#staff | Logs for 2023-11-05
« return
[00:54:09] <sylvester> 2023-11-05 01:54:09 04mail.soylentnews CRITICAL IRC Certificate00 CRITICAL - Certificate *.soylentnews.org expires in 19 hours (Sun 05 Nov 2023 08:37:17 PM GMT +0000)
[00:56:27] <sylvester> 2023-11-05 01:56:27 04mail.soylentnews CRITICAL SMTP Submission Certificate00 CRITICAL - Certificate *.soylentnews.org expires in 19 hours (Sun 05 Nov 2023 08:37:17 PM GMT +0000)
[13:33:14] <sylvester> 2023-11-05 14:33:14 08soylentnews WARNING PING IPv400 PING WARNING - Packet loss = 0%, RTA = 160.02 ms
[13:38:18] <sylvester> 2023-11-05 14:38:18 03soylentnews OK PING IPv400 PING OK - Packet loss = 0%, RTA = 139.96 ms
[13:50:26] <sylvester> 2023-11-05 14:50:26 08soylentnews WARNING PING IPv400 PING WARNING - Packet loss = 0%, RTA = 151.04 ms
[14:20:30] <sylvester> 2023-11-05 15:20:30 03soylentnews OK PING IPv400 PING OK - Packet loss = 0%, RTA = 122.46 ms
[16:37:15] <k0lie> I'm on magnesium
[16:37:28] <k0lie> The cert bot is ran there manually and with dns as its mode.
[16:37:48] <k0lie> You have to update the named files with the challenge key, update the dns zone serial number, and reload named
[16:37:52] <k0lie> not a great process.
[16:41:40] <fab23> For my setup I have a dedicated subdomain (only on a single nameserver to avoid delays with replication) where the ACME tools in use is allowed to dynamically update the entries. In the domains itself there is just a CNAME for _acme-challenge pointing to a uniq entry in that subdomain.
[16:42:18] <k0lie> yea I just have an automated front end ssl service which gets certs for whatever is used on it.
[16:43:08] <k0lie> thats how staging is setup too
[16:43:22] <k0lie> if dns is pointed to it, it will renew.
[17:19:15] <sylvester> 2023-11-05 18:19:15 04mail.soylentnews CRITICAL SMTP STARTTLS Certificate00 CRITICAL - Certificate *.soylentnews.org expires in 3 hours (Sun 05 Nov 2023 08:37:17 PM GMT +0000)