[01:44:43]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot opened [pull request #1941](https://github.com/YunoHost/apps/pull/1941): Add SourceHut to wishlist
[01:44:43]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot pushed 1 commit to add-to-wishlist-sourcehut: Add SourceHut to wishlist ([3754c2d4](https://github.com/YunoHost/apps/commit/3754c2d4d2a4a419c3e2a87dfda9a3bc031dae6d))
[01:44:43]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot created new branch add-to-wishlist-sourcehut
[12:57:28]
<Mateusz Szymański> ffs, I created OpenSSL cnf for localhost and CSR generated is for domain.tld. WTF?
[13:20:11]
<Mateusz Szymański> > <@orhtej2:matrix.org> ffs, I created OpenSSL cnf for localhost and CSR generated is for domain.tld. WTF?
ah but I'm stupid, I reconfigured `dovecot` while I should have been fighting `postfix` all along
[13:49:43]
<Mateusz Szymański> > <@orhtej2:matrix.org> ah but I'm stupid, I reconfigured `dovecot` while I should have been fighting `postfix` all along
I'm super confused, are self-signed certs isued by YNH considered valid when checking on `localhost`? One would assume they are given they're signed by root CA set on YNH server
[13:58:50]
<Aleks (he/him/il/lui)> uuuuuuh, no we don't really create a certificate for `localhost` ever, localhost has a different meaning depending on the machine, i mean, you're not type `https://localhost` in a browser to reach another machine ...
[14:31:54]
<Mateusz Szymański> > <@Alekswag:matrix.org> uuuuuuh, no we don't really create a certificate for `localhost` ever, localhost has a different meaning depending on the machine, i mean, you're not type `https://localhost` in a browser to reach another machine ...
yeeeah well yes but actually no or smth :P I want a valid cert for localhost only reachable from localhost so that if I `telnet localhost:25` I can have secure TLS session with cert matching the host
[14:32:17]
<Aleks (he/him/il/lui)> dafuq
[14:32:19]
<Mateusz Szymański> or else I need to patch every single app that wants to use mail as app users are only allowed to connect to `localhost`
[14:32:51]
<Aleks (he/him/il/lui)> what about using the explicit domain name ? 😬
[14:33:11]
<Mateusz Szymański> ```
---
Server certificate
subject=CN = localhost
issuer=CN = circledsquareroot.ovh, O = circledsquareroot
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2688 bytes and written 414 bytes
Verification: OK
---
```
I'm getting there :P
[14:33:51]
<Mateusz Szymański> > <@Alekswag:matrix.org> what about using the explicit domain name ? 😬
as expemplified by Friendica IIRC connections to `domain.tld` originate from public IP rather than 127.0.0.1
[14:34:00]
<Mateusz Szymański> (or that depends on software stack?)
[14:35:50]
<Aleks (he/him/il/lui)> that depends on what `domain.tld` resolves to in the context yeah
[14:36:47]
<Mateusz Szymański> you're saying simple fix of adding domain.tld 127.0.0.1 to resolv.conf would do the trick?
[14:36:48]
<Aleks (he/him/il/lui)> supposedly the main domain should resolve to 127.0.0.1 because we tweak it here https://github.com/YunoHost/yunohost/blob/dev/hooks/conf_regen/43-dnsmasq#L84
[14:36:58]
<Aleks (he/him/il/lui)> ah actually that's the "short hostname" wtf
[14:37:26]
<Mateusz Szymański> ```
root@circledsquareroot:/etc/yunohost/certs/localhost# ping circledsquareroot.ovh
PING circledsquareroot.ovh(circledsquareroot.ovh (fe80::aab1:6f39:de3f:78f9%eth0)) 56 data bytes
64 bytes from circledsquareroot.ovh (fe80::aab1:6f39:de3f:78f9%eth0): icmp_seq=1 ttl=64 time=0.067 ms
```
[14:37:29]
<Mateusz Szymański> not rly
[14:37:39]
<Aleks (he/him/il/lui)> zgrbmfl
[14:38:15]
<eric_G> I thinking about reverting the PR on PeerTube 🤔
[14:38:21]
<Aleks (he/him/il/lui)> what's the big deal ?
[14:38:43]
<Mateusz Szymański> ```
root@circledsquareroot:/etc/yunohost/certs/localhost# ping circledsquareroot
PING circledsquareroot (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.054 ms
```
Ah, short hostname :/
[14:38:54]
<Aleks (he/him/il/lui)> > <@orhtej2:matrix.org> not rly
i'm trying to think wether or not we should add every domain to /etc/hosts :| I always forgot why we don't do this in the first place
[14:39:47]
<Mateusz Szymański> > <@ericg:matrix.org> I thinking about reverting the PR on PeerTube 🤔
https://github.com/YunoHost-Apps/peertube_ynh/issues/405 <- ?
Some wrong setting in `nginx.conf` perhaps?
[14:40:18]
<Mateusz Szymański> > <@Alekswag:matrix.org> i'm trying to think wether or not we should add every domain to /etc/hosts :| I always forgot why we don't do this in the first place
that would be something, and probably more elegant solution than me issuing a cert for `lolcathost`
[14:41:33]
<Mateusz Szymański> do we actually have a list of well-known subdomains? line `ns`, `xmpp-upload` etc
[14:46:16]
<Yunohost Git/Infra notifications> [apps] @oufmilo opened [pull request #1942](https://github.com/YunoHost/apps/pull/1942): Update apps.toml (iceshrimp)
[14:48:33]
<Mateusz Szymański> > <@Alekswag:matrix.org> i'm trying to think wether or not we should add every domain to /etc/hosts :| I always forgot why we don't do this in the first place
listing Castopod domain in hosts file actually fixes the mail https://media.giphy.com/media/5GoVLqeAOo6PK/giphy.gif
[14:51:36]
<Aleks (he/him/il/lui)> yeah so i think we so far don't do it because it is "not that trivial" .. ie adding the line is easy, but if a domain gets removed, you want to remove the line ... which actually maybe we can do a simple `sed '/foobar.tld/d'` idk
[14:52:12]
<Aleks (he/him/il/lui)> the point is you can't easily handle /etc/hosts using the regen-conf workflow etc
[14:52:28]
<Aleks (he/him/il/lui)> there's no support for say a `/etc/hosts.d/`
[14:52:54]
<Aleks (he/him/il/lui)> but as said maybe we could do it brutally with `sed`s x_x
[14:54:52]
<Aleks (he/him/il/lui)> Mateusz Szymański: trying to summarize to be sure I understand clearly
- you are trying to configure mail on an app
- the most obvious "host" field would be "localhost", but then the app wants to use TLS and the certificate is not valid and the app doesn't provide a way to ignore the validity of the certificate ?
- then the next obvious value is "the.domain.tld" but this one is not pratical either becauuuuse (?)
[14:58:23]
<orhtej2> > <@Alekswag:matrix.org> Mateusz Szymański: trying to summarize to be sure I understand clearly
> - you are trying to configure mail on an app
> - the most obvious "host" field would be "localhost", but then the app wants to use TLS and the certificate is not valid and the app doesn't provide a way to ignore the validity of the certificate ?
> - then the next obvious value is "the.domain.tld" but this one is not pratical either becauuuuse (?)
@3 because the.domain.tld resolves to external ip and we configured dovecot to only allow app users to connect from localhost
[14:59:35]
<Aleks (he/him/il/lui)> ogod okay
[15:00:05]
<Aleks (he/him/il/lui)> *check notes*
[15:00:08]
<Aleks (he/him/il/lui)> ah yes, here it is :
[15:00:18]
<Aleks (he/him/il/lui)> https://botsin.space/@scream
[15:04:14]
<Yunohost Git/Infra notifications> [apps] @alexAubin [commented](https://github.com/YunoHost/apps/pull/1942#issuecomment-1872153556) on [issue #1942](https://github.com/YunoHost/apps/pull/1942) Update apps.toml (iceshrimp): Hmmokay but its not clear if its working, I cant see any PR or tests on ci-apps-dev ... did you test it locally ? Can...
[15:08:11]
<Aleks (he/him/il/lui)> i guess we could legit create a certificate for localhost 🤦
[15:10:18]
<lapineige> > <@ericg:matrix.org> I thinking about reverting the PR on PeerTube 🤔
Before we can make extensive testing, I'd be in favor of this. This is clearly an app where CI-only isn't enough
[15:18:12]
<Mateusz Szymański> > <@Alekswag:matrix.org> i guess we could legit create a certificate for localhost 🤦
so far I was able to create one trusted by OpenSSL but not by CURL for some reason
[15:19:23]
<Yunohost Git/Infra notifications> [apps] @oufmilo [commented](https://github.com/YunoHost/apps/pull/1942#issuecomment-1872163853) on [issue #1942](https://github.com/YunoHost/apps/pull/1942) Update apps.toml (iceshrimp): In progress ... 😄 https://github.com/YunoHost-Apps/iceshrimp_ynh/pull/4/
[15:26:36]
<Aleks (he/him/il/lui)> > <@orhtej2:matrix.org> so far I was able to create one trusted by OpenSSL but not by CURL for some reason
omg yes curl has some epic issue with certs that I noticed in some super werid build stuff
[15:26:54]
<Aleks (he/him/il/lui)> i legit lost 50 mental health point trying to debug it and it somewhat vanished randomly and no clue wtf
[15:27:59]
<Aleks (he/him/il/lui)> and it was about like, *external* certificates
[15:28:10]
<Aleks (he/him/il/lui)> wget was happy about it, but not curl
[15:28:11]
<Aleks (he/him/il/lui)> ¯\_(ツ)_/¯
[16:20:01]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot opened [pull request #1943](https://github.com/YunoHost/apps/pull/1943): Add Magnetico to wishlist
[16:20:01]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot pushed 1 commit to add-to-wishlist-magnetico: Add Magnetico to wishlist ([235fc0b8](https://github.com/YunoHost/apps/commit/235fc0b8627edc433276ffff5b1b85f304c6acf4))
[16:20:02]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot created new branch add-to-wishlist-magnetico
[16:24:48]
<rodinux> I think I can add a config file for personalisations in the `$data_dir/data/` folder without breaking the code with this PR https://github.com/YunoHost-Apps/paheko_ynh/pull/50
Should I improve this code ? Do you agree ?
[16:26:50]
<Yunohost Git/Infra notifications> [apps] @ericgaspar [commented](https://github.com/YunoHost/apps/pull/1943#issuecomment-1872202608) on [issue #1943](https://github.com/YunoHost/apps/pull/1943) Add Magnetico to wishlist: Doubt someone will package what seems to be an abandoned an app
[16:29:17]
<Yunohost Git/Infra notifications> [apps] @alexAubin closed [pull request #1943](https://github.com/YunoHost/apps/pull/1943): Add Magnetico to wishlist
[16:29:18]
<Yunohost Git/Infra notifications> [apps] @alexAubin deleted branch add-to-wishlist-magnetico
[16:50:56]
<eric_G> mmh... so I reverted #391 commit made to master on PeerTube. How do I get https://github.com/YunoHost-Apps/peertube_ynh/pull/391 to a new branch 🤔
[16:51:25]
<Tag> Huh I guess you'll need CLI
[16:51:57]
<Tag> git checkout <commit sha> and then git checkout -b <new branch name>
[16:52:13]
<Tag> something like that
[17:00:37]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot opened [pull request #1944](https://github.com/YunoHost/apps/pull/1944): Update app levels according to CI results
[17:00:37]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot pushed 1 commit to update_app_levels: Update app levels according to CI results ([72fb45aa](https://github.com/YunoHost/apps/commit/72fb45aae211052659a09a534e88dea7e57f4bbf))
[17:00:38]
<Yunohost Git/Infra notifications> [apps] @yunohost-bot created new branch update_app_levels
[17:04:05]
<eric_G> > <@tag:lostpod.me> git checkout <commit sha> and then git checkout -b <new branch name>
bon, j'ai failed :/
[17:05:11]
<Tag> j'essaye de te faire ça
[17:10:43]
<Tag> eric_G: https://github.com/YunoHost-Apps/peertube_ynh/tree/testing-old
[17:13:52]
<eric_G> thanks!
[17:16:25]
<Tag> eric_G: Oh, this will not work... please wait a bit more
[17:18:37]
<Tag> voilà https://github.com/YunoHost-Apps/peertube_ynh/pull/408
[17:29:42]
<Yunohost Git/Infra notifications> [apps] @oufmilo [commented](https://github.com/YunoHost/apps/pull/1942#issuecomment-1872234740) on [issue #1942](https://github.com/YunoHost/apps/pull/1942) Update apps.toml (iceshrimp): Failure because the application is not flagged as working in YunoHosts apps catalog ?
[17:31:36]
<Yunohost Git/Infra notifications> [apps] @alexAubin [commented](https://github.com/YunoHost/apps/pull/1942#issuecomment-1872235634) on [issue #1942](https://github.com/YunoHost/apps/pull/1942) Update apps.toml (iceshrimp): [alrighty-then](https://github.com/YunoHost/apps/assets/4533074/218844a2-a73c-4d74-a066-2acedbed8cab)
[17:31:39]
<Yunohost Git/Infra notifications> [apps] @alexAubin merged [pull request #1942](https://github.com/YunoHost/apps/pull/1942): Update apps.toml (iceshrimp)
[17:31:39]
<Yunohost Git/Infra notifications> [apps] @alexAubin pushed 2 commits to master ([a78b586b15f0...694a3d26c5eb](https://github.com/YunoHost/apps/compare/a78b586b15f0...694a3d26c5eb))
[17:31:43]
<Yunohost Git/Infra notifications> [apps/master] Update apps.toml - oufmilo
[17:31:47]
<Yunohost Git/Infra notifications> [apps/master] Merge pull request #1942 from oufmilo/patch-6 Update apps.toml (iceshrimp) - Alexandre Aubin
[17:51:13]
<lapineige> After such a revert, what will happen for end users ? Will they come back to the previous version ?
[17:52:34]
<eric_G> > After such a revert, what will happen for end users ? Will they come back to the previous version ?
they will not get a buggy update 😶🌫️
[17:52:51]
<Tag> And the ones who did will have to restore the backup
[17:53:03]
<lapineige> Yeah that's very important. Just wondering about the one who already did it 🤔
[17:53:32]
<eric_G> and they will have to wait looooong time before having a new update 😬
[17:54:08]
<lapineige> > <@ericg:matrix.org> and they will have to wait looooong time before having a new update 😬
That never were a big deal, let's take the time needed 🙂
[17:54:44]
<eric_G> we just need someone to work on it 🫠
[17:55:11]
<lapineige> (Ah merci Tag, j'avais pas vu ton `testme`)
[17:55:27]
<lapineige> > <@ericg:matrix.org> we just need someone to work on it 🫠
I'm trying it, the issue is that I don't understand what is the problem…
[17:56:05]
<lapineige> By the way I've got 2 Peertube instances, one not being a very touchy production server, so I can provide some manual testings 🙂
To me for such an app any major upgrade *should be manually tested, at least with video uploads*.
[22:19:27]
<Yunohost Git/Infra notifications> [apps] @OniriCorpe [commented](https://github.com/YunoHost/apps/pull/1926#issuecomment-1872368837) on [issue #1926](https://github.com/YunoHost/apps/pull/1926) Add JItsi BRoadcasting Infrastruct to wishlist: it looks really cumbersome to setup and very hacky, so Im not sure its worth spending so much energy on a package that...
[22:20:04]
<Yunohost Git/Infra notifications> [apps] @OniriCorpe [commented](https://github.com/YunoHost/apps/pull/1926#issuecomment-1872368837) on [issue #1926](https://github.com/YunoHost/apps/pull/1926) Add JItsi BRoadcasting Infrastruct to wishlist: it looks really cumbersome to setup and very hacky, so Im not sure its worth spending so much energy on a package that...
[22:21:32]
<Yunohost Git/Infra notifications> [apps] @OniriCorpe [commented](https://github.com/YunoHost/apps/pull/1913#discussion_r1438430961) on pull request #1913 Add Gophish to wishlist: oof yes