| 1 Aug 2025 |
 adamcstephens | In reply to @hexa:lossy.network
thx That was resolved before 24.10. I didn't watch the above video but saw it mentioned in the slides. It's on 6.6 now | 01:37:02 |
| adamcstephens | err, wrong reply | 01:37:21 |
 hexa (clat on linux when) | ah weird | 01:37:24 |
| hexa (clat on linux when) | because the talk is from 2025-06-13 | 01:37:36 |
| adamcstephens | 
Download ima_a39bd14.jpeg | 01:38:52 |
| hexa (clat on linux when) | now where does that link go 😄 | 01:39:42 |
| adamcstephens | They were going to drop the realtek target completely for 24.10 until it was updated past 5.15 | 01:40:01 |
| hexa (clat on linux when) | yeah | 01:40:06 |
| hexa (clat on linux when) | or at least make it source-only | 01:40:14 |
| adamcstephens | looks like it's actually on 6.12 now in main https://github.com/openwrt/openwrt/pull/19139 | 01:41:35 |
| hexa (clat on linux when) | ok, that's decent | 01:42:45 |
| 2 Aug 2025 |
|  Katalin 🔪 changed their profile picture. | 00:28:14 |
| 3 Aug 2025 |
|  prescientmoon changed their display name from Adriel to prescientmoon. | 14:31:40 |
|  x10an14 joined the room. | 19:38:36 |
| x10an14 | Anyone familiar with this NGINX error?
aug. 03 20:49:52 nas-2024 systemd[1]: nginx.service: Scheduled restart job, restart counter is at 4.
aug. 03 20:49:52 nas-2024 systemd[1]: Starting Nginx Web Server...
aug. 03 20:49:52 nas-2024 nginx-pre-start[2806389]: nginx: [emerg] cannot load certificate "/persist/var/lib/tailscale/certs/cert.pem": BIO_new_file() failed (SSL: error:8000000D:system library::Permission denied:calling fopen(/persist/var/lib/tailscale/certs/cert.pem, r) error:10080002:BIO routines::system lib)
aug. 03 20:49:52 nas-2024 nginx-pre-start[2806389]: nginx: configuration file /nix/store/s4f1q4wpfzq07rlp1pkbcavzrgn31lyi-nginx.conf test failed
aug. 03 20:49:52 nas-2024 systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
aug. 03 20:49:52 nas-2024 systemd[1]: nginx.service: Failed with result 'exit-code'.
aug. 03 20:49:52 nas-2024 systemd[1]: Failed to start Nginx Web Server.
I'm trying to start services.immich w/SSL corts through my services.tailscale, as illustrated in this paste: https://paste.sr.ht/~x10an14/6dc6db515a8695a3a7722b86ff26f2a6aa171af8
I've tried:
- Copying certs manually into path
- Chowning them from
root to nginx ownership
- Testet the nginx config file in online browser validators (it passes)
- Searchin after the error online (can't really find anything w/mention of tailscale, only SELinux/AppArmor really, neither in use on this machine)
| 19:48:48 |
| x10an14 | *SSL certs | 19:53:13 |
| x10an14 | ** tested | 19:53:29 |
 magic_rb | Can you send the output of:
systemctl show nginx | grep -E 'User|Group' (hopefully i got this right, if not, you know what i meant)ls -lah /persist/var/lib/tailscale/certs
| 22:03:45 |
| x10an14 | In reply to @magic_rb:matrix.redalder.org
Can you send the output of:
systemctl show nginx | grep -E 'User|Group' (hopefully i got this right, if not, you know what i meant)ls -lah /persist/var/lib/tailscale/certs
Sure, both of these are in the paste link though | 22:09:31 |
| x10an14 | Here you go:
[2025-08-04 00:10:54] 0 x10an14@nas-2024:~/Documents/sr.ht/nix-configs
-> $ systemctl show nginx | grep -Ei '(user|group)=' && sudo ls -lah /persist/var/lib/tailscale/certs
User=nginx
Group=nginx
DynamicUser=no
SameProcessGroup=no
total 40K
drwxr-xr-x 2 root root 7 aug. 3 20:29 .
drwx------ 4 root root 9 aug. 3 20:29 ..
-rw------- 1 root root 227 aug. 3 20:29 acme-account.key.pem
-rw-r--r-- 1 nginx nginx 2,9K aug. 3 20:29 cert.pem
-rw------- 1 nginx nginx 227 aug. 3 20:29 key.pem
| 22:11:27 |
| magic_rb | In reply to @x10an14:matrix.org
Sure, both of these are in the paste link though oh are they? sorry 😅 | 22:14:40 |
| magic_rb | okay then, try to debug it by becoming nginx :P do nix shell nixpkgs#runit and then chpst -u nginx:nginx bash then try to access it yourself | 22:15:50 |
| magic_rb | if youre able to repro it from a shell its easier to debug | 22:15:59 |
| x10an14 | In reply to @magic_rb:matrix.redalder.org
if youre able to repro it from a shell its easier to debug Gimmie 10min =) | 22:16:33 |
| magic_rb | im going to sleep in 2 minutes :( | 22:16:49 |
| hexa (clat on linux when) | doubt | 22:17:06 |
| magic_rb | i can help tomorrow in the eve if no-one else steps up, also over vc so that youre not typing | 22:17:11 |
| magic_rb | In reply to @hexa:lossy.network
doubt oi, quiet over there | 22:17:20 |
| magic_rb | (did i spell it right?) | 22:17:34 |
| magic_rb | (yes i did) | 22:17:44 |
