-
benk
So what do we talk about here usually, as service operators
-
jonasβ
benk, https://xmpp.org/community/channels/operators/ see On-Topicness in that document. Generally, we don't have much social chat here, just focused, high signal/noise ratio on-topic chat
-
benk
Thanks
-
edhelas
Mostly blaming the other operators on how to configure better their own servers/fix their certificates :p
-
diane
I'm here lurking to stay up to date on xmpp anti-spam measures
-
benk
I don't get any spam, knock on wood. I'm guessing spammers are unaware of my jid's existence
-
diane
Eventually russian carders found me.
-
moparisthebest
I thought this was the tell-other-operators-their-letsencrypt-certificate-renewal-broke channel ?
-
diane
probably also valid
-
diane
I still don't think my certbot deploy-hook argument causes everything to reload correctly
-
moparisthebest
long ago I had problems making prosody reload my cert with the standard `systemctl reload`, so I changed it to restart, and haven't touched it since :/
-
moparisthebest
I think that's supposed to be fixed now but a hard restart every 2 months is also fine so I don't care, I guess
-
diane
by default reload doesn't reload the certs on prosody, but they added a module https://modules.prosody.im/mod_reload_modules.html
-
moparisthebest
yea, that broke mod_tls in strange ways years ago though
-
diane
ah ok
-
diane
well i just added it, and will see how things go wrong in a couple months
-
moparisthebest
ha yea that's the worst part, the slow testing cycle
-
Menel
diane: a simple reload is enough with prososy 0.12 no need for extra modules or whatever
-
diane
oh cool
-
diane
my server is on debian stable so i still have 0.11, using the version in backports is on the list of things to try when i have some free time
-
Menel
The recommended way is the prosodyctl cert importer as hook in the acme client
-
diane
oh?
-
Menel
diane: costs around 3 min to do it. Included is reading the doc https://prosody.im/download/package_repository
-
diane
π
-
Menel
Add backports and do: sudo apt install extrepo sudo extrepo enable prosody sudo apt update sudo apt install prosody And done. If the config isn't very strange from the standard everything will just continue to work. But doesn't hurt to read the release notes.. But then 3 min is maybe not enough π
-
diane
π yeah