| Time |
Nick |
Message |
| 06:06 |
|
CWz joined #minetest-hub |
| 06:50 |
|
olliy joined #minetest-hub |
| 09:08 |
|
Kimapr0 joined #minetest-hub |
| 09:17 |
|
calcul0n__ joined #minetest-hub |
| 09:24 |
|
entuland joined #minetest-hub |
| 10:21 |
|
Kimapr joined #minetest-hub |
| 10:46 |
|
Fixer joined #minetest-hub |
| 13:08 |
|
calcul0n_ joined #minetest-hub |
| 17:20 |
|
entuland joined #minetest-hub |
| 17:38 |
|
olliy joined #minetest-hub |
| 18:38 |
|
Kimapr joined #minetest-hub |
| 19:10 |
Krock |
Does anyone have an idea what this could possibly mean? recv() failed (113: No route to host) while requesting certificate status, responder: <snip>, peer: <snip>:80, certificate: "<snip>/fullchain.pem" |
| 19:10 |
Krock |
seems like the VPS has no DNS access? |
| 19:12 |
|
garywhite joined #minetest-hub |
| 19:13 |
MTDiscord |
<Warr1024> Context? Are you trying to run an HTTPS server with OCSP stapling enabled? |
| 19:13 |
Krock |
personal VPS with letsencrypt defaults |
| 19:13 |
Krock |
failed approx. half an hour ago |
| 19:14 |
MTDiscord |
<Warr1024> Is it actually affecting service? As I understand it OCSP stapling is a nice performance and privacy boost, but generally NOT required. |
| 19:14 |
MTDiscord |
<Warr1024> It could possibly just be a temporary thing that might be retriable. |
| 19:14 |
Krock |
> systemd-resolve --status |
| 19:14 |
Krock |
> Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found. |
| 19:15 |
MTDiscord |
<Warr1024> Some web servers, also (like nginx) actually implement their own resolvers and may need to be explicitly given a DNS server IP in the config. |
| 19:15 |
Krock |
mhm |
| 19:15 |
rubenwardy |
maybe try restarting? |
| 19:15 |
Krock |
there was no such need yet |
| 19:15 |
Krock |
rubenwardy: I wish I wouldn't need to do that |
| 19:15 |
Krock |
but might solve the issue right away |
| 19:16 |
MTDiscord |
<Warr1024> I'd check it out with an SSL Labs scan |
| 19:16 |
MTDiscord |
<Warr1024> if it's looking mostly alright then it's not urgent to reboot immediately. |
| 19:16 |
MTDiscord |
<Warr1024> Just pick a time when it's convenient if you can, I guess |
| 19:16 |
Krock |
> Unable to resolve domain name |
| 19:16 |
MTDiscord |
<Warr1024> If you're using a local proxy DNS resolver or something you might try kicking that over |
| 19:16 |
Krock |
no this is not alright. rebooting |
| 19:17 |
MTDiscord |
<Warr1024> Unable to resolve domain name from outside? Are you running your own DNS zones or something? |
| 19:20 |
|
Fixer joined #minetest-hub |
| 19:28 |
|
Krock joined #minetest-hub |
| 19:30 |
Krock |
apparently this isn't the first outage in the last few hours |
| 19:44 |
sfan5 |
my educated guess: nginx has ocsp stapling enabled and cannot reach the certificate issuers server to retrieve an OCSP response |
| 19:45 |
MTDiscord |
<Warr1024> Yeah, that was my guess, but if it's causing an outage then it sounds deeper than that, since OCSP stapling should fallback gracefully. |
| 19:46 |
sfan5 |
if there is an outage then it's unrelated to this |
| 19:59 |
Krock |
hmm anyway. filed a ticket. thanks for the help! |
| 22:33 |
|
Kimapr1 joined #minetest-hub |
| 23:52 |
|
Alias2 joined #minetest-hub |
