Sender | Message | Time |
---|---|---|
8 Feb 2024 | ||
netpleb | so, in the end, what I am wondering is whether this is actually an issue with the bind package and module, and not the secruity.acme module. What do you guys think? | 18:57:22 |
netpleb | * to round this "issue" out for anyone else who comes along trying to figure out something similar: it turns out that when you follow the "fully self-hosted example using bind" in the manual, there is a subtle thing which probably goes unnoticed for many, namelybind.zones.*.file = "/var/db/bind/${name}"; is in a directory which needs to be read/writable by bind. On my machine that directory had not yet even been created, and never actually was. This is because I had instead set bind.zones.*.file = ./zone-file-in-my-git-repo which means that Nix put the zone file into the nix store (which is fine as far as I am concerned) but the problem is that bind tries to create the .jnl file right next to it when doing the acme updates, which it obviously cannot do. So that is what threw the permission denied error which took a while to track down. (and for which I am grateful to K900 ⚡️ for your patience in helping me get there!) | 18:58:44 |
netpleb | * so, in the end, what I am wondering is whether this is actually an issue with the bind package and module, and not the secruity.acme module. What do you guys think? or maybe it is just a documentation thing? | 18:59:11 |
netpleb | * to round this "issue" out for anyone else who comes along trying to figure out something similar: it turns out that when you follow the "fully self-hosted example using bind" in the manual, there is a subtle thing which probably goes unnoticed for many, namelybind.zones.*.file = "/var/db/bind/${name}"; is in a directory which needs to be read/writable by bind. On my machine that directory had not yet even been created, and never actually was. This is because I had instead set bind.zones.*.file = ./zone-file-in-my-git-repo which means that Nix put the zone file into the nix store (which is fine as far as I am concerned) but the problem is that bind tries to create the .jnl file right next to it (in the nix store) when doing the acme updates, which it obviously cannot/should not do. So that is what threw the permission denied error which took a while to track down. (and for which I am grateful to K900 ⚡️ for your patience in helping me get there!) | 19:00:25 |
netpleb | * to round this "issue" out for anyone else who comes along trying to figure out something similar: it turns out that when you follow the "fully self-hosted example using bind" in the manual, there is a subtle thing which probably goes unnoticed for many, namely My probably-not-the-best workaround was to add the zone file the the machine using something like | 19:09:47 |
18 Feb 2024 | ||
link2xt joined the room. | 02:44:10 | |
21 Feb 2024 | ||
@pederbs:pvv.ntnu.no left the room. | 00:50:58 | |
6 Mar 2024 | ||
@sammy:cherrykitten.dev joined the room. | 19:03:45 | |
7 Mar 2024 | ||
hexa | acme test failure on unstable-small https://gist.github.com/mweinelt/7398a4d24ef4a4cd8f9dfa771ecb1f2a | 02:12:57 |
hexa |
| 02:13:15 |
K900 | In reply to@hexa:lossy.networkThat's the same old flake | 06:19:48 |
K900 | That was never fixed | 06:19:51 |
hexa | yeah, I didn't check, but wanted to dump before restrating | 10:43:04 |
10 Mar 2024 | ||
@olafkfreund:matrix.org joined the room. | 20:17:54 | |
11 Mar 2024 | ||
w joined the room. | 14:20:32 | |
14 Mar 2024 | ||
mjolnirchanged room power levels. | 18:45:31 | |
15 Mar 2024 | ||
@grahamc:nixos.org joined the room. | 23:42:06 | |
19 Mar 2024 | ||
mjolnirchanged room power levels. | 00:30:55 | |
21 Mar 2024 | ||
mjolnirchanged room power levels. | 18:03:46 | |
@grahamc:nixos.org left the room. | 20:08:06 | |
31 Mar 2024 | ||
Miles Dyson joined the room. | 23:06:53 | |
5 Apr 2024 | ||
Benedikt joined the room. | 04:50:59 | |
10 Apr 2024 | ||
@olafkfreund:matrix.org left the room. | 08:31:27 | |
13 Apr 2024 | ||
@alex3829:matrix.org joined the room. | 16:04:38 | |
17 Apr 2024 | ||
@alex3829:matrix.org changed their display name from alex3829 to real_z22. | 04:36:20 | |
@alex3829:matrix.org changed their display name from real_z22 to real_z2. | 05:33:50 | |
K900 changed their display name from K900 ⚡️ to K9Ö0. | 17:16:42 | |
K900 changed their display name from K9Ö0 to K900. | 17:21:54 | |
K900 | 17:21:54 | |
27 Apr 2024 | ||
nadir joined the room. | 18:22:49 |