XMPP Service Operators - 2021-04-28

Grr! Another system hang

Holger, yeah, another UDP protocol I saw the other day (I don’t recall which) requires that the initiator first sends a zero-byte packet and the responder will send a zero-byte packet and only then further exchange happens

something like that would be sensible… probably not with zero bytes, but requiring that the initial request is >= the response

I still need to check how you manage to get that 1:5 ratio though. Typically, request and response sizes should be much closer.

I mean if that just works by omitting request fields that are mandatory in practice, maybe the server could ignore those requests after all. But no idea.

> Establishing a secure connection from muc.tigase.org to lebihan.pl failed. Certificate hash: 6309c033094e3d8fb71d4dea59197ac81bd38240a4c03a68c10fee75fc09ac47. Error with certificate 0: certificate has expired. Told them also yesterday in their muc but no reply so far.

Holger, I think I have pcaps

(and this is for STUN, mind)

My logs are spammed every second :( > [info] <0.296.0>@ejabberd_listener:accept:273 (<0.21543.0>) Accepted connection hidden_by_ejabberd -> LANIP:5269 > [info] <0.21543.0>@ejabberd_s2s_in:process_closed:132 Closing inbound s2s connection tigase.org -> mydomain.tld: Stream closed by local host: not-authorized

I've reached Tigase devs now, certbot fail...heh

has anyone ever said anything good about certbot

I've never seen anyone say "certbot just worked"

_Happy customers don't complain_

I've seen a lot of, and also said a lot of times, "acme.sh just worked" so I'm not sure that's true

Yeah, acme.sh just failed for me last week http response 0 bytes, fun. I've put it to test 2 days later and it worked fine now.

> I've never seen anyone say "certbot just worked" I never talk about certbot as it just works.

certbot just orks.

Tigase is still not reachable from here.

Didn't say they fixed it :))

Isn't manually running the certbot command and reloading services done in a few seconds?

my LE workflow involves running multiple scripts on two machines and copy&pasting a cert from stdin into a script on a third machine.

You don't want to do that, every 3 months, it's tiresome :)) You'll eventually automate...and then...bang

Yeah.

Eventually

Ad also push.tigase.im seems affected it is probably a quite day for siskin users.

Until this cron resched for me, I never had a successful update.

Martin: it's a quiet day lol ✏

I use dehydrated and if something fails it should warn via xmpp... But in never failed so far..

now you've done it menel , gone and jinx'd yourself

😄, yeah at work I'm also that guy.. "Man this shift is ok" Everyone: "aaah!"

jonas’, thanks for your mail to operators@, not sure why I got it twice though

probably you got my copy, because I got none

but that might just be the xmpp list server discriminating against me as usual

last I looked it still needed fixes for DKIM etc

I don’t care about DKIM

I don't get probably half of emails to the lists, I stopped looking at them

so that’s not it

everyone else does though

doesn’t help with the specific issue that my mails are sometimes stuck for half an hour in the list queues

yea, I'm just saying half the people subscribed to the lists miss half the messages, adjust the percentages as you see fit

moparisthebest, yeah, if you have any practical suggestions on how to fix it, go ahead

in iteam@ preferrably

then we can get someone with +w on the mailman to fix it

I have before but I can do it again

even though I think that DKIM was a terrible idea for private email addresses, but whatever.

> jonas’, thanks for your mail to operators@, not sure why I got it twice though Me too ✏

> X-Clacks-Overhead: GNU Terry Pratchett 🤔

Wow, that's a blast from the past!

https://xclacksoverhead.org/home/about

Sweet.

I recall having read one or two discworld books but I can barely remember. Something about wearing puppets on the hips or so. 😁

I think Small Gods was my first, followed by Reaper Man. I had quite a collection, but my ex-wife took most of them.

I've got a bunch of them on dead tree, but rather re-reading during sleepless nights on the phone AMOLED, red-on-black

Seems I also get ML replies twice.

maybe accidentally subscribed twice?

I only got one.

> maybe accidentally subscribed twice? I recall I already asked whether I'm subscribed twice and nobody knew and from the mail headers I could not tell.

So little activity there so I forgot. 😂

jonas’: I also get two and I don't think you can subscribe twice with the same address

OK, found it, Link Mauve subscribed our admin redirect at jabberfr to the mailing list too 😅

» <Licaon_Kter> Yeah, acme.sh just failed for me last week http response 0 bytes, fun. acme.sh doesn't include a webserver

tom: you wanted to say something but stopped at the middle? Also missed the part where I said it run again later successfully so there was no missing thing (on my side)? ✏

tom: you wanted to say something but stopped in the middle? Also missed the part where I said it run again later successfully so there was no missing thing (on my side)? ✏

No