!uagwTOyQbbWrZgwyPO:freedombox.emorrp1.name

Workshop

19 Members
libregaming.org For bursts of high-volume organisational activity | Recently: website design, libre launcher11 Servers

Load older messages

SenderMessageTime
31 Aug 2021
@_xmpp_kris=40outmo.de:matrix.orgKrisfor reference: https://github.com/ctrlaltcoop/certbot-dns-hetzner this should make it fairly easy to generate wildcard certs which makes manageing certs a lot easier13:02:55
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.org(i remember it was not always like that)13:02:57
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgKris, https://github.com/AnalogJ/lexicon13:04:41
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgsupports many providers including those implementing RFC2136/RFC213713:04:57
@_xmpp_kris=40outmo.de:matrix.orgKriscool, thanks for sharing13:06:23
@emorrp1:freedombox.emorrp1.nameemorrp1indeed, lexicon is what I'm using, there's also octodns and dnscontrol etc.13:06:36
@emorrp1:freedombox.emorrp1.nameemorrp1but good find on the certbot integration13:06:47
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgtbh my view on what we could/should do is going to evolve depending on feedback in #libregaming-sysadmin but it's been a while since i heard anything in there13:11:41
@_xmpp_kris=40outmo.de:matrix.orgKriswith it it should be failry easy to set up an xmpp server on a subdomain and use SRV routing to get it working on the main domain without having direct control on the server that hosts the main domain13:11:52
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.organything (almost) will be ok with me as long as we have a consistent strategy and don't just do things randomly until we get our asses bitten :P13:12:02
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgKris, yes... or the same using our own DNS primary server :P13:12:16
@_xmpp_kris=40outmo.de:matrix.orgKrisseems overkill to run your own dns server :p13:12:59
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgKris, overkill? takes just a few megabytes of RAM :P13:13:26
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.org(and it's an important part of the internet ecosystem, we should not centralize everything)13:13:35
@_xmpp_kris=40outmo.de:matrix.orgKrishmm, since you are renting the domain from a provider anyways, I don't see much point except for some very exotic global load balancing situations13:17:10
@_xmpp_kris=40outmo.de:matrix.orgKrisand less moving parts to maintain is always better13:17:39
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgi wouldn't consider DNS a moving part, since it's a foundational piece for internet infrastructure13:18:46
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgalthough it receives a lot of disinterest from people like you who treat it like a secondary artifact :P13:19:22
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgDNS is really cool, despite all of its weaknesses... it's a global decentralized hierarchical-yet-anti-authoritarian database13:19:28
@_xmpp_kris=40outmo.de:matrix.orgKrisI don't think domain registrars and dns servers are too centralized. the entrie dns system is not really decentalzed, but if you accespt that fact then I don't see the problem having the dns server hosted by the ISP or the domain registrar13:19:45
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgapart from a common root, everything is fully decentralized13:20:46
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgbut there's a trend with commercial registrars and DoH resolvers to recentralize everything, and its a worrying trend13:21:16
@_xmpp_kris=40outmo.de:matrix.orgKrisyeah but you always have to referr back to that root, which IMHO does not make it decentralized at all13:21:38
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgthat's a very far-away view of DNS, when you take the delegation process into account, as well as the resolving algorithm, it's in fact a pretty decentralized system where everybody can have many names and noone can seize/invalid them all13:23:18
@_xmpp_kris=40outmo.de:matrix.orgKrisyes the current ideas to encrypt dns are really making things a lot more centralized.13:23:31
@_xmpp_kris=40outmo.de:matrix.orgKrisyes, it has some decentralized characteristics, but ultimatly it is much more centralized then the internet itself13:24:36
@_xmpp_kris=40outmo.de:matrix.orgKrisalthough IP range allocation on the internet is also pretty centralized13:25:06
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgwell IP allocation are somewhat centralized.. there's only 5 (4?) RIRs handing them out :P13:25:13
@_xmpp_kris=40outmo.de:matrix.orgKrisyeah13:25:21
@_xmpp_southerntofu=40militant.es:matrix.org@_xmpp_southerntofu=40militant.es:matrix.orgit's pretty similar to DNS in terms of politics13:25:24

There are no newer messages yet.

Back to Room ListRoom Version: 6