From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#32845: guix.info: Missing manual Date: Fri, 28 Sep 2018 22:03:25 +0200 Message-ID: <87h8i91jaq.fsf@gnu.org> References: <87y3bolf9v.fsf@ambrevar.xyz> <874lect9x0.fsf@elephly.net> <87efdgjb7h.fsf@ambrevar.xyz> <87zhw4rpel.fsf@elephly.net> <87ftxv3vf4.fsf@gnu.org> <87r2hfrmcf.fsf@elephly.net> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:38372) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g5yzc-0000dX-AJ for bug-guix@gnu.org; Fri, 28 Sep 2018 16:04:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g5yzb-0004TO-Eb for bug-guix@gnu.org; Fri, 28 Sep 2018 16:04:04 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:53747) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1g5yza-0004T8-OJ for bug-guix@gnu.org; Fri, 28 Sep 2018 16:04:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1g5yza-0004QU-GD for bug-guix@gnu.org; Fri, 28 Sep 2018 16:04:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <87r2hfrmcf.fsf@elephly.net> (Ricardo Wurmus's message of "Thu, 27 Sep 2018 17:28:32 +0200") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ricardo Wurmus Cc: Pierre Neidhardt , 32845@debbugs.gnu.org Hello! Ricardo Wurmus skribis: > Ludovic Court=C3=A8s writes: [...] >> I wonder what should be done with guix.info: should we keep it as a >> mirror, or should it redirect to gnu.org, or the opposite? > > I really don=E2=80=99t know. I didn=E2=80=99t plan for guix.info to beco= me popular, but > it certainly is convenient right now as we can change DNS records at a > whim. > > Currently, the manual shown on guix.info is fairly close to the latest > in git. This means it contains documentation about channels, which > cannot be found in the latest release that matches the manual on > gnu.org. Yes, it=E2=80=99s convenient. >> My initial plan was to use guix.gnu.org as the primary domain but we=E2= =80=99re >> stuck with the =E2=80=9CLet=E2=80=99s Encrypt vs. multiple entries in DN= S A records=E2=80=9D >> issue. At the same time, guix.info works just fine. > > I thought the bigger issue was running a DNS server, which is something > I=E2=80=99ve never done and wouldn=E2=80=99t like to take on myself. I=E2=80=99ve never done it either :-) but our Knot service makes it looks e= asy. > The problem with naive Let=E2=80=99s Encrypt updates is that automatic > challenges might fail when the =E2=80=9Cwrong=E2=80=9D server is returned= by the DNS > server. =E2=80=9Ccertbot=E2=80=9D can be used with manual DNS validation= , which > requires us to deploy a DNS TXT record. This can be automated with > certbot hooks (scripts that have access to the token that should be > published via environment variables) or through JSON mode, which returns > an object with the token that can be processed through other means. I didn=E2=80=99t know about all this! Looks like our Certbot service doesn= =E2=80=99t support it though? > I think the Let=E2=80=99s Encrypt updates shouldn=E2=80=99t be a blocker. To me it was the main blocker. Let=E2=80=99s see if we can bring more knowledgeable people on board=E2=80= =A6 Ludo=E2=80=99.