| 11 May 2025 |
 netpleb | regardless, thank you all here for your help! | 02:47:58 |
| netpleb | * I am not sure of what the root cause is (I am not an expert in this stuff and had to learn a bunch about systemd-network to even get this far), but all I know is that once I finally whittled it down to the smallest possible config that still worked correctly and then removed the LinkLocalAddressing = "no" line (thereby reverting to the default "yes" behavior), the container all of a sudden would timeout trying to reach wait-online (thereby triggering the original issue I was having).
Who knows. I am just happy it finally works! Now the container boots typically 11 seconds (including checking certs and such) instead of the multiple minutes it was taking before.
| 02:48:56 |
| netpleb | * I am not sure of what the root cause is (I am not an expert in this stuff and had to learn a bunch about systemd-network to even get this far), but all I know is that once I finally whittled it down to the smallest possible config that still worked correctly and then removed the LinkLocalAddressing = "no" line (thereby reverting to the default "yes" behavior), the container all of a sudden would timeout trying to reach wait-online, thereby triggering the original issue I was having.
Who knows though. I am just happy it finally works! Now the container boots typically 11 seconds (including checking certs and such) instead of the multiple minutes it was taking before.
| 02:49:18 |
| 15 May 2025 |
 m1cr0man | Any chance of seeing this one merged soonish? https://github.com/NixOS/nixpkgs/pull/376334 | 20:30:23 |
| 16 May 2025 |
 hexa | m1cr0man: in principle yes, but shouldn't the assert look at more options to to check domain && keyType || csr? | 09:16:10 |
| hexa | * m1cr0man: in principle yes, but shouldn't the assert look at more options to check domain && keyType || csr? | 09:16:27 |
| hexa | because right now they're silently unused when a csr get configuredt | 09:17:04 |
| hexa | hm, domain is the key in the attrset, so maybe not | 09:25:17 |
| hexa | and keyType always has a default | 09:25:21 |
| hexa | so yeah, no | 09:25:26 |
| hexa | also can the acme team please just dissolve? | 09:26:41 |
| hexa | it is clearly m1cr0man who reviews everything | 09:27:43 |
| hexa | and then someone active in this room merging the thing | 09:27:53 |
| hexa | aanderse, Arian please reconsider your ACME team membership | 09:28:17 |
| hexa | also https://github.com/orgs/NixOS/teams/acme has no maintainer role set | 09:33:38 |
| hexa | m1cr0man: ask in #org_owners:nixos.org to for that role | 09:33:59 |
