renewal would've broken some time in the future | 15:42:51 |
| 5 Jun 2021 |
|  nyanotech joined the room. | 14:21:42 |
| 10 Jun 2021 |
|  Ekleog joined the room. | 16:55:37 |
| 13 Jun 2021 |
|  aaronchall joined the room. | 04:43:51 |
 aaron | m1cr0man: i noticed that the httpd-config-reload service runs after every rebuild, which causes apache to be reloaded after every rebuild - is this intentional? | 13:44:47 |
| m1cr0man | yes | 17:07:08 |
| m1cr0man | Erm, actually... maybe not | 17:07:47 |
