Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Ondřej Surý
@oerdnj
so excuse my crankiness after the midnight in a cold house
does your lenovo overheat? I could have a use for it right now at this moment
Andreas Rammhold
@andir
well I think that was the origin of my display issues.. it doesn't overheat as much anymore.. even thought I'm running intel + nouveau these days
Ondřej Surý
@oerdnj
tell me more about the overheating devices :-)))))
Andreas Rammhold
@andir
1 sec let me turn the heater on :P
Ondřej Surý
@oerdnj
I would be so pissed if it were some cheap chinese shit (no offense to your lenovo :-P), but that's a 10+k EUR heat pump
Andreas Rammhold
@andir
did you open it yet?
Maybe it is obvious ? :D
Ondřej Surý
@oerdnj
high pressures involved :(
there was a lightning that blew some electronics in my house at the beginning of the summer. Maybe it's just it's legacy since the failure just happens when theres zero degrees or less outside.
Anyway thanks for the chat and the testing domain. I should get to bed, kids will wake me up early tomorrow.
Andreas Rammhold
@andir
np, I'm most thankful for all the work you do at the CZ.NIC ;-)
Florian Klink
@flokli
oerdnj: so it looks like you didn't completely turn into ice that night? :-D
Ondřej Surý
@oerdnj
@flokli It's not the first time it happened, so we bought direct electrical heaters in hobbymarket - not the cheapest heating option thoug
Florian Klink
@flokli
i can imagine… france has these kinds of problems atm
Andreas Rammhold
@andir
just let the supplier pay for it.. I mean if they can't fix it...
Ondřej Surý
@oerdnj
@andir well, I would like to avoid a law suit if possible, that's never a good thing
Andreas Rammhold
@andir
true, but freezing also sucks :D
Florian Klink
@flokli
oerdnj: testing
Ondřej Surý
@oerdnj
@flokli yes?
Florian Klink
@flokli
oerdnj: new release already in the works? :-D
Ondřej Surý
@oerdnj
@flokli We have managed to fix the SERVFAIL on @andir domain, so I am just tagging rc2 and hopefully 1.2.0 will get released sometime in next week or two
Florian Klink
@flokli
okay great :-)
Ondřej Surý
@oerdnj
@andir If you could try your domain with clean cache on 1.2.0~rc2-1
Andreas Rammhold
@andir
oerdnj: on it
Ondřej Surý
@oerdnj
@andir there are some CNAMEs in NS (haven't checked where) that have been invalidly caught by CNAME loop detection mechanism, so your's was a real bug
Andreas Rammhold
@andir
oerdnj: works on first request
just upgraded & cleared cache
Ondřej Surý
@oerdnj
+1
have a nice weekend folks
Andreas Rammhold
@andir
thank you for fixing it, have a nice (warm) weekend :D
Florian Klink
@flokli
I think it's time to update the repo description: "Knot DNS Resolver - resolve names like it's 2016 https://www.knot-resolver.cz/"
:-D
Vladimír Čunát
@vcunat
:-)
Vladimír Čunát
@vcunat
For reference, we finally released 1.2.0 yesterday. I believe it's much better tested than any our previous release. Thanks!
Andreas Rammhold
@andir
yay thats good new :D
Florian Klink
@flokli
\o/
Peter
@petzah
I've just installed knot-resolver from strech debian repo and noticed that by default tls port is bound to all interfaces(ListenStream=853). Shouldn't it be only for localhost?
Peter
@petzah
Another issue I have is systemd socket enabled thingy. In ansible, I want to configure kresd to listen on different port, so I will create the drop-in for kresd.socket and execute daemon-reload, now I want to systemctl restart kresd.socket to get it to different port but I get: "kresd.socket: Socket service kresd.service already active, refusing."
Peter
@petzah
Solution for me was to put BindsTo= for all 3 sockets into the kresd.service drop-in ref: https://lists.freedesktop.org/archives/systemd-devel/2015-February/027988.html
Andreas Rammhold
@andir
@petzah you need to clear out the variable in your drop-in file first. Using a "Variable=" line (not sure what the variables are) I did that in my puppet configuration since I wanted it to bind to different addresses
Peter
@petzah
@andir Thanks, it works! :)
Peter
@petzah
@andir and it doesn't :D .. next step would be to do some configuration in /etc/knot-resolver/kresd.conf and restart the daemon. Assumption is that because of service is socket activated then if I will bring down any of the systemd sockets the service should go down too, but it isn't. If one will stop kresd.socket, the service will bound to the interface instead of systemd (netstat -natp is kresd instead of init) which means it's not socket-activated anymore. Trying to bring up kresd.socket back up is yielding the message above (kresd.socket: Socket service kresd.service already active, refusing). By configuring tight dependency between sockets and service (e.g. with BindsTo=) this is not happening. Or my assumption is incorrect and I'm doing something wrong :D
Vladimír Čunát
@vcunat
I think listening on all interfaces on 853 wasn't intended. @oerdnj
Andreas Rammhold
@andir
@petzah i guess you figured it out by now but this is how I do it: https://gist.github.com/andir/d2c33f931d39894fd4a49a8a0efe0d00
Peter
@petzah
@andir Yes, but even with such config there is an issue with restarting daemon. (systemctl restart kresd.service won't work due to "unit kresd.service may be requested by dependency only" and systemctl restart kresd.socket won't work either because once it is stopped kresd daemon will bind to the interfaces insted of systemd)
try this:
Andreas Rammhold
@andir
i usually stop kresd.service after reloading the daemon, config changes to kresd will be picked up due to it being restarted on the next request
Peter
@petzah
  1. nc -v localhost 53
  2. systemctl restart kresd.socket
first is to activate daemon , second will try to stop and start kresd.socket