| 28 Jan 2025 |
 adamcstephens | That's probably in the magical stgraber not-public land | 21:19:57 |
| adamcstephens | I'll open an issue and see if he can fix it | 21:20:25 |
| adamcstephens | https://github.com/lxc/lxc-ci/issues/865 | 21:22:03 |
| adamcstephens | for the other error, we can set i18n.defaultLocale = "C.UTF-8"; in the image, or add locales | 21:22:32 |
| adamcstephens | i haven't dug into why they're missing, but these images try to strip out a bunch of stuff to keep them small | 21:22:54 |
| 29 Jan 2025 |
| adamcstephens | since you reminded me of lxc-ci yesterday, I removed 24.05 hexa :) | 16:29:27 |
 hexa | !!!!!! | 16:29:38 |
| hexa | only slightly EOL 😄 | 16:30:57 |
| adamcstephens | slightly | 16:31:22 |
| adamcstephens | i'll try and set a reminder for myself next time | 16:31:40 |
| hexa | maybe add it to the release wiki | 16:33:19 |
| hexa | so you get poked by release managers | 16:33:23 |
| adamcstephens | https://github.com/NixOS/release-wiki/pull/98 | 18:03:02 |
| 31 Jan 2025 |
| hexa | anyone here reverse proxying incus webui to :443? | 12:18:52 |
| hexa | I would assume that for client certificate auth to keep working I need to let incus terminate the TLS session | 12:19:15 |
| adamcstephens | I haven’t tried that but sounds right | 13:41:07 |
| hexa | so either nginx stream or haproxy | 13:43:33 |
| adamcstephens | I would assume traefik could do it too, if that’s an option for you | 13:48:10 |
| adamcstephens | It has TLS pass through | 13:48:24 |
| hexa | hm, I think i need to set the cluster certificate | 13:49:08 |
| hexa | root@incus1:~# incus cluster update-cert --help
Description:
Update cluster certificate with PEM certificate and key read from input files.
Usage:
incus cluster update-certificate [<remote>:] <cert.crt> <cert.key> [flags]
| 13:49:18 |
| hexa | to slide in something from Letsencrypt | 13:49:30 |
| hexa | but that seems like one cert for the whole cluster, which is a bit wild 😄 | 13:50:05 |
| hexa | hm, but there is both a cluster.key and a server.key | 13:55:52 |
| hexa | wondering which one gets used for the webui | 13:56:03 |
| hexa | ok, looks like cluster.crt is what is sent over https | 13:56:46 |
| hexa | * ok, looks like cluster.crt is what is used for https | 13:56:54 |
| adamcstephens | are you finally rolling out at work? | 15:44:15 |
| hexa | I did | 15:44:34 |
| hexa | was stuck on a faulty ESI-LAG config that required a reboot to clear | 15:45:13 |
