Conversation

Notices

1. 0 (https://pl.absolutelyproprietary.org/users/0)'s status on Monday, 07-Oct-2024 02:14:30 JST 0
   Worse than Newt, who shills for Redmond. Do you realize how annoying you need to be to outrank Microsoft?
   • † top dog :pedomustdie: (dcc@annihilation.social)'s status on Monday, 07-Oct-2024 02:14:26 JST † top dog :pedomustdie:

     in reply to

     • Phantasm
     • pwm
     @0 @phnt @pwm Just install :slackware:
   • 0 (https://pl.absolutelyproprietary.org/users/0)'s status on Monday, 07-Oct-2024 02:14:27 JST 0

     in reply to

     • Phantasm
     • pwm
     @phnt @pwm
     
     Deploying any more Linux is already "when demanded by service." I'm 100% sold on some mutation of 9 for daily use personally.
   • 0 (https://pl.absolutelyproprietary.org/users/0)'s status on Monday, 07-Oct-2024 02:14:28 JST 0

     in reply to

     • pwm
     @pwm My next Linux install will be GNU free.
   • Phantasm (phnt@fluffytail.org)'s status on Monday, 07-Oct-2024 02:14:28 JST Phantasm

     in reply to

     • pwm
     @0 @pwm I'm getting annoyed with Linux distros (especially on servers) to the point that some day I'll probably partially switch to BSDs as source-based distros and Alpine are becoming the only sane ones to use.
   • pwm (pwm@pl.absolutelyproprietary.org)'s status on Monday, 07-Oct-2024 02:14:29 JST pwm

     in reply to
     @0 The best reason to be all in on musl is gnutards
   • Pawlicker (purpcat@clubcyberia.co)'s status on Monday, 07-Oct-2024 03:04:57 JST Pawlicker

     in reply to

     • Phantasm
     • pwm
     @phnt @0 @pwm >when you find out that nothing supports BSD and requires hacks to work
   • 0 (https://pl.absolutelyproprietary.org/users/0)'s status on Monday, 07-Oct-2024 03:05:04 JST 0

     in reply to

     • Phantasm
     • Pawlicker
     • pwm
     @PurpCat @phnt @pwm
     
     SysD Fans when a blob stops working and it won't post.
   • Phantasm (phnt@fluffytail.org)'s status on Monday, 07-Oct-2024 09:12:20 JST Phantasm

     in reply to

     • þernia
     • pwm

     @pernia @0 @pwm relayd is a bit retarded, that it by default looks for TLS certs/keys with the same IP the relay listens on. Because I wanted to support serving on subdomains with a different cert than the main domain, I would have to use the alternative way of using an IP and appending the port to name of the cert/key. I tried to make it work for 2 hours and failed.

     Now for what I meant. There's a config option in relayd, that allows it to search for certs/keys with a name instead of the IP. You just have to use a somewhat non-standard file extension for the fullchain certificate (something.crt instead of something.pem). It specifically has to be the fullchain certificate, otherwise any client won't be able to verify the CA that signed your certificate as it is not included.

     To simplify it even more, setup acme-client like the screenshot and then tell relayd to use that name you chose in that config with this option in the protocol declaration. File extension must not be included.

     Or alternatively wait a week and I'll commit the updated relayd/httpd config along with the updated docs on how to set it up. I just have to write a redirect for serving media on a subdomain and a forward based on HTTP headers. It's nearly done.

     
     
     † top dog :pedomustdie: likes this.
   • þernia (pernia@cum.salon)'s status on Monday, 07-Oct-2024 09:12:21 JST þernia

     in reply to

     • Phantasm
     • pwm
     @phnt @0 @pwm based man, thanks.
     
     >TLS uses a tls config declaration instead of the IP symlink.
     Pardon my ignorance, what does this mean? What i know about tls is setting up acme-client and httpd and whabam
   • þernia (pernia@cum.salon)'s status on Monday, 07-Oct-2024 09:12:22 JST þernia

     in reply to

     • Phantasm
     • pwm
     @phnt @0 @pwm have u tries pleroma on openbsd? back when salon was on the cheapest vps from frantec we used that, but ive been told the config instructions provided on the pleroma page are now out of date
   • Phantasm (phnt@fluffytail.org)'s status on Monday, 07-Oct-2024 09:12:22 JST Phantasm

     in reply to

     • þernia
     • pwm
     @pernia @0 @pwm oban.borked.technology is running on it. The installation instructions are outdated, but still mostly apply. The rc script requires a small change and media proxy can't work with relayd/httpd as they don't have any caching capability.
     
     For more up to date documentation, you can check out the MR I created, which isn't fully done yet as the relayd/httpd config needs some more polish.
     
     The nginx part is untested, but it should work.
     relayd/httpd configuration currently ignores serving on subdomains and TLS uses a tls config declaration instead of the IP symlink.
     
     https://git.pleroma.social/pleroma/pleroma/-/merge_requests/4258
   • Phantasm (phnt@fluffytail.org)'s status on Monday, 07-Oct-2024 09:12:23 JST Phantasm

     in reply to

     • pwm
     @0 @pwm I was pleasantly surprised when all my services are packaged and working on OpenBSD. For daily desktop use, I'm stuck with Linux, because I need a performant hypervisor and Docker.