SelfPrivacy
/
selfprivacy-nixos-config
6
3
Fork 6
Code Issues 17 Pull Requests 1 Projects Releases Wiki Activity

fix deSEC ACME/lego: polling interval (30), propagation timeout (180) and TTL (3600) #56

Merged
inex merged 1 commits from fix-desec into flakes 2024-03-14 12:24:48 +02:00
Conversation 1 Commits 1 Files Changed 1
alexoundos commented 2024-03-12 18:41:07 +02:00
Collaborator

Combination of these commits worked successfully (obtained ACME certificate on the first try) 3 times in a row when using deSEC DNS:

Combination of these commits worked successfully (obtained ACME certificate on the first try) 3 times in a row when using deSEC DNS: * selfprivacy-nixos-config: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/commit/4c183d5b40f5c373a401053c073a67ff9865baad * selfprivacy-nixos-template: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-template/commit/75eba2cf8dd3f992c501ea36eeec43b35605a3a3 * selfprivacy-nixos-infect: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/commit/221f937cb4336ed967eea6049c17ba4ef3da00bf
inex was assigned by alexoundos 2024-03-12 18:41:07 +02:00
alexoundos added 1 commit 2024-03-12 18:41:08 +02:00
alexoundos commented 2024-03-12 18:44:34 +02:00
Poster
Collaborator 
Mar 12 18:33:33 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:33 [INFO] [*.inukai.beauty, inukai.beauty] acme: Obtaining bundled SAN certificate
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [*.inukai.beauty] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/11632879824
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/11632879834
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [*.inukai.beauty] acme: use dns-01 solver
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: Could not find solver for: tls-alpn-01
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: Could not find solver for: http-01
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: use dns-01 solver
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [*.inukai.beauty] acme: Preparing to solve DNS-01
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [DEBUG] POST https://desec.io/api/v1/domains/inukai.beauty/rrsets/
Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: Preparing to solve DNS-01
Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [DEBUG] PATCH https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [INFO] [*.inukai.beauty] acme: Trying to solve DNS-01
Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [INFO] [*.inukai.beauty] acme: Checking DNS record propagation using [1.1.1.1:53 1.0.0.1:53]
Mar 12 18:34:05 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:34:05 [INFO] Wait for propagation [timeout: 3m0s, interval: 30s]
Mar 12 18:34:05 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:34:05 [INFO] [*.inukai.beauty] acme: Waiting for DNS record propagation.
Mar 12 18:34:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:34:35 [INFO] [*.inukai.beauty] acme: Waiting for DNS record propagation.
Mar 12 18:35:09 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:09 [INFO] [*.inukai.beauty] The server validated our request
Mar 12 18:35:09 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:09 [INFO] [inukai.beauty] acme: Trying to solve DNS-01
Mar 12 18:35:09 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:09 [INFO] [inukai.beauty] acme: Checking DNS record propagation using [1.1.1.1:53 1.0.0.1:53]
Mar 12 18:35:39 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:39 [INFO] Wait for propagation [timeout: 3m0s, interval: 30s]
Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [INFO] [inukai.beauty] The server validated our request
Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [INFO] [*.inukai.beauty] acme: Cleaning DNS-01 challenge
Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [DEBUG] PATCH https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [INFO] [inukai.beauty] acme: Cleaning DNS-01 challenge
Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [DEBUG] PATCH https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/
Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [INFO] [*.inukai.beauty, inukai.beauty] acme: Validations succeeded; requesting certificates
Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
Mar 12 18:35:46 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:46 [INFO] [*.inukai.beauty] Server responded with a certificate.
``` Mar 12 18:33:33 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:33 [INFO] [*.inukai.beauty, inukai.beauty] acme: Obtaining bundled SAN certificate Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [*.inukai.beauty] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/11632879824 Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/11632879834 Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [*.inukai.beauty] acme: use dns-01 solver Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: Could not find solver for: tls-alpn-01 Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: Could not find solver for: http-01 Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: use dns-01 solver Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [*.inukai.beauty] acme: Preparing to solve DNS-01 Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:33:34 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [DEBUG] POST https://desec.io/api/v1/domains/inukai.beauty/rrsets/ Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:34 [INFO] [inukai.beauty] acme: Preparing to solve DNS-01 Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [DEBUG] PATCH https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [INFO] [*.inukai.beauty] acme: Trying to solve DNS-01 Mar 12 18:33:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:33:35 [INFO] [*.inukai.beauty] acme: Checking DNS record propagation using [1.1.1.1:53 1.0.0.1:53] Mar 12 18:34:05 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:34:05 [INFO] Wait for propagation [timeout: 3m0s, interval: 30s] Mar 12 18:34:05 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:34:05 [INFO] [*.inukai.beauty] acme: Waiting for DNS record propagation. Mar 12 18:34:35 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:34:35 [INFO] [*.inukai.beauty] acme: Waiting for DNS record propagation. Mar 12 18:35:09 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:09 [INFO] [*.inukai.beauty] The server validated our request Mar 12 18:35:09 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:09 [INFO] [inukai.beauty] acme: Trying to solve DNS-01 Mar 12 18:35:09 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:09 [INFO] [inukai.beauty] acme: Checking DNS record propagation using [1.1.1.1:53 1.0.0.1:53] Mar 12 18:35:39 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:39 [INFO] Wait for propagation [timeout: 3m0s, interval: 30s] Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [INFO] [inukai.beauty] The server validated our request Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [INFO] [*.inukai.beauty] acme: Cleaning DNS-01 challenge Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:35:44 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:44 [DEBUG] PATCH https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [INFO] [inukai.beauty] acme: Cleaning DNS-01 challenge Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [DEBUG] GET https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [DEBUG] PATCH https://desec.io/api/v1/domains/inukai.beauty/rrsets/_acme-challenge/TXT/ Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [INFO] [*.inukai.beauty, inukai.beauty] acme: Validations succeeded; requesting certificates Mar 12 18:35:45 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:45 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] Mar 12 18:35:46 do-test-machine acme-inukai.beauty-start[1268]: 2024/03/12 18:35:46 [INFO] [*.inukai.beauty] Server responded with a certificate. ```
inex approved these changes 2024-03-13 16:35:56 +02:00
inex merged commit 4c183d5b40 into flakes 2024-03-14 12:24:48 +02:00
inex deleted branch fix-desec 2024-03-14 12:24:48 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
inex
Labels
Clear labels   
Contributions welcome
   
Service packaging
   
bug

Something is not working   
duplicate

This issue or pull request already exists   
enhancement

New feature   
help wanted

Need some help   
invalid

Something is wrong   
question

More information is needed   
wontfix

This won't be fixed
No Label
Contributions welcome
Service packaging
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
inex
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: SelfPrivacy/selfprivacy-nixos-config#56
There is no content yet.
Delete Branch "fix-desec"

Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?