| 17 Nov 2022 |
 Andreas Schrägle | Hey. I've been getting kind of annoyed by letsencrypt texting me about my expiring certs, because I changed something about them and didn't revoke them. So, is there anything we can do to automate this?
Have people thought about this and documented their thoughts somewhere? | 21:55:23 |
| 18 Nov 2022 |
 hexa | sounds like a neat idea | 00:02:42 |
|  omlet left the room. | 00:31:07 |
| 19 Nov 2022 |
|  uny left the room. | 23:02:51 |
| 20 Nov 2022 |
 K900 ⚡️ | https://hydra.nixos.org/build/199252313/nixlog/20 | 15:17:10 |
| K900 ⚡️ | What is even happening here | 15:17:15 |
| Andreas Schrägle | openssl x509 -noout -dates < ~/nixpkgs/nixos/tests/common/acme/server/acme.test.cert.pem
notBefore=Oct 21 13:28:36 2020 GMT
notAfter=Nov 20 13:28:36 2022 GMT
| 15:35:59 |
| K900 ⚡️ | Why are we hardcoding those anyway, m | 15:40:41 |
| K900 ⚡️ | * Why are we hardcoding those anyway? | 15:40:44 |
| Andreas Schrägle | there's a readme explaining it in that directory | 15:41:28 |
| K900 ⚡️ | No but like | 15:45:40 |
| K900 ⚡️ | Why can't we just generate them as part of the test | 15:45:48 |
| Andreas Schrägle | maybe because they're not only used in this test?
maybe that would be a solution in general. the readme links a lengthy discussion, which I apparently read at the time, because I reacted to some things, but don't really remember. | 15:48:28 |
| Andreas Schrägle | short term, regenerating them will unblock the channel. I'd suggest we do that and then someone can think about a potentially better solution. | 15:49:33 |
| K900 ⚡️ | Agreed | 15:50:56 |
| 26 Nov 2022 |
| K900 ⚡️ | The test broke again :( | 06:57:25 |
| K900 ⚡️ | https://hydra.nixos.org/build/200012010/nixlog/8 | 06:57:27 |
| hexa | to be fair, there was no fix yet 🙂 | 18:10:47 |
| hexa | i restarted it twice and it worked | 18:10:54 |
| hexa | and we couldn't grab the log anymore | 18:10:59 |
| hexa | what is the error though? | 18:12:02 |
|  ahmed changed their display name from rh to ahmed. | 19:19:40 |
| 1 Dec 2022 |
| hexa changed their display name from hexa to hexa (22.11 now). | 13:08:34 |
| hexa changed their display name from hexa (22.11 now) to hexa. | 14:38:23 |
| 7 Dec 2022 |
|  qbit joined the room. | 17:54:45 |
|  linj joined the room. | 21:36:54 |
| linj | Redacted or Malformed Event | 21:39:52 |
| linj | * I use acme module with caddy to do http01 challenge, so the cert's group is set to caddy and its owner is acme. Is there a way to let a systemd dynamic service read that cert? | 21:40:12 |
| linj | * I use acme module with caddy to do http01 challenge, so the cert's group is set to caddy and its owner is acme. What is the way to let a systemd dynamic service read that cert with minimal permission given to it? | 21:45:17 |
| 13 Dec 2022 |
| K900 ⚡️ | https://hydra.nixos.org/build/201914096 | 08:43:07 |
