15 Nov 2023 |
| @grahamc:nixos.orgchanged room power levels. | 16:15:02 |
| @grahamc:nixos.org left the room. | 16:15:02 |
| NixOS Moderation Botchanged room power levels. | 18:12:01 |
19 Nov 2023 |
| @pederbs:pvv.ntnu.no changed their display name from pbsds to pbsds (federation borken, may not see reply). | 03:35:17 |
| ZXGU joined the room. | 11:02:31 |
| @pederbs:pvv.ntnu.no changed their display name from pbsds (federation borken, may not see reply) to pbsds. | 20:38:37 |
20 Nov 2023 |
| chayleaf joined the room. | 18:15:07 |
28 Nov 2023 |
chayleaf | what do people here think of adding certspotter integration? I'm currently using the following certspotter config, and I thought it would be nice if something like this got added to something like security.acme.certspotter.enable = true | 01:19:45 |
chayleaf | * what do people here think of adding certspotter integration? I'm currently using the following certspotter config, and I thought it would be nice if something like security.acme.certspotter.enable = true got added | 01:20:11 |
hexa |
Certificate Transparency Log Monitor
| 14:16:18 |
hexa | I don't think we need to tie it into security.acme | 14:16:52 |
hexa | * I don't think we should add it into security.acme | 14:17:30 |
hexa | it can live in services.certspotter and you can still common names and san from security.acme | 14:19:00 |
hexa | * it can live in services.certspotter and you can still attach to common names and san from security.acme | 14:19:09 |
hexa | also allows monitoring more than one machine that way | 14:19:24 |
hexa | * also allows monitoring more than one machine's certs that way | 14:19:31 |
29 Nov 2023 |
K900 | The test broke for real this time :( https://hydra.nixos.org/build/242636049/nixlog/85/tail | 06:12:59 |
1 Dec 2023 |
| moritz.hedtke set their display name to Moritz Hedtke. | 11:08:05 |
16 Dec 2023 |
raitobezarius | Hi there, I'm trying to use the ACME test server stuff | 15:21:21 |
raitobezarius | and it's exploding with error: The option nodes.acme.services.bind.zones.".".master' is used but not defined.` | 15:21:29 |
raitobezarius | * and it's exploding with
error: The option `nodes.acme.services.bind.zones.".".master' is used but not defined.\ | 15:21:35 |
raitobezarius | I didn't do any weird resolver stuff so I'm a bit confused | 15:21:46 |
raitobezarius | I actually followed the docs | 15:22:17 |
raitobezarius | # A configuration example of a full node setup using this would be this:
#
# {
# acme = import ./common/acme/server;
#
# example = { nodes, ... }: {
# networking.nameservers = [
# nodes.acme.networking.primaryIPAddress
# ];
# security.pki.certificateFiles = [
# nodes.acme.test-support.acme.caCert
# ];
# };
# }
| 15:22:19 |
raitobezarius | Also, it seems to occur during evaluation of … while evaluating the option nodes.acme.warnings':` | 15:24:43 |
raitobezarius | * Also, it seems to occur during evaluation of … while evaluating the option `nodes.acme.warnings':\ | 15:24:48 |
raitobezarius | hah it's a bug | 15:26:40 |
raitobezarius | BIND maintenance is really meh | 15:26:56 |
raitobezarius | or ACME common code maintenance is meh | 15:34:26 |
raitobezarius | It can go both way, anyway, found a bug | 15:34:30 |