NixOS ACME / LetsEncrypt

46 Members
Another day, another cert renewal26 Servers

Load older messages

20 May 2022
@jeff:ocjtech.usJeff joined the room.18:18:27
27 May 2022
@hexa:lossy.networkhexaI'm seeing a problem with lego dns01 wildcard certificates not following a _acme-challenge.example.com for *.example.com 20:41:12
@hexa:lossy.networkhexait just tries to write the TXT record to the example.com zone20:41:28
@hexa:lossy.networkhexasadly lego's logging in this case is non existant … https://github.com/go-acme/lego/issues/103920:42:20
@m1cr0man:m1cr0man.comm1cr0manfor what backend?23:39:52
28 May 2022
@hexa:lossy.networkhexasorry, was an issue with an old lego release01:02:13
@zhaofeng:zhaofeng.liZhaofeng Li joined the room.02:44:28
9 Jun 2022
@v0id:nltrix.netv0|d joined the room.22:39:14
10 Jun 2022
@hexa:lossy.networkhexathe acme test is currently blocked by mypy typechecking14:40:00
diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix
index 2dd06a50f40..467623fafc1 100644
--- a/nixos/tests/acme.nix
+++ b/nixos/tests/acme.nix
@@ -578,7 +578,7 @@ in {
               check_connection(client, test_domain)
-              rc, _ = client.execute(
+              rc, __ = client.execute(
                   f"openssl s_client -CAfile /tmp/ca.crt -connect {test_alias}:443"
                   " </dev/null 2>/dev/null | openssl x509 -noout -text"
                   f" | grep DNS: | grep {test_alias}"
@hexa:lossy.networkhexa because _ is used some lines earlier as a result for a string 14:41:43
building '/nix/store/c3cisgffip8i49b32ijvwrr02d6ssyvl-nixos-test-driver-acme.drv'...
testScriptWithTypes:299: error: Incompatible types in assignment (expression
has type "str", variable has type "int")
            rc, _ = client.execute(
Found 1 error in 1 file (checked 1 source file)
@hexa:lossy.networkhexa m1cr0man^ 14:54:41
@m1cr0man:m1cr0man.comm1cr0manOh grand I'll get on that tonight!14:55:36
@hexa:lossy.networkhexathe patch above works, just not sure if that is the nice way 😄14:56:03
@hexa:lossy.networkhexa tbh _ should be treated differently 14:56:15
@m1cr0man:m1cr0man.comm1cr0manYeah I'm surprised mypy is complaining about it, pretty sure _ is generally regarded as a discard assignment14:57:49
@hexa:lossy.networkhexa we could rc = client.execute()[0] 14:58:26
27 Jun 2022
@tinybronca:sibnsk.nettinybronca joined the room.08:21:01
@tinybronca:sibnsk.nettinybronca 08:22:48
12 Jul 2022
@pederbs:pvv.ntnu.nopederbs joined the room.22:39:02
26 Jul 2022
@tinybronca:sibnsk.nettinybronca changed their display name from tinybronca to tailrec.14:46:33
@tinybronca:sibnsk.nettinybronca changed their display name from tailrec to tinybronca.16:01:31
1 Aug 2022
@better_sleeping:converser.eu@better_sleeping:converser.eu joined the room.09:13:07
@better_sleeping:converser.eu@better_sleeping:converser.eu left the room.09:13:24
5 Aug 2022
@raitobezarius:matrix.orgraitobezarius Hey there, I ran into an unexpected edge case, I have some SSL cert containing multiple aliases, it is still "alive" but when I remove one of the server name, it still tries to generate a SSL cert for this multiple alias even if the domain declaration set do not contain this particular domain I removed 17:56:47
@raitobezarius:matrix.orgraitobezariusDoes it ring a bell?17:56:56
@raitobezarius:matrix.orgraitobezariusI see some domainhash.txt so I guess I should bust it ahem18:01:06
@raitobezarius:matrix.orgraitobezariushm, just deleted the lego state, worked fine18:03:14

There are no newer messages yet.

Back to Room ListRoom Version: 6