| 25 Jan 2025 |
 Scrumplex | 👀
Thank you for lending me your pair of eyes 😅 | 14:38:04 |
| 28 Jan 2025 |
|  @syxal:syxal.io left the room. | 09:35:04 |
 adamcstephens | Let Encrypt is ending expiration emails. Since I rely on this in case automation is failing unexpectedly, I'd like an alternative. Any suggestions for something self hosted you like? | 19:21:14 |
 magic_rb | openssl in a cron job with some regex? /partial s | 19:21:55 |
| adamcstephens | sure, i could script something | 19:22:45 |
| adamcstephens | though i wouldn't probably use openssl cli for it :) | 19:23:06 |
| magic_rb | https://github.com/serokell/serokell.nix/blob/master/modules/acme-sh.nix im using this for automatic renewal | 19:23:46 |
 dgrig | https://github.com/prometheus/blackbox_exporter is what's commonly used (but it assumes you have prometheus already and alertmanager setup) | 19:23:47 |
| magic_rb | Well, my own fork in my dotfiles | 19:23:54 |
| adamcstephens | i don't need the renewal itself. just monitoring of installed certs | 19:37:43 |
 K900 | blackbox-exporter can do that | 19:38:02 |
| K900 | But you do need a working LGTM stack for it to be nice | 19:38:16 |
| K900 | Unless you're willing to raw dog Prometheus I guess | 19:38:31 |
| adamcstephens | i converted to alloy recently which has a blackbox exporter | 19:39:18 |
| adamcstephens | so i have a working LGM setup. no T because I'm not generating that many traces yet :) | 19:40:48 |
| K900 | Then yeah it just has a metric for certificate expiration date | 19:41:10 |
| adamcstephens | thanks. i'll use that then | 19:41:28 |
| adamcstephens | though i may write a custom setup to expose an RSS feed instead. :) | 19:42:14 |
| adamcstephens | anybody switch to 7 day certs yet? | 19:42:26 |
| K900 | Can lego even do those yet? | 19:42:53 |
| K900 | I have not checked | 19:42:59 |
| adamcstephens | i haven't either. | 19:43:18 |
| adamcstephens | sorry, they're six day | 19:43:22 |
 hexa | please report back once you know 🙂 | 20:18:46 |
| adamcstephens | i don't see anything, so i went back to the LE blog opst | 20:39:35 |
| adamcstephens | * i don't see anything, so i went back to the LE blog post | 20:39:37 |
| adamcstephens |
Around April we will enable short-lived certificates for a small set of early adopting subscribers. We hope to make short-lived certificates generally available by the end of 2025.
| 20:39:41 |
| adamcstephens | looks like the support we're going to want are "profiles" https://letsencrypt.org/2025/01/09/acme-profiles/ | 20:40:18 |
| 29 Jan 2025 |
|  alexb joined the room. | 04:33:55 |
|  oxa moved -> 0xa:oxapentane.com changed their profile picture. | 22:14:21 |
