19 Jun 2023 |
emily | on the issue or through your own communication with systemd people? | 13:10:33 |
emily | I think on the issue we were just pushing back on "more bespoke complexity in the service scripts" by all means necessary :p | 13:10:49 |
raitobezarius | on the systemd dev chat | 13:12:04 |
raitobezarius | s/systemd folks/poettering | 13:12:24 |
emily | right | 13:22:29 |
emily | In reply to @m1cr0man:m1cr0man.com
okay yeah, so these are pretty lenient for most people. I think I was only concerned about the concurrent one that the ticket opener mentioned:
the “new-nonce”, “new-account”, “new-order”, and “revoke-cert” endpoints on the API have an Overall Requests limit of 20 per second.
Right now this one is very easy to do
tbh given ^ and the other limits we discussed at that time, some kind of time-based limits might be what we'd really want | 13:23:05 |
emily | "N instances of this service per X period of time" | 13:23:17 |
emily | i'm guessing systemd probably wouldn't go for that though | 13:23:22 |
28 Jun 2023 |
| @lehmanator:gnulinux.club joined the room. | 19:28:06 |
30 Jun 2023 |
m1cr0man | I have this really old PR to add useACMEHosts to opensmtpd. Anyone care to review? https://github.com/NixOS/nixpkgs/pull/123261 | 21:36:29 |
8 Jul 2023 |
K900 (deprecated) | Found a new test failure mode: https://gist.github.com/K900/991b5c2b7b0637bf31237becf3066620 | 12:32:03 |
10 Jul 2023 |
hexa | Shortening the Let's Encrypt Chain of Trust - https://letsencrypt.org/2023/07/10/cross-sign-expiration.html | 22:49:11 |
hexa | No more cross signing in 2024 | 22:49:32 |
emily | yay | 22:54:29 |
emily | I see Firefox continues to be the world leader in fixing TLS problems on old operating systems :) | 22:55:07 |
21 Jul 2023 |
m1cr0man | https://github.com/NixOS/nixpkgs/pull/244477 I don't think I'm missing anything here... environmentFile already does solve the motives for this PR | 08:01:19 |
m1cr0man | Aw jeez he's taking me around in circles. EnvironmentFile negates the need for any credentials* support in the module, and I definitely don't want to introduce two solutions for the same problem. | 11:28:04 |
m1cr0man | Replied again, hopefully helping him solve the root problem this time with the existing options | 11:39:54 |
m1cr0man | Never mind I understand now what he was trying and it's a legit use case for LoadCredential | 13:04:36 |
hexa | yep, LoadCredential= means it can be root:root 0000 and still be loaded and passed by systemd | 15:51:41 |
24 Jul 2023 |
| K900 (deprecated) changed their profile picture. | 15:45:00 |
| K900 (deprecated) changed their profile picture. | 15:46:07 |
25 Jul 2023 |
| @pederbs:pvv.ntnu.no changed their display name from pbsds to pbsds (UTC+1). | 19:03:41 |
27 Jul 2023 |
| ribosomerocker joined the room. | 03:04:01 |
1 Aug 2023 |
| wriver4 joined the room. | 15:14:21 |
m1cr0man | In reply to @k900:conduit.0upti.me Found a new test failure mode: https://gist.github.com/K900/991b5c2b7b0637bf31237becf3066620 Looking into this (finally got some time) and I've actually noticed a bunch of similar failure modes where I'm using node.succeed where node.execute + a manual exit code check should be performed. Gonna fix them all | 23:11:01 |
m1cr0man | Finally got around to https://github.com/NixOS/nixpkgs/pull/246665 which is a follow-up on https://github.com/NixOS/nixpkgs/pull/244511#issuecomment-1645466138 . LMK what your thoughts are between the two options.. obviously I'm biased now 😉 | 23:56:52 |
5 Aug 2023 |
| fpletz joined the room. | 12:01:04 |
9 Aug 2023 |
| Jeff changed their profile picture. | 03:17:33 |
10 Aug 2023 |
| @pederbs:pvv.ntnu.no changed their display name from pbsds (UTC+1) to pbsds. | 14:54:58 |