Skip to content

Instantly share code, notes, and snippets.

@mweinelt

mweinelt/gist:cb4460149479878316b46c116518c88f

Created January 21, 2023 21:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mweinelt/cb4460149479878316b46c116518c88f to your computer and use it in GitHub Desktop.
Save mweinelt/cb4460149479878316b46c116518c88f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
Machine state will be reset. To keep it, pass --keep-vm-state
start all VLans
start vlan
running vlan (pid 5; ctl /build/vde1.ctl)
(finished: start all VLans, in 0.00 seconds)
run the VM test script
additionally exposed symbols:
acme, client, dnsserver, webserver,
vlan1,
start_all, test_script, machines, vlans, driver, log, os, create_machine, subtest, run_tests, join_all, retry, serial_stdout_off, serial_stdout_on, polling_condition, Machine
start all VMs
acme: starting vm
acme: waiting for monitor prompt
acme # Formatting '/build/vm-state-acme/acme.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16
(finished: waiting for monitor prompt, in 0.00 seconds)
acme: QEMU running (pid 6)
client: starting vm
client: waiting for monitor prompt
client # Formatting '/build/vm-state-client/client.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16
(finished: waiting for monitor prompt, in 0.00 seconds)
client: QEMU running (pid 17)
dnsserver: starting vm
dnsserver # Formatting '/build/vm-state-dnsserver/dnsserver.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16
dnsserver: waiting for monitor prompt
(finished: waiting for monitor prompt, in 0.00 seconds)
dnsserver: QEMU running (pid 27)
webserver: starting vm
acme # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org)
webserver: waiting for monitor prompt
webserver # Formatting '/build/vm-state-webserver/webserver.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16
(finished: waiting for monitor prompt, in 0.00 seconds)
webserver: QEMU running (pid 38)
(finished: start all VMs, in 0.19 seconds)
dnsserver: waiting for unit pebble-challtestsrv.service
dnsserver: waiting for the VM to finish booting
client # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org)
acme #
acme #
acme # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00
acme # Press Ctrl-B to configure iPXE (PCI 00:03.0)...
acme #
acme #
acme #
acme #
dnsserver # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org)
acme # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00
acme # Press Ctrl-B to configure iPXE (PCI 00:09.0)...
acme #
acme #
client #
client #
acme # Booting from ROM...
client # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00
client # Press Ctrl-B to configure iPXE (PCI 00:03.0)...
client #
client #
client #
client #
client # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00
client # Press Ctrl-B to configure iPXE (PCI 00:09.0)...
client #
client #
client # Booting from ROM...
client # Probing EDD (edd=off to disable)... ok
webserver # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org)
dnsserver #
dnsserver #
dnsserver # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00
dnsserver # Press Ctrl-B to configure iPXE (PCI 00:03.0)...
dnsserver #
dnsserver #
dnsserver #
dnsserver #
dnsserver # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00
dnsserver # Press Ctrl-B to configure iPXE (PCI 00:09.0)...
dnsserver #
dnsserver #
dnsserver # Booting from ROM...
webserver #
webserver #
webserver # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00
webserver # Press Ctrl-B to configure iPXE (PCI 00:03.0)...
webserver #
webserver #
webserver #
webserver #
webserver # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00
webserver # Press Ctrl-B to configure iPXE (PCI 00:09.0)...
webserver #
webserver #
webserver # Booting from ROM...
acme # Probing EDD (edd=off to disable)... oc[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023
acme # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/fhivd03v034pfaga4clmirshyn56cijx-nixos-system-acme-23.05pre-git/init regInfo=/nix/store/nf4n2grg5di5ifsp24qi5w1mp1azjm7c-closure-info/registration console=ttyS0
acme # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
acme # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
acme # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
acme # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
client # c[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023
acme # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format.
client # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/w28qid4kn2h5f274cbxbjz183g9s3mk0-nixos-system-client-23.05pre-git/init regInfo=/nix/store/vdlvvnqbbk0b103w7xvn345kxbl0r5ay-closure-info/registration console=ttyS0
client # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
client # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
acme # [ 0.000000] signal: max sigframe size: 1776
client # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
client # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
acme # [ 0.000000] BIOS-provided physical RAM map:
client # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format.
client # [ 0.000000] signal: max sigframe size: 1776
client # [ 0.000000] BIOS-provided physical RAM map:
client # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
acme # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
client # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
client # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
client # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable
client # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
acme # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
client # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
client # [ 0.000000] NX (Execute Disable) protection: active
acme # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
client # [ 0.000000] extended physical RAM map:
client # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable
client # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved
client # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved
acme # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable
client # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable
client # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable
client # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable
acme # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
client # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
client # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
acme # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.000000] SMBIOS 2.8 present.
client # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
client # [ 0.000000] Hypervisor detected: KVM
client # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
client # [ 0.000000] kvm-clock: cpu 0, msr 1c201001, primary cpu clock
acme # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.000001] kvm-clock: using sched offset of 376033256 cycles
client # [ 0.000003] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
client # [ 0.000008] tsc: Detected 2794.748 MHz processor
acme # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
client # [ 0.001329] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000
client # [ 0.001438] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
client # [ 0.004627] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf]
client # [ 0.004682] Using GB pages for direct mapping
acme # [ 0.000000] NX (Execute Disable) protection: active
client # [ 0.004992] RAMDISK: [mem 0x3f41e000-0x3ffcffff]
client # [ 0.005007] ACPI: Early table checksum verification disabled
acme # [ 0.000000] extended physical RAM map:
client # [ 0.005013] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS )
client # [ 0.005021] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.005028] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable
client # [ 0.005035] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.005039] ACPI: FACS 0x000000003FFE0000 000040
client # [ 0.005043] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.005047] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved
client # [ 0.005051] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.005055] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed]
client # [ 0.005057] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979]
client # [ 0.005059] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f]
acme # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved
client # [ 0.005061] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65]
client # [ 0.005062] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d]
client # [ 0.005064] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5]
client # [ 0.005319] No NUMA configuration found
client # [ 0.005321] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff]
acme # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable
client # [ 0.005329] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff]
client # [ 0.005359] Zone ranges:
client # [ 0.005360] DMA [mem 0x0000000000001000-0x0000000000ffffff]
client # [ 0.005363] DMA32 [mem 0x0000000001000000-0x000000003ffdafff]
acme # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable
dnsserver # Probing EDD (edd=off to disable)... ock[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023
client # [ 0.005365] Normal empty
client # [ 0.005367] Device empty
acme # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable
client # [ 0.005369] Movable zone start for each node
client # [ 0.005370] Early memory node ranges
acme # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
client # [ 0.005371] node 0: [mem 0x0000000000001000-0x000000000009efff]
acme # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.005374] node 0: [mem 0x0000000000100000-0x000000003ffdafff]
acme # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.005376] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff]
acme # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
client # [ 0.005615] On node 0, zone DMA: 1 pages in unavailable ranges
acme # [ 0.000000] SMBIOS 2.8 present.
client # [ 0.005636] On node 0, zone DMA: 97 pages in unavailable ranges
acme # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
client # [ 0.008297] On node 0, zone DMA32: 37 pages in unavailable ranges
acme # [ 0.000000] Hypervisor detected: KVM
client # [ 0.008762] ACPI: PM-Timer IO Port: 0x608
acme # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
client # [ 0.008777] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
acme # [ 0.000000] kvm-clock: cpu 0, msr 2aa01001, primary cpu clock
client # [ 0.008810] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
acme # [ 0.000001] kvm-clock: using sched offset of 387237478 cycles
client # [ 0.008814] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
acme # [ 0.000004] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
client # [ 0.008817] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
acme # [ 0.000009] tsc: Detected 2794.748 MHz processor
dnsserver # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/ginlw6jq0nm2cxjpci6553sh5bahj2vx-nixos-system-dnsserver-23.05pre-git/init regInfo=/nix/store/q1n104ibfdxpvmssmjgmmg2pxy6hfp1q-closure-info/registration console=ttyS0
client # [ 0.008819] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
acme # [ 0.001297] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000
client # [ 0.008821] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
acme # [ 0.001425] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
acme # [ 0.004729] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf]
acme # [ 0.004785] Using GB pages for direct mapping
acme # [ 0.005116] RAMDISK: [mem 0x3f41e000-0x3ffcffff]
dnsserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
acme # [ 0.005135] ACPI: Early table checksum verification disabled
client # [ 0.008823] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
client # [ 0.008827] ACPI: Using ACPI (MADT) for SMP configuration information
client # [ 0.008829] ACPI: HPET id: 0x8086a201 base: 0xfed00000
client # [ 0.008835] TSC deadline timer available
client # [ 0.008840] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
client # [ 0.008877] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
client # [ 0.008880] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
client # [ 0.008882] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
client # [ 0.008883] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
acme # [ 0.005143] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS )
client # [ 0.008885] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
acme # [ 0.005150] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
acme # [ 0.005160] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
acme # [ 0.005167] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
acme # [ 0.005174] ACPI: FACS 0x000000003FFE0000 000040
dnsserver # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format.
acme # [ 0.005178] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.000000] signal: max sigframe size: 1776
acme # [ 0.005184] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.000000] BIOS-provided physical RAM map:
client # [ 0.008887] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
acme # [ 0.005189] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.008889] [mem 0x40000000-0xfeffbfff] available for PCI devices
dnsserver # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
client # [ 0.008891] Booting paravirtualized kernel on KVM
acme # [ 0.005192] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed]
acme # [ 0.005195] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979]
client # [ 0.008895] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
acme # [ 0.005199] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f]
client # [ 0.013119] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1
acme # [ 0.005201] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65]
client # [ 0.013465] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152
acme # [ 0.005203] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d]
client # [ 0.013512] kvm-guest: setup async PF for cpu 0
dnsserver # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
client # [ 0.013518] kvm-guest: stealtime: cpu 0, msr 3e232080
acme # [ 0.005204] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5]
acme # [ 0.005524] No NUMA configuration found
client # [ 0.013522] kvm-guest: PV spinlocks disabled, single CPU
acme # [ 0.005527] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff]
client # [ 0.013530] Built 1 zonelists, mobility grouping on. Total pages: 257754
client # [ 0.013532] Policy zone: DMA32
acme # [ 0.005537] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff]
acme # [ 0.005572] Zone ranges:
acme # [ 0.005576] DMA [mem 0x0000000000001000-0x0000000000ffffff]
dnsserver # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
acme # [ 0.005579] DMA32 [mem 0x0000000001000000-0x000000003ffdafff]
acme # [ 0.005582] Normal empty
acme # [ 0.005583] Device empty
client # [ 0.013534] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/w28qid4kn2h5f274cbxbjz183g9s3mk0-nixos-system-client-23.05pre-git/init regInfo=/nix/store/vdlvvnqbbk0b103w7xvn345kxbl0r5ay-closure-info/registration console=ttyS0
acme # [ 0.005585] Movable zone start for each node
acme # [ 0.005587] Early memory node ranges
client # [ 0.013584] clocksource: clock= boot option is deprecated - use clocksource=xyz
acme # [ 0.005588] node 0: [mem 0x0000000000001000-0x000000000009efff]
acme # [ 0.005592] node 0: [mem 0x0000000000100000-0x000000003ffdafff]
dnsserver # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable
client # [ 0.013645] Unknown kernel command line parameters "regInfo=/nix/store/vdlvvnqbbk0b103w7xvn345kxbl0r5ay-closure-info/registration", will be passed to user space.
acme # [ 0.005595] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff]
acme # [ 0.005823] On node 0, zone DMA: 1 pages in unavailable ranges
client # [ 0.013675] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
acme # [ 0.005848] On node 0, zone DMA: 97 pages in unavailable ranges
client # [ 0.013692] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
acme # [ 0.008606] On node 0, zone DMA32: 37 pages in unavailable ranges
client # [ 0.013718] mem auto-init: stack:off, heap alloc:off, heap free:off
acme # [ 0.009085] ACPI: PM-Timer IO Port: 0x608
acme # [ 0.009100] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
dnsserver # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
acme # [ 0.009134] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
client # [ 0.016044] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved)
acme # [ 0.009139] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
client # [ 0.017020] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
acme # [ 0.009141] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
client # [ 0.017053] ftrace: allocating 35265 entries in 138 pages
client # [ 0.037113] ftrace: allocated 138 pages with 3 groups
acme # [ 0.009144] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
client # [ 0.037517] rcu: Hierarchical RCU implementation.
acme # [ 0.009146] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
client # [ 0.037520] rcu: RCU event tracing is enabled.
dnsserver # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
acme # [ 0.009148] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
client # [ 0.037521] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1.
acme # [ 0.009152] ACPI: Using ACPI (MADT) for SMP configuration information
client # [ 0.037523] Trampoline variant of Tasks RCU enabled.
acme # [ 0.009154] ACPI: HPET id: 0x8086a201 base: 0xfed00000
client # [ 0.037525] Rude variant of Tasks RCU enabled.
acme # [ 0.009160] TSC deadline timer available
client # [ 0.037526] Tracing variant of Tasks RCU enabled.
acme # [ 0.009165] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
client # [ 0.037527] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
dnsserver # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
acme # [ 0.009201] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
client # [ 0.037529] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
acme # [ 0.009205] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
client # [ 0.042843] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16
acme # [ 0.009207] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
client # [ 0.043311] rcu: Offload RCU callbacks from CPUs: (none).
client # [ 0.043347] random: crng init done
acme # [ 0.009208] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
client # [ 0.047109] Console: colour VGA+ 80x25
client # [ 0.135228] printk: console [ttyS0] enabled
acme # [ 0.009211] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
client # [ 0.135734] ACPI: Core revision 20210730
dnsserver # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
acme # [ 0.009213] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
acme # [ 0.009215] [mem 0x40000000-0xfeffbfff] available for PCI devices
client # [ 0.136319] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
acme # [ 0.009217] Booting paravirtualized kernel on KVM
client # [ 0.137389] APIC: Switch to symmetric I/O mode setup
client # [ 0.138143] x2apic enabled
dnsserver # [ 0.000000] NX (Execute Disable) protection: active
acme # [ 0.009221] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
client # [ 0.138656] Switched APIC routing to physical x2apic.
acme # [ 0.013414] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1
dnsserver # [ 0.000000] extended physical RAM map:
acme # [ 0.013744] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152
acme # [ 0.013793] kvm-guest: setup async PF for cpu 0
dnsserver # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable
client # [ 0.140212] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
acme # [ 0.013800] kvm-guest: stealtime: cpu 0, msr 3e232080
dnsserver # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved
acme # [ 0.013805] kvm-guest: PV spinlocks disabled, single CPU
client # [ 0.140883] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved
acme # [ 0.013815] Built 1 zonelists, mobility grouping on. Total pages: 257754
acme # [ 0.013818] Policy zone: DMA32
client # [ 0.142018] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748)
dnsserver # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable
client # [ 0.143016] pid_max: default: 32768 minimum: 301
client # [ 0.144048] LSM: Security Framework initializing
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable
client # [ 0.144541] landlock: Up and running.
client # [ 0.144918] Yama: becoming mindful.
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable
client # [ 0.145026] SELinux: Initializing.
acme # [ 0.013820] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/fhivd03v034pfaga4clmirshyn56cijx-nixos-system-acme-23.05pre-git/init regInfo=/nix/store/nf4n2grg5di5ifsp24qi5w1mp1azjm7c-closure-info/registration console=ttyS0
client # [ 0.145397] LSM support for eBPF active
dnsserver # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
acme # [ 0.013868] clocksource: clock= boot option is deprecated - use clocksource=xyz
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.146252] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.147017] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
acme # [ 0.013912] Unknown kernel command line parameters "regInfo=/nix/store/nf4n2grg5di5ifsp24qi5w1mp1azjm7c-closure-info/registration", will be passed to user space.
dnsserver # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
acme # [ 0.013944] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
dnsserver # [ 0.000000] SMBIOS 2.8 present.
client # [ 0.148363] x86/cpu: User Mode Instruction Prevention (UMIP) activated
acme # [ 0.013962] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
client # [ 0.149102] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127
dnsserver # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
client # [ 0.149708] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0
acme # [ 0.013992] mem auto-init: stack:off, heap alloc:off, heap free:off
dnsserver # [ 0.000000] Hypervisor detected: KVM
dnsserver # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
client # [ 0.150022] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
client # [ 0.151016] Spectre V2 : Mitigation: Retpolines
acme # [ 0.016344] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved)
dnsserver # [ 0.000000] kvm-clock: cpu 0, msr 23201001, primary cpu clock
dnsserver # [ 0.000001] kvm-clock: using sched offset of 366134552 cycles
acme # [ 0.017141] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
client # [ 0.151459] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
acme # [ 0.017176] ftrace: allocating 35265 entries in 138 pages
client # [ 0.152015] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
dnsserver # [ 0.000004] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
acme # [ 0.037549] ftrace: allocated 138 pages with 3 groups
dnsserver # [ 0.000008] tsc: Detected 2794.748 MHz processor
client # [ 0.153015] Spectre V2 : Enabling Speculation Barrier for firmware calls
acme # [ 0.037957] rcu: Hierarchical RCU implementation.
acme # [ 0.037960] rcu: RCU event tracing is enabled.
dnsserver # [ 0.001173] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000
client # [ 0.154015] RETBleed: Mitigation: untrained return thunk
acme # [ 0.037961] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1.
dnsserver # [ 0.001272] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
client # [ 0.154557] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
acme # [ 0.037963] Trampoline variant of Tasks RCU enabled.
dnsserver # [ 0.004467] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf]
acme # [ 0.037964] Rude variant of Tasks RCU enabled.
dnsserver # [ 0.004526] Using GB pages for direct mapping
client # [ 0.155017] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp
acme # [ 0.037966] Tracing variant of Tasks RCU enabled.
dnsserver # [ 0.004751] RAMDISK: [mem 0x3f41e000-0x3ffcffff]
acme # [ 0.037967] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
dnsserver # [ 0.004765] ACPI: Early table checksum verification disabled
dnsserver # [ 0.004780] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS )
acme # [ 0.037969] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
acme # [ 0.043736] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16
dnsserver # [ 0.004788] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.044199] rcu: Offload RCU callbacks from CPUs: (none).
acme # [ 0.044243] random: crng init done
dnsserver # [ 0.004795] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.048196] Console: colour VGA+ 80x25
acme # [ 0.186198] printk: console [ttyS0] enabled
acme # [ 0.186681] ACPI: Core revision 20210730
dnsserver # [ 0.004801] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.004805] ACPI: FACS 0x000000003FFE0000 000040
acme # [ 0.187245] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
dnsserver # [ 0.004808] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.188302] APIC: Switch to symmetric I/O mode setup
acme # [ 0.189025] x2apic enabled
dnsserver # [ 0.004811] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.004815] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.189567] Switched APIC routing to physical x2apic.
dnsserver # [ 0.004818] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed]
dnsserver # [ 0.004820] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979]
webserver # Probing EDD (edd=off to disable)... oc[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023
acme # [ 0.191587] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
dnsserver # [ 0.004821] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f]
acme # [ 0.192203] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
dnsserver # [ 0.004823] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65]
acme # [ 0.193404] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748)
dnsserver # [ 0.004824] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d]
webserver # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/dpicg1vsplswvqx8bwlbjgxihydzc51q-nixos-system-webserver-23.05pre-git/init regInfo=/nix/store/8rr5j0fjq4yv8lhnpr0b3jz0z3lqk7z5-closure-info/registration console=ttyS0
acme # [ 0.194401] pid_max: default: 32768 minimum: 301
dnsserver # [ 0.004826] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5]
acme # [ 0.194922] LSM: Security Framework initializing
client # [ 0.168696] Freeing SMP alternatives memory: 32K
webserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
dnsserver # [ 0.005076] No NUMA configuration found
acme # [ 0.195426] landlock: Up and running.
acme # [ 0.195800] Yama: becoming mindful.
webserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
dnsserver # [ 0.005079] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff]
acme # [ 0.196153] SELinux: Initializing.
client # [ 0.169155] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0)
acme # [ 0.196421] LSM support for eBPF active
webserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
dnsserver # [ 0.005087] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff]
dnsserver # [ 0.005115] Zone ranges:
client # [ 0.170139] Performance Events: Fam17h+ core perfctr, AMD PMU driver.
webserver # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
client # [ 0.170808] ... version: 0
dnsserver # [ 0.005116] DMA [mem 0x0000000000001000-0x0000000000ffffff]
acme # [ 0.197061] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
client # [ 0.171017] ... bit width: 48
client # [ 0.171418] ... generic registers: 6
webserver # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format.
acme # [ 0.197403] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.005119] DMA32 [mem 0x0000000001000000-0x000000003ffdafff]
dnsserver # [ 0.005121] Normal empty
webserver # [ 0.000000] signal: max sigframe size: 1776
client # [ 0.171820] ... value mask: 0000ffffffffffff
dnsserver # [ 0.005123] Device empty
webserver # [ 0.000000] BIOS-provided physical RAM map:
dnsserver # [ 0.005124] Movable zone start for each node
client # [ 0.172017] ... max period: 00007fffffffffff
acme # [ 0.198809] x86/cpu: User Mode Instruction Prevention (UMIP) activated
dnsserver # [ 0.005126] Early memory node ranges
client # [ 0.172564] ... fixed-purpose events: 0
webserver # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
client # [ 0.172973] ... event mask: 000000000000003f
acme # [ 0.199488] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127
dnsserver # [ 0.005127] node 0: [mem 0x0000000000001000-0x000000000009efff]
webserver # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
acme # [ 0.200401] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0
client # [ 0.173115] rcu: Hierarchical SRCU implementation.
dnsserver # [ 0.005129] node 0: [mem 0x0000000000100000-0x000000003ffdafff]
acme # [ 0.201036] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
dnsserver # [ 0.005131] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff]
client # [ 0.174069] smp: Bringing up secondary CPUs ...
webserver # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
client # [ 0.174549] smp: Brought up 1 node, 1 CPU
acme # [ 0.201404] Spectre V2 : Mitigation: Retpolines
dnsserver # [ 0.005404] On node 0, zone DMA: 1 pages in unavailable ranges
client # [ 0.174974] smpboot: Max logical packages: 1
webserver # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable
dnsserver # [ 0.005426] On node 0, zone DMA: 97 pages in unavailable ranges
acme # [ 0.202401] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
client # [ 0.175019] smpboot: Total of 1 processors activated (5589.49 BogoMIPS)
dnsserver # [ 0.008086] On node 0, zone DMA32: 37 pages in unavailable ranges
acme # [ 0.203401] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
dnsserver # [ 0.008556] ACPI: PM-Timer IO Port: 0x608
client # [ 0.176078] devtmpfs: initialized
acme # [ 0.204081] Spectre V2 : Enabling Speculation Barrier for firmware calls
client # [ 0.176509] x86/mm: Memory block size: 128MB
webserver # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
dnsserver # [ 0.008569] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
acme # [ 0.204401] RETBleed: Mitigation: untrained return thunk
dnsserver # [ 0.008602] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
client # [ 0.177238] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
acme # [ 0.205407] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
dnsserver # [ 0.008607] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
webserver # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.178020] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
acme # [ 0.206403] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp
dnsserver # [ 0.008609] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
client # [ 0.178765] pinctrl core: initialized pinctrl subsystem
dnsserver # [ 0.008612] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
client # [ 0.179396] NET: Registered PF_NETLINK/PF_ROUTE protocol family
dnsserver # [ 0.008614] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
webserver # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.180119] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
dnsserver # [ 0.008616] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
dnsserver # [ 0.008620] ACPI: Using ACPI (MADT) for SMP configuration information
client # [ 0.180881] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
dnsserver # [ 0.008622] ACPI: HPET id: 0x8086a201 base: 0xfed00000
client # [ 0.181025] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
dnsserver # [ 0.008628] TSC deadline timer available
webserver # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
client # [ 0.181884] audit: initializing netlink subsys (disabled)
dnsserver # [ 0.008633] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
webserver # [ 0.000000] NX (Execute Disable) protection: active
client # [ 0.182151] thermal_sys: Registered thermal governor 'bang_bang'
webserver # [ 0.000000] extended physical RAM map:
dnsserver # [ 0.008668] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
client # [ 0.182153] thermal_sys: Registered thermal governor 'step_wise'
webserver # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable
dnsserver # [ 0.008671] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
client # [ 0.182802] thermal_sys: Registered thermal governor 'user_space'
client # [ 0.183022] cpuidle: using governor menu
webserver # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved
dnsserver # [ 0.008672] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved
dnsserver # [ 0.008674] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
client # [ 0.184442] audit: type=2000 audit(1674330711.577:1): state=initialized audit_enabled=0 res=1
client # [ 0.185101] ACPI: bus type PCI registered
dnsserver # [ 0.008676] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
webserver # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable
client # [ 0.185515] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
dnsserver # [ 0.008678] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable
client # [ 0.186114] PCI: Using configuration type 1 for base access
dnsserver # [ 0.008680] [mem 0x40000000-0xfeffbfff] available for PCI devices
client # [ 0.186676] PCI: Using configuration type 1 for extended access
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable
dnsserver # [ 0.008681] Booting paravirtualized kernel on KVM
webserver # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved
client # [ 0.187862] Kprobes globally optimized
dnsserver # [ 0.008685] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved
client # [ 0.188113] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages
dnsserver # [ 0.013015] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
client # [ 0.188801] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
dnsserver # [ 0.013309] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152
acme # [ 0.220624] Freeing SMP alternatives memory: 32K
client # [ 0.189409] ACPI: Added _OSI(Module Device)
webserver # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved
dnsserver # [ 0.013354] kvm-guest: setup async PF for cpu 0
webserver # [ 0.000000] SMBIOS 2.8 present.
client # [ 0.189832] ACPI: Added _OSI(Processor Device)
dnsserver # [ 0.013360] kvm-guest: stealtime: cpu 0, msr 3e232080
acme # [ 0.221288] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0)
client # [ 0.190025] ACPI: Added _OSI(3.0 _SCP Extensions)
dnsserver # [ 0.013365] kvm-guest: PV spinlocks disabled, single CPU
client # [ 0.190499] ACPI: Added _OSI(Processor Aggregator Device)
webserver # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
acme # [ 0.221571] Performance Events: Fam17h+ core perfctr, AMD PMU driver.
dnsserver # [ 0.013374] Built 1 zonelists, mobility grouping on. Total pages: 257754
webserver # [ 0.000000] Hypervisor detected: KVM
client # [ 0.191018] ACPI: Added _OSI(Linux-Dell-Video)
acme # [ 0.222247] ... version: 0
dnsserver # [ 0.013376] Policy zone: DMA32
client # [ 0.191470] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
acme # [ 0.222405] ... bit width: 48
webserver # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
acme # [ 0.222827] ... generic registers: 6
client # [ 0.191978] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
webserver # [ 0.000000] kvm-clock: cpu 0, msr 25e01001, primary cpu clock
acme # [ 0.223245] ... value mask: 0000ffffffffffff
webserver # [ 0.000001] kvm-clock: using sched offset of 385992062 cycles
acme # [ 0.223404] ... max period: 00007fffffffffff
client # [ 0.192698] ACPI: 1 ACPI AML tables successfully acquired and loaded
acme # [ 0.223931] ... fixed-purpose events: 0
acme # [ 0.224322] ... event mask: 000000000000003f
webserver # [ 0.000004] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
dnsserver # [ 0.013378] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/ginlw6jq0nm2cxjpci6553sh5bahj2vx-nixos-system-dnsserver-23.05pre-git/init regInfo=/nix/store/q1n104ibfdxpvmssmjgmmg2pxy6hfp1q-closure-info/registration console=ttyS0
webserver # [ 0.000009] tsc: Detected 2794.748 MHz processor
acme # [ 0.224559] rcu: Hierarchical SRCU implementation.
dnsserver # [ 0.013430] clocksource: clock= boot option is deprecated - use clocksource=xyz
webserver # [ 0.001259] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000
client # [ 0.194257] ACPI: Interpreter enabled
acme # [ 0.225443] smp: Bringing up secondary CPUs ...
client # [ 0.194701] ACPI: PM: (supports S0 S3 S4 S5)
acme # [ 0.225897] smp: Brought up 1 node, 1 CPU
webserver # [ 0.001351] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
client # [ 0.195026] ACPI: Using IOAPIC for interrupt routing
acme # [ 0.226308] smpboot: Max logical packages: 1
dnsserver # [ 0.013479] Unknown kernel command line parameters "regInfo=/nix/store/q1n104ibfdxpvmssmjgmmg2pxy6hfp1q-closure-info/registration", will be passed to user space.
webserver # [ 0.004543] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf]
acme # [ 0.226405] smpboot: Total of 1 processors activated (5589.49 BogoMIPS)
webserver # [ 0.004599] Using GB pages for direct mapping
client # [ 0.195569] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
dnsserver # [ 0.013507] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
webserver # [ 0.004800] RAMDISK: [mem 0x3f41e000-0x3ffcffff]
acme # [ 0.227432] devtmpfs: initialized
client # [ 0.196122] ACPI: Enabled 2 GPEs in block 00 to 0F
dnsserver # [ 0.013521] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
acme # [ 0.227823] x86/mm: Memory block size: 128MB
webserver # [ 0.004816] ACPI: Early table checksum verification disabled
dnsserver # [ 0.013548] mem auto-init: stack:off, heap alloc:off, heap free:off
webserver # [ 0.004823] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS )
acme # [ 0.228558] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
webserver # [ 0.004831] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001)
acme # [ 0.229405] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.015807] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved)
client # [ 0.198786] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
acme # [ 0.230167] pinctrl core: initialized pinctrl subsystem
webserver # [ 0.004838] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.016611] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
client # [ 0.199027] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3]
dnsserver # [ 0.016644] ftrace: allocating 35265 entries in 138 pages
acme # [ 0.230779] NET: Registered PF_NETLINK/PF_ROUTE protocol family
webserver # [ 0.004845] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.200108] acpiphp: Slot [3] registered
dnsserver # [ 0.035546] ftrace: allocated 138 pages with 3 groups
webserver # [ 0.004849] ACPI: FACS 0x000000003FFE0000 000040
client # [ 0.200549] acpiphp: Slot [4] registered
dnsserver # [ 0.035927] rcu: Hierarchical RCU implementation.
acme # [ 0.231775] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
client # [ 0.200987] acpiphp: Slot [5] registered
dnsserver # [ 0.035929] rcu: RCU event tracing is enabled.
webserver # [ 0.004853] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.201039] acpiphp: Slot [6] registered
acme # [ 0.232416] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
client # [ 0.201457] acpiphp: Slot [7] registered
dnsserver # [ 0.035930] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1.
webserver # [ 0.004857] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
client # [ 0.201896] acpiphp: Slot [8] registered
dnsserver # [ 0.035932] Trampoline variant of Tasks RCU enabled.
acme # [ 0.233205] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
client # [ 0.202041] acpiphp: Slot [9] registered
dnsserver # [ 0.035933] Rude variant of Tasks RCU enabled.
acme # [ 0.233416] audit: initializing netlink subsys (disabled)
client # [ 0.202464] acpiphp: Slot [10] registered
webserver # [ 0.004861] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
dnsserver # [ 0.035934] Tracing variant of Tasks RCU enabled.
client # [ 0.202899] acpiphp: Slot [11] registered
webserver # [ 0.004865] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed]
acme # [ 0.234137] thermal_sys: Registered thermal governor 'bang_bang'
client # [ 0.203038] acpiphp: Slot [12] registered
dnsserver # [ 0.035936] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
client # [ 0.203495] acpiphp: Slot [13] registered
acme # [ 0.234139] thermal_sys: Registered thermal governor 'step_wise'
webserver # [ 0.004868] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979]
dnsserver # [ 0.035937] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
client # [ 0.203965] acpiphp: Slot [14] registered
acme # [ 0.234404] thermal_sys: Registered thermal governor 'user_space'
webserver # [ 0.004870] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f]
client # [ 0.204040] acpiphp: Slot [15] registered
dnsserver # [ 0.040990] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16
acme # [ 0.235043] cpuidle: using governor menu
client # [ 0.204496] acpiphp: Slot [16] registered
dnsserver # [ 0.041466] rcu: Offload RCU callbacks from CPUs: (none).
webserver # [ 0.004871] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65]
client # [ 0.204964] acpiphp: Slot [17] registered
dnsserver # [ 0.041502] random: crng init done
client # [ 0.205043] acpiphp: Slot [18] registered
acme # [ 0.236233] audit: type=2000 audit(1674330711.552:1): state=initialized audit_enabled=0 res=1
dnsserver # [ 0.045357] Console: colour VGA+ 80x25
webserver # [ 0.004873] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d]
client # [ 0.205510] acpiphp: Slot [19] registered
dnsserver # [ 0.170903] printk: console [ttyS0] enabled
acme # [ 0.236513] ACPI: bus type PCI registered
webserver # [ 0.004875] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5]
client # [ 0.205968] acpiphp: Slot [20] registered
dnsserver # [ 0.171403] ACPI: Core revision 20210730
webserver # [ 0.005113] No NUMA configuration found
acme # [ 0.236945] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
client # [ 0.206040] acpiphp: Slot [21] registered
client # [ 0.206496] acpiphp: Slot [22] registered
acme # [ 0.237520] PCI: Using configuration type 1 for base access
webserver # [ 0.005116] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff]
dnsserver # [ 0.171987] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
client # [ 0.206926] acpiphp: Slot [23] registered
acme # [ 0.238071] PCI: Using configuration type 1 for extended access
client # [ 0.207039] acpiphp: Slot [24] registered
webserver # [ 0.005124] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff]
dnsserver # [ 0.173080] APIC: Switch to symmetric I/O mode setup
webserver # [ 0.005154] Zone ranges:
client # [ 0.207484] acpiphp: Slot [25] registered
dnsserver # [ 0.173843] x2apic enabled
client # [ 0.207939] acpiphp: Slot [26] registered
webserver # [ 0.005156] DMA [mem 0x0000000000001000-0x0000000000ffffff]
acme # [ 0.239366] Kprobes globally optimized
client # [ 0.208036] acpiphp: Slot [27] registered
dnsserver # [ 0.174376] Switched APIC routing to physical x2apic.
webserver # [ 0.005158] DMA32 [mem 0x0000000001000000-0x000000003ffdafff]
client # [ 0.208476] acpiphp: Slot [28] registered
webserver # [ 0.005161] Normal empty
acme # [ 0.239522] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages
webserver # [ 0.005163] Device empty
client # [ 0.209022] acpiphp: Slot [29] registered
webserver # [ 0.005164] Movable zone start for each node
acme # [ 0.240204] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
client # [ 0.209481] acpiphp: Slot [30] registered
dnsserver # [ 0.175950] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
webserver # [ 0.005166] Early memory node ranges
client # [ 0.209911] acpiphp: Slot [31] registered
acme # [ 0.240819] ACPI: Added _OSI(Module Device)
client # [ 0.210030] PCI host bridge to bus 0000:00
webserver # [ 0.005167] node 0: [mem 0x0000000000001000-0x000000000009efff]
acme # [ 0.241253] ACPI: Added _OSI(Processor Device)
dnsserver # [ 0.176628] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
client # [ 0.210461] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
acme # [ 0.241415] ACPI: Added _OSI(3.0 _SCP Extensions)
webserver # [ 0.005169] node 0: [mem 0x0000000000100000-0x000000003ffdafff]
acme # [ 0.241885] ACPI: Added _OSI(Processor Aggregator Device)
dnsserver # [ 0.177774] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748)
client # [ 0.211019] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
webserver # [ 0.005171] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff]
acme # [ 0.242403] ACPI: Added _OSI(Linux-Dell-Video)
dnsserver # [ 0.178761] pid_max: default: 32768 minimum: 301
webserver # [ 0.005393] On node 0, zone DMA: 1 pages in unavailable ranges
client # [ 0.211715] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
acme # [ 0.242839] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
dnsserver # [ 0.179793] LSM: Security Framework initializing
acme # [ 0.243352] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
webserver # [ 0.005417] On node 0, zone DMA: 97 pages in unavailable ranges
dnsserver # [ 0.180303] landlock: Up and running.
client # [ 0.212018] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window]
dnsserver # [ 0.180761] Yama: becoming mindful.
webserver # [ 0.008120] On node 0, zone DMA32: 37 pages in unavailable ranges
dnsserver # [ 0.181148] SELinux: Initializing.
client # [ 0.212839] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window]
webserver # [ 0.008589] ACPI: PM-Timer IO Port: 0x608
dnsserver # [ 0.181571] LSM support for eBPF active
acme # [ 0.244139] ACPI: 1 ACPI AML tables successfully acquired and loaded
client # [ 0.213019] pci_bus 0000:00: root bus resource [bus 00-ff]
webserver # [ 0.008604] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
dnsserver # [ 0.182004] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
webserver # [ 0.008636] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
client # [ 0.213857] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
webserver # [ 0.008641] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
acme # [ 0.245663] ACPI: Interpreter enabled
dnsserver # [ 0.182763] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
acme # [ 0.246076] ACPI: PM: (supports S0 S3 S4 S5)
webserver # [ 0.008643] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
client # [ 0.214848] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
acme # [ 0.246413] ACPI: Using IOAPIC for interrupt routing
dnsserver # [ 0.184159] x86/cpu: User Mode Instruction Prevention (UMIP) activated
webserver # [ 0.008645] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
webserver # [ 0.008647] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
dnsserver # [ 0.184846] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127
acme # [ 0.246954] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
client # [ 0.215874] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
acme # [ 0.247515] ACPI: Enabled 2 GPEs in block 00 to 0F
webserver # [ 0.008649] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
dnsserver # [ 0.185761] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0
webserver # [ 0.008653] ACPI: Using ACPI (MADT) for SMP configuration information
dnsserver # [ 0.186767] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
webserver # [ 0.008655] ACPI: HPET id: 0x8086a201 base: 0xfed00000
webserver # [ 0.008662] TSC deadline timer available
dnsserver # [ 0.187762] Spectre V2 : Mitigation: Retpolines
webserver # [ 0.008667] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
dnsserver # [ 0.188274] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
webserver # [ 0.008702] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
acme # [ 0.250289] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
dnsserver # [ 0.188761] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
webserver # [ 0.008706] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
acme # [ 0.250417] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3]
dnsserver # [ 0.189761] Spectre V2 : Enabling Speculation Barrier for firmware calls
webserver # [ 0.008708] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
client # [ 0.219426] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef]
acme # [ 0.251508] acpiphp: Slot [3] registered
dnsserver # [ 0.190761] RETBleed: Mitigation: untrained return thunk
acme # [ 0.251960] acpiphp: Slot [4] registered
webserver # [ 0.008710] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
acme # [ 0.252429] acpiphp: Slot [5] registered
dnsserver # [ 0.191304] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
acme # [ 0.252881] acpiphp: Slot [6] registered
webserver # [ 0.008712] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
acme # [ 0.253345] acpiphp: Slot [7] registered
dnsserver # [ 0.191762] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp
acme # [ 0.253429] acpiphp: Slot [8] registered
webserver # [ 0.008714] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff]
client # [ 0.221496] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
acme # [ 0.253886] acpiphp: Slot [9] registered
webserver # [ 0.008716] [mem 0x40000000-0xfeffbfff] available for PCI devices
client # [ 0.222018] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
acme # [ 0.254347] acpiphp: Slot [10] registered
webserver # [ 0.008718] Booting paravirtualized kernel on KVM
acme # [ 0.254433] acpiphp: Slot [11] registered
client # [ 0.222730] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
acme # [ 0.254909] acpiphp: Slot [12] registered
webserver # [ 0.008722] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
client # [ 0.223018] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
acme # [ 0.255364] acpiphp: Slot [13] registered
acme # [ 0.255436] acpiphp: Slot [14] registered
webserver # [ 0.012907] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1
acme # [ 0.255887] acpiphp: Slot [15] registered
client # [ 0.223983] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300
acme # [ 0.256358] acpiphp: Slot [16] registered
webserver # [ 0.013205] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152
acme # [ 0.256429] acpiphp: Slot [17] registered
webserver # [ 0.013251] kvm-guest: setup async PF for cpu 0
acme # [ 0.256940] acpiphp: Slot [18] registered
webserver # [ 0.013256] kvm-guest: stealtime: cpu 0, msr 3e232080
acme # [ 0.257428] acpiphp: Slot [19] registered
webserver # [ 0.013261] kvm-guest: PV spinlocks disabled, single CPU
acme # [ 0.257928] acpiphp: Slot [20] registered
acme # [ 0.258392] acpiphp: Slot [21] registered
webserver # [ 0.013269] Built 1 zonelists, mobility grouping on. Total pages: 257754
webserver # [ 0.013272] Policy zone: DMA32
acme # [ 0.258430] acpiphp: Slot [22] registered
acme # [ 0.258896] acpiphp: Slot [23] registered
client # [ 0.227313] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f]
acme # [ 0.259389] acpiphp: Slot [24] registered
acme # [ 0.259430] acpiphp: Slot [25] registered
acme # [ 0.260430] acpiphp: Slot [26] registered
webserver # [ 0.013274] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/dpicg1vsplswvqx8bwlbjgxihydzc51q-nixos-system-webserver-23.05pre-git/init regInfo=/nix/store/8rr5j0fjq4yv8lhnpr0b3jz0z3lqk7z5-closure-info/registration console=ttyS0
acme # [ 0.260906] acpiphp: Slot [27] registered
webserver # [ 0.013322] clocksource: clock= boot option is deprecated - use clocksource=xyz
acme # [ 0.261363] acpiphp: Slot [28] registered
client # [ 0.229289] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
acme # [ 0.261659] acpiphp: Slot [29] registered
acme # [ 0.262139] acpiphp: Slot [30] registered
client # [ 0.230317] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI
acme # [ 0.262429] acpiphp: Slot [31] registered
webserver # [ 0.013373] Unknown kernel command line parameters "regInfo=/nix/store/8rr5j0fjq4yv8lhnpr0b3jz0z3lqk7z5-closure-info/registration", will be passed to user space.
client # [ 0.231026] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB
acme # [ 0.262852] PCI host bridge to bus 0000:00
webserver # [ 0.013402] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
dnsserver # [ 0.206019] Freeing SMP alternatives memory: 32K
acme # [ 0.263277] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
client # [ 0.232079] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000
webserver # [ 0.013427] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
acme # [ 0.263406] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
webserver # [ 0.013456] mem auto-init: stack:off, heap alloc:off, heap free:off
dnsserver # [ 0.206694] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0)
acme # [ 0.264121] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
dnsserver # [ 0.206923] Performance Events: Fam17h+ core perfctr, AMD PMU driver.
acme # [ 0.264406] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window]
webserver # [ 0.015666] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved)
dnsserver # [ 0.207687] ... version: 0
dnsserver # [ 0.207763] ... bit width: 48
acme # [ 0.265219] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window]
webserver # [ 0.016461] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
dnsserver # [ 0.208232] ... generic registers: 6
acme # [ 0.265406] pci_bus 0000:00: root bus resource [bus 00-ff]
webserver # [ 0.016496] ftrace: allocating 35265 entries in 138 pages
dnsserver # [ 0.208665] ... value mask: 0000ffffffffffff
client # [ 0.233950] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref]
webserver # [ 0.035732] ftrace: allocated 138 pages with 3 groups
dnsserver # [ 0.208763] ... max period: 00007fffffffffff
acme # [ 0.266208] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
webserver # [ 0.036101] rcu: Hierarchical RCU implementation.
dnsserver # [ 0.209330] ... fixed-purpose events: 0
webserver # [ 0.036103] rcu: RCU event tracing is enabled.
dnsserver # [ 0.209763] ... event mask: 000000000000003f
webserver # [ 0.036105] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1.
acme # [ 0.267270] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
dnsserver # [ 0.210457] rcu: Hierarchical SRCU implementation.
webserver # [ 0.036107] Trampoline variant of Tasks RCU enabled.
webserver # [ 0.036108] Rude variant of Tasks RCU enabled.
dnsserver # [ 0.211157] smp: Bringing up secondary CPUs ...
client # [ 0.236021] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff]
webserver # [ 0.036109] Tracing variant of Tasks RCU enabled.
dnsserver # [ 0.211693] smp: Brought up 1 node, 1 CPU
acme # [ 0.268279] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
dnsserver # [ 0.211767] smpboot: Max logical packages: 1
webserver # [ 0.036110] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
dnsserver # [ 0.212252] smpboot: Total of 1 processors activated (5589.49 BogoMIPS)
webserver # [ 0.036112] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
webserver # [ 0.041390] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16
dnsserver # [ 0.213137] devtmpfs: initialized
webserver # [ 0.041874] rcu: Offload RCU callbacks from CPUs: (none).
dnsserver # [ 0.213580] x86/mm: Memory block size: 128MB
webserver # [ 0.041911] random: crng init done
webserver # [ 0.045820] Console: colour VGA+ 80x25
webserver # [ 0.142401] printk: console [ttyS0] enabled
dnsserver # [ 0.214056] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
webserver # [ 0.142888] ACPI: Core revision 20210730
acme # [ 0.271793] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef]
dnsserver # [ 0.214767] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
webserver # [ 0.143448] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
dnsserver # [ 0.215579] pinctrl core: initialized pinctrl subsystem
webserver # [ 0.144480] APIC: Switch to symmetric I/O mode setup
webserver # [ 0.145215] x2apic enabled
dnsserver # [ 0.216145] NET: Registered PF_NETLINK/PF_ROUTE protocol family
acme # [ 0.273433] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
webserver # [ 0.145728] Switched APIC routing to physical x2apic.
dnsserver # [ 0.216870] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
acme # [ 0.274194] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
dnsserver # [ 0.217637] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
client # [ 0.240945] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref]
acme # [ 0.274405] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
webserver # [ 0.147171] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
webserver # [ 0.147818] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
dnsserver # [ 0.217772] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
dnsserver # [ 0.218609] audit: initializing netlink subsys (disabled)
client # [ 0.241089] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
acme # [ 0.275151] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
dnsserver # [ 0.218898] thermal_sys: Registered thermal governor 'bang_bang'
client # [ 0.242726] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000
webserver # [ 0.148914] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748)
acme # [ 0.275670] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300
dnsserver # [ 0.218900] thermal_sys: Registered thermal governor 'step_wise'
webserver # [ 0.149912] pid_max: default: 32768 minimum: 301
dnsserver # [ 0.219531] thermal_sys: Registered thermal governor 'user_space'
webserver # [ 0.150422] LSM: Security Framework initializing
webserver # [ 0.150934] landlock: Up and running.
dnsserver # [ 0.219771] cpuidle: using governor menu
webserver # [ 0.151311] Yama: becoming mindful.
client # [ 0.244020] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f]
webserver # [ 0.151921] SELinux: Initializing.
webserver # [ 0.152298] LSM support for eBPF active
dnsserver # [ 0.221221] audit: type=2000 audit(1674330711.620:1): state=initialized audit_enabled=0 res=1
dnsserver # [ 0.221862] ACPI: bus type PCI registered
webserver # [ 0.153143] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
acme # [ 0.279008] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f]
dnsserver # [ 0.222330] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
client # [ 0.245798] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff]
webserver # [ 0.153913] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.222873] PCI: Using configuration type 1 for base access
webserver # [ 0.155180] x86/cpu: User Mode Instruction Prevention (UMIP) activated
dnsserver # [ 0.223512] PCI: Using configuration type 1 for extended access
webserver # [ 0.155998] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127
acme # [ 0.281213] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
dnsserver # [ 0.224816] Kprobes globally optimized
webserver # [ 0.156735] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0
dnsserver # [ 0.225338] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages
acme # [ 0.281739] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI
webserver # [ 0.156919] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
webserver # [ 0.157913] Spectre V2 : Mitigation: Retpolines
dnsserver # [ 0.225767] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
acme # [ 0.282411] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB
webserver # [ 0.158911] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
dnsserver # [ 0.226943] ACPI: Added _OSI(Module Device)
dnsserver # [ 0.227423] ACPI: Added _OSI(Processor Device)
webserver # [ 0.159771] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
dnsserver # [ 0.227774] ACPI: Added _OSI(3.0 _SCP Extensions)
acme # [ 0.283443] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000
webserver # [ 0.159911] Spectre V2 : Enabling Speculation Barrier for firmware calls
dnsserver # [ 0.228302] ACPI: Added _OSI(Processor Aggregator Device)
webserver # [ 0.160911] RETBleed: Mitigation: untrained return thunk
dnsserver # [ 0.228766] ACPI: Added _OSI(Linux-Dell-Video)
client # [ 0.250021] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref]
dnsserver # [ 0.229264] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
webserver # [ 0.161495] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
acme # [ 0.285408] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref]
dnsserver # [ 0.229768] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
webserver # [ 0.161912] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp
dnsserver # [ 0.231069] ACPI: 1 ACPI AML tables successfully acquired and loaded
client # [ 0.251743] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref]
acme # [ 0.288022] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff]
dnsserver # [ 0.232967] ACPI: Interpreter enabled
client # [ 0.253125] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00
dnsserver # [ 0.233381] ACPI: PM: (supports S0 S3 S4 S5)
dnsserver # [ 0.233766] ACPI: Using IOAPIC for interrupt routing
dnsserver # [ 0.234340] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
client # [ 0.254759] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f]
dnsserver # [ 0.234872] ACPI: Enabled 2 GPEs in block 00 to 0F
client # [ 0.256018] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff]
dnsserver # [ 0.237766] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
dnsserver # [ 0.238480] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3]
dnsserver # [ 0.238885] acpiphp: Slot [3] registered
dnsserver # [ 0.239365] acpiphp: Slot [4] registered
acme # [ 0.292979] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref]
dnsserver # [ 0.239788] acpiphp: Slot [5] registered
dnsserver # [ 0.240262] acpiphp: Slot [6] registered
acme # [ 0.293466] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
dnsserver # [ 0.240738] acpiphp: Slot [7] registered
dnsserver # [ 0.240790] acpiphp: Slot [8] registered
dnsserver # [ 0.241268] acpiphp: Slot [9] registered
acme # [ 0.295120] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000
client # [ 0.260020] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref]
dnsserver # [ 0.241748] acpiphp: Slot [10] registered
webserver # [ 0.177142] Freeing SMP alternatives memory: 32K
dnsserver # [ 0.241796] acpiphp: Slot [11] registered
dnsserver # [ 0.242272] acpiphp: Slot [12] registered
webserver # [ 0.177798] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0)
dnsserver # [ 0.242747] acpiphp: Slot [13] registered
acme # [ 0.296409] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f]
dnsserver # [ 0.242805] acpiphp: Slot [14] registered
webserver # [ 0.178041] Performance Events: Fam17h+ core perfctr, AMD PMU driver.
dnsserver # [ 0.243273] acpiphp: Slot [15] registered
webserver # [ 0.178701] ... version: 0
client # [ 0.262783] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200
dnsserver # [ 0.243732] acpiphp: Slot [16] registered
webserver # [ 0.178914] ... bit width: 48
dnsserver # [ 0.243787] acpiphp: Slot [17] registered
webserver # [ 0.179306] ... generic registers: 6
dnsserver # [ 0.244265] acpiphp: Slot [18] registered
webserver # [ 0.179697] ... value mask: 0000ffffffffffff
acme # [ 0.298126] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff]
dnsserver # [ 0.244738] acpiphp: Slot [19] registered
webserver # [ 0.179914] ... max period: 00007fffffffffff
dnsserver # [ 0.244790] acpiphp: Slot [20] registered
webserver # [ 0.180447] ... fixed-purpose events: 0
dnsserver # [ 0.245266] acpiphp: Slot [21] registered
webserver # [ 0.180840] ... event mask: 000000000000003f
dnsserver # [ 0.245730] acpiphp: Slot [22] registered
webserver # [ 0.181035] rcu: Hierarchical SRCU implementation.
dnsserver # [ 0.245788] acpiphp: Slot [23] registered
dnsserver # [ 0.246259] acpiphp: Slot [24] registered
webserver # [ 0.181888] smp: Bringing up secondary CPUs ...
dnsserver # [ 0.246750] acpiphp: Slot [25] registered
webserver # [ 0.181918] smp: Brought up 1 node, 1 CPU
dnsserver # [ 0.246789] acpiphp: Slot [26] registered
webserver # [ 0.182322] smpboot: Max logical packages: 1
client # [ 0.265019] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf]
dnsserver # [ 0.247272] acpiphp: Slot [27] registered
webserver # [ 0.182765] smpboot: Total of 1 processors activated (5589.49 BogoMIPS)
dnsserver # [ 0.247744] acpiphp: Slot [28] registered
webserver # [ 0.183297] devtmpfs: initialized
dnsserver # [ 0.248023] acpiphp: Slot [29] registered
webserver # [ 0.183696] x86/mm: Memory block size: 128MB
dnsserver # [ 0.248498] acpiphp: Slot [30] registered
client # [ 0.267020] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff]
dnsserver # [ 0.248789] acpiphp: Slot [31] registered
dnsserver # [ 0.249252] PCI host bridge to bus 0000:00
webserver # [ 0.184198] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
acme # [ 0.302198] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref]
dnsserver # [ 0.249726] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
webserver # [ 0.184918] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
webserver # [ 0.185666] pinctrl core: initialized pinctrl subsystem
dnsserver # [ 0.249765] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
dnsserver # [ 0.250526] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
webserver # [ 0.186314] NET: Registered PF_NETLINK/PF_ROUTE protocol family
acme # [ 0.303410] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref]
dnsserver # [ 0.250764] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window]
webserver # [ 0.187019] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
webserver # [ 0.187755] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
dnsserver # [ 0.251596] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window]
client # [ 0.270756] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref]
acme # [ 0.305234] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00
dnsserver # [ 0.251764] pci_bus 0000:00: root bus resource [bus 00-ff]
webserver # [ 0.187928] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
webserver # [ 0.188746] audit: initializing netlink subsys (disabled)
dnsserver # [ 0.252558] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
webserver # [ 0.189085] thermal_sys: Registered thermal governor 'bang_bang'
webserver # [ 0.189087] thermal_sys: Registered thermal governor 'step_wise'
dnsserver # [ 0.253656] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
webserver # [ 0.189706] thermal_sys: Registered thermal governor 'user_space'
webserver # [ 0.189921] cpuidle: using governor menu
dnsserver # [ 0.254664] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
webserver # [ 0.191365] audit: type=2000 audit(1674330711.693:1): state=initialized audit_enabled=0 res=1
client # [ 0.273999] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200
webserver # [ 0.192023] ACPI: bus type PCI registered
acme # [ 0.307415] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f]
webserver # [ 0.192460] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
webserver # [ 0.193035] PCI: Using configuration type 1 for base access
client # [ 0.275020] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f]
webserver # [ 0.193626] PCI: Using configuration type 1 for extended access
acme # [ 0.309407] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff]
dnsserver # [ 0.258095] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef]
webserver # [ 0.194853] Kprobes globally optimized
client # [ 0.276732] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff]
webserver # [ 0.195040] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages
webserver # [ 0.195756] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
dnsserver # [ 0.259784] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
webserver # [ 0.196369] ACPI: Added _OSI(Module Device)
webserver # [ 0.196830] ACPI: Added _OSI(Processor Device)
dnsserver # [ 0.260581] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
webserver # [ 0.196927] ACPI: Added _OSI(3.0 _SCP Extensions)
dnsserver # [ 0.260764] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
webserver # [ 0.197450] ACPI: Added _OSI(Processor Aggregator Device)
webserver # [ 0.197916] ACPI: Added _OSI(Linux-Dell-Video)
acme # [ 0.313172] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref]
webserver # [ 0.198374] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
dnsserver # [ 0.261570] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
webserver # [ 0.198906] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
dnsserver # [ 0.262027] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300
webserver # [ 0.199630] ACPI: 1 ACPI AML tables successfully acquired and loaded
client # [ 0.280020] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref]
webserver # [ 0.201203] ACPI: Interpreter enabled
webserver # [ 0.201607] ACPI: PM: (supports S0 S3 S4 S5)
dnsserver # [ 0.265341] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f]
webserver # [ 0.201924] ACPI: Using IOAPIC for interrupt routing
acme # [ 0.317230] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200
client # [ 0.283064] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200
webserver # [ 0.202448] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
webserver # [ 0.203027] ACPI: Enabled 2 GPEs in block 00 to 0F
dnsserver # [ 0.267456] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
acme # [ 0.318406] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf]
client # [ 0.284724] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f]
dnsserver # [ 0.268104] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI
webserver # [ 0.205710] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
dnsserver # [ 0.268771] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB
client # [ 0.286018] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff]
acme # [ 0.320144] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff]
webserver # [ 0.205935] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3]
webserver # [ 0.206973] acpiphp: Slot [3] registered
webserver # [ 0.207412] acpiphp: Slot [4] registered
dnsserver # [ 0.269861] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000
webserver # [ 0.207847] acpiphp: Slot [5] registered
webserver # [ 0.207939] acpiphp: Slot [6] registered
webserver # [ 0.208384] acpiphp: Slot [7] registered
webserver # [ 0.208824] acpiphp: Slot [8] registered
dnsserver # [ 0.271766] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref]
webserver # [ 0.208938] acpiphp: Slot [9] registered
webserver # [ 0.209402] acpiphp: Slot [10] registered
webserver # [ 0.209849] acpiphp: Slot [11] registered
webserver # [ 0.209938] acpiphp: Slot [12] registered
webserver # [ 0.210378] acpiphp: Slot [13] registered
webserver # [ 0.210838] acpiphp: Slot [14] registered
webserver # [ 0.210938] acpiphp: Slot [15] registered
client # [ 0.290759] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref]
dnsserver # [ 0.274338] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff]
webserver # [ 0.211373] acpiphp: Slot [16] registered
acme # [ 0.323408] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref]
webserver # [ 0.211817] acpiphp: Slot [17] registered
webserver # [ 0.211941] acpiphp: Slot [18] registered
webserver # [ 0.212384] acpiphp: Slot [19] registered
webserver # [ 0.212824] acpiphp: Slot [20] registered
webserver # [ 0.212937] acpiphp: Slot [21] registered
webserver # [ 0.213390] acpiphp: Slot [22] registered
client # [ 0.293064] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000
webserver # [ 0.213864] acpiphp: Slot [23] registered
webserver # [ 0.213938] acpiphp: Slot [24] registered
acme # [ 0.326515] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200
webserver # [ 0.214396] acpiphp: Slot [25] registered
webserver # [ 0.214841] acpiphp: Slot [26] registered
client # [ 0.294736] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f]
webserver # [ 0.214938] acpiphp: Slot [27] registered
webserver # [ 0.215397] acpiphp: Slot [28] registered
acme # [ 0.328135] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f]
webserver # [ 0.215922] acpiphp: Slot [29] registered
webserver # [ 0.216374] acpiphp: Slot [30] registered
client # [ 0.296018] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff]
webserver # [ 0.216835] acpiphp: Slot [31] registered
webserver # [ 0.216931] PCI host bridge to bus 0000:00
acme # [ 0.329405] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff]
dnsserver # [ 0.278768] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref]
webserver # [ 0.217361] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
webserver # [ 0.217915] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
dnsserver # [ 0.279572] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
webserver # [ 0.218610] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
webserver # [ 0.218915] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window]
dnsserver # [ 0.280555] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000
webserver # [ 0.219670] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window]
webserver # [ 0.219916] pci_bus 0000:00: root bus resource [bus 00-ff]
webserver # [ 0.220720] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
dnsserver # [ 0.281764] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f]
client # [ 0.300768] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref]
webserver # [ 0.221744] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
dnsserver # [ 0.283507] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff]
acme # [ 0.334172] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref]
webserver # [ 0.222776] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
client # [ 0.303119] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000
acme # [ 0.336477] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200
client # [ 0.304685] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf]
webserver # [ 0.226258] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef]
acme # [ 0.338077] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f]
webserver # [ 0.227935] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
dnsserver # [ 0.286767] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref]
client # [ 0.306724] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff]
webserver # [ 0.228667] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
webserver # [ 0.228915] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
acme # [ 0.339406] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff]
webserver # [ 0.229645] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
dnsserver # [ 0.288517] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref]
webserver # [ 0.230190] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300
dnsserver # [ 0.289873] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00
client # [ 0.310020] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref]
acme # [ 0.343407] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref]
webserver # [ 0.233176] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f]
dnsserver # [ 0.291500] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f]
client # [ 0.311708] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref]
webserver # [ 0.234893] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
dnsserver # [ 0.292764] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff]
webserver # [ 0.235252] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI
acme # [ 0.346168] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000
client # [ 0.313168] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000
webserver # [ 0.235921] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB
webserver # [ 0.237024] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000
client # [ 0.315951] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff]
webserver # [ 0.238718] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref]
dnsserver # [ 0.296641] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref]
acme # [ 0.349359] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f]
client # [ 0.318019] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref]
acme # [ 0.350406] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff]
webserver # [ 0.240917] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff]
client # [ 0.320622] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000
dnsserver # [ 0.300746] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200
acme # [ 0.354294] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref]
dnsserver # [ 0.301764] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf]
webserver # [ 0.245711] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref]
client # [ 0.323020] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff]
webserver # [ 0.245972] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
dnsserver # [ 0.303520] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff]
webserver # [ 0.247602] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000
client # [ 0.324866] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff]
acme # [ 0.358553] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000
webserver # [ 0.250633] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f]
client # [ 0.328020] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref]
acme # [ 0.360160] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf]
dnsserver # [ 0.306767] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref]
webserver # [ 0.251915] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff]
acme # [ 0.361406] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff]
dnsserver # [ 0.309843] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200
client # [ 0.331130] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00
webserver # [ 0.255637] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref]
dnsserver # [ 0.311474] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f]
client # [ 0.332720] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df]
dnsserver # [ 0.312764] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff]
client # [ 0.334019] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff]
acme # [ 0.365136] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref]
webserver # [ 0.256915] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref]
webserver # [ 0.258980] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00
acme # [ 0.366407] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref]
acme # [ 0.368251] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000
webserver # [ 0.260598] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f]
dnsserver # [ 0.317493] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref]
client # [ 0.337741] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref]
webserver # [ 0.261914] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff]
acme # [ 0.370330] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff]
dnsserver # [ 0.319880] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200
client # [ 0.340314] ACPI: PCI: Interrupt link LNKA configured for IRQ 10
client # [ 0.341115] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
dnsserver # [ 0.321473] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f]
client # [ 0.341878] ACPI: PCI: Interrupt link LNKC configured for IRQ 11
client # [ 0.342126] ACPI: PCI: Interrupt link LNKD configured for IRQ 11
client # [ 0.342857] ACPI: PCI: Interrupt link LNKS configured for IRQ 9
acme # [ 0.372415] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref]
webserver # [ 0.265599] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref]
client # [ 0.343287] iommu: Default domain type: Translated
dnsserver # [ 0.322764] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff]
client # [ 0.343826] iommu: DMA domain TLB invalidation policy: lazy mode
client # [ 0.344082] pci 0000:00:02.0: vgaarb: setting as boot VGA device
client # [ 0.344759] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
acme # [ 0.375517] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000
client # [ 0.345020] pci 0000:00:02.0: vgaarb: bridge control possible
webserver # [ 0.268037] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200
client # [ 0.345666] vgaarb: loaded
client # [ 0.346298] NetLabel: Initializing
client # [ 0.346687] NetLabel: domain hash size = 128
acme # [ 0.377145] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff]
client # [ 0.347018] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
dnsserver # [ 0.326767] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref]
webserver # [ 0.269634] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf]
client # [ 0.347660] NetLabel: unlabeled traffic allowed by default
client # [ 0.348019] PCI: Using ACPI for IRQ routing
acme # [ 0.378407] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff]
client # [ 0.348744] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
webserver # [ 0.270915] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff]
client # [ 0.349017] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
dnsserver # [ 0.329547] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000
client # [ 0.352070] clocksource: Switched to clocksource kvm-clock
dnsserver # [ 0.330772] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f]
acme # [ 0.383216] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref]
webserver # [ 0.274917] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref]
dnsserver # [ 0.333557] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff]
acme # [ 0.385528] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00
webserver # [ 0.277711] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200
acme # [ 0.387134] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df]
webserver # [ 0.278915] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f]
dnsserver # [ 0.336768] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref]
client # [ 0.362868] VFS: Disk quotas dquot_6.6.0
client # [ 0.363381] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
client # [ 0.364245] pnp: PnP ACPI init
acme # [ 0.388406] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff]
client # [ 0.364999] pnp: PnP ACPI: found 6 devices
webserver # [ 0.281749] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff]
dnsserver # [ 0.339843] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000
dnsserver # [ 0.341518] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf]
acme # [ 0.392408] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref]
webserver # [ 0.284916] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref]
dnsserver # [ 0.342765] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff]
acme # [ 0.395378] ACPI: PCI: Interrupt link LNKA configured for IRQ 10
webserver # [ 0.287722] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200
acme # [ 0.395517] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
acme # [ 0.396517] ACPI: PCI: Interrupt link LNKC configured for IRQ 11
acme # [ 0.397316] ACPI: PCI: Interrupt link LNKD configured for IRQ 11
webserver # [ 0.289915] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f]
client # [ 0.376933] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
acme # [ 0.397465] ACPI: PCI: Interrupt link LNKS configured for IRQ 9
client # [ 0.377896] clocksource: Switched to clocksource acpi_pm
acme # [ 0.398439] iommu: Default domain type: Translated
client # [ 0.378535] NET: Registered PF_INET protocol family
acme # [ 0.399001] iommu: DMA domain TLB invalidation policy: lazy mode
webserver # [ 0.291670] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff]
client # [ 0.379311] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear)
dnsserver # [ 0.346517] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref]
acme # [ 0.399476] pci 0000:00:02.0: vgaarb: setting as boot VGA device
acme # [ 0.400145] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
client # [ 0.381085] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear)
acme # [ 0.400407] pci 0000:00:02.0: vgaarb: bridge control possible
acme # [ 0.401060] vgaarb: loaded
dnsserver # [ 0.347769] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref]
client # [ 0.381957] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
acme # [ 0.401712] NetLabel: Initializing
acme # [ 0.402111] NetLabel: domain hash size = 128
client # [ 0.382759] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
acme # [ 0.402404] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
dnsserver # [ 0.349651] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000
client # [ 0.383586] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear)
acme # [ 0.403071] NetLabel: unlabeled traffic allowed by default
client # [ 0.384382] TCP: Hash tables configured (established 8192 bind 8192)
acme # [ 0.403405] PCI: Using ACPI for IRQ routing
client # [ 0.385123] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear)
acme # [ 0.404173] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
client # [ 0.385899] UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
acme # [ 0.404404] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
dnsserver # [ 0.351723] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff]
client # [ 0.386596] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
client # [ 0.387385] NET: Registered PF_UNIX/PF_LOCAL protocol family
client # [ 0.387997] NET: Registered PF_XDP protocol family
webserver # [ 0.294919] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref]
client # [ 0.388545] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
client # [ 0.389132] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
client # [ 0.389685] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
client # [ 0.390386] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window]
client # [ 0.391152] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window]
webserver # [ 0.298013] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000
client # [ 0.391917] pci 0000:00:01.0: PIIX3: Enabling Passive Release
dnsserver # [ 0.353767] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref]
client # [ 0.392419] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
client # [ 0.392928] pci 0000:00:01.0: Activating ISA DMA hang workarounds
webserver # [ 0.299695] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f]
dnsserver # [ 0.356847] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000
webserver # [ 0.300914] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff]
acme # [ 0.409482] clocksource: Switched to clocksource kvm-clock
dnsserver # [ 0.358765] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff]
dnsserver # [ 0.360536] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff]
webserver # [ 0.305915] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref]
acme # [ 0.420836] VFS: Disk quotas dquot_6.6.0
acme # [ 0.421346] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
acme # [ 0.422201] pnp: PnP ACPI init
acme # [ 0.422938] pnp: PnP ACPI: found 6 devices
dnsserver # [ 0.364767] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref]
webserver # [ 0.308787] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000
client # [ 0.408251] ACPI: \_SB_.LNKD: Enabled at IRQ 11
webserver # [ 0.309915] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf]
dnsserver # [ 0.367661] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00
dnsserver # [ 0.368765] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df]
webserver # [ 0.311643] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff]
dnsserver # [ 0.370485] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff]
acme # [ 0.434679] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
webserver # [ 0.314916] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref]
acme # [ 0.435815] clocksource: Switched to clocksource acpi_pm
acme # [ 0.436540] NET: Registered PF_INET protocol family
webserver # [ 0.316621] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref]
acme # [ 0.437387] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear)
webserver # [ 0.317990] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000
dnsserver # [ 0.373768] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref]
acme # [ 0.440025] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear)
acme # [ 0.441063] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
acme # [ 0.441989] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
client # [ 0.423580] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 29091 usecs
client # [ 0.424283] PCI: CLS 0 bytes, default 64
client # [ 0.424666] Trying to unpack rootfs image as initramfs...
dnsserver # [ 0.376785] ACPI: PCI: Interrupt link LNKA configured for IRQ 10
acme # [ 0.442955] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear)
dnsserver # [ 0.377530] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
acme # [ 0.444627] TCP: Hash tables configured (established 8192 bind 8192)
webserver # [ 0.321544] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff]
dnsserver # [ 0.377879] ACPI: PCI: Interrupt link LNKC configured for IRQ 11
acme # [ 0.445501] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear)
client # [ 0.428262] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
dnsserver # [ 0.378603] ACPI: PCI: Interrupt link LNKD configured for IRQ 11
acme # [ 0.446333] UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.378826] ACPI: PCI: Interrupt link LNKS configured for IRQ 9
acme # [ 0.447172] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
client # [ 0.430514] Initialise system trusted keyrings
dnsserver # [ 0.379775] iommu: Default domain type: Translated
acme # [ 0.448068] NET: Registered PF_UNIX/PF_LOCAL protocol family
dnsserver # [ 0.380304] iommu: DMA domain TLB invalidation policy: lazy mode
acme # [ 0.448741] NET: Registered PF_XDP protocol family
dnsserver # [ 0.380825] pci 0000:00:02.0: vgaarb: setting as boot VGA device
webserver # [ 0.324915] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref]
acme # [ 0.449297] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
dnsserver # [ 0.381466] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
acme # [ 0.450010] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
dnsserver # [ 0.381766] pci 0000:00:02.0: vgaarb: bridge control possible
dnsserver # [ 0.382385] vgaarb: loaded
acme # [ 0.450741] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
dnsserver # [ 0.382984] NetLabel: Initializing
webserver # [ 0.327538] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000
dnsserver # [ 0.383763] NetLabel: domain hash size = 128
acme # [ 0.451548] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window]
dnsserver # [ 0.384213] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
acme # [ 0.453479] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window]
client # [ 0.436886] workingset: timestamp_bits=40 max_order=18 bucket_order=0
dnsserver # [ 0.384783] NetLabel: unlabeled traffic allowed by default
dnsserver # [ 0.385406] PCI: Using ACPI for IRQ routing
acme # [ 0.454447] pci 0000:00:01.0: PIIX3: Enabling Passive Release
webserver # [ 0.328916] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff]
acme # [ 0.455255] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
client # [ 0.438630] zbud: loaded
dnsserver # [ 0.386061] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
client # [ 0.439062] Key type asymmetric registered
acme # [ 0.456060] pci 0000:00:01.0: Activating ISA DMA hang workarounds
dnsserver # [ 0.386649] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
client # [ 0.439416] Asymmetric key parser 'x509' registered
webserver # [ 0.330644] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff]
client # [ 0.439858] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
client # [ 0.440537] io scheduler mq-deadline registered
client # [ 0.440958] io scheduler kyber registered
client # [ 0.441587] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
client # [ 0.442463] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
dnsserver # [ 0.390829] clocksource: Switched to clocksource kvm-clock
client # [ 0.446647] ashmem: initialized
client # [ 0.446968] drop_monitor: Initializing network drop monitor service
client # [ 0.447676] NET: Registered PF_INET6 protocol family
webserver # [ 0.334706] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref]
webserver # [ 0.337012] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00
webserver # [ 0.338638] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df]
webserver # [ 0.339916] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff]
dnsserver # [ 0.407434] VFS: Disk quotas dquot_6.6.0
acme # [ 0.478036] ACPI: \_SB_.LNKD: Enabled at IRQ 11
dnsserver # [ 0.407942] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
dnsserver # [ 0.408771] pnp: PnP ACPI init
webserver # [ 0.343637] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref]
dnsserver # [ 0.409500] pnp: PnP ACPI: found 6 devices
webserver # [ 0.347298] ACPI: PCI: Interrupt link LNKA configured for IRQ 10
webserver # [ 0.348034] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
webserver # [ 0.348819] ACPI: PCI: Interrupt link LNKC configured for IRQ 11
webserver # [ 0.349028] ACPI: PCI: Interrupt link LNKD configured for IRQ 11
webserver # [ 0.349765] ACPI: PCI: Interrupt link LNKS configured for IRQ 9
webserver # [ 0.350201] iommu: Default domain type: Translated
webserver # [ 0.350780] iommu: DMA domain TLB invalidation policy: lazy mode
webserver # [ 0.350979] pci 0000:00:02.0: vgaarb: setting as boot VGA device
dnsserver # [ 0.421209] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
webserver # [ 0.351652] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
dnsserver # [ 0.422185] clocksource: Switched to clocksource acpi_pm
webserver # [ 0.351918] pci 0000:00:02.0: vgaarb: bridge control possible
webserver # [ 0.352556] vgaarb: loaded
dnsserver # [ 0.422850] NET: Registered PF_INET protocol family
webserver # [ 0.353207] NetLabel: Initializing
webserver # [ 0.353600] NetLabel: domain hash size = 128
webserver # [ 0.353914] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
webserver # [ 0.354718] NetLabel: unlabeled traffic allowed by default
webserver # [ 0.354914] PCI: Using ACPI for IRQ routing
dnsserver # [ 0.426054] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear)
webserver # [ 0.355685] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
webserver # [ 0.355913] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
acme # [ 0.500117] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 42250 usecs
acme # [ 0.501160] PCI: CLS 0 bytes, default 64
webserver # [ 0.358977] clocksource: Switched to clocksource kvm-clock
acme # [ 0.501730] Trying to unpack rootfs image as initramfs...
dnsserver # [ 0.431113] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear)
dnsserver # [ 0.432117] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
dnsserver # [ 0.432980] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
dnsserver # [ 0.433892] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear)
dnsserver # [ 0.434680] TCP: Hash tables configured (established 8192 bind 8192)
acme # [ 0.505182] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
dnsserver # [ 0.435402] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear)
dnsserver # [ 0.436208] UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.436778] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
dnsserver # [ 0.437384] NET: Registered PF_UNIX/PF_LOCAL protocol family
acme # [ 0.508033] Initialise system trusted keyrings
dnsserver # [ 0.438082] NET: Registered PF_XDP protocol family
dnsserver # [ 0.438606] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
dnsserver # [ 0.439383] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
dnsserver # [ 0.440124] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
dnsserver # [ 0.440932] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window]
acme # [ 0.511492] workingset: timestamp_bits=40 max_order=18 bucket_order=0
dnsserver # [ 0.441686] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window]
dnsserver # [ 0.442508] pci 0000:00:01.0: PIIX3: Enabling Passive Release
dnsserver # [ 0.443167] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
acme # [ 0.514310] zbud: loaded
dnsserver # [ 0.443845] pci 0000:00:01.0: Activating ISA DMA hang workarounds
acme # [ 0.518450] Key type asymmetric registered
acme # [ 0.518983] Asymmetric key parser 'x509' registered
webserver # [ 0.376941] VFS: Disk quotas dquot_6.6.0
acme # [ 0.519766] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
webserver # [ 0.377447] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
webserver # [ 0.378273] pnp: PnP ACPI init
webserver # [ 0.379012] pnp: PnP ACPI: found 6 devices
acme # [ 0.523741] io scheduler mq-deadline registered
acme # [ 0.524297] io scheduler kyber registered
acme # [ 0.525286] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
acme # [ 0.526274] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
dnsserver # [ 0.458971] ACPI: \_SB_.LNKD: Enabled at IRQ 11
acme # [ 0.532549] ashmem: initialized
acme # [ 0.533042] drop_monitor: Initializing network drop monitor service
acme # [ 0.534632] NET: Registered PF_INET6 protocol family
webserver # [ 0.393696] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
webserver # [ 0.394649] clocksource: Switched to clocksource acpi_pm
webserver # [ 0.395301] NET: Registered PF_INET protocol family
webserver # [ 0.396092] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear)
webserver # [ 0.397958] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear)
webserver # [ 0.398792] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
webserver # [ 0.399660] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
webserver # [ 0.400593] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear)
webserver # [ 0.401478] TCP: Hash tables configured (established 8192 bind 8192)
webserver # [ 0.402333] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear)
webserver # [ 0.403238] UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
webserver # [ 0.404047] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
webserver # [ 0.404949] NET: Registered PF_UNIX/PF_LOCAL protocol family
webserver # [ 0.405612] NET: Registered PF_XDP protocol family
webserver # [ 0.406214] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
webserver # [ 0.406944] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
webserver # [ 0.407633] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
webserver # [ 0.408463] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window]
dnsserver # [ 0.481053] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 35689 usecs
dnsserver # [ 0.481985] PCI: CLS 0 bytes, default 64
webserver # [ 0.409273] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window]
dnsserver # [ 0.482492] Trying to unpack rootfs image as initramfs...
webserver # [ 0.410133] pci 0000:00:01.0: PIIX3: Enabling Passive Release
webserver # [ 0.410784] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
webserver # [ 0.411515] pci 0000:00:01.0: Activating ISA DMA hang workarounds
client # [ 0.538495] Freeing initrd memory: 11976K
client # [ 0.539234] Segment Routing with IPv6
client # [ 0.539580] In-situ OAM (IOAM) with IPv6
dnsserver # [ 0.486032] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
client # [ 0.540097] IPI shorthand broadcast: enabled
client # [ 0.540480] sched_clock: Marking stable (444336024, 95690580)->(617858324, -77831720)
client # [ 0.541284] registered taskstats version 1
client # [ 0.541659] Loading compiled-in X.509 certificates
client # [ 0.542113] zswap: loaded using pool lzo/zbud
client # [ 0.542593] Key type .fscrypt registered
client # [ 0.542941] Key type fscrypt-provisioning registered
dnsserver # [ 0.491299] Initialise system trusted keyrings
client # [ 0.544847] Freeing unused decrypted memory: 2036K
dnsserver # [ 0.491881] workingset: timestamp_bits=40 max_order=18 bucket_order=0
client # [ 0.545605] Freeing unused kernel image (initmem) memory: 1920K
client # [ 0.547040] Write protecting the kernel read-only data: 22528k
dnsserver # [ 0.494264] zbud: loaded
client # [ 0.548124] Freeing unused kernel image (text/rodata gap) memory: 2040K
client # [ 0.548949] Freeing unused kernel image (rodata/data gap) memory: 876K
dnsserver # [ 0.496346] Key type asymmetric registered
client # [ 0.549547] Run /init as init process
dnsserver # [ 0.498204] Asymmetric key parser 'x509' registered
client #
client # <<< NixOS Stage 1 >>>
client #
dnsserver # [ 0.498753] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
dnsserver # [ 0.504304] io scheduler mq-deadline registered
dnsserver # [ 0.504837] io scheduler kyber registered
dnsserver # [ 0.505818] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
webserver # [ 0.433799] ACPI: \_SB_.LNKD: Enabled at IRQ 11
dnsserver # [ 0.506601] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
dnsserver # [ 0.511330] ashmem: initialized
dnsserver # [ 0.511738] drop_monitor: Initializing network drop monitor service
dnsserver # [ 0.512604] NET: Registered PF_INET6 protocol family
client # loading module virtio_balloon...
webserver # [ 0.456162] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 42874 usecs
webserver # [ 0.457187] PCI: CLS 0 bytes, default 64
webserver # [ 0.457718] Trying to unpack rootfs image as initramfs...
client # loading module virtio_console...
webserver # [ 0.461272] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns
client # loading module virtio_rng...
webserver # [ 0.466724] Initialise system trusted keyrings
webserver # [ 0.467378] workingset: timestamp_bits=40 max_order=18 bucket_order=0
client # loading module dm_mod...
webserver # [ 0.469770] zbud: loaded
webserver # [ 0.471203] Key type asymmetric registered
webserver # [ 0.471682] Asymmetric key parser 'x509' registered
webserver # [ 0.473970] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
webserver # [ 0.476961] io scheduler mq-deadline registered
webserver # [ 0.477496] io scheduler kyber registered
client # [ 0.603482] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com
client # running udev...
webserver # [ 0.479048] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
webserver # [ 0.480245] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
webserver # [ 0.484569] ashmem: initialized
webserver # [ 0.485036] drop_monitor: Initializing network drop monitor service
webserver # [ 0.486095] NET: Registered PF_INET6 protocol family
client # Starting systemd-udevd version 252.4
acme # [ 0.650277] Freeing initrd memory: 11976K
acme # [ 0.651236] Segment Routing with IPv6
acme # [ 0.651667] In-situ OAM (IOAM) with IPv6
acme # [ 0.652261] IPI shorthand broadcast: enabled
acme # [ 0.652750] sched_clock: Marking stable (507538415, 145187270)->(740119378, -87393693)
acme # [ 0.653796] registered taskstats version 1
acme # [ 0.654295] Loading compiled-in X.509 certificates
acme # [ 0.654938] zswap: loaded using pool lzo/zbud
acme # [ 0.655618] Key type .fscrypt registered
acme # [ 0.656095] Key type fscrypt-provisioning registered
acme # [ 0.658848] Freeing unused decrypted memory: 2036K
acme # [ 0.659838] Freeing unused kernel image (initmem) memory: 1920K
acme # [ 0.660576] Write protecting the kernel read-only data: 22528k
acme # [ 0.662020] Freeing unused kernel image (text/rodata gap) memory: 2040K
acme # [ 0.663024] Freeing unused kernel image (rodata/data gap) memory: 876K
acme # [ 0.663743] Run /init as init process
acme #
acme # <<< NixOS Stage 1 >>>
acme #
client # [ 0.660496] rtc_cmos 00:05: RTC can wake from S4
client # [ 0.666328] rtc_cmos 00:05: registered as rtc0
client # [ 0.666786] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs
dnsserver # [ 0.617404] Freeing initrd memory: 11976K
dnsserver # [ 0.618343] Segment Routing with IPv6
dnsserver # [ 0.618799] In-situ OAM (IOAM) with IPv6
dnsserver # [ 0.619458] IPI shorthand broadcast: enabled
acme # loading module virtio_balloon...
dnsserver # [ 0.619976] sched_clock: Marking stable (486672634, 133280114)->(707157032, -87204284)
dnsserver # [ 0.620954] registered taskstats version 1
dnsserver # [ 0.621422] Loading compiled-in X.509 certificates
dnsserver # [ 0.622022] zswap: loaded using pool lzo/zbud
dnsserver # [ 0.622650] Key type .fscrypt registered
dnsserver # [ 0.623108] Key type fscrypt-provisioning registered
dnsserver # [ 0.625879] Freeing unused decrypted memory: 2036K
dnsserver # [ 0.626841] Freeing unused kernel image (initmem) memory: 1920K
dnsserver # [ 0.627510] Write protecting the kernel read-only data: 22528k
dnsserver # [ 0.628951] Freeing unused kernel image (text/rodata gap) memory: 2040K
dnsserver # [ 0.630151] Freeing unused kernel image (rodata/data gap) memory: 876K
dnsserver # [ 0.630922] Run /init as init process
dnsserver #
dnsserver # <<< NixOS Stage 1 >>>
dnsserver #
client # [ 0.687221] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
client # [ 0.688414] serio: i8042 KBD port at 0x60,0x64 irq 1
client # [ 0.688861] serio: i8042 AUX port at 0x60,0x64 irq 12
acme # loading module virtio_console...
acme # loading module virtio_rng...
acme # loading module dm_mod...
dnsserver # loading module virtio_balloon...
acme # [ 0.737046] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com
acme # running udev...
webserver # [ 0.596857] Freeing initrd memory: 11976K
webserver # [ 0.597802] Segment Routing with IPv6
webserver # [ 0.598273] In-situ OAM (IOAM) with IPv6
webserver # [ 0.598950] IPI shorthand broadcast: enabled
webserver # [ 0.599454] sched_clock: Marking stable (494906247, 104022626)->(684296070, -85367197)
webserver # [ 0.600499] registered taskstats version 1
webserver # [ 0.601029] Loading compiled-in X.509 certificates
client # [ 0.727151] SCSI subsystem initialized
webserver # [ 0.601599] zswap: loaded using pool lzo/zbud
webserver # [ 0.602258] Key type .fscrypt registered
webserver # [ 0.602703] Key type fscrypt-provisioning registered
webserver # [ 0.605324] Freeing unused decrypted memory: 2036K
webserver # [ 0.606291] Freeing unused kernel image (initmem) memory: 1920K
webserver # [ 0.606995] Write protecting the kernel read-only data: 22528k
acme # Starting systemd-udevd version 252.4
dnsserver # loading module virtio_console...
webserver # [ 0.608377] Freeing unused kernel image (text/rodata gap) memory: 2040K
client # [ 0.734634] ACPI: \_SB_.LNKC: Enabled at IRQ 10
webserver # [ 0.609430] Freeing unused kernel image (rodata/data gap) memory: 876K
webserver # [ 0.610222] Run /init as init process
client # [ 0.736249] ACPI: bus type USB registered
client # [ 0.736715] usbcore: registered new interface driver usbfs
client # [ 0.737269] usbcore: registered new interface driver hub
client # [ 0.737757] usbcore: registered new device driver usb
webserver #
webserver # <<< NixOS Stage 1 >>>
webserver #
dnsserver # loading module virtio_rng...
dnsserver # loading module dm_mod...
client # [ 0.753148] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
dnsserver # [ 0.704573] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com
dnsserver # running udev...
webserver # loading module virtio_balloon...
client # [ 0.767600] uhci_hcd: USB Universal Host Controller Interface driver
dnsserver # Starting systemd-udevd version 252.4
webserver # loading module virtio_console...
client # [ 0.786039] scsi host0: ata_piix
webserver # loading module virtio_rng...
client # [ 0.790565] uhci_hcd 0000:00:01.2: UHCI Host Controller
client # [ 0.791039] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1
client # [ 0.791707] uhci_hcd 0000:00:01.2: detected 2 ports
client # [ 0.792275] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100
client # [ 0.792897] scsi host1: ata_piix
webserver # loading module dm_mod...
client # [ 0.795157] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14
client # [ 0.795752] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15
client # [ 0.799048] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15
acme # [ 0.816842] rtc_cmos 00:05: RTC can wake from S4
client # [ 0.799791] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
client # [ 0.800427] usb usb1: Product: UHCI Host Controller
client # [ 0.800871] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd
client # [ 0.801399] usb usb1: SerialNumber: 0000:00:01.2
client # [ 0.807206] hub 1-0:1.0: USB hub found
client # [ 0.807563] hub 1-0:1.0: 2 ports detected
webserver # [ 0.681531] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com
webserver # running udev...
client # [ 0.813801] ACPI: \_SB_.LNKA: Enabled at IRQ 10
acme # [ 0.835533] rtc_cmos 00:05: registered as rtc0
acme # [ 0.836171] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs
webserver # Starting systemd-udevd version 252.4
dnsserver # [ 0.775300] rtc_cmos 00:05: RTC can wake from S4
client # [ 0.829488] ACPI: \_SB_.LNKB: Enabled at IRQ 11
dnsserver # [ 0.780518] rtc_cmos 00:05: registered as rtc0
acme # [ 0.851487] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
dnsserver # [ 0.781859] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs
acme # [ 0.853092] serio: i8042 KBD port at 0x60,0x64 irq 1
acme # [ 0.861423] serio: i8042 AUX port at 0x60,0x64 irq 12
dnsserver # [ 0.812934] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
dnsserver # [ 0.814500] serio: i8042 KBD port at 0x60,0x64 irq 1
webserver # [ 0.749772] rtc_cmos 00:05: RTC can wake from S4
dnsserver # [ 0.824790] serio: i8042 AUX port at 0x60,0x64 irq 12
acme # [ 0.899816] SCSI subsystem initialized
webserver # [ 0.759369] rtc_cmos 00:05: registered as rtc0
acme # [ 0.905624] ACPI: bus type USB registered
webserver # [ 0.766011] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs
acme # [ 0.911578] usbcore: registered new interface driver usbfs
webserver # [ 0.768884] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
acme # [ 0.912326] usbcore: registered new interface driver hub
acme # [ 0.912982] usbcore: registered new device driver usb
acme # [ 0.923752] ACPI: \_SB_.LNKC: Enabled at IRQ 10
webserver # [ 0.785619] serio: i8042 KBD port at 0x60,0x64 irq 1
acme # [ 0.929974] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
webserver # [ 0.793931] serio: i8042 AUX port at 0x60,0x64 irq 12
dnsserver # [ 0.867739] SCSI subsystem initialized
dnsserver # [ 0.877987] ACPI: bus type USB registered
acme # [ 0.948463] uhci_hcd: USB Universal Host Controller Interface driver
dnsserver # [ 0.880880] usbcore: registered new interface driver usbfs
dnsserver # [ 0.883775] usbcore: registered new interface driver hub
dnsserver # [ 0.884400] usbcore: registered new device driver usb
dnsserver # [ 0.894716] ACPI: \_SB_.LNKC: Enabled at IRQ 10
dnsserver # [ 0.900330] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
client # [ 0.955655] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
client # [ 0.956937] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
acme # [ 0.975466] scsi host0: ata_piix
webserver # [ 0.833107] SCSI subsystem initialized
acme # [ 0.983476] scsi host1: ata_piix
acme # [ 0.983964] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14
acme # [ 0.984777] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15
dnsserver # [ 0.915416] uhci_hcd: USB Universal Host Controller Interface driver
webserver # [ 0.854143] ACPI: bus type USB registered
webserver # [ 0.854926] usbcore: registered new interface driver usbfs
webserver # [ 0.855653] usbcore: registered new interface driver hub
webserver # [ 0.856343] usbcore: registered new device driver usb
webserver # [ 0.858438] ACPI: \_SB_.LNKC: Enabled at IRQ 10
acme # [ 1.001249] uhci_hcd 0000:00:01.2: UHCI Host Controller
acme # [ 1.001922] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1
acme # [ 1.002854] uhci_hcd 0000:00:01.2: detected 2 ports
acme # [ 1.003630] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100
acme # [ 1.004523] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15
acme # [ 1.005571] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
acme # [ 1.006464] usb usb1: Product: UHCI Host Controller
acme # [ 1.007044] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd
acme # [ 1.007735] usb usb1: SerialNumber: 0000:00:01.2
dnsserver # [ 0.939827] scsi host0: ata_piix
acme # [ 1.015756] hub 1-0:1.0: USB hub found
acme # [ 1.016240] hub 1-0:1.0: 2 ports detected
dnsserver # [ 0.947828] scsi host1: ata_piix
webserver # [ 0.875494] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
dnsserver # [ 0.948278] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14
dnsserver # [ 0.949036] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15
client # [ 1.005279] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
client # [ 1.006672] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB)
webserver # [ 0.886666] uhci_hcd: USB Universal Host Controller Interface driver
acme # [ 1.032548] ACPI: \_SB_.LNKA: Enabled at IRQ 10
dnsserver # [ 0.968672] uhci_hcd 0000:00:01.2: UHCI Host Controller
dnsserver # [ 0.969291] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1
dnsserver # [ 0.970145] uhci_hcd 0000:00:01.2: detected 2 ports
dnsserver # [ 0.970926] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100
client # [ 1.024398] 9pnet: Installing 9P2000 support
client # [ 1.029019] usb 1-1: new full-speed USB device number 2 using uhci_hcd
dnsserver # [ 0.978811] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15
webserver # [ 0.906971] scsi host0: ata_piix
dnsserver # [ 0.979728] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
dnsserver # [ 0.980537] usb usb1: Product: UHCI Host Controller
dnsserver # [ 0.981116] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd
dnsserver # [ 0.981715] usb usb1: SerialNumber: 0000:00:01.2
dnsserver # [ 0.982685] hub 1-0:1.0: USB hub found
dnsserver # [ 0.983781] hub 1-0:1.0: 2 ports detected
client # [ 1.038394] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
client # [ 1.039047] cdrom: Uniform CD-ROM driver Revision: 3.20
acme # [ 1.056267] ACPI: \_SB_.LNKB: Enabled at IRQ 11
webserver # [ 0.914972] scsi host1: ata_piix
webserver # [ 0.915559] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14
webserver # [ 0.916357] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15
dnsserver # [ 0.999325] ACPI: \_SB_.LNKA: Enabled at IRQ 10
webserver # [ 0.936212] uhci_hcd 0000:00:01.2: UHCI Host Controller
webserver # [ 0.936829] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1
webserver # [ 0.937692] uhci_hcd 0000:00:01.2: detected 2 ports
webserver # [ 0.938538] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100
webserver # [ 0.946092] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15
webserver # [ 0.947109] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
webserver # [ 0.947935] usb usb1: Product: UHCI Host Controller
webserver # [ 0.948529] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd
webserver # [ 0.949225] usb usb1: SerialNumber: 0000:00:01.2
dnsserver # [ 1.023014] ACPI: \_SB_.LNKB: Enabled at IRQ 11
webserver # [ 0.953350] hub 1-0:1.0: USB hub found
webserver # [ 0.953806] hub 1-0:1.0: 2 ports detected
webserver # [ 0.967732] ACPI: \_SB_.LNKA: Enabled at IRQ 10
webserver # [ 0.991583] ACPI: \_SB_.LNKB: Enabled at IRQ 11
acme # [ 1.145767] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
acme # [ 1.147440] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
dnsserver # [ 1.107102] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
dnsserver # [ 1.108788] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
client # [ 1.198265] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
client # [ 1.199373] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
client # [ 1.200469] usb 1-1: Product: QEMU USB Tablet
client # [ 1.201014] usb 1-1: Manufacturer: QEMU
client # [ 1.201558] usb 1-1: SerialNumber: 28754-0000:00:01.2-1
webserver # [ 1.078250] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
webserver # [ 1.079915] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
client # [ 1.218020] hid: raw HID events driver (C) Jiri Kosina
acme # [ 1.241452] usb 1-1: new full-speed USB device number 2 using uhci_hcd
client # [ 1.227714] usbcore: registered new interface driver usbhid
client # [ 1.228470] usbhid: USB HID core driver
client # [ 1.231123] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2
client # [ 1.235744] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0
acme # [ 1.274361] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB)
acme # [ 1.276450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
dnsserver # [ 1.208766] usb 1-1: new full-speed USB device number 2 using uhci_hcd
client # kbd_mode: KDSKBMODE: Inappropriate ioctl for device
acme # [ 1.302952] 9pnet: Installing 9P2000 support
client # %Gstarting device mapper and LVM...
dnsserver # [ 1.240831] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
dnsserver # [ 1.243402] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB)
webserver # [ 1.172015] usb 1-1: new full-speed USB device number 2 using uhci_hcd
acme # [ 1.315811] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
acme # [ 1.316561] cdrom: Uniform CD-ROM driver Revision: 3.20
client # mke2fs 1.46.5 (30-Dec-2021)
client # Discarding device blocks: 0/262144 done
client # Creating filesystem with 262144 4k blocks and 65536 inodes
client # Filesystem UUID: ae35a90d-87a0-4c21-8b29-e6771a668bf8
client # Superblock backups stored on blocks:
client # 32768, 98304, 163840, 229376
client #
client # Allocating group tables: 0/8 done
client # Writing inode tables: 0/8 done
client # Creating journal (8192 blocks): done
client # Writing superblocks and filesystem accounting information: 0/8 done
client #
dnsserver # [ 1.278616] 9pnet: Installing 9P2000 support
client # checking /dev/vda...
client # fsck (busybox 1.35.0)
client # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda
webserver # [ 1.215630] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
client # /dev/vda: clean, 11/65536 files, 12955/262144 blocks
dnsserver # [ 1.290514] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
webserver # [ 1.218089] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB)
dnsserver # [ 1.291363] cdrom: Uniform CD-ROM driver Revision: 3.20
client # mounting /dev/vda on /...
webserver # [ 1.255051] 9pnet: Installing 9P2000 support
webserver # [ 1.260431] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
webserver # [ 1.263222] cdrom: Uniform CD-ROM driver Revision: 3.20
acme # [ 1.410983] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
acme # [ 1.412118] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
acme # [ 1.413034] usb 1-1: Product: QEMU USB Tablet
acme # [ 1.413513] usb 1-1: Manufacturer: QEMU
acme # [ 1.414081] usb 1-1: SerialNumber: 28754-0000:00:01.2-1
client # [ 1.399657] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none.
client # mounting nix-store on /nix/.ro-store...
acme # [ 1.428751] hid: raw HID events driver (C) Jiri Kosina
client # [ 1.418729] FS-Cache: Loaded
client # [ 1.423299] 9p: Installing v9fs 9p2000 file system support
client # [ 1.423832] FS-Cache: Netfs '9p' registered for caching
acme # [ 1.445426] usbcore: registered new interface driver usbhid
dnsserver # [ 1.377226] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
dnsserver # [ 1.378264] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
acme # [ 1.448076] usbhid: USB HID core driver
dnsserver # [ 1.379158] usb 1-1: Product: QEMU USB Tablet
dnsserver # [ 1.379716] usb 1-1: Manufacturer: QEMU
dnsserver # [ 1.380195] usb 1-1: SerialNumber: 28754-0000:00:01.2-1
client # mounting tmpfs on /nix/.rw-store...
acme # [ 1.451677] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2
acme # [ 1.457974] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0
client # mounting shared on /tmp/shared...
dnsserver # [ 1.394065] hid: raw HID events driver (C) Jiri Kosina
client # mounting xchg on /tmp/xchg...
dnsserver # [ 1.403548] usbcore: registered new interface driver usbhid
dnsserver # [ 1.404312] usbhid: USB HID core driver
client # mounting overlay filesystem on /nix/store...
dnsserver # [ 1.409040] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2
dnsserver # [ 1.410589] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0
webserver # [ 1.340866] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
webserver # [ 1.344327] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
webserver # [ 1.347268] usb 1-1: Product: QEMU USB Tablet
webserver # [ 1.349037] usb 1-1: Manufacturer: QEMU
webserver # [ 1.350931] usb 1-1: SerialNumber: 28754-0000:00:01.2-1
webserver # [ 1.365683] hid: raw HID events driver (C) Jiri Kosina
webserver # [ 1.378487] usbcore: registered new interface driver usbhid
webserver # [ 1.380849] usbhid: USB HID core driver
webserver # [ 1.384619] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2
webserver # [ 1.391315] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0
acme # kbd_mode: KDSKBMODE: Inappropriate ioctl for device
acme # %Gstarting device mapper and LVM...
client #
client # <<< NixOS Stage 2 >>>
client #
acme # mke2fs 1.46.5 (30-Dec-2021)
acme # Discarding device blocks: 0/262144 done
acme # Creating filesystem with 262144 4k blocks and 65536 inodes
dnsserver # kbd_mode: KDSKBMODE: Inappropriate ioctl for device
acme # Filesystem UUID: 4c99a643-7b5d-418b-b76e-4c63e85f4e3c
client # [ 1.599076] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
dnsserver # %Gstarting device mapper and LVM...
acme # Superblock backups stored on blocks:
client # [ 1.601942] booting system configuration /nix/store/w28qid4kn2h5f274cbxbjz183g9s3mk0-nixos-system-client-23.05pre-git
acme # 32768, 98304, 163840, 229376
acme #
acme # Allocating group tables: 0/8 done
acme # Writing inode tables: 0/8 done
acme # Creating journal (8192 blocks): done
acme # Writing superblocks and filesystem accounting information: 0/8 done
acme #
acme # checking /dev/vda...
acme # fsck (busybox 1.35.0)
dnsserver # mke2fs 1.46.5 (30-Dec-2021)
acme # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda
dnsserver # Discarding device blocks: 0/262144 done
dnsserver # Creating filesystem with 262144 4k blocks and 65536 inodes
dnsserver # Filesystem UUID: a2845bfe-52a1-4110-91c3-1c92ecf9280c
dnsserver # Superblock backups stored on blocks:
dnsserver # 32768, 98304, 163840, 229376
acme # /dev/vda: clean, 11/65536 files, 12955/262144 blocks
dnsserver #
acme # mounting /dev/vda on /...
dnsserver # Allocating group tables: 0/8 done
dnsserver # Writing inode tables: 0/8 done
dnsserver # Creating journal (8192 blocks): done
dnsserver # Writing superblocks and filesystem accounting information: 0/8 done
dnsserver #
webserver # kbd_mode: KDSKBMODE: Inappropriate ioctl for device
dnsserver # checking /dev/vda...
webserver # %Gstarting device mapper and LVM...
dnsserver # fsck (busybox 1.35.0)
dnsserver # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda
dnsserver # /dev/vda: clean, 11/65536 files, 12955/262144 blocks
dnsserver # mounting /dev/vda on /...
client # running activation script...
webserver # mke2fs 1.46.5 (30-Dec-2021)
webserver # Discarding device blocks: 0/262144 done
webserver # Creating filesystem with 262144 4k blocks and 65536 inodes
webserver # Filesystem UUID: fa1de44c-c86d-4138-9b58-3f60e46de848
webserver # Superblock backups stored on blocks:
webserver # 32768, 98304, 163840, 229376
webserver #
webserver # Allocating group tables: 0/8 done
webserver # Writing inode tables: 0/8 done
webserver # Creating journal (8192 blocks): done
webserver # Writing superblocks and filesystem accounting information: 0/8 done
webserver #
acme # [ 1.723480] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none.
webserver # checking /dev/vda...
webserver # fsck (busybox 1.35.0)
webserver # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda
webserver # /dev/vda: clean, 11/65536 files, 12955/262144 blocks
webserver # mounting /dev/vda on /...
acme # mounting nix-store on /nix/.ro-store...
acme # [ 1.751712] FS-Cache: Loaded
dnsserver # [ 1.682333] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none.
acme # [ 1.758522] 9p: Installing v9fs 9p2000 file system support
acme # [ 1.760976] FS-Cache: Netfs '9p' registered for caching
dnsserver # mounting nix-store on /nix/.ro-store...
acme # mounting tmpfs on /nix/.rw-store...
dnsserver # [ 1.705520] FS-Cache: Loaded
dnsserver # [ 1.711357] 9p: Installing v9fs 9p2000 file system support
dnsserver # [ 1.712079] FS-Cache: Netfs '9p' registered for caching
acme # mounting shared on /tmp/shared...
dnsserver # mounting tmpfs on /nix/.rw-store...
acme # mounting xchg on /tmp/xchg...
webserver # [ 1.660717] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none.
dnsserver # mounting shared on /tmp/shared...
acme # mounting overlay filesystem on /nix/store...
webserver # mounting nix-store on /nix/.ro-store...
dnsserver # mounting xchg on /tmp/xchg...
dnsserver # mounting overlay filesystem on /nix/store...
webserver # [ 1.685833] FS-Cache: Loaded
webserver # [ 1.692215] 9p: Installing v9fs 9p2000 file system support
webserver # [ 1.694395] FS-Cache: Netfs '9p' registered for caching
webserver # mounting tmpfs on /nix/.rw-store...
webserver # mounting shared on /tmp/shared...
webserver # mounting xchg on /tmp/xchg...
webserver # mounting overlay filesystem on /nix/store...
acme #
acme # <<< NixOS Stage 2 >>>
acme #
dnsserver #
dnsserver # <<< NixOS Stage 2 >>>
dnsserver #
acme # [ 2.009817] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
dnsserver # [ 1.944695] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
acme # [ 2.015691] booting system configuration /nix/store/fhivd03v034pfaga4clmirshyn56cijx-nixos-system-acme-23.05pre-git
dnsserver # [ 1.947863] booting system configuration /nix/store/ginlw6jq0nm2cxjpci6553sh5bahj2vx-nixos-system-dnsserver-23.05pre-git
webserver #
webserver # <<< NixOS Stage 2 >>>
webserver #
client # setting up /etc...
webserver # [ 1.941402] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
dnsserver # running activation script...
webserver # [ 1.947125] booting system configuration /nix/store/dpicg1vsplswvqx8bwlbjgxihydzc51q-nixos-system-webserver-23.05pre-git
acme # running activation script...
webserver # running activation script...
dnsserver # setting up /etc...
acme # setting up /etc...
webserver # setting up /etc...
client # starting systemd...
client # [ 3.947647] systemd[1]: Inserted module 'autofs4'
client # [ 4.005122] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified)
client # [ 4.017537] systemd[1]: Detected virtualization kvm.
client # [ 4.019563] systemd[1]: Detected architecture x86-64.
client # [ 4.028010] systemd[1]: Initializing machine ID from random generator.
dnsserver # starting systemd...
client # [ 4.427215] systemd[1]: bpf-lsm: LSM BPF program attached
acme # starting systemd...
dnsserver # [ 4.461565] systemd[1]: Inserted module 'autofs4'
dnsserver # [ 4.528746] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified)
dnsserver # [ 4.540839] systemd[1]: Detected virtualization kvm.
dnsserver # [ 4.542768] systemd[1]: Detected architecture x86-64.
dnsserver # [ 4.556768] systemd[1]: Initializing machine ID from random generator.
acme # [ 4.771682] systemd[1]: Inserted module 'autofs4'
webserver # starting systemd...
acme # [ 4.830996] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified)
acme # [ 4.834532] systemd[1]: Detected virtualization kvm.
acme # [ 4.835122] systemd[1]: Detected architecture x86-64.
acme # [ 4.841595] systemd[1]: Initializing machine ID from random generator.
client # [ 5.005216] systemd[1]: Queued start job for default target Multi-User System.
client # [ 5.009026] systemd[1]: Created slice Slice /system/getty.
client # [ 5.010622] systemd[1]: Created slice Slice /system/modprobe.
client # [ 5.012115] systemd[1]: Created slice User and Session Slice.
client # [ 5.012960] systemd[1]: Started Dispatch Password Requests to Console Directory Watch.
webserver # [ 4.887098] systemd[1]: Inserted module 'autofs4'
client # [ 5.013999] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
client # [ 5.015070] systemd[1]: Reached target Local Encrypted Volumes.
client # [ 5.015901] systemd[1]: Reached target Containers.
client # [ 5.016573] systemd[1]: Reached target Path Units.
client # [ 5.017273] systemd[1]: Reached target Remote File Systems.
client # [ 5.018043] systemd[1]: Reached target Slice Units.
client # [ 5.018718] systemd[1]: Reached target Swaps.
client # [ 5.022782] systemd[1]: Listening on Process Core Dump Socket.
client # [ 5.023986] systemd[1]: Listening on Journal Audit Socket.
client # [ 5.024764] systemd[1]: Listening on Journal Socket (/dev/log).
client # [ 5.025709] systemd[1]: Listening on Journal Socket.
client # [ 5.026954] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket.
client # [ 5.028881] systemd[1]: Listening on udev Control Socket.
client # [ 5.029865] systemd[1]: Listening on udev Kernel Socket.
client # [ 5.032152] systemd[1]: Mounting Huge Pages File System...
client # [ 5.034135] systemd[1]: Mounting POSIX Message Queue File System...
client # [ 5.037190] systemd[1]: Mounting Kernel Debug File System...
client # [ 5.045067] systemd[1]: Starting Create List of Static Device Nodes...
client # [ 5.048638] systemd[1]: Starting Load Kernel Module configfs...
client # [ 5.053352] systemd[1]: Starting Load Kernel Module drm...
client # [ 5.059176] systemd[1]: Starting Load Kernel Module efi_pstore...
client # [ 5.065518] systemd[1]: Starting Load Kernel Module fuse...
client # [ 5.076193] systemd[1]: Starting mount-pstore.service...
client # [ 5.077288] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 4.946209] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified)
webserver # [ 4.958955] systemd[1]: Detected virtualization kvm.
webserver # [ 4.961110] systemd[1]: Detected architecture x86-64.
webserver # [ 4.968922] systemd[1]: Initializing machine ID from random generator.
client # [ 5.102679] systemd[1]: Starting Journal Service...
dnsserver # [ 5.054859] systemd[1]: bpf-lsm: LSM BPF program attached
client # [ 5.111796] systemd[1]: Starting Load Kernel Modules...
client # [ 5.130069] fuse: init (API version 7.34)
client # [ 5.131448] systemd[1]: Starting Remount Root and Kernel File Systems...
client # [ 5.158497] systemd[1]: Starting Coldplug All udev Devices...
client # [ 5.205158] systemd[1]: Mounted Huge Pages File System.
acme # [ 5.237590] systemd[1]: bpf-lsm: LSM BPF program attached
client # [ 5.218998] systemd[1]: Mounted POSIX Message Queue File System.
client # [ 5.232853] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
client # [ 5.238681] systemd[1]: Mounted Kernel Debug File System.
client # [ 5.257508] systemd[1]: Finished Create List of Static Device Nodes.
client # [ 5.271060] audit: type=1130 audit(1674330715.970:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.274276] systemd[1]: modprobe@configfs.service: Deactivated successfully.
client # [ 5.280230] systemd[1]: Finished Load Kernel Module configfs.
client # [ 5.287306] audit: type=1130 audit(1674330715.986:3): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.290549] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
client # [ 5.291391] audit: type=1131 audit(1674330715.989:4): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.297071] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
client # [ 5.300910] systemd[1]: Finished Load Kernel Module efi_pstore.
client # [ 5.304106] systemd[1]: modprobe@fuse.service: Deactivated successfully.
client # [ 5.304944] audit: type=1130 audit(1674330716.000:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.313930] systemd[1]: Finished Load Kernel Module fuse.
client # [ 5.318376] audit: type=1131 audit(1674330716.000:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.328922] systemd[1]: Finished Remount Root and Kernel File Systems.
client # [ 5.339686] audit: type=1130 audit(1674330716.013:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.346732] systemd[1]: modprobe@drm.service: Deactivated successfully.
client # [ 5.354954] systemd[1]: Finished Load Kernel Module drm.
client # [ 5.358883] audit: type=1131 audit(1674330716.013:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.373542] tun: Universal TUN/TAP device driver, 1.6
client # [ 5.387991] systemd[1]: Mounting FUSE Control File System...
client # [ 5.408930] audit: type=1130 audit(1674330716.034:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-remount-fs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.420209] loop: module loaded
client # [ 5.428041] systemd[1]: Mounting Kernel Configuration File System...
client # [ 5.445990] systemd[1]: Starting Load/Save Random Seed...
client # [ 5.450665] audit: type=1130 audit(1674330716.075:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client # [ 5.361845] systemd-modules-load[463]: Inserted module 'bridge'
client # [ 5.461351] systemd[1]: Starting Create Static Device Nodes in /dev...
client # [ 5.368623] systemd-modules-load[463]: Inserted module 'macvlan'[ 5.465172] audit: type=1131 audit(1674330716.075:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
client #
client # [ 5.480701] systemd[1]: Started Journal Service.
client # [ 5.387481] systemd-modules-load[463]: Inserted module 'tap'
client # [ 5.396566] systemd-modules-load[463]: Inserted module 'tun'
webserver # [ 5.370086] systemd[1]: bpf-lsm: LSM BPF program attached
client # [ 5.400796] systemd-modules-load[463]: Inserted module 'loop'
client # [ 5.412193] systemd[1]: Finished Load Kernel Modules.
client # [ 5.444157] systemd[1]: Mounted FUSE Control File System.
client # [ 5.558590] systemd-journald[462]: Received client request to flush runtime journal.
dnsserver # [ 5.585099] systemd[1]: Queued start job for default target Multi-User System.
dnsserver # [ 5.590959] systemd[1]: Created slice Slice /system/getty.
dnsserver # [ 5.594052] systemd[1]: Created slice Slice /system/modprobe.
dnsserver # [ 5.597103] systemd[1]: Created slice User and Session Slice.
dnsserver # [ 5.599509] systemd[1]: Started Dispatch Password Requests to Console Directory Watch.
dnsserver # [ 5.602720] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
dnsserver # [ 5.605842] systemd[1]: Reached target Local Encrypted Volumes.
dnsserver # [ 5.608216] systemd[1]: Reached target Containers.
dnsserver # [ 5.610249] systemd[1]: Reached target Path Units.
dnsserver # [ 5.612238] systemd[1]: Reached target Remote File Systems.
dnsserver # [ 5.614635] systemd[1]: Reached target Slice Units.
dnsserver # [ 5.616742] systemd[1]: Reached target Swaps.
dnsserver # [ 5.622440] systemd[1]: Listening on Process Core Dump Socket.
dnsserver # [ 5.625518] systemd[1]: Listening on Journal Audit Socket.
dnsserver # [ 5.629286] systemd[1]: Listening on Journal Socket (/dev/log).
dnsserver # [ 5.631960] systemd[1]: Listening on Journal Socket.
dnsserver # [ 5.634848] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket.
dnsserver # [ 5.639609] systemd[1]: Listening on udev Control Socket.
dnsserver # [ 5.642762] systemd[1]: Listening on udev Kernel Socket.
dnsserver # [ 5.646882] systemd[1]: Mounting Huge Pages File System...
dnsserver # [ 5.650986] systemd[1]: Mounting POSIX Message Queue File System...
dnsserver # [ 5.657796] systemd[1]: Mounting Kernel Debug File System...
dnsserver # [ 5.666392] systemd[1]: Starting Create List of Static Device Nodes...
dnsserver # [ 5.675204] systemd[1]: Starting Load Kernel Module configfs...
dnsserver # [ 5.682947] systemd[1]: Starting Load Kernel Module drm...
dnsserver # [ 5.690377] systemd[1]: Starting Load Kernel Module efi_pstore...
client # [ 5.648979] systemd[1]: Mounted Kernel Configuration File System.
acme # [ 5.768325] systemd[1]: Queued start job for default target Multi-User System.
acme # [ 5.772945] systemd[1]: Created slice Slice /system/getty.
acme # [ 5.775537] systemd[1]: Created slice Slice /system/modprobe.
dnsserver # [ 5.704937] systemd[1]: Starting Load Kernel Module fuse...
acme # [ 5.777590] systemd[1]: Created slice User and Session Slice.
acme # [ 5.778366] systemd[1]: Started Dispatch Password Requests to Console Directory Watch.
acme # [ 5.779360] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
client # [ 5.666229] systemd[1]: Finished Load/Save Random Seed.
acme # [ 5.780353] systemd[1]: Reached target Local Encrypted Volumes.
acme # [ 5.781021] systemd[1]: Reached target Containers.
acme # [ 5.781920] systemd[1]: Reached target Path Units.
acme # [ 5.782605] systemd[1]: Reached target Remote File Systems.
acme # [ 5.783447] systemd[1]: Reached target Slice Units.
acme # [ 5.783971] systemd[1]: Reached target Swaps.
dnsserver # [ 5.713341] systemd[1]: Starting mount-pstore.service...
acme # [ 5.787491] systemd[1]: Listening on Process Core Dump Socket.
client # [ 5.672639] systemd[1]: Starting Firewall...
acme # [ 5.788813] systemd[1]: Listening on Journal Audit Socket.
acme # [ 5.789605] systemd[1]: Listening on Journal Socket (/dev/log).
acme # [ 5.790404] systemd[1]: Listening on Journal Socket.
dnsserver # [ 5.716360] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
acme # [ 5.791373] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket.
acme # [ 5.793257] systemd[1]: Listening on udev Control Socket.
acme # [ 5.794104] systemd[1]: Listening on udev Kernel Socket.
acme # [ 5.796017] systemd[1]: Mounting Huge Pages File System...
acme # [ 5.797696] systemd[1]: Mounting POSIX Message Queue File System...
acme # [ 5.799607] systemd[1]: Mounting Kernel Debug File System...
acme # [ 5.804616] systemd[1]: Starting Create List of Static Device Nodes...
acme # [ 5.814374] systemd[1]: Starting Load Kernel Module configfs...
client # [ 5.694535] systemd[1]: Starting Flush Journal to Persistent Storage...
acme # [ 5.818538] systemd[1]: Starting Load Kernel Module drm...
dnsserver # [ 5.749245] fuse: init (API version 7.34)
acme # [ 5.822367] systemd[1]: Starting Load Kernel Module efi_pstore...
acme # [ 5.829354] systemd[1]: Starting Load Kernel Module fuse...
dnsserver # [ 5.757631] systemd[1]: Starting Journal Service...
client # [ 5.709168] systemd[1]: Starting Apply Kernel Variables...
dnsserver # [ 5.774248] systemd[1]: Starting Load Kernel Modules...
acme # [ 5.847637] systemd[1]: Starting mount-pstore.service...
acme # [ 5.850468] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
dnsserver # [ 5.787993] systemd[1]: Starting Remount Root and Kernel File Systems...
acme # [ 5.868422] systemd[1]: Starting Journal Service...
client # [ 5.738366] systemd[1]: Finished Coldplug All udev Devices.
acme # [ 5.881813] systemd[1]: Starting Load Kernel Modules...
dnsserver # [ 5.820985] systemd[1]: Starting Coldplug All udev Devices...
acme # [ 5.894695] fuse: init (API version 7.34)
client # [ 5.772681] systemd[1]: Finished Create Static Device Nodes in /dev.
acme # [ 5.907775] systemd[1]: Starting Remount Root and Kernel File Systems...
client # [ 5.803763] systemd[1]: Reached target Preparation for Local File Systems.
client # [ 5.813175] systemd[1]: Reached target Local File Systems.
dnsserver # [ 5.862825] audit: type=1334 audit(1674330717.299:2): prog-id=61 op=LOAD
dnsserver # [ 5.866404] audit: type=1334 audit(1674330717.302:3): prog-id=0 op=UNLOAD
acme # [ 5.948547] systemd[1]: Starting Coldplug All udev Devices...
dnsserver # [ 5.882069] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
dnsserver # [ 5.893616] audit: type=1334 audit(1674330717.302:4): prog-id=0 op=UNLOAD
dnsserver # [ 5.895778] systemd[1]: Mounted Huge Pages File System.
acme # [ 5.970268] audit: type=1334 audit(1674330717.382:2): prog-id=58 op=LOAD
client # [ 5.845560] systemd[1]: Starting Rule-based Manager for Device Events and Files...
acme # [ 5.975260] audit: type=1334 audit(1674330717.386:3): prog-id=59 op=LOAD
dnsserver # [ 5.913486] systemd[1]: Mounted POSIX Message Queue File System.
acme # [ 5.985711] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
acme # [ 5.994552] audit: type=1334 audit(1674330717.390:4): prog-id=0 op=UNLOAD
dnsserver # [ 5.928835] systemd[1]: Mounted Kernel Debug File System.
client # [ 5.881563] systemd[1]: Finished Apply Kernel Variables.
acme # [ 6.004889] systemd[1]: Mounted Huge Pages File System.
acme # [ 6.012217] audit: type=1334 audit(1674330717.390:5): prog-id=0 op=UNLOAD
dnsserver # [ 5.943760] systemd[1]: Finished Create List of Static Device Nodes.
client # [ 5.901612] systemd-udevd[488]: Using default interface naming scheme 'v252'.
acme # [ 6.022557] systemd[1]: Mounted POSIX Message Queue File System.
client # [ 5.912809] systemd[1]: Finished Flush Journal to Persistent Storage.
acme # [ 6.032231] audit: type=1334 audit(1674330717.393:6): prog-id=60 op=LOAD
dnsserver # [ 5.955706] audit: type=1130 audit(1674330717.392:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
dnsserver # [ 5.966113] systemd[1]: modprobe@configfs.service: Deactivated successfully.
acme # [ 6.038496] systemd[1]: Mounted Kernel Debug File System.
acme # [ 6.044196] audit: type=1334 audit(1674330717.393:7): prog-id=61 op=LOAD
dnsserver # [ 5.972691] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
acme # [ 6.054332] systemd[1]: Finished Create List of Static Device Nodes.
dnsserver # [ 5.985627] systemd[1]: Finished Load Kernel Module configfs.
acme # [ 6.060219] audit: type=1334 audit(1674330717.393:8): prog-id=0 op=UNLOAD
dnsserver # [ 5.994113] systemd[1]: modprobe@drm.service: Deactivated successfully.
client # [ 5.947406] systemd[1]: Starting Create Volatile Files and Directories...
acme # [ 6.071137] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
dnsserver # [ 5.997645] audit: type=1130 audit(1674330717.430:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
acme # [ 6.078626] systemd[1]: modprobe@configfs.service: Deactivated successfully.
client # [ 5.962011] systemd[1]: Started Rule-based Manager for Device Events and Files.
acme # [ 6.083621] audit: type=1334 audit(1674330717.393:9): prog-id=0 op=UNLOAD
dnsserver # [ 6.016807] systemd[1]: Finished Load Kernel Module drm.
acme # [ 6.091580] systemd[1]: Finished Load Kernel Module configfs.
acme # [ 6.095277] audit: type=1130 audit(1674330717.489:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
dnsserver # [ 6.030956] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 5.960095] systemd[1]: Queued start job for default target Multi-User System.
webserver # [ 5.966109] systemd[1]: Created slice Slice /system/getty.
acme # [ 6.109759] systemd[1]: modprobe@drm.service: Deactivated successfully.
webserver # [ 5.968747] systemd[1]: Created slice Slice /system/modprobe.
dnsserver # [ 6.042450] tun: Universal TUN/TAP device driver, 1.6
client # [ 6.000491] systemd[1]: Finished Create Volatile Files and Directories.
webserver # [ 5.972516] systemd[1]: Created slice User and Session Slice.
webserver # [ 5.974939] systemd[1]: Started Dispatch Password Requests to Console Directory Watch.
acme # [ 6.122689] systemd[1]: Finished Load Kernel Module drm.
webserver # [ 5.978843] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
client # [ 6.008898] systemd[1]: Starting Rebuild Journal Catalog...
webserver # [ 5.982276] systemd[1]: Reached target Local Encrypted Volumes.
dnsserver # [ 6.048596] audit: type=1131 audit(1674330717.430:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 5.984995] systemd[1]: Reached target Containers.
acme # [ 6.129090] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 5.987049] systemd[1]: Reached target Path Units.
client # [ 6.017588] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer...
dnsserver # [ 6.060610] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 5.989258] systemd[1]: Reached target Remote File Systems.
webserver # [ 5.991368] systemd[1]: Reached target Slice Units.
webserver # [ 5.993571] systemd[1]: Reached target Swaps.
client # [ 6.025497] systemd[1]: Starting Record System Boot/Shutdown in UTMP...
dnsserver # [ 6.068101] systemd[1]: modprobe@fuse.service: Deactivated successfully.
client # [ 6.028476] systemd[1]: Finished Record System Boot/Shutdown in UTMP.
client # [ 6.032885] systemd[1]: Finished Rebuild Journal Catalog.
acme # [ 6.139273] audit: type=1130 audit(1674330717.521:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 6.004534] systemd[1]: Listening on Process Core Dump Socket.
client # [ 6.037556] systemd[1]: Starting Update is Completed...
webserver # [ 6.007669] systemd[1]: Listening on Journal Audit Socket.
dnsserver # [ 6.082639] systemd[1]: Finished Load Kernel Module fuse.
webserver # [ 6.010264] systemd[1]: Listening on Journal Socket (/dev/log).
client # [ 6.042231] systemd[1]: Finished Update is Completed.
dnsserver # [ 6.085328] loop: module loaded
acme # [ 6.155659] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 6.012852] systemd[1]: Listening on Journal Socket.
webserver # [ 6.015625] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket.
acme # [ 6.160036] tun: Universal TUN/TAP device driver, 1.6
dnsserver # [ 6.092921] systemd[1]: Started Journal Service.
webserver # [ 6.020185] systemd[1]: Listening on udev Control Socket.
webserver # [ 6.023046] systemd[1]: Listening on udev Kernel Socket.
acme # [ 6.165733] systemd[1]: modprobe@fuse.service: Deactivated successfully.
webserver # [ 6.027314] systemd[1]: Mounting Huge Pages File System...
dnsserver # [ 6.096284] audit: type=1130 audit(1674330717.463:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 6.032192] systemd[1]: Mounting POSIX Message Queue File System...
dnsserver # [ 5.977829] systemd-modules-load[464]: Inserted module 'bridge'
acme # [ 6.180321] systemd[1]: Finished Load Kernel Module fuse.
webserver # [ 6.041442] systemd[1]: Mounting Kernel Debug File System...
acme # [ 6.189321] loop: module loaded
dnsserver # [ 5.981388] systemd-modules-load[464]: Inserted module 'macvlan'
client # [ 6.075553] systemd-oomd[519]: Swap is currently not detected; memory pressure usage will be degraded
webserver # [ 6.050205] systemd[1]: Starting Create List of Static Device Nodes...
acme # [ 6.194833] systemd[1]: Finished Remount Root and Kernel File Systems.
webserver # [ 6.056858] systemd[1]: Starting Load Kernel Module configfs...
client # [ 6.083679] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer.
webserver # [ 6.063173] systemd[1]: Starting Load Kernel Module drm...
dnsserver # [ 5.995976] systemd-modules-load[464]: Inserted module 'tap'
acme # [ 6.214427] systemd[1]: Started Journal Service.
dnsserver # [ 6.008008] systemd-modules-load[464]: Inserted module 'tun'[ 6.146656] audit: type=1131 audit(1674330717.463:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 6.080059] systemd[1]: Starting Load Kernel Module efi_pstore...
dnsserver #
acme # [ 6.079329] systemd-modules-load[464]: Inserted module 'bridge'
dnsserver # [ 6.026092] systemd-modules-load[464]: Inserted module 'loop'
webserver # [ 6.090223] systemd[1]: Starting Load Kernel Module fuse...
acme # [ 6.089168] systemd-modules-load[464]: Inserted module 'macvlan'
dnsserver # [ 6.037020] systemd[1]: Finished Load Kernel Modules.
acme # [ 6.101799] systemd-modules-load[464]: Inserted module 'tap'
dnsserver # [ 6.179552] audit: type=1130 audit(1674330717.504:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 6.115979] systemd[1]: Starting mount-pstore.service...
acme # [ 6.110719] systemd-modules-load[464]: Inserted module 'tun'
dnsserver # [ 6.060049] systemd[1]: Finished Remount Root and Kernel File Systems.
acme # [ 6.120033] systemd-modules-load[464]: Inserted module 'loop'
webserver # [ 6.127052] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
dnsserver # [ 6.204014] audit: type=1131 audit(1674330717.504:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
acme # [ 6.133967] systemd[1]: Finished Load Kernel Modules.
webserver # [ 6.153287] systemd[1]: Starting Journal Service...
dnsserver # [ 6.088335] systemd[1]: Mounting FUSE Control File System...
acme # [ 6.157816] systemd[1]: Mounting FUSE Control File System...
webserver # [ 6.175445] fuse: init (API version 7.34)
webserver # [ 6.178019] systemd[1]: Starting Load Kernel Modules...
dnsserver # [ 6.254446] systemd-journald[463]: Received client request to flush runtime journal.
acme # [ 6.335745] systemd-journald[463]: Received client request to flush runtime journal.
webserver # [ 6.200997] systemd[1]: Starting Remount Root and Kernel File Systems...
client # [ 6.257088] systemd[1]: Found device /dev/ttyS0.
webserver # [ 6.239006] systemd[1]: Starting Coldplug All udev Devices...
client # [ 6.271580] systemd-udevd[514]: Network interface NamePolicy= disabled on kernel command line.
client # [ 6.283244] systemd[1]: Found device /dev/hvc0.
client # [ 6.291354] systemd-udevd[515]: Network interface NamePolicy= disabled on kernel command line.
webserver # [ 6.299950] systemd[1]: Mounted Huge Pages File System.
acme # [ 6.330495] systemd[1]: Mounting Kernel Configuration File System...
webserver # [ 6.352712] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none.
acme # [ 6.359546] systemd[1]: Starting Firewall...
webserver # [ 6.366526] systemd[1]: Mounted POSIX Message Queue File System.
webserver # [ 6.370109] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
acme # [ 6.370415] systemd[1]: Starting Flush Journal to Persistent Storage...
webserver # [ 6.383058] systemd[1]: Mounted Kernel Debug File System.
dnsserver # [ 6.315345] systemd[1]: Mounting Kernel Configuration File System...
dnsserver # [ 6.328747] systemd[1]: Starting Firewall...
webserver # [ 6.393101] systemd[1]: Finished Create List of Static Device Nodes.
dnsserver # [ 6.333983] systemd[1]: Starting Flush Journal to Persistent Storage...
webserver # [ 6.402351] audit: type=1130 audit(1674330717.855:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
acme # [ 6.399772] systemd[1]: Starting Load/Save Random Seed...
dnsserver # [ 6.350950] systemd[1]: Starting Load/Save Random Seed...
webserver # [ 6.413152] systemd[1]: modprobe@configfs.service: Deactivated successfully.
webserver # [ 6.420822] systemd[1]: Finished Load Kernel Module configfs.
acme # [ 6.416482] systemd[1]: Starting Apply Kernel Variables...
webserver # [ 6.424209] systemd[1]: modprobe@drm.service: Deactivated successfully.
acme # [ 6.426055] systemd[1]: Starting Create Static Device Nodes in /dev...
dnsserver # [ 6.366041] systemd[1]: Starting Apply Kernel Variables...
webserver # [ 6.426335] audit: type=1130 audit(1674330717.877:3): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
acme # [ 6.431720] systemd[1]: Finished Coldplug All udev Devices.
webserver # [ 6.444131] systemd[1]: Finished Load Kernel Module drm.
acme # [ 6.439731] systemd[1]: Mounted FUSE Control File System.
client # [ 6.473934] systemd[1]: Found device Virtio network device.
dnsserver # [ 6.384212] systemd[1]: Starting Create Static Device Nodes in /dev...
webserver # [ 6.448718] tun: Universal TUN/TAP device driver, 1.6
acme # [ 6.450434] systemd[1]: Mounted Kernel Configuration File System.
webserver # [ 6.455477] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 6.461778] systemd[1]: Finished Load Kernel Module efi_pstore.
dnsserver # [ 6.401845] systemd[1]: Finished Coldplug All udev Devices.
webserver # [ 6.469011] audit: type=1131 audit(1674330717.877:4): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
acme # [ 6.479856] systemd[1]: Finished Load/Save Random Seed.
webserver # [ 6.484606] systemd[1]: modprobe@fuse.service: Deactivated successfully.
webserver # [ 6.489124] loop: module loaded
acme # [ 6.494612] systemd[1]: Finished Apply Kernel Variables.
webserver # [ 6.499128] systemd[1]: Finished Load Kernel Module fuse.
dnsserver # [ 6.440682] systemd[1]: Mounted FUSE Control File System.
acme # [ 6.507152] systemd[1]: Finished Flush Journal to Persistent Storage.
webserver # [ 6.513759] audit: type=1130 audit(1674330717.908:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 6.522027] systemd[1]: Finished Load Kernel Modules.
acme # [ 6.519467] systemd[1]: Finished Create Static Device Nodes in /dev.
dnsserver # [ 6.457227] systemd[1]: Mounted Kernel Configuration File System.
webserver # [ 6.535807] systemd[1]: Finished Remount Root and Kernel File Systems.
acme # [ 6.541602] systemd[1]: Reached target Preparation for Local File Systems.
webserver # [ 6.554724] audit: type=1131 audit(1674330717.908:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
dnsserver # [ 6.489590] systemd[1]: Finished Load/Save Random Seed.
webserver # [ 6.449844] systemd-modules-load[464]: Inserted module 'bridge'[ 6.567422] systemd[1]: Mounting FUSE Control File System...
webserver #
webserver # [ 6.473400] systemd-modules-load[464]: Inserted module 'macvlan'
acme # [ 6.584638] systemd[1]: Reached target Local File Systems.
dnsserver # [ 6.524870] systemd[1]: Finished Apply Kernel Variables.
webserver # [ 6.489385] systemd-modules-load[464]: Inserted module 'tap'[ 6.596919] systemd[1]: Mounting Kernel Configuration File System...
webserver # [ 6.600698] audit: type=1130 audit(1674330717.937:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver #
webserver # [ 6.508557] systemd-modules-load[464]: Inserted module 'tun'
webserver # [ 6.515394] systemd-modules-load[464]: Inserted module 'loop'
dnsserver # [ 6.544697] systemd[1]: Finished Create Static Device Nodes in /dev.
webserver # [ 6.626062] systemd[1]: Starting Firewall...
client # [ 6.654460] systemd-udevd[515]: event_source: Failed to get device name: No such file or directory
webserver # [ 6.630026] systemd[1]: Starting Load/Save Random Seed...
webserver # [ 6.631969] audit: type=1131 audit(1674330717.937:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
webserver # [ 6.640134] systemd[1]: Starting Apply Kernel Variables...
acme # [ 6.633925] systemd[1]: Starting Create Volatile Files and Directories...
webserver # [ 6.641863] audit: type=1130 audit(1674330717.961:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
dnsserver # [ 6.590467] systemd[1]: Reached target Preparation for Local File Systems.
dnsserver # [ 6.599707] systemd[1]: Reached target Local File Systems.
webserver # [ 6.660589] systemd[1]: Starting Create Static Device Nodes in /dev...
acme # [ 6.649569] systemd[1]: Starting Rule-based Manager for Device Events and Files...
dnsserver # [ 6.607746] systemd[1]: Starting Rule-based Manager for Device Events and Files...
webserver # [ 6.669995] audit: type=1131 audit(1674330717.961:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
acme # [ 6.664416] systemd[1]: Finished Create Volatile Files and Directories.
dnsserver # [ 6.613398] systemd[1]: Finished Flush Journal to Persistent Storage.
dnsserver # [ 6.617626] systemd[1]: Starting Create Volatile Files and Directories...
webserver # [ 6.688118] systemd[1]: Started Journal Service.
dnsserver # [ 6.624974] systemd-udevd[492]: Using default interface naming scheme 'v252'.
dnsserver # [ 6.630752] systemd[1]: Finished Create Volatile Files and Directories.
acme # [ 6.680802] systemd[1]: Starting Rebuild Journal Catalog...
webserver # [ 6.698426] audit: type=1130 audit(1674330717.985:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-modules-load comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
dnsserver # [ 6.646582] systemd[1]: Starting Rebuild Journal Catalog...
acme # [ 6.700523] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer...
dnsserver # [ 6.649778] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer...
webserver # [ 6.621709] systemd[1]: Finished Coldplug All udev Devices.
dnsserver # [ 6.658783] systemd[1]: Starting Record System Boot/Shutdown in UTMP...
client # [ 6.852226] mousedev: PS/2 mouse device common for all mice
acme # [ 6.729897] systemd[1]: Starting Record System Boot/Shutdown in UTMP...
dnsserver # [ 6.670828] systemd[1]: Started Rule-based Manager for Device Events and Files.
webserver # [ 6.636215] systemd[1]: Mounted FUSE Control File System.
dnsserver # [ 6.690333] systemd[1]: Finished Record System Boot/Shutdown in UTMP.
acme # [ 6.752181] systemd-udevd[497]: Using default interface naming scheme 'v252'.
webserver # [ 6.655847] systemd[1]: Mounted Kernel Configuration File System.
dnsserver # [ 6.704978] systemd[1]: Finished Rebuild Journal Catalog.
webserver # [ 6.667415] systemd[1]: Finished Load/Save Random Seed.
dnsserver # [ 6.720603] systemd[1]: Starting Update is Completed...
acme # [ 6.774578] systemd[1]: Finished Record System Boot/Shutdown in UTMP.
webserver # [ 6.684155] systemd[1]: Finished Apply Kernel Variables.
dnsserver # [ 6.733359] systemd[1]: Finished Update is Completed.
acme # [ 6.792981] systemd[1]: Finished Rebuild Journal Catalog.
webserver # [ 6.695060] systemd[1]: Finished Create Static Device Nodes in /dev.
webserver # [ 6.811117] systemd-journald[463]: Received client request to flush runtime journal.
client # [ 6.940850] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3
acme # [ 6.814152] systemd[1]: Starting Update is Completed...
dnsserver # [ 6.776278] systemd-oomd[510]: Swap is currently not detected; memory pressure usage will be degraded
acme # [ 6.829931] systemd[1]: Finished Update is Completed.
dnsserver # [ 6.778602] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer.
acme # [ 6.842601] systemd[1]: Started Rule-based Manager for Device Events and Files.
client # [ 6.885558] systemd[1]: Finished Firewall.
client # [ 6.986845] ACPI: button: Power Button [PWRF]
acme # [ 6.858689] systemd-oomd[510]: Swap is currently not detected; memory pressure usage will be degraded
acme # [ 6.869201] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer.
client # [ 7.018570] parport_pc 00:03: reported by Plug and Play ACPI
client # [ 7.036961] Floppy drive(s): fd0 is 2.88M AMI BIOS
client # [ 7.056724] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)]
client # [ 7.066241] FDC 0 is a S82078B
client # [ 7.071621] Linux agpgart interface v0.103
client # [ 7.086444] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
client # [ 7.107996] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4
client # [ 7.023361] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[468]: Persistent Storage backend was not registered in time.
client # [ 7.026252] systemd[1]: Finished mount-pstore.service.
client # [ 7.027579] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
dnsserver # [ 6.963216] systemd-udevd[514]: Network interface NamePolicy= disabled on kernel command line.
client # connecting to host...
client # [ 7.064798] systemd[1]: Reached target System Initialization.
dnsserver # [ 6.985584] systemd-udevd[516]: Network interface NamePolicy= disabled on kernel command line.
dnsserver # [ 6.994656] systemd[1]: Found device /dev/hvc0.
webserver # [ 6.936740] systemd[1]: Reached target Preparation for Local File Systems.
dnsserver # [ 7.001938] systemd[1]: Found device /dev/ttyS0.
webserver # [ 6.960483] systemd[1]: Reached target Local File Systems.
acme # [ 7.066372] systemd-udevd[524]: Network interface NamePolicy= disabled on kernel command line.
webserver # [ 6.968352] systemd[1]: Starting Flush Journal to Persistent Storage...
acme # [ 7.072012] systemd-udevd[529]: Network interface NamePolicy= disabled on kernel command line.
acme # [ 7.087930] systemd[1]: Found device /dev/ttyS0.
acme # [ 7.095281] systemd[1]: Found device /dev/hvc0.
webserver # [ 6.994609] systemd[1]: Starting Rule-based Manager for Device Events and Files...
client # [ 7.234380] 8021q: 802.1Q VLAN Support v1.8
client # [ 7.154571] systemd[1]: Started logrotate.timer.
webserver # [ 7.038779] systemd-udevd[490]: Using default interface naming scheme 'v252'.
client # [ 7.190930] dhcpcd[637]: dhcpcd-9.4.1 starting
webserver # [ 7.075349] systemd[1]: Started Rule-based Manager for Device Events and Files.
webserver # [ 7.080324] systemd[1]: Finished Flush Journal to Persistent Storage.
client # [ 7.201995] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[636]: No rules
webserver # [ 7.089824] systemd[1]: Starting Create Volatile Files and Directories...
webserver # [ 7.100219] systemd[1]: Finished Create Volatile Files and Directories.
webserver # [ 7.106079] systemd[1]: Starting Rebuild Journal Catalog...
client # [ 7.230883] systemd[1]: Started Daily Cleanup of Temporary Directories.
webserver # [ 7.123541] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer...
client # [ 7.254288] dhcpcd[647]: dev: loaded udev
client # sh: cannot set terminal process group (-1): Inappropriate ioctl for device
acme # [ 7.234375] systemd[1]: Found device Virtio network device.
dnsserver # [ 7.177385] systemd[1]: Found device Virtio network device.
webserver # [ 7.135874] systemd[1]: Starting Record System Boot/Shutdown in UTMP...
client # sh: no job control in this shell
webserver # [ 7.139440] systemd[1]: Finished Record System Boot/Shutdown in UTMP.
webserver # [ 7.146316] systemd[1]: Finished Rebuild Journal Catalog.
client # [ 7.272616] systemd[1]: Reached target Timer Units.
webserver # [ 7.150344] systemd[1]: Starting Update is Completed...
webserver # [ 7.156664] systemd[1]: Finished Update is Completed.
client # [ 7.291763] nscd[655]: 655 monitoring file `/etc/passwd` (1)
client # [ 7.317557] logrotate[643]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
acme # [ 7.325342] systemd-udevd[529]: event_source: Failed to get device name: No such file or directory
client # [ 7.354947] logrotate[643]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf
webserver # [ 7.257401] systemd-oomd[534]: Swap is currently not detected; memory pressure usage will be degraded
client # [ 7.384903] logrotate[643]: note: 'monthly' overrides previously specified 'weekly'
dnsserver # [ 7.311362] systemd-udevd[518]: event_source: Failed to get device name: No such file or directory
webserver # [ 7.268370] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer.
client # [ 7.402884] logrotate[643]: Reading state from file: /var/lib/logrotate.status
dnsserver # [ 7.469882] mousedev: PS/2 mouse device common for all mice
client # [ 7.426371] logrotate[643]: state file /var/lib/logrotate.status does not exist
acme # [ 7.552278] mousedev: PS/2 mouse device common for all mice
client # [ 7.440833] logrotate[643]: Allocating hash table for state file, size 64 entries
client # [ 7.452604] logrotate[643]: Handling 2 logs
client # [ 7.453248] logrotate[643]: rotating pattern: "/var/log/btmp" monthly (1 rotations)[ 7.551777] cryptd: max_cpu_qlen set to 1000
client #
client # [ 7.459787] logrotate[643]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
client # [ 7.465985] logrotate[643]: considering log /var/log/btmp
client # [ 7.470447] logrotate[643]: Creating new state
client # [ 7.471027] logrotate[643]: Now: 2023-01-21 19:51
client # [ 7.477565] logrotate[643]: Last rotated at 2023-01-21 19:00
client # [ 7.478238] logrotate[643]: log does not need rotating (log has already been rotated)
client # [ 7.486112] logrotate[643]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
webserver # [ 7.372072] systemd[1]: Found device /dev/hvc0.
client # [ 7.491597] logrotate[643]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
client # [ 7.508379] logrotate[643]: considering log /var/log/wtmp
client # [ 7.509033] logrotate[643]: Creating new state
client # [ 7.511603] logrotate[643]: Now: 2023-01-21 19:51
dnsserver # [ 7.554737] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3
webserver # [ 7.375541] systemd-udevd[515]: Network interface NamePolicy= disabled on kernel command line.
webserver # [ 7.381162] systemd[1]: Found device /dev/ttyS0.
dnsserver # [ 7.560086] ACPI: button: Power Button [PWRF]
client # [ 7.512175] logrotate[643]: Last rotated at 2023-01-21 19:00
client # [ 7.520968] logrotate[643]: log does not need rotating (log has already been rotated)
acme # [ 7.637835] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3
client # [ 7.530669] systemd[1]: Listening on D-Bus System Message Bus Socket.
client # [ 7.534599] nscd[655]: 655 monitoring directory `/etc` (2)
client # [ 7.544432] systemd[1]: Listening on Nix Daemon Socket.
acme # [ 7.667188] ACPI: button: Power Button [PWRF]
webserver # [ 7.421808] systemd-udevd[517]: Network interface NamePolicy= disabled on kernel command line.
client # [ 7.545160] nscd[655]: 655 monitoring file `/etc/group` (3)
client # [ 7.568228] systemd[1]: Reached target Socket Units.
client # [ 7.576685] nscd[655]: 655 monitoring directory `/etc` (2)
dnsserver # [ 7.490202] systemd[1]: Finished Firewall.
dnsserver # [ 7.630382] parport_pc 00:03: reported by Plug and Play ACPI
client # [ 7.586682] systemd[1]: Reached target Basic System.
client # [ 7.687864] cfg80211: Loading compiled-in X.509 certificates for regulatory database
dnsserver # [ 7.635330] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)]
dnsserver # [ 7.638703] Floppy drive(s): fd0 is 2.88M AMI BIOS
client # [ 7.595742] nscd[655]: 655 monitoring file `/etc/hosts` (4)[ 7.696931] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6
client # [ 7.698172] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5
client #
dnsserver # [ 7.650814] FDC 0 is a S82078B
dnsserver # [ 7.654095] Linux agpgart interface v0.103
client # [ 7.607925] dbus-daemon[667]: dbus[667]: Unknown username "systemd-timesync" in message bus configuration file
client # [ 7.620676] systemd[1]: Starting Kernel Auditing...
dnsserver # [ 7.683391] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4
client # [ 7.639043] nscd[655]: 655 monitoring directory `/etc` (2)
dnsserver # [ 7.687259] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
client # [ 7.645217] systemd[1]: Started backdoor.service.
client # [ 7.648749] nscd[655]: 655 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory
client # [ 7.663190] systemd[1]: Starting DHCP Client...
acme # [ 7.779219] parport_pc 00:03: reported by Plug and Play ACPI
client # [ 7.669074] nscd[655]: 655 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory[ 7.769295] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
acme # [ 7.787852] Floppy drive(s): fd0 is 2.88M AMI BIOS
client # [ 7.773280] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
client # [ 7.778349] 8021q: adding VLAN 0 to HW filter on device eth1
dnsserver # [ 7.728493] cryptd: max_cpu_qlen set to 1000
client # [ 7.781000] cfg80211: failed to load regulatory.db
acme # [ 7.801467] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)]
client #
acme # [ 7.665148] systemd[1]: Finished Firewall.
acme # [ 7.813443] FDC 0 is a S82078B
dnsserver # [ 7.748039] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6
dnsserver # [ 7.748991] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5
client # [ 7.700741] systemd[1]: Starting Logrotate configuration check...
client # [ 7.713019] nscd[655]: 655 monitoring file `/etc/services` (5)
dnsserver # [ 7.779927] AVX2 version of gcm_enc/dec engaged.
webserver # [ 7.602711] systemd[1]: Found device Virtio network device.
acme # [ 7.849221] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
client # [ 7.730968] network-addresses-eth1-start[707]: adding address 192.168.1.2/24... done
dnsserver # [ 7.789687] AES CTR mode by8 optimization enabled
acme # [ 7.861850] Linux agpgart interface v0.103
client # [ 7.747158] systemd[1]: Starting Name Service Cache Daemon...
client # [ 7.759478] nscd[655]: 655 monitoring directory `/etc` (2)
client # [ 7.771262] systemd[1]: Started Reset console on configuration changes.
acme # [ 7.897564] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4
client # [ 7.784824] nscd[655]: 655 monitoring file `/etc/netgroup` (6)
dnsserver # [ 7.837795] ppdev: user-space parallel port driver
client # [ 7.891973] 8021q: adding VLAN 0 to HW filter on device eth0
client # [ 7.799213] systemd[1]: Starting resolvconf update...[ 7.896790] AVX2 version of gcm_enc/dec engaged.
client #
client # [ 7.809307] nscd[655]: 655 monitoring directory `/etc` (2)
client # [ 7.821772] systemd[1]: Finished Kernel Auditing.
client # [ 7.832632] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7)
client # [ 7.841806] systemd[1]: Finished Logrotate configuration check.
acme # [ 7.960765] cryptd: max_cpu_qlen set to 1000
client # [ 7.945481] AES CTR mode by8 optimization enabled
client # [ 7.852290] nscd[655]: 655 monitoring directory `/etc` (2)
dnsserver # [ 7.768412] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[468]: Persistent Storage backend was not registered in time.
client # [ 7.857063] systemd[1]: Started Name Service Cache Daemon.
acme # [ 7.978981] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6
client # [ 7.867265] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 7.782889] systemd[1]: Finished mount-pstore.service.
acme # [ 7.840118] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[469]: Persistent Storage backend was not registered in time.[ 7.992297] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5
client # [ 7.871880] systemd[1]: Reached target Host and Network Name Lookups.
acme #
webserver # [ 7.751412] systemd-udevd[515]: event_source: Failed to get device name: No such file or directory
client # [ 7.884276] nscd[655]: 655 monitoring directory `/etc` (2)
client # [ 7.890822] systemd[1]: Reached target User and Group Name Lookups.
acme # [ 7.856886] systemd[1]: Finished mount-pstore.service.
dnsserver # [ 7.803533] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
dnsserver # connecting to host...
client # [ 7.902838] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 7.820384] systemd[1]: Reached target System Initialization.
client # [ 7.908495] systemd[1]: Starting D-Bus System Message Bus...
client # [ 7.916926] nscd[655]: 655 monitoring directory `/etc` (2)
webserver # [ 7.891715] mousedev: PS/2 mouse device common for all mice
client # [ 7.923996] systemd[1]: Starting User Login Management...
acme # [ 7.870051] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
acme # connecting to host...
client # [ 7.934419] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7)
client # [ 7.949889] systemd[1]: Started D-Bus System Message Bus.
dnsserver # [ 7.863546] dhcpcd[665]: dhcpcd-9.4.1 starting
dnsserver # [ 8.011188] 8021q: 802.1Q VLAN Support v1.8
client # [ 7.962018] nscd[655]: 655 monitoring directory `/etc` (2)
acme # [ 7.935696] systemd[1]: Reached target System Initialization.
acme # [ 7.943121] dhcpcd[646]: dhcpcd-9.4.1 starting
client # [ 7.971814] systemd[1]: Stopped target Host and Network Name Lookups.
acme # [ 7.956096] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[645]: No rules[ 8.102706] 8021q: 802.1Q VLAN Support v1.8
acme #
client # [ 7.990616] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7)
dnsserver: connected to guest root shell
acme # [ 7.967342] systemd[1]: Started logrotate.timer.
client # [ 8.008825] systemd[1]: Stopping Host and Network Name Lookups...
client # [ 8.016897] nscd[655]: 655 monitoring directory `/etc` (2)
client # [ 8.024924] systemd[1]: Stopped target User and Group Name Lookups.
client # [ 8.029727] nscd[710]: 710 monitoring file `/etc/passwd` (1)
client # [ 8.032253] systemd[1]: Stopping User and Group Name Lookups...
client # [ 8.041842] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.047448] systemd[1]: Stopping Name Service Cache Daemon...
client # [ 8.053114] nscd[710]: 710 monitoring file `/etc/group` (3)
client # [ 8.054885] systemd[1]: nscd.service: Deactivated successfully.
client # [ 8.057953] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.060949] systemd[1]: Stopped Name Service Cache Daemon.
client # [ 8.064196] nscd[710]: 710 monitoring file `/etc/hosts` (4)
client # [ 8.066243] systemd[1]: Starting Name Service Cache Daemon...
client # [ 8.070106] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.072557] systemd[1]: Finished resolvconf update.
client # [ 8.074839] nscd[710]: 710 monitoring file `/etc/resolv.conf` (5)
client # [ 8.080815] systemd[1]: Reached target Preparation for Network.
client # [ 8.082971] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.085238] systemd[1]: Reached target All Network Interfaces (deprecated).
client # [ 8.092663] nscd[710]: 710 monitoring file `/etc/services` (6)
client # [ 8.096491] systemd[1]: Starting Address configuration of eth1...
client # [ 8.099184] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.100038] systemd[1]: Started Name Service Cache Daemon.
client # [ 8.102472] nscd[710]: 710 monitoring file `/etc/netgroup` (7)
client # [ 8.103125] systemd[1]: Reached target Host and Network Name Lookups.
client # [ 8.106226] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.107754] systemd[1]: Reached target User and Group Name Lookups.
client # [ 8.108569] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8)
client # [ 8.110702] systemd-logind[670]: New seat seat0.
client # [ 8.113033] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.114064] systemd[1]: Started User Login Management.
client # [ 8.115550] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8)
client # [ 8.116280] systemd[1]: Finished Address configuration of eth1.
client # [ 8.120960] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.121622] systemd[1]: Starting Networking Setup...
client # [ 8.122267] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8)
client # [ 8.124571] systemd[1]: Stopped target Host and Network Name Lookups.
client # [ 8.126436] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.127149] systemd[1]: Stopping Host and Network Name Lookups...
client # [ 8.129804] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8)
client # [ 8.131533] systemd[1]: Stopped target User and Group Name Lookups.
client # [ 8.133523] nscd[710]: 710 monitoring directory `/etc` (2)
client # [ 8.134236] systemd[1]: Stopping User and Group Name Lookups...
client # [ 8.136590] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 7.875388] systemd[1]: Finished Firewall.
webserver # [ 7.983324] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3
webserver # [ 7.992673] ACPI: button: Power Button [PWRF]
webserver # [ 8.029077] parport_pc 00:03: reported by Plug and Play ACPI
webserver # [ 8.035713] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)]
webserver # [ 8.041832] Floppy drive(s): fd0 is 2.88M AMI BIOS
webserver # [ 8.054392] FDC 0 is a S82078B
webserver # [ 8.092322] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
webserver # [ 8.107308] Linux agpgart interface v0.103
acme # [ 7.988952] dhcpcd[654]: dev: loaded udev
acme # [ 8.015145] systemd[1]: Started Daily Cleanup of Temporary Directories.
acme # [ 8.078578] nscd[664]: 664 monitoring file `/etc/passwd` (1)
acme # [ 8.096180] systemd[1]: Reached target Timer Units.
dnsserver # [ 7.909130] systemd[1]: Started logrotate.timer.
dnsserver # [ 7.950891] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[666]: No rules
dnsserver # [ 8.012019] dhcpcd[672]: dev: loaded udev
dnsserver # [ 8.018961] systemd[1]: Started Daily Cleanup of Temporary Directories.[ 8.162066] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
dnsserver #
dnsserver # [ 8.037287] logrotate[667]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
dnsserver: (connecting took 8.48 seconds)
(finished: waiting for the VM to finish booting, in 8.62 seconds)
client # [ 8.138672] systemd[1]: Stopping Name Service Cache Daemon...
dnsserver # sh: cannot set terminal process group (-1): Inappropriate ioctl for device
client # [ 8.140600] nscd[710]: 710 monitoring directory `/etc` (2)
acme # [ 8.107363] logrotate[649]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
client # [ 8.142316] systemd[1]: nscd.service: Deactivated successfully.
dnsserver # sh: no job control in this shell
client # [ 8.144241] dhcpcd[647]: eth0: waiting for carrier
client # [ 8.146646] systemd[1]: Stopped Name Service Cache Daemon.
client # [ 8.149833] dhcpcd[647]: eth0: carrier acquired
acme # sh: cannot set terminal process group (-1): Inappropriate ioctl for device
client # [ 8.154957] systemd[1]: Starting Name Service Cache Daemon...
client # [ 8.160841] dhcpcd[647]: DUID 00:01:00:01:2b:5e:fe:de:52:54:00:12:34:56
dnsserver # [ 8.056122] logrotate[667]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf
client # [ 8.166829] systemd[1]: Finished Networking Setup.
client # [ 8.172775] dhcpcd[647]: eth0: IAID 00:12:34:56
acme # [ 8.121557] logrotate[649]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf
acme # sh: no job control in this shell
webserver # [ 8.149226] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4
client # [ 8.178661] systemd[1]: Starting Extra networking commands....
client # [ 8.186371] dhcpcd[647]: eth0: adding address fe80::5054:ff:fe12:3456
webserver # [ 8.171616] cryptd: max_cpu_qlen set to 1000
client # [ 8.198611] systemd[1]: Finished Extra networking commands..[ 8.298292] NET: Registered PF_PACKET protocol family
client #
acme # [ 8.154905] logrotate[649]: note: 'monthly' overrides previously specified 'weekly'
client # [ 8.208432] nscd[710]: 710 monitored file `/etc/resolv.conf` was written to
acme # [ 8.179652] logrotate[649]: Reading state from file: /var/lib/logrotate.status
acme # [ 8.187446] logrotate[649]: state file /var/lib/logrotate.status does not exist
dnsserver # [ 8.262623] Console: switching to colour dummy device 80x25
client # [ 8.217593] systemd[1]: Reached target Network.
acme # [ 8.191968] logrotate[649]: Allocating hash table for state file, size 64 entries
webserver # [ 8.201538] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6
client # [ 8.227995] nscd[800]: 800 monitoring file `/etc/passwd` (1)
webserver # [ 8.206019] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5
acme # [ 8.199710] logrotate[649]: Handling 2 logs
client # [ 8.236084] systemd[1]: Started Name Service Cache Daemon.
client # [ 8.338618] ppdev: user-space parallel port driver
client # [ 8.246253] nscd[800]: 800 monitoring directory `/etc` (2)
acme # [ 8.211758] logrotate[649]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
client # [ 8.251676] systemd[1]: Reached target Host and Network Name Lookups.
client # [ 8.262384] nscd[800]: 800 monitoring file `/etc/group` (3)
client # [ 8.271601] systemd[1]: Reached target User and Group Name Lookups.
webserver # [ 8.249214] AVX2 version of gcm_enc/dec engaged.
acme # [ 8.224841] logrotate[649]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
client # [ 8.280786] nscd[800]: 800 monitoring directory `/etc` (2)
client # [ 8.289517] systemd[1]: Starting Permit User Sessions...
webserver # [ 8.264963] AES CTR mode by8 optimization enabled
client # [ 8.296938] nscd[800]: 800 monitoring file `/etc/hosts` (4)
acme # [ 8.258388] logrotate[649]: considering log /var/log/btmp
dnsserver # [ 8.085610] logrotate[667]: note: 'monthly' overrides previously specified 'weekly'
client # [ 8.306866] systemd[1]: Finished Permit User Sessions.
acme # [ 8.276437] logrotate[649]: Creating new state
client # [ 8.318785] nscd[800]: 800 monitoring directory `/etc` (2)
dnsserver # [ 8.226785] logrotate[667]: Reading state from file: /var/lib/logrotate.status[ 8.369955] [drm] Found bochs VGA, ID 0xb0c5.
dnsserver # [ 8.372079] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000.
client # [ 8.327581] systemd[1]: Started Getty on tty1.
acme # [ 8.289019] logrotate[649]: Now: 2023-01-21 19:51
client # [ 8.334564] nscd[800]: 800 monitoring file `/etc/resolv.conf` (5)
webserver # [ 8.204401] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[469]: Persistent Storage backend was not registered in time.
client # [ 8.341602] systemd[1]: Reached target Login Prompts.
dnsserver #
acme # [ 8.306638] logrotate[649]: Last rotated at 2023-01-21 19:00
acme # [ 8.468773] AVX2 version of gcm_enc/dec engaged.
client # [ 8.351719] nscd[800]: 800 monitoring directory `/etc` (2)
webserver # [ 8.218124] systemd[1]: Finished mount-pstore.service.
dnsserver # [ 8.257979] logrotate[667]: state file /var/lib/logrotate.status does not exist
acme # [ 8.331346] logrotate[649]: log does not need rotating (log has already been rotated)
client # [ 8.358851] systemd-logind[670]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard)
acme # [ 8.336526] logrotate[649]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
client # [ 8.371629] nscd[800]: 800 monitoring file `/etc/services` (6)
acme # [ 8.343713] logrotate[649]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
acme # [ 8.352472] logrotate[649]: considering log /var/log/wtmp
client # [ 8.380140] systemd-logind[670]: Watching system buttons on /dev/input/event2 (Power Button)[ 8.483880] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
acme # [ 8.353092] logrotate[649]: Creating new state
client #
acme # [ 8.359526] logrotate[649]: Now: 2023-01-21 19:51
dnsserver # [ 8.280684] logrotate[667]: Allocating hash table for state file, size 64 entries
client # [ 8.392897] nscd[800]: 800 monitoring directory `/etc` (2)
webserver # [ 8.244151] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # connecting to host...
(finished: waiting for unit pebble-challtestsrv.service, in 8.89 seconds)
acme # [ 8.360143] logrotate[649]: Last rotated at 2023-01-21 19:00
client: waiting for unit default.target
client # [ 8.399738] systemd-logind[670]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard)
client # [ 8.410261] nscd[800]: 800 monitoring file `/etc/netgroup` (7)
client: waiting for the VM to finish booting
acme # [ 8.373058] logrotate[649]: log does not need rotating (log has already been rotated)
acme # [ 8.378988] nscd[664]: 664 monitoring directory `/etc` (2)
client: connected to guest root shell
dnsserver # [ 8.309573] logrotate[667]: Handling 2 logs
client: (connecting took 0.00 seconds)
(finished: waiting for the VM to finish booting, in 0.00 seconds)
dnsserver # [ 8.320849] logrotate[667]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
acme # [ 8.383132] systemd[1]: Listening on D-Bus System Message Bus Socket.
acme # [ 8.393734] nscd[664]: 664 monitoring file `/etc/group` (3)
acme # [ 8.407460] systemd[1]: Listening on Nix Daemon Socket.
client # [ 8.420118] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
dnsserver # [ 8.327286] logrotate[667]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 8.297138] systemd[1]: Reached target System Initialization.
acme # [ 8.408597] pebble[661]: Pebble 2023/01/21 19:51:59 Starting Pebble ACME server
dnsserver # [ 8.353666] logrotate[667]: considering log /var/log/btmp
client # [ 8.443588] nscd[800]: 800 monitoring directory `/etc` (2)
acme # [ 8.418909] pebble[661]: Pebble 2023/01/21 19:51:59 Setting OCSP responder URL for issued certificates to "http://acme.test:4002"[ 8.568006] AES CTR mode by8 optimization enabled
dnsserver # [ 8.498337] [drm] Found EDID data blob.
webserver # [ 8.320167] dhcpcd[655]: dhcpcd-9.4.1 starting[ 8.426746] 8021q: 802.1Q VLAN Support v1.8
acme #
dnsserver # [ 8.367660] logrotate[667]: Creating new state
acme # [ 8.574515] cfg80211: Loading compiled-in X.509 certificates for regulatory database
webserver #
client # [ 8.455069] systemd[1]: Stopped target Host and Network Name Lookups.
dnsserver # [ 8.371405] logrotate[667]: Now: 2023-01-21 19:51
acme # [ 8.433193] nscd[664]: 664 monitoring directory `/etc` (2)
acme # [ 8.448748] systemd[1]: Reached target Socket Units.
dnsserver # [ 8.393241] logrotate[667]: Last rotated at 2023-01-21 19:00
dnsserver # [ 8.544941] cfg80211: Loading compiled-in X.509 certificates for regulatory database
webserver # [ 8.359102] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[653]: No rules
client # [ 8.604042] Console: switching to colour dummy device 80x25
acme # [ 8.468092] nscd[664]: 664 monitoring file `/etc/hosts` (4)
dnsserver # [ 8.416743] logrotate[667]: log does not need rotating (log has already been rotated)
webserver # [ 8.385132] systemd[1]: Started logrotate.timer.
dnsserver # [ 8.434739] logrotate[667]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
client # [ 8.471612] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 8.489026] systemd[1]: Reached target Basic System.
dnsserver # [ 8.579344] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0
client # [ 8.542862] systemd[1]: Stopping Host and Network Name Lookups...[ 8.640785] [drm] Found bochs VGA, ID 0xb0c5.
client # [ 8.642592] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000.
client #
client # [ 8.551397] nscd[800]: 800 monitoring directory `/etc` (2)
webserver # [ 8.418517] dhcpcd[669]: dev: loaded udev
client # [ 8.555638] systemd[1]: Stopped target User and Group Name Lookups.
acme # [ 8.525331] nscd[664]: 664 monitoring directory `/etc` (2)
client # [ 8.562104] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 8.679427] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
acme # [ 8.681703] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
webserver # [ 8.421341] systemd[1]: Started Daily Cleanup of Temporary Directories.
acme # [ 8.683649] cfg80211: failed to load regulatory.db
client # [ 8.569881] systemd[1]: Stopping User and Group Name Lookups...
dnsserver # [ 8.461322] logrotate[667]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
client # [ 8.576598] nscd[800]: 800 monitoring directory `/etc` (2)
webserver # [ 8.445268] nscd[680]: 680 monitoring file `/etc/passwd` (1)
acme # [ 8.555734] systemd[1]: Starting Kernel Auditing...
webserver # sh: cannot set terminal process group (-1): Inappropriate ioctl for device
client # [ 8.582741] systemd[1]: Stopping Name Service Cache Daemon...
webserver # sh: no job control in this shell
acme # [ 8.710918] 8021q: adding VLAN 0 to HW filter on device eth1
dnsserver # [ 8.496951] logrotate[667]: considering log /var/log/wtmp
acme # [ 8.568467] dbus-daemon[682]: dbus[682]: Unknown username "systemd-timesync" in message bus configuration file
client # [ 8.597920] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 8.582550] nscd[664]: 664 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory
acme # [ 8.588926] systemd[1]: Started backdoor.service.
dnsserver # [ 8.519941] logrotate[667]: Creating new state
client # [ 8.614521] systemd[1]: nscd.service: Deactivated successfully.[ 8.722572] [drm] Found EDID data blob.
client #
webserver # [ 8.461453] logrotate[660]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
client # [ 8.631229] nscd[800]: 800 monitoring directory `/etc` (2)
dnsserver # [ 8.537426] logrotate[667]: Now: 2023-01-21 19:51[ 8.677552] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
acme # [ 8.596656] nscd[664]: 664 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory
dnsserver # [ 8.682366] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
webserver # [ 8.502812] logrotate[660]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf
dnsserver #
acme # [ 8.612436] systemd[1]: Starting DHCP Client...
dnsserver # [ 8.690032] cfg80211: failed to load regulatory.db
client # [ 8.635513] dhcpcd[637]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found.
webserver # [ 8.511856] logrotate[660]: note: 'monthly' overrides previously specified 'weekly'
webserver # [ 8.519101] logrotate[660]: Reading state from file: /var/lib/logrotate.status
client # [ 8.652909] dhcpcd[637]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found.[ 8.752084] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0
dnsserver # [ 8.560470] logrotate[667]: Last rotated at 2023-01-21 19:00
webserver # [ 8.525231] logrotate[660]: state file /var/lib/logrotate.status does not exist
client #
acme # [ 8.621879] nscd[664]: 664 monitoring file `/etc/services` (5)
webserver # [ 8.531965] logrotate[660]: Allocating hash table for state file, size 64 entries
dnsserver # [ 8.571451] logrotate[667]: log does not need rotating (log has already been rotated)
webserver # [ 8.538151] logrotate[660]: Handling 2 logs
dnsserver # [ 8.718335] 8021q: adding VLAN 0 to HW filter on device eth1
client # [ 8.662760] dhcpcd[637]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found.
acme # [ 8.634091] systemd[1]: Starting Logrotate configuration check...
webserver # [ 8.545147] logrotate[660]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
client # [ 8.678987] systemd[1]: Stopped Name Service Cache Daemon.
acme # [ 8.802548] 8021q: adding VLAN 0 to HW filter on device eth0
dnsserver # [ 8.595749] nscd[684]: 684 monitoring file `/etc/passwd` (1)
webserver # [ 8.555042] logrotate[660]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 8.563025] logrotate[660]: considering log /var/log/btmp
webserver # [ 8.563750] logrotate[660]: Creating new state
dnsserver # [ 8.608798] systemd[1]: Reached target Timer Units.
acme # [ 8.662808] network-addresses-eth1-start[727]: adding address 192.168.1.1/24... done
webserver # [ 8.571813] logrotate[660]: Now: 2023-01-21 19:51
webserver # [ 8.577770] logrotate[660]: Last rotated at 2023-01-21 19:00
webserver # [ 8.584574] logrotate[660]: log does not need rotating (log has already been rotated)
acme # [ 8.680656] nscd[664]: 664 monitoring directory `/etc` (2)
webserver # [ 8.590213] logrotate[660]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)[ 8.696823] ppdev: user-space parallel port driver
dnsserver # [ 8.630022] nscd[684]: 684 monitoring directory `/etc` (2)
webserver #
acme # [ 8.693386] systemd[1]: Starting Name Service Cache Daemon...
dnsserver # [ 8.638991] systemd[1]: Listening on D-Bus System Message Bus Socket.
webserver # [ 8.596993] logrotate[660]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 8.612157] logrotate[660]: considering log /var/log/wtmp
acme # [ 8.707345] nscd[664]: 664 monitoring file `/etc/netgroup` (6)
webserver # [ 8.612785] logrotate[660]: Creating new state
webserver # [ 8.617302] logrotate[660]: Now: 2023-01-21 19:51
acme # [ 8.717769] systemd[1]: Started Pebble ACME server.
webserver # [ 8.623133] logrotate[660]: Last rotated at 2023-01-21 19:00
dnsserver # [ 8.806889] 8021q: adding VLAN 0 to HW filter on device eth0
acme # [ 8.728262] nscd[664]: 664 monitoring directory `/etc` (2)
webserver # [ 8.627598] logrotate[660]: log does not need rotating (log has already been rotated)
acme # [ 8.735717] systemd[1]: Started Reset console on configuration changes.
dnsserver # [ 8.676970] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating HTTP-01 challenge server on :5002
acme # [ 8.746928] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7)
webserver # [ 8.646334] systemd[1]: Reached target Timer Units.
acme # [ 8.757750] systemd[1]: Starting resolvconf update...
dnsserver # [ 8.695745] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating HTTPS HTTP-01 challenge server on :5003
acme # [ 8.765854] nscd[664]: 664 monitoring directory `/etc` (2)
acme # [ 8.780466] systemd[1]: Finished Kernel Auditing.
webserver # [ 8.659566] nscd[680]: 680 monitoring directory `/etc` (2)
acme # [ 8.786709] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7)
acme # [ 8.794739] systemd[1]: Finished Logrotate configuration check.
acme # [ 8.798451] nscd[664]: 664 monitoring directory `/etc` (2)
acme # [ 8.800769] systemd[1]: Started Name Service Cache Daemon.
acme # [ 8.806664] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7)
webserver # [ 8.692442] systemd[1]: Listening on D-Bus System Message Bus Socket.
acme # [ 8.809523] systemd[1]: Reached target Host and Network Name Lookups.
acme # [ 8.812010] nscd[664]: 664 monitoring directory `/etc` (2)
acme # [ 8.816103] systemd[1]: Reached target User and Group Name Lookups.
acme # [ 8.819635] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7)
webserver # [ 8.711165] nscd[680]: 680 monitoring file `/etc/group` (3)
acme # [ 8.823602] systemd[1]: Starting D-Bus System Message Bus...
acme # [ 8.827505] nscd[664]: 664 monitoring directory `/etc` (2)
acme # [ 8.828563] systemd[1]: Starting User Login Management...
acme # [ 8.833433] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7)
acme # [ 8.834070] systemd[1]: Started D-Bus System Message Bus.
webserver # [ 8.728548] systemd[1]: Listening on Nix Daemon Socket.
acme # [ 8.841831] nscd[664]: 664 monitoring directory `/etc` (2)
acme # [ 8.845781] systemd[1]: Stopped target Host and Network Name Lookups.
acme # [ 8.857847] nscd[725]: 725 monitoring file `/etc/passwd` (1)
webserver # [ 8.746372] nscd[680]: 680 monitoring directory `/etc` (2)
acme # [ 8.861984] systemd[1]: Stopping Host and Network Name Lookups...
acme # [ 8.869009] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 8.872963] systemd[1]: Stopped target User and Group Name Lookups.
client # [ 8.779579] fbcon: bochs-drmdrmfb (fb0) is primary device
acme # [ 8.878517] nscd[725]: 725 monitoring file `/etc/group` (3)
acme # [ 8.879068] systemd[1]: Stopping User and Group Name Lookups...
acme # [ 8.884632] nscd[725]: 725 monitoring directory `/etc` (2)
webserver # [ 8.776800] systemd[1]: Reached target Socket Units.[ 8.886262] cfg80211: Loading compiled-in X.509 certificates for regulatory database
webserver #
acme # [ 8.885128] systemd[1]: Stopping Name Service Cache Daemon...[ 9.036591] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
acme #
acme # [ 8.894184] nscd[725]: 725 monitoring file `/etc/hosts` (4)
webserver # [ 8.793651] nscd[680]: 680 monitoring file `/etc/hosts` (4)
acme # [ 8.900008] systemd[1]: nscd.service: Deactivated successfully.
acme # [ 8.906335] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 8.914062] systemd[1]: Stopped Name Service Cache Daemon.
webserver # [ 8.808338] dbus-daemon[698]: dbus[698]: Unknown username "systemd-timesync" in message bus configuration file[ 8.924323] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
webserver #
acme # [ 8.919902] nscd[725]: 725 monitoring file `/etc/resolv.conf` (5)
webserver # [ 8.835250] systemd[1]: Reached target Basic System.[ 8.942700] 8021q: adding VLAN 0 to HW filter on device eth1
webserver #
webserver # [ 8.850443] nscd[680]: 680 monitoring directory `/etc` (2)
webserver # [ 8.865315] systemd[1]: Starting Kernel Auditing...
dnsserver # [ 8.841639] fbcon: bochs-drmdrmfb (fb0) is primary device
webserver # [ 8.871860] nscd[680]: 680 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory[ 8.980005] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
webserver # [ 8.986154] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
acme # [ 9.089682] NET: Registered PF_PACKET protocol family
webserver #
client # [ 8.999114] Console: switching to colour frame buffer device 160x50
client # [ 9.135696] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device
acme # [ 9.134883] Console: switching to colour dummy device 80x25
client # [ 8.749952] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.050229] systemd[1]: Starting Name Service Cache Daemon...
webserver # [ 8.996028] cfg80211: failed to load regulatory.db
client # [ 9.056998] nscd[800]: 800 monitoring directory `/etc` (2)
acme # [ 8.928591] systemd[1]: Starting Name Service Cache Daemon...
acme # [ 9.031082] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 9.034058] systemd[1]: Finished resolvconf update.
client # [ 9.062805] systemd[1]: Started Name Service Cache Daemon.
acme # [ 9.034860] nscd[725]: 725 monitoring file `/etc/services` (6)
acme # [ 9.037508] systemd[1]: Reached target Preparation for Network.
client # [ 9.067810] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 9.041303] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 9.042040] systemd[1]: Reached target All Network Interfaces (deprecated).[ 9.188178] [drm] Found bochs VGA, ID 0xb0c5.
acme # [ 9.188738] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000.
client # [ 9.073860] systemd[1]: Started DHCP Client.
acme #
acme # [ 9.049334] nscd[725]: 725 monitoring file `/etc/netgroup` (7)
client # [ 9.078809] nscd[800]: 800 monitoring directory `/etc` (2)
acme # [ 9.050091] systemd[1]: Starting Address configuration of eth1...
acme # [ 9.054494] nscd[725]: 725 monitoring directory `/etc` (2)
client # [ 9.084910] systemd[1]: Reached target Network is Online.
acme # [ 9.055175] systemd[1]: Started Name Service Cache Daemon.
client # [ 9.090025] dhcpcd[647]: eth0: soliciting a DHCP lease
acme # [ 9.060779] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.095881] systemd[1]: Reached target Multi-User System.
acme # [ 9.064891] systemd[1]: Reached target Host and Network Name Lookups.
webserver # [ 9.030124] Console: switching to colour dummy device 80x25
client # [ 9.100981] dhcpcd[647]: eth0: offered 10.0.2.15 from 10.0.2.2
acme # [ 9.068962] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 9.071448] systemd[1]: Reached target User and Group Name Lookups.
acme # [ 9.074349] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.106254] systemd[1]: Reached target Host and Network Name Lookups.
acme # [ 9.080466] systemd-logind[685]: New seat seat0.
acme # [ 9.082799] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 9.085544] systemd[1]: Started User Login Management.
client # [ 9.113695] dhcpcd[647]: eth0: leased 10.0.2.15 for 86400 seconds
acme # [ 9.232441] [drm] Found EDID data blob.
acme # [ 9.089888] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.119701] systemd[1]: Reached target User and Group Name Lookups.
acme # [ 9.239112] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0
dnsserver # [ 9.041975] Console: switching to colour frame buffer device 160x50
acme # [ 9.095501] systemd[1]: Finished Address configuration of eth1.
client # [ 9.125695] dhcpcd[647]: eth0: adding route to 10.0.2.0/24
dnsserver # [ 9.170448] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device
acme # [ 9.099327] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 9.100057] systemd[1]: Starting Networking Setup...
acme # [ 9.104495] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.130810] systemd[1]: Startup finished in 3.794s (kernel) + 4.844s (userspace) = 8.639s.
dnsserver # [ 8.781250] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating TCP and UDP DNS-01 challenge server on :53
client # [ 9.138522] dhcpcd[647]: eth0: adding default route via 10.0.2.2
acme # [ 9.108353] systemd-logind[685]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard)
acme # [ 9.113157] nscd[725]: 725 monitoring directory `/etc` (2)
acme # [ 9.116487] systemd[1]: Stopped target Host and Network Name Lookups.
webserver # [ 8.913633] systemd[1]: Started backdoor.service.
client # [ 9.144699] nscd[800]: 800 monitored file `/etc/resolv.conf` was written to
acme # [ 9.119383] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.150894] nscd[875]: 875 monitoring file `/etc/passwd` (1)[ 9.248837] kvm: Nested Virtualization enabled
acme # [ 9.120136] systemd[1]: Stopping Host and Network Name Lookups...
webserver # [ 9.016316] nscd[680]: 680 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory[ 9.124750] [drm] Found bochs VGA, ID 0xb0c5.
client # [ 9.250804] SVM: kvm: Nested Paging enabled
client #
acme # [ 9.125523] nscd[725]: 725 monitoring directory `/etc` (2)
webserver # [ 9.126394] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000.
client # [ 9.157652] nscd[875]: 875 monitoring directory `/etc` (2)
webserver #
client # [ 9.160793] nscd[875]: 875 monitoring file `/etc/group` (3)
acme # [ 9.130127] systemd[1]: Stopped target User and Group Name Lookups.
acme # [ 9.133654] dhcpcd[654]: eth0: waiting for carrier
webserver # [ 9.027680] network-addresses-eth1-start[732]: adding address 192.168.1.4/24... done
client # [ 9.165434] nscd[875]: 875 monitoring directory `/etc` (2)
client # [ 9.171087] nscd[875]: 875 monitoring file `/etc/hosts` (4)
webserver # [ 9.037022] systemd[1]: Starting DHCP Client...
client # [ 9.175853] nscd[875]: 875 monitoring directory `/etc` (2)
webserver # [ 9.045505] nscd[680]: 680 monitoring file `/etc/services` (5)
client # [ 9.183463] nscd[875]: 875 monitoring file `/etc/resolv.conf` (5)
client # [ 9.188756] nscd[875]: 875 monitoring directory `/etc` (2)
client # [ 9.192954] nscd[875]: 875 monitoring file `/etc/services` (6)
webserver # [ 9.056458] systemd[1]: Starting Logrotate configuration check...
client # [ 9.199520] nscd[875]: 875 monitoring directory `/etc` (2)
client # [ 9.204131] nscd[875]: 875 monitoring file `/etc/netgroup` (7)
webserver # [ 9.064315] nscd[680]: 680 monitoring directory `/etc` (2)
client # [ 9.208490] nscd[875]: 875 monitoring directory `/etc` (2)
client # [ 9.216286] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.076516] systemd[1]: Starting Name Service Cache Daemon...
client # [ 9.222007] nscd[875]: 875 monitoring directory `/etc` (2)
client # [ 9.225817] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.091411] nscd[680]: 680 monitoring file `/etc/netgroup` (6)
client # [ 9.232984] nscd[875]: 875 monitoring directory `/etc` (2)[ 9.331141] EDAC MC: Ver: 3.0.0
client #
client # [ 9.237683] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.243133] nscd[875]: 875 monitoring directory `/etc` (2)
webserver # [ 9.104259] systemd[1]: Started Reset console on configuration changes.
client # [ 9.248094] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8)
client # [ 9.255515] nscd[875]: 875 monitoring directory `/etc` (2)
webserver # [ 9.123824] nscd[680]: 680 monitoring directory `/etc` (2)[ 9.231261] [drm] Found EDID data blob.
webserver #
webserver # [ 9.139089] systemd[1]: Starting resolvconf update...
dnsserver # [ 9.053282] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating TLS-ALPN-01 challenge server on :5001
dnsserver # [ 9.202224] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Answering A queries with 192.168.1.4 by default
webserver # [ 9.155137] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.212553] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Starting challenge servers
dnsserver # [ 9.215038] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Starting management server on :8055
dnsserver # [ 9.218750] nscd[684]: 684 monitoring file `/etc/group` (3)
dnsserver # [ 9.223414] systemd[1]: Listening on Nix Daemon Socket.
webserver # [ 9.176113] systemd[1]: Finished Kernel Auditing.
dnsserver # [ 9.228687] nscd[684]: 684 monitoring directory `/etc` (2)
webserver # [ 9.192090] nscd[680]: 680 monitoring directory `/etc` (2)
dnsserver # [ 9.234217] systemd[1]: Reached target Socket Units.
dnsserver # [ 9.372266] kvm: Nested Virtualization enabled
dnsserver # [ 9.374123] SVM: kvm: Nested Paging enabled
dnsserver # [ 9.243127] nscd[684]: 684 monitoring file `/etc/hosts` (4)
dnsserver # [ 9.248027] systemd[1]: Reached target Basic System.
webserver # [ 9.203658] systemd[1]: Finished Logrotate configuration check.
webserver # [ 9.315278] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0
dnsserver # [ 9.252238] dbus-daemon[703]: dbus[703]: Unknown username "systemd-timesync" in message bus configuration file
webserver # [ 9.216860] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.263418] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.267953] systemd[1]: Starting Kernel Auditing...
webserver # [ 9.226975] systemd[1]: Started Name Service Cache Daemon.
dnsserver # [ 9.272459] nscd[684]: 684 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory
dnsserver # [ 9.281595] systemd[1]: Started backdoor.service.
dnsserver # [ 9.286663] nscd[684]: 684 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory
webserver # [ 9.239562] nscd[680]: 680 monitoring directory `/etc` (2)
client # [ 9.261271] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 9.292776] systemd[1]: Starting DHCP Client...
webserver # [ 9.248514] systemd[1]: Reached target Host and Network Name Lookups.
client # [ 9.388518] nscd[875]: 875 monitoring directory `/etc` (2)
client # [ 9.392833] dhcpcd[647]: eth0: soliciting an IPv6 router
webserver # [ 9.255073] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.301951] network-addresses-eth1-start[745]: adding address 192.168.1.3/24... done
client # [ 9.396969] dhcpcd[647]: eth0: Router Advertisement from fe80::2
webserver # [ 9.262595] systemd[1]: Reached target User and Group Name Lookups.
client # [ 9.400421] dhcpcd[647]: eth0: adding address fec0::5054:ff:fe12:3456/64
dnsserver # [ 9.309162] nscd[684]: 684 monitoring file `/etc/services` (5)[ 9.446736] EDAC MC: Ver: 3.0.0
dnsserver #
client # [ 9.404006] dhcpcd[647]: eth0: adding route to fec0::/64
client # [ 9.406855] dhcpcd[647]: eth0: adding default route via fe80::2
webserver # [ 9.269538] nscd[680]: 680 monitoring directory `/etc` (2)
dnsserver # [ 9.315922] systemd[1]: Starting Logrotate configuration check...
webserver # [ 9.276415] systemd[1]: Starting D-Bus System Message Bus...
dnsserver # [ 9.321442] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.325836] systemd[1]: Starting Name Service Cache Daemon...
webserver # [ 9.281501] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.334007] nscd[684]: 684 monitoring file `/etc/netgroup` (6)
dnsserver # [ 9.338253] systemd[1]: Started Pebble ACME challenge test server.
dnsserver # [ 9.344245] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.347749] systemd[1]: Started Reset console on configuration changes.
dnsserver # [ 9.351759] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.355137] systemd[1]: Starting resolvconf update...
dnsserver # [ 9.358640] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.362764] systemd[1]: Finished Kernel Auditing.
dnsserver # [ 9.365535] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.369282] systemd[1]: Finished Logrotate configuration check.
dnsserver # [ 9.374905] nscd[684]: 684 monitoring directory `/etc` (2)
webserver # [ 9.390852] fbcon: bochs-drmdrmfb (fb0) is primary device
dnsserver # [ 9.508436] systemd[1]: Started Name Service Cache Daemon.
dnsserver # [ 9.513093] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.517289] systemd[1]: Reached target Host and Network Name Lookups.
dnsserver # [ 9.521282] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.528291] systemd[1]: Reached target User and Group Name Lookups.
dnsserver # [ 9.535601] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.539614] systemd[1]: Starting D-Bus System Message Bus...
dnsserver # [ 9.543695] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.546888] systemd[1]: Starting User Login Management...
dnsserver # [ 9.549833] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.553044] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
dnsserver # [ 9.557523] nscd[684]: 684 monitoring directory `/etc` (2)
dnsserver # [ 9.560538] systemd[1]: Started D-Bus System Message Bus.
dnsserver # [ 9.564725] nscd[748]: 748 monitoring file `/etc/passwd` (1)
dnsserver # [ 9.568601] systemd[1]: Stopped target Host and Network Name Lookups.
dnsserver # [ 9.572634] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.576618] systemd[1]: Stopping Host and Network Name Lookups...
dnsserver # [ 9.580305] nscd[748]: 748 monitoring file `/etc/group` (3)
dnsserver # [ 9.583771] systemd[1]: Stopped target User and Group Name Lookups.
dnsserver # [ 9.587877] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.593898] systemd[1]: Stopping User and Group Name Lookups...
dnsserver # [ 9.600152] nscd[748]: 748 monitoring file `/etc/hosts` (4)
dnsserver # [ 9.603452] systemd[1]: Stopping Name Service Cache Daemon...
dnsserver # [ 9.607178] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.611613] systemd[1]: nscd.service: Deactivated successfully.
dnsserver # [ 9.615188] nscd[748]: 748 monitoring file `/etc/resolv.conf` (5)
dnsserver # [ 9.618927] systemd[1]: Stopped Name Service Cache Daemon.
dnsserver # [ 9.622417] nscd[748]: 748 monitoring directory `/etc` (2)
webserver # [ 9.552131] Console: switching to colour frame buffer device 160x50
webserver # [ 9.685648] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device
dnsserver # [ 9.626116] systemd[1]: Starting Name Service Cache Daemon...
dnsserver # [ 9.629427] nscd[748]: 748 monitoring file `/etc/services` (6)
webserver # [ 9.359026] systemd[1]: Starting User Login Management...
dnsserver # [ 9.633565] systemd[1]: Finished resolvconf update.
dnsserver # [ 9.636760] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.640789] systemd[1]: Reached target Preparation for Network.
dnsserver # [ 9.645310] nscd[748]: 748 monitoring file `/etc/netgroup` (7)
webserver # [ 9.589670] nscd[680]: 680 monitoring directory `/etc` (2)
dnsserver # [ 9.649652] systemd[1]: Reached target All Network Interfaces (deprecated).
dnsserver # [ 9.653741] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.657344] systemd[1]: Starting Address configuration of eth1...
dnsserver # [ 9.661056] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 9.665639] systemd-logind[706]: Watching system buttons on /dev/input/event2 (Power Button)
dnsserver # [ 9.676605] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.681643] systemd-logind[706]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard)
acme # [ 9.280642] fbcon: bochs-drmdrmfb (fb0) is primary device
dnsserver # [ 9.687312] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 9.691217] systemd-logind[706]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard)
dnsserver # [ 9.696355] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.703094] systemd-logind[706]: New seat seat0.
dnsserver # [ 9.706299] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 9.710106] systemd[1]: Started User Login Management.
dnsserver # [ 9.713529] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.716905] systemd[1]: Started Name Service Cache Daemon.
dnsserver # [ 9.720402] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 9.723607] systemd[1]: Reached target Host and Network Name Lookups.
dnsserver # [ 9.727281] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.730778] systemd[1]: Reached target User and Group Name Lookups.
dnsserver # [ 9.734613] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 9.738164] systemd[1]: Finished Address configuration of eth1.
dnsserver # [ 9.741415] nscd[748]: 748 monitoring directory `/etc` (2)
dnsserver # [ 9.744785] systemd[1]: Starting Networking Setup...
dnsserver # [ 9.748252] dhcpcd[672]: eth0: waiting for carrier
dnsserver # [ 9.751147] systemd[1]: Finished Networking Setup.
dnsserver # [ 9.756322] dhcpcd[672]: eth0: carrier acquired
dnsserver # [ 9.764069] systemd[1]: Starting Extra networking commands....
dnsserver # [ 9.768162] dhcpcd[672]: DUID 00:01:00:01:2b:5e:fe:e0:52:54:00:12:34:56
webserver # [ 9.607126] systemd[1]: Started D-Bus System Message Bus.
dnsserver # [ 9.771403] systemd[1]: Finished Extra networking commands..
dnsserver # [ 9.774440] dhcpcd[672]: eth0: IAID 00:12:34:56
dnsserver # [ 9.777207] systemd[1]: Reached target Network.
webserver # [ 9.732660] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7)
dnsserver # [ 9.780093] dhcpcd[672]: eth0: adding address fe80::5054:ff:fe12:3456
dnsserver # [ 9.787901] systemd[1]: Starting Permit User Sessions...
dnsserver # [ 9.791125] dhcpcd[672]: eth0: soliciting an IPv6 router
dnsserver # [ 9.794161] systemd[1]: Finished Permit User Sessions.
webserver # [ 9.749030] systemd[1]: Stopped target Host and Network Name Lookups.
dnsserver # [ 9.797300] systemd[1]: Started Getty on tty1.
dnsserver # [ 9.799318] systemd[1]: Reached target Login Prompts.
webserver # [ 9.754538] nscd[680]: 680 monitoring directory `/etc` (2)
webserver # [ 9.759838] systemd[1]: Stopping Host and Network Name Lookups...
acme # [ 9.514089] ppdev: user-space parallel port driver
webserver # [ 9.765177] nscd[734]: 734 monitoring file `/etc/passwd` (1)
acme # [ 9.885647] Console: switching to colour frame buffer device 160x50
webserver # [ 9.770241] systemd[1]: Stopped target User and Group Name Lookups.
webserver # [ 9.775708] nscd[734]: 734 monitoring directory `/etc` (2)[ 9.882149] kvm: Nested Virtualization enabled
acme # [ 10.025086] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device
webserver # [ 9.884202] SVM: kvm: Nested Paging enabled
webserver #
webserver # [ 9.782760] systemd[1]: Stopping User and Group Name Lookups...
webserver # [ 9.785368] nscd[734]: 734 monitoring file `/etc/group` (3)
acme # [ 9.138886] systemd[1]: Stopping User and Group Name Lookups...
webserver # [ 9.790122] systemd[1]: Stopping Name Service Cache Daemon...
webserver # [ 9.794643] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.803008] systemd[1]: nscd.service: Deactivated successfully.
webserver # [ 9.807673] nscd[734]: 734 monitoring file `/etc/hosts` (4)
webserver # [ 9.817151] systemd[1]: Stopped Name Service Cache Daemon.
webserver # [ 9.821739] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.826954] systemd[1]: Starting Name Service Cache Daemon...
webserver # [ 9.829796] nscd[734]: 734 monitoring file `/etc/resolv.conf` (5)
webserver # [ 9.836815] systemd[1]: Finished resolvconf update.
webserver # [ 9.843317] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.845140] systemd[1]: Reached target Preparation for Network.
webserver # [ 9.847202] nscd[734]: 734 monitoring file `/etc/services` (6)
webserver # [ 9.847952] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 9.848809] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.851765] systemd[1]: Starting Address configuration of eth1...
webserver # [ 9.852565] nscd[734]: 734 monitoring file `/etc/netgroup` (7)
webserver # [ 9.854173] systemd[1]: Started Name Service Cache Daemon.
webserver # [ 9.854837] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.858442] systemd[1]: Reached target Host and Network Name Lookups.
webserver # [ 9.859308] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.964434] EDAC MC: Ver: 3.0.0
webserver # [ 9.861875] systemd[1]: Reached target User and Group Name Lookups.
webserver # [ 9.862749] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.864205] systemd-logind[704]: Watching system buttons on /dev/input/event2 (Power Button)
webserver # [ 9.866701] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.875017] systemd-logind[704]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard)
webserver # [ 9.877360] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.879081] systemd-logind[704]: New seat seat0.
webserver # [ 9.881761] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.882672] systemd[1]: Started User Login Management.
webserver # [ 9.885250] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.887243] systemd[1]: Finished Address configuration of eth1.
(finished: waiting for unit default.target, in 1.61 seconds)
dnsserver # [ 9.930779] dhcpcd[672]: eth0: Router Advertisement from fe80::2
dnsserver # [ 9.931519] dhcpcd[672]: eth0: adding address fec0::5054:ff:fe12:3456/64
dnsserver # [ 9.932886] dhcpcd[672]: eth0: adding route to fec0::/64
dnsserver # [ 9.933472] dhcpcd[672]: eth0: adding default route via fe80::2
webserver # [ 9.889464] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.890374] systemd[1]: Starting Networking Setup...
client: must succeed: curl --data '{"host": "acme.test", "addresses": ["192.168.1.1"]}' http://192.168.1.3:8055/add-a
webserver # [ 9.890818] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.893242] systemd[1]: Stopped target Host and Network Name Lookups.
webserver # [ 9.901288] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 9.904830] systemd[1]: Stopping Host and Network Name Lookups...
webserver # [ 9.910378] nscd[734]: 734 monitoring directory `/etc` (2)
webserver # [ 9.913381] systemd[1]: Stopped target User and Group Name Lookups.
webserver # [ 9.919981] nscd[734]: 734 monitored file `/etc/resolv.conf` was written to
webserver # [ 9.922057] systemd[1]: Stopping User and Group Name Lookups...
webserver # [ 9.925046] nscd[809]: 809 monitoring file `/etc/passwd` (1)
webserver # [ 9.925775] systemd[1]: Stopping Name Service Cache Daemon...
webserver # [ 9.928190] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 9.928917] systemd[1]: nscd.service: Deactivated successfully.
webserver # [ 9.931443] nscd[809]: 809 monitoring file `/etc/group` (3)
webserver # [ 9.932449] systemd[1]: Stopped Name Service Cache Daemon.
webserver # [ 9.934685] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 9.936208] systemd[1]: Starting Name Service Cache Daemon...
webserver # [ 9.936978] nscd[809]: 809 monitoring file `/etc/hosts` (4)
webserver # [ 9.937693] systemd[1]: Finished Networking Setup.
webserver # [ 9.940246] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 9.941535] systemd[1]: Starting Extra networking commands....
acme # [ 10.076139] kvm: Nested Virtualization enabled
webserver # [ 9.945098] nscd[809]: 809 monitoring file `/etc/resolv.conf` (5)
webserver # [ 9.948612] systemd[1]: Finished Extra networking commands..
webserver # [ 9.951241] nscd[809]: 809 monitoring directory `/etc` (2)
client # % Total % Received % Xferd Average Speed Time Time Time Current
client # Dload Upload Total Spent Left Speed
acme # [ 10.076142] SVM: kvm: Nested Paging enabled
acme # [ 10.120485] EDAC MC: Ver: 3.0.0
webserver # [ 9.957687] systemd[1]: Reached target Network.
acme # [ 9.894643] dhcpcd[654]: eth0: carrier acquired
acme # [ 10.183193] systemd[1]: Stopping Name Service Cache Daemon...
webserver # [ 10.081119] nscd[809]: 809 monitoring file `/etc/services` (6)
webserver # [ 10.095423] systemd[1]: Started Name Service Cache Daemon.
webserver # [ 10.096160] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 10.096967] systemd[1]: Reached target Host and Network Name Lookups.
webserver # [ 10.097602] nscd[809]: 809 monitoring file `/etc/netgroup` (7)
webserver # [ 10.098351] systemd[1]: Reached target User and Group Name Lookups.
webserver # [ 10.099036] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 10.099989] systemd[1]: Starting Permit User Sessions...
webserver # [ 10.100719] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 10.101804] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
dnsserver # [ 10.146593] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:52:01 Added response for DNS A queries to "acme.test" : 192.168.1.1
webserver # [ 10.103357] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 10.104766] systemd[1]: Finished Permit User Sessions.
webserver # [ 10.105611] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 10.106237] systemd[1]: Started Getty on tty1.
webserver # [ 10.106864] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 10.110429] systemd[1]: Reached target Login Prompts.
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 51 0 0 100 51 0 928 --:--:-- --:--:-- --:--:-- 944
webserver # [ 10.115686] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 10.121989] systemd-logind[704]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard)
acme # [ 10.184129] dhcpcd[646]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found.
(finished: must succeed: curl --data '{"host": "acme.test", "addresses": ["192.168.1.1"]}' http://192.168.1.3:8055/add-a, in 0.24 seconds)
webserver # [ 10.126546] nscd[809]: 809 monitoring directory `/etc` (2)
acme: waiting for unit network-online.target
acme: waiting for the VM to finish booting
acme: connected to guest root shell
acme: (connecting took 0.00 seconds)
(finished: waiting for the VM to finish booting, in 0.00 seconds)
webserver # [ 10.137681] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 10.140802] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 10.143622] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 10.145712] nscd[809]: 809 monitoring directory `/etc` (2)
webserver # [ 10.254796] 8021q: adding VLAN 0 to HW filter on device eth0
webserver # [ 10.154998] dhcpcd[669]: eth0: waiting for carrier
webserver # [ 10.156100] dhcpcd[669]: eth0: carrier acquired
webserver # [ 10.175919] dhcpcd[669]: DUID 00:01:00:01:2b:5e:fe:e1:52:54:00:12:34:56
webserver # [ 10.177125] dhcpcd[669]: eth0: IAID 00:12:34:56
webserver # [ 10.179199] dhcpcd[669]: eth0: adding address fe80::5054:ff:fe12:3456
(finished: waiting for unit network-online.target, in 0.08 seconds)
acme: waiting for unit pebble.service
(finished: waiting for unit pebble.service, in 0.07 seconds)
client # % Total % Received % Xferd Average Speed Time Time Time Current
client # Dload Upload Total Spent Left Speed
dnsserver # [ 10.443910] dhcpcd[672]: eth0: soliciting a DHCP lease
webserver # [ 10.408251] dhcpcd[669]: eth0: soliciting an IPv6 router
acme # [ 10.226908] dhcpcd[646]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found.
dnsserver # [ 10.599621] NET: Registered PF_PACKET protocol family
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
acme # [ 10.521312] dhcpcd[646]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found.
dnsserver # [ 10.473361] dhcpcd[672]: eth0: offered 10.0.2.15 from 10.0.2.2
client # curl: (7) Failed to connect to acme.test port 15000 after 88 ms: Couldn't connect to server
dnsserver # [ 10.474774] dhcpcd[672]: eth0: leased 10.0.2.15 for 86400 seconds
dnsserver # [ 10.477187] dhcpcd[672]: eth0: adding route to 10.0.2.0/24
dnsserver # [ 10.479850] dhcpcd[672]: eth0: adding default route via 10.0.2.2
acme # [ 10.536881] dhcpcd[654]: DUID 00:01:00:01:2b:5e:fe:e0:52:54:00:12:34:56
acme # [ 10.543567] systemd[1]: nscd.service: Deactivated successfully.
acme # [ 10.554436] dhcpcd[654]: eth0: IAID 00:12:34:56
acme # [ 10.561746] systemd[1]: Stopped Name Service Cache Daemon.
acme # [ 10.569623] dhcpcd[654]: eth0: adding address fe80::5054:ff:fe12:3456
acme # [ 10.578947] systemd[1]: Starting Name Service Cache Daemon...
acme # [ 10.589277] nscd[725]: 725 monitored file `/etc/resolv.conf` was written to
acme # [ 10.600644] systemd[1]: Finished Networking Setup.
client # % Total % Received % Xferd Average Speed Time Time Time Current
acme # [ 10.608899] dhcpcd[654]: eth0: soliciting a DHCP lease
client # Dload Upload Total Spent Left Speed
acme # [ 10.616884] systemd[1]: Starting Extra networking commands....
acme # [ 10.628024] nscd[819]: 819 monitoring file `/etc/passwd` (1)
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
client # curl: (7) Failed to connect to acme.test port 15000 after 33 ms: Couldn't connect to server
Retrying in 1s, 1/20
acme # [ 10.634705] systemd[1]: Started Name Service Cache Daemon.
dnsserver # [ 10.619336] nscd[748]: 748 monitored file `/etc/resolv.conf` was written to
dnsserver # [ 10.655030] systemd[1]: Stopped target Host and Network Name Lookups.
dnsserver # [ 10.656144] systemd[1]: Stopping Host and Network Name Lookups...
dnsserver # [ 10.658296] systemd[1]: Stopped target User and Group Name Lookups.
dnsserver # [ 10.660961] systemd[1]: Stopping User and Group Name Lookups...
dnsserver # [ 10.667736] systemd[1]: Stopping Name Service Cache Daemon...
dnsserver # [ 10.670536] systemd[1]: nscd.service: Deactivated successfully.
dnsserver # [ 10.672833] systemd[1]: Stopped Name Service Cache Daemon.
dnsserver # [ 10.696252] systemd[1]: Starting Name Service Cache Daemon...
dnsserver # [ 10.725791] nscd[885]: 885 monitoring file `/etc/passwd` (1)
dnsserver # [ 10.726610] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.727354] nscd[885]: 885 monitoring file `/etc/group` (3)
dnsserver # [ 10.736573] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.739717] nscd[885]: 885 monitoring file `/etc/hosts` (4)
acme # [ 10.675075] nscd[819]: 819 monitoring directory `/etc` (2)
dnsserver # [ 10.743380] nscd[885]: 885 monitoring directory `/etc` (2)
acme # [ 10.803683] systemd[1]: Finished Extra networking commands..
acme # [ 10.811837] pebble[661]: Pebble 2023/01/21 19:52:02 Generated new root issuer CN=Pebble Root CA 07ebd3 with serial 56fb9f2dd31365a2 and SKI 8010d1aa2f6806513a801ee9fe5f390419f4b92f
dnsserver # [ 10.755103] nscd[885]: 885 monitoring file `/etc/resolv.conf` (5)
acme # [ 10.817564] pebble[661]: Pebble 2023/01/21 19:52:02 Generated new intermediate issuer CN=Pebble Intermediate CA 4d6099 with serial 3462b3190514c669 and SKI f06013f4b50a9e6b4feaf93edb5a47620393ac93
acme # [ 10.820351] pebble[661]: Pebble 2023/01/21 19:52:02 Generated issuance chain: Pebble Root CA 07ebd3 -> Pebble Intermediate CA 4d6099
dnsserver # [ 10.763093] nscd[885]: 885 monitoring directory `/etc` (2)
acme # [ 10.822870] pebble[661]: Pebble 2023/01/21 19:52:02 Using certificate validity period of 157766400 seconds
acme # [ 10.825424] pebble[661]: Pebble 2023/01/21 19:52:02 Using system DNS resolver for ACME challenges
acme # [ 10.826911] pebble[661]: Pebble 2023/01/21 19:52:02 Disabling random VA sleeps
dnsserver # [ 10.768376] systemd[1]: Started Name Service Cache Daemon.
acme # [ 10.828642] pebble[661]: Pebble 2023/01/21 19:52:02 Configured to reject 5% of good nonces
acme # [ 10.830178] pebble[661]: Pebble 2023/01/21 19:52:02 Configured to attempt authz reuse for each identifier 50% of the time
acme # [ 10.831950] pebble[661]: Pebble 2023/01/21 19:52:02 Configured to show 3 orders per page
acme # [ 10.833725] pebble[661]: Pebble 2023/01/21 19:52:02 Management interface listening on: 0.0.0.0:15000
dnsserver # [ 10.775174] dhcpcd[665]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found.
acme # [ 10.836797] pebble[661]: Pebble 2023/01/21 19:52:02 Root CA certificate available at: https://0.0.0.0:15000/roots/0
acme # [ 10.838739] pebble[661]: Pebble 2023/01/21 19:52:02 Listening on: 0.0.0.0:443
acme # [ 10.840841] pebble[661]: Pebble 2023/01/21 19:52:02 ACME directory available at: https://0.0.0.0:443/dir
dnsserver # [ 10.780363] dhcpcd[665]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found.
acme # [ 10.842905] nscd[819]: 819 monitoring file `/etc/group` (3)
acme # [ 10.844674] systemd[1]: Reached target Network.
acme # [ 10.846891] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.848464] systemd[1]: Reached target Host and Network Name Lookups.
acme # [ 10.850362] nscd[819]: 819 monitoring file `/etc/hosts` (4)
acme # [ 10.851900] systemd[1]: Reached target User and Group Name Lookups.
acme # [ 10.853526] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.855430] systemd[1]: Starting Permit User Sessions...
acme # [ 10.857726] nscd[819]: 819 monitoring file `/etc/resolv.conf` (5)
acme # [ 10.859877] systemd-logind[685]: Watching system buttons on /dev/input/event2 (Power Button)
acme # [ 10.862311] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.863588] systemd[1]: Finished Permit User Sessions.
acme # [ 10.865527] nscd[819]: 819 monitoring file `/etc/services` (6)
acme # [ 10.867294] systemd[1]: Started Getty on tty1.
acme # [ 10.869289] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.870504] systemd[1]: Reached target Login Prompts.
acme # [ 10.872026] nscd[819]: 819 monitoring file `/etc/netgroup` (7)
acme # [ 10.873790] systemd[1]: Stopped target Host and Network Name Lookups.
acme # [ 10.875796] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.877125] systemd[1]: Stopping Host and Network Name Lookups...
acme # [ 10.879698] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 10.881869] systemd[1]: Stopped target User and Group Name Lookups.
acme # [ 10.883813] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.885442] systemd[1]: Stopping User and Group Name Lookups...
acme # [ 10.887628] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 10.889388] systemd[1]: Stopping Name Service Cache Daemon...
acme # [ 10.892982] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.897130] systemd[1]: nscd.service: Deactivated successfully.
acme # [ 10.901051] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 10.903729] systemd[1]: Stopped Name Service Cache Daemon.
acme # [ 10.905630] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.907385] systemd[1]: Starting Name Service Cache Daemon...
webserver # [ 10.806627] dhcpcd[669]: eth0: soliciting a DHCP lease
acme # [ 10.909385] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 10.911481] systemd[1]: Started Name Service Cache Daemon.
acme # [ 10.913943] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.915395] systemd[1]: Reached target Host and Network Name Lookups.
acme # [ 10.917443] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 10.918922] systemd[1]: Reached target User and Group Name Lookups.
acme # [ 10.920747] nscd[819]: 819 monitoring directory `/etc` (2)
acme # [ 10.922835] systemd[1]: Started DHCP Client.
acme # [ 10.924993] dhcpcd[654]: eth0: offered 10.0.2.15 from 10.0.2.2
acme # [ 10.926969] systemd[1]: Reached target Network is Online.
webserver # [ 10.930327] NET: Registered PF_PACKET protocol family
acme # [ 10.929390] dhcpcd[654]: eth0: leased 10.0.2.15 for 86400 seconds
acme # [ 10.931174] systemd[1]: Reached target Multi-User System.
webserver # [ 10.831258] dhcpcd[669]: eth0: offered 10.0.2.15 from 10.0.2.2
acme # [ 10.932868] dhcpcd[654]: eth0: adding route to 10.0.2.0/24
webserver # [ 10.832483] dhcpcd[669]: eth0: leased 10.0.2.15 for 86400 seconds
acme # [ 10.934522] systemd[1]: Startup finished in 4.558s (kernel) + 4.754s (userspace) = 9.312s.
webserver # [ 10.834308] dhcpcd[669]: eth0: adding route to 10.0.2.0/24
acme # [ 10.936948] dhcpcd[654]: eth0: adding default route via 10.0.2.2
webserver # [ 10.835680] dhcpcd[669]: eth0: adding default route via 10.0.2.2
acme # [ 10.938661] systemd-logind[685]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard)
acme # [ 10.941484] nscd[819]: 819 monitored file `/etc/resolv.conf` was written to
acme # [ 10.943680] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
acme # [ 10.948646] nscd[884]: 884 monitoring file `/etc/passwd` (1)
acme # [ 10.953597] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 10.956032] nscd[884]: 884 monitoring file `/etc/group` (3)
acme # [ 10.958030] nscd[884]: 884 monitoring directory `/etc` (2)
dnsserver # [ 10.786153] dhcpcd[665]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found.
acme # [ 10.964729] nscd[884]: 884 monitoring file `/etc/hosts` (4)
dnsserver # [ 10.906767] nscd[885]: 885 monitoring file `/etc/services` (6)
dnsserver # [ 10.907857] systemd[1]: Started DHCP Client.
dnsserver # [ 10.908799] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.909794] systemd[1]: Reached target Network is Online.
acme # [ 10.968265] nscd[884]: 884 monitoring directory `/etc` (2)
dnsserver # [ 10.910997] nscd[885]: 885 monitoring file `/etc/netgroup` (7)
dnsserver # [ 10.912045] systemd[1]: Reached target Multi-User System.
acme # [ 10.970301] nscd[884]: 884 monitoring file `/etc/resolv.conf` (5)
dnsserver # [ 10.913093] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.914047] systemd[1]: Reached target Host and Network Name Lookups.
dnsserver # [ 10.915184] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 10.916140] systemd[1]: Reached target User and Group Name Lookups.
dnsserver # [ 10.917629] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.919009] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 10.920234] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.921481] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 10.922901] nscd[885]: 885 monitoring directory `/etc` (2)
acme # [ 10.979081] nscd[884]: 884 monitoring directory `/etc` (2)
dnsserver # [ 10.923958] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8)
dnsserver # [ 10.925203] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.926404] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 10.985366] nscd[884]: 884 monitoring file `/etc/services` (6)
dnsserver # [ 10.927761] nscd[885]: 885 monitoring directory `/etc` (2)
dnsserver # [ 10.931830] systemd[1]: Startup finished in 4.235s (kernel) + 6.696s (userspace) = 10.931s.
acme # [ 10.993540] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.001197] nscd[884]: 884 monitoring file `/etc/netgroup` (7)
acme # [ 11.013020] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.015487] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 11.018315] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.019683] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 11.021705] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.022920] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 11.024679] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.026426] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 11.028557] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.030130] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8)
acme # [ 11.032016] nscd[884]: 884 monitoring directory `/etc` (2)
acme # [ 11.033978] dhcpcd[654]: eth0: soliciting an IPv6 router
acme # [ 11.035029] dhcpcd[654]: eth0: Router Advertisement from fe80::2
acme # [ 11.036645] dhcpcd[654]: eth0: adding address fec0::5054:ff:fe12:3456/64
acme # [ 11.038469] dhcpcd[654]: eth0: adding route to fec0::/64
acme # [ 11.039964] dhcpcd[654]: eth0: adding default route via fe80::2
dnsserver # [ 10.986174] systemd-udevd[825]: vtcon0: Process '/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd-vconsole-setup' failed with exit code 1.
webserver # [ 10.946046] nscd[809]: 809 monitored file `/etc/resolv.conf` was written to
webserver # [ 10.988749] systemd[1]: Stopped target Host and Network Name Lookups.
webserver # [ 10.990527] systemd[1]: Stopping Host and Network Name Lookups...
webserver # [ 10.992395] systemd[1]: Stopped target User and Group Name Lookups.
webserver # [ 10.996756] systemd[1]: Stopping User and Group Name Lookups...
webserver # [ 11.009541] systemd[1]: Stopping Name Service Cache Daemon...
webserver # [ 11.011671] systemd[1]: nscd.service: Deactivated successfully.
webserver # [ 11.012882] systemd[1]: Stopped Name Service Cache Daemon.
webserver # [ 11.035089] systemd[1]: Starting Name Service Cache Daemon...
webserver # [ 11.066099] nscd[901]: 901 monitoring file `/etc/passwd` (1)
webserver # [ 11.069528] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.072674] nscd[901]: 901 monitoring file `/etc/group` (3)
webserver # [ 11.074786] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.077199] nscd[901]: 901 monitoring file `/etc/hosts` (4)
webserver # [ 11.080366] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.089242] nscd[901]: 901 monitoring file `/etc/resolv.conf` (5)
webserver # [ 11.092445] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.101601] nscd[901]: 901 monitoring file `/etc/services` (6)
webserver # [ 11.107542] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.116988] nscd[901]: 901 monitoring file `/etc/netgroup` (7)
webserver # [ 11.141954] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.149352] systemd[1]: Started Name Service Cache Daemon.
webserver # [ 11.156695] dhcpcd[655]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found.
webserver # [ 11.290227] dhcpcd[655]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found.
webserver # [ 11.295230] dhcpcd[655]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found.
webserver # [ 11.299875] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 11.303601] systemd[1]: Reached target Host and Network Name Lookups.
webserver # [ 11.308570] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.311710] systemd[1]: Reached target User and Group Name Lookups.
webserver # [ 11.315484] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 11.319128] systemd[1]: Started DHCP Client.
webserver # [ 11.322014] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.325326] systemd[1]: Reached target Network is Online.
webserver # [ 11.328464] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 11.331820] systemd[1]: Reached target Multi-User System.
webserver # [ 11.335208] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.338212] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 11.341752] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.344627] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 11.348178] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 11.352953] dhcpcd[669]: eth0: Router Advertisement from fe80::2
webserver # [ 11.358536] dhcpcd[669]: eth0: adding address fec0::5054:ff:fe12:3456/64
webserver # [ 11.365269] systemd[1]: Startup finished in 4.707s (kernel) + 6.649s (userspace) = 11.357s.
webserver # [ 11.372081] dhcpcd[669]: eth0: adding route to fec0::/64
webserver # [ 11.379376] dhcpcd[669]: eth0: adding default route via fe80::2
webserver # [ 11.438938] systemd-udevd[833]: vtcon0: Process '/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd-vconsole-setup' failed with exit code 1.
client # % Total % Received % Xferd Average Speed Time Time Time Current
client # Dload Upload Total Spent Left Speed
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 1151 100 1151 0 0 6706 0 --:--:-- --:--:-- --:--:-- 6730
client # % Total % Received % Xferd Average Speed Time Time Time Current
client # Dload Upload Total Spent Left Speed
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 1675 100 1675 0 0 13923 0 --:--:-- --:--:-- --:--:-- 13842
subtest: Can request certificate with Lego's built in web server
webserver: waiting for the VM to finish booting
webserver: connected to guest root shell
webserver: (connecting took 0.00 seconds)
(finished: waiting for the VM to finish booting, in 0.00 seconds)
webserver: must succeed: /run/current-system/specialisation/http01lego/bin/switch-to-configuration test
webserver # [ 13.048499] nixos[925]: switching to system configuration /nix/store/y10gwmz1k6zbz8r6mpqfh2ybchnzk34j-nixos-system-webserver-23.05pre-git
webserver # [ 13.077934] systemd[1]: Stopped target Local File Systems.
webserver # [ 13.084674] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 13.092102] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 13.361408] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 13.370421] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 13.376072] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 13.385870] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 13.389328] nscd[901]: 901 monitoring file `/etc/group` (9)
webserver # [ 13.392464] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 13.397317] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 13.406206] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 13.409738] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8)
webserver # [ 13.413307] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 13.416202] nscd[901]: 901 monitoring file `/etc/passwd` (10)
webserver # [ 13.419253] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 13.563685] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 13.576820] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 13.583201] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 13.588022] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 13.592650] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 13.597359] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 13.602804] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 13.608633] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 14.180988] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # reloading the following units: dbus.service
webserver # [ 15.104492] systemd[1]: Reloading D-Bus System Message Bus...
webserver # [ 15.122209] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file
webserver # [ 15.149371] dbus-daemon[698]: [system] Reloaded configuration
webserver # [ 15.151369] dbus-send[1076]: method return time=1674330726.709061 sender=org.freedesktop.DBus -> destination=:1.6 serial=3 reply_serial=2
webserver # [ 15.158141] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file
webserver # [ 15.184685] dbus-daemon[698]: [system] Reloaded configuration
webserver # [ 15.188196] systemd[1]: Reloaded D-Bus System Message Bus.
webserver # [ 15.226836] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 15.229424] systemd[1]: Reached target Local File Systems.
webserver # [ 15.248227] systemd[1]: Reached target Remote File Systems.
webserver # [ 15.261193] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 15.268791] systemd[1]: Starting Generate self-signed certificate authority...
webserver # [ 15.338063] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 15.343666] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 15.351853] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 15.371519] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 15.372558] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 15.375217] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 15.381271] systemd[1]: Started Renew ACME Certificate for http.example.test.
webserver # [ 16.166068] systemd[1]: acme-selfsigned-ca.service: Deactivated successfully.
webserver # [ 16.166791] systemd[1]: Finished Generate self-signed certificate authority.
webserver # [ 16.171199] systemd[1]: Starting Generate self-signed certificate for http.example.test...
webserver # [ 16.520207] systemd[1]: acme-selfsigned-http.example.test.service: Deactivated successfully.
webserver # [ 16.521191] systemd[1]: Finished Generate self-signed certificate for http.example.test.
webserver # [ 16.526436] systemd[1]: Starting Renew ACME certificate for http.example.test...
webserver # [ 16.571158] acme-http.example.test-start[1104]: + set -euo pipefail
webserver # [ 16.572009] acme-http.example.test-start[1104]: + echo 78c80081fedd8a7ae50d
webserver # [ 16.572844] acme-http.example.test-start[1104]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 16.580829] acme-http.example.test-start[1104]: + lego --accept-tos --path . -d http.example.test --email hostmaster@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir run
webserver # [ 17.503700] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 No key found for account hostmaster@example.test. Generating a P256 key.
webserver # [ 17.505136] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key
acme # [ 17.685017] pebble[661]: Pebble 2023/01/21 19:52:09 GET /dir -> calling handler()
webserver # [ 17.590190] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] acme: Registering account for hostmaster@example.test
acme # [ 17.694253] pebble[661]: Pebble 2023/01/21 19:52:09 HEAD /nonce-plz -> calling handler()
webserver # [ 17.598660] acme-http.example.test-start[1106]: !!!! HEADS UP !!!!
webserver # [ 17.599476] acme-http.example.test-start[1106]: Your account credentials have been saved in your Let's Encrypt
webserver # [ 17.600495] acme-http.example.test-start[1106]: configuration directory at "accounts".
acme # [ 17.699967] pebble[661]: Pebble 2023/01/21 19:52:09 POST /sign-me-up -> calling handler()
webserver # [ 17.601380] acme-http.example.test-start[1106]: You should make a secure backup of this folder now. This
webserver # [ 17.603011] acme-http.example.test-start[1106]: configuration directory will also contain certificates and
webserver # [ 17.604010] acme-http.example.test-start[1106]: private keys obtained from Let's Encrypt so making regular
webserver # [ 17.605021] acme-http.example.test-start[1106]: backups of this folder is ideal.
acme # [ 17.703452] pebble[661]: Pebble 2023/01/21 19:52:09 There are now 1 accounts in memory
webserver # [ 17.605913] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: Obtaining bundled SAN certificate
acme # [ 17.708462] pebble[661]: Pebble 2023/01/21 19:52:09 POST /order-plz -> calling handler()
acme # [ 17.711861] pebble[661]: Pebble 2023/01/21 19:52:09 There are now 1 authorizations in the db
acme # [ 17.715379] pebble[661]: Pebble 2023/01/21 19:52:09 Added order "hxO180qwPwdUZzCBMMIiyZPIhaJLCNVYgFC90gOVsKg" to the db
acme # [ 17.719703] pebble[661]: Pebble 2023/01/21 19:52:09 There are now 1 orders in the db
webserver # [ 17.669040] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] AuthURL: https://acme.test/authZ/XW_SmPqZTY3nMoDqYjS35K563lw-SlAFzJ08Qogqr-g
acme # [ 17.769723] pebble[661]: Pebble 2023/01/21 19:52:09 POST /authZ/ -> calling handler()
webserver # [ 17.670808] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 17.672404] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: use http-01 solver
webserver # [ 17.673419] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: Trying to solve HTTP-01
acme # [ 17.773653] pebble[661]: Pebble 2023/01/21 19:52:09 POST /chalZ/ -> calling handler()
webserver # [ 17.674633] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/chalZ/TW9Xt08Fw8vXP4nW_0PwAgtqQvPSQlaXwtzatT5j2Wk :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: yBYD09rjTA04JgbfFuVpIQ
acme # [ 17.992762] pebble[661]: Pebble 2023/01/21 19:52:09 POST /chalZ/ -> calling handler()
acme # [ 17.993820] pebble[661]: Pebble 2023/01/21 19:52:09 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"http.example.test"}, Challenge:(*core.Challenge)(0xc0001b81e0), Account:(*core.Account)(0xc0001c8f00)}
acme # [ 18.004093] pebble[661]: Pebble 2023/01/21 19:52:09 Starting 3 validations.
acme # [ 18.007431] pebble[661]: Pebble 2023/01/21 19:52:09 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/egTcA7y42P1MAXgdmXEyJ4x6iCYnQxwOBElD2FRri-c
acme # [ 18.014134] pebble[661]: Pebble 2023/01/21 19:52:09 POST /authZ/ -> calling handler()
acme # [ 18.017940] pebble[661]: Pebble 2023/01/21 19:52:09 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/egTcA7y42P1MAXgdmXEyJ4x6iCYnQxwOBElD2FRri-c
acme # [ 18.024407] pebble[661]: Pebble 2023/01/21 19:52:09 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/egTcA7y42P1MAXgdmXEyJ4x6iCYnQxwOBElD2FRri-c
webserver # [ 17.933482] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] Served key authentication
webserver # [ 17.935052] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] Served key authentication
acme # [ 18.035352] pebble[661]: Pebble 2023/01/21 19:52:09 authz XW_SmPqZTY3nMoDqYjS35K563lw-SlAFzJ08Qogqr-g set VALID by completed challenge TW9Xt08Fw8vXP4nW_0PwAgtqQvPSQlaXwtzatT5j2Wk
webserver # [ 17.936192] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] Served key authentication
acme # [ 24.458911] pebble[661]: Pebble 2023/01/21 19:52:16 POST /authZ/ -> calling handler()
webserver # [ 24.357664] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] [http.example.test] The server validated our request
webserver # [ 24.363497] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] [http.example.test] acme: Validations succeeded; requesting certificates
acme # [ 24.468593] pebble[661]: Pebble 2023/01/21 19:52:16 POST /finalize-order/ -> calling handler()
webserver # [ 24.369732] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 24.474584] pebble[661]: Pebble 2023/01/21 19:52:16 Order hxO180qwPwdUZzCBMMIiyZPIhaJLCNVYgFC90gOVsKg is fully authorized. Processing finalization
acme # [ 24.481349] pebble[661]: Pebble 2023/01/21 19:52:16 Issued certificate serial 53eabe15fc944d1f for order hxO180qwPwdUZzCBMMIiyZPIhaJLCNVYgFC90gOVsKg
webserver # [ 24.382056] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] [http.example.test] Server responded with a certificate.
acme # [ 24.486896] pebble[661]: Pebble 2023/01/21 19:52:16 POST /my-order/ -> calling handler()
webserver # [ 24.388492] acme-http.example.test-start[1104]: + mv domainhash.txt certificates/
acme # [ 24.491025] pebble[661]: Pebble 2023/01/21 19:52:16 POST /certZ/ -> calling handler()
webserver # [ 24.395370] acme-http.example.test-start[1104]: + chown acme:acme certificates/domainhash.txt certificates/http.example.test.crt certificates/http.example.test.issuer.crt certificates/http.example.test.json certificates/http.example.test.key
webserver # [ 24.408945] acme-http.example.test-start[1104]: + cmp -s certificates/http.example.test.crt out/fullchain.pem
webserver # [ 24.415263] acme-http.example.test-start[1104]: + touch out/renewed
webserver # [ 24.426232] acme-http.example.test-start[1104]: + echo Installing new certificate
webserver # [ 24.429480] acme-http.example.test-start[1104]: Installing new certificate
webserver # [ 24.432431] acme-http.example.test-start[1104]: + cp -vp certificates/http.example.test.crt out/fullchain.pem
webserver # [ 24.441644] acme-http.example.test-start[1117]: 'certificates/http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 24.446249] acme-http.example.test-start[1104]: + cp -vp certificates/http.example.test.key out/key.pem
webserver # [ 24.454731] acme-http.example.test-start[1118]: 'certificates/http.example.test.key' -> 'out/key.pem'
webserver # [ 24.459072] acme-http.example.test-start[1104]: + cp -vp certificates/http.example.test.issuer.crt out/chain.pem
webserver # [ 24.468060] acme-http.example.test-start[1119]: 'certificates/http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 24.472552] acme-http.example.test-start[1104]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 24.481553] acme-http.example.test-start[1104]: + cat out/key.pem out/fullchain.pem
webserver # [ 24.491076] acme-http.example.test-start[1104]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 24.529972] systemd[1]: acme-http.example.test.service: Deactivated successfully.
webserver # [ 24.530992] systemd[1]: Finished Renew ACME certificate for http.example.test.
webserver # [ 24.531815] systemd[1]: acme-http.example.test.service: Consumed 278ms CPU time, received 13.8K IP traffic, sent 10.0K IP traffic.
webserver # [ 24.539103] systemd[1]: Reached target acme-finished-http.example.test.target.
webserver # the following new units were started: acme-finished-http.example.test.target, acme-fixperms.service, acme-http.example.test.timer
webserver # [ 24.601834] nixos[925]: finished switching to system configuration /nix/store/y10gwmz1k6zbz8r6mpqfh2ybchnzk34j-nixos-system-webserver-23.05pre-git
(finished: must succeed: /run/current-system/specialisation/http01lego/bin/switch-to-configuration test, in 12.57 seconds)
webserver: waiting for unit acme-finished-http.example.test.target
(finished: waiting for unit acme-finished-http.example.test.target, in 0.06 seconds)
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.06 seconds)
First subject in fullchain.pem: subject=cn = http.example.test
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem, in 0.07 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem, in 0.09 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
(finished: subtest: Can request certificate with Lego's built in web server, in 12.95 seconds)
subtest: Can renew certificates when they expire
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.03 seconds)
webserver: must succeed: /tmp/specialisation/renew/bin/switch-to-configuration test
webserver # [ 25.800351] nixos[1155]: switching to system configuration /nix/store/2n12rr72yd45ggxvqxa94b7pfw68avwy-nixos-system-webserver-23.05pre-git
webserver # [ 25.825647] systemd[1]: Stopped target Local File Systems.
webserver # [ 25.830379] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 25.833787] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 26.088647] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 26.096202] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 26.100220] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (12)
webserver # [ 26.101031] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 26.101644] nscd[901]: 901 monitoring file `/etc/group` (15)
webserver # [ 26.102544] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 26.105973] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 26.108973] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 26.112191] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (12)
webserver # [ 26.113083] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 26.118117] nscd[901]: 901 monitoring file `/etc/passwd` (16)
webserver # [ 26.118826] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 26.254314] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 26.262258] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 26.263424] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 26.264864] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 26.267316] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 26.269515] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 26.273195] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 26.276941] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 26.743709] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # [ 27.291112] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 27.293463] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem).
webserver # [ 27.300293] systemd[1]: Starting Renew ACME certificate for http.example.test...
webserver # [ 27.322918] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 27.325133] systemd[1]: Reached target Local File Systems.
webserver # [ 27.346386] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 27.348225] systemd[1]: Reached target Remote File Systems.
webserver # [ 27.353289] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 27.368232] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 27.369126] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 27.371607] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 27.374633] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 27.378132] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem).
webserver # [ 27.399872] acme-http.example.test-start[1301]: + set -euo pipefail
webserver # [ 27.400797] acme-http.example.test-start[1301]: + echo 78c80081fedd8a7ae50d
webserver # [ 27.401797] acme-http.example.test-start[1301]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 27.405775] acme-http.example.test-start[1304]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 27.413595] acme-http.example.test-start[1301]: + '[' -e certificates/http.example.test.key -a -e certificates/http.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 27.415660] acme-http.example.test-start[1301]: + lego --accept-tos --path . -d http.example.test --email hostmaster@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir renew --no-random-sleep --days 9999
acme # [ 27.588819] pebble[661]: Pebble 2023/01/21 19:52:19 GET /dir -> calling handler()
webserver # [ 27.490836] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Trying renewal with 43823 hours remaining
webserver # [ 27.492346] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Obtaining bundled SAN certificate
acme # [ 27.596025] pebble[661]: Pebble 2023/01/21 19:52:19 HEAD /nonce-plz -> calling handler()
acme # [ 27.597933] pebble[661]: Pebble 2023/01/21 19:52:19 POST /order-plz -> calling handler()
acme # [ 27.599569] pebble[661]: Pebble 2023/01/21 19:52:19 There are now 2 authorizations in the db
acme # [ 27.600988] pebble[661]: Pebble 2023/01/21 19:52:19 Added order "_zGOXhozvwdTDaR7X6u2ZcWtazJWtYXgJezhDpcNt2g" to the db
acme # [ 27.602162] pebble[661]: Pebble 2023/01/21 19:52:19 There are now 2 orders in the db
acme # [ 27.659295] pebble[661]: Pebble 2023/01/21 19:52:19 POST /authZ/ -> calling handler()
webserver # [ 27.557970] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] AuthURL: https://acme.test/authZ/EfwANeoAjAURPLJ7F2FzeOH7zsBAJ4QvtpeG9o3-CFg
webserver # [ 27.559990] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 27.561792] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: use http-01 solver
webserver # [ 27.562931] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Trying to solve HTTP-01
acme # [ 27.664012] pebble[661]: Pebble 2023/01/21 19:52:19 POST /chalZ/ -> calling handler()
acme # [ 27.666057] pebble[661]: Pebble 2023/01/21 19:52:19 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"http.example.test"}, Challenge:(*core.Challenge)(0xc0001b8aa0), Account:(*core.Account)(0xc0001c8f00)}
acme # [ 27.669886] pebble[661]: Pebble 2023/01/21 19:52:19 Starting 3 validations.
webserver # [ 27.571464] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] Served key authentication
webserver # [ 27.572682] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] Served key authentication
acme # [ 27.671988] pebble[661]: Pebble 2023/01/21 19:52:19 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/kghmQEmMv9ROXQ7oX_ckQM_MAIi_n2hSEr4vpYnZ48g
webserver # [ 27.578086] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] Served key authentication
acme # [ 27.680276] pebble[661]: Pebble 2023/01/21 19:52:19 POST /authZ/ -> calling handler()
acme # [ 27.683373] pebble[661]: Pebble 2023/01/21 19:52:19 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/kghmQEmMv9ROXQ7oX_ckQM_MAIi_n2hSEr4vpYnZ48g
acme # [ 27.689032] pebble[661]: Pebble 2023/01/21 19:52:19 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/kghmQEmMv9ROXQ7oX_ckQM_MAIi_n2hSEr4vpYnZ48g
acme # [ 27.690644] pebble[661]: Pebble 2023/01/21 19:52:19 authz EfwANeoAjAURPLJ7F2FzeOH7zsBAJ4QvtpeG9o3-CFg set VALID by completed challenge RYilEPjXXxp-f-LIcAlwBf5R3BwWiBoIBc48nMWjc-U
webserver # [ 33.444266] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] [http.example.test] The server validated our request
acme # [ 33.545549] pebble[661]: Pebble 2023/01/21 19:52:25 POST /authZ/ -> calling handler()
webserver # [ 33.446164] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] [http.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 33.449516] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 33.553105] pebble[661]: Pebble 2023/01/21 19:52:25 POST /finalize-order/ -> calling handler()
acme # [ 33.559027] pebble[661]: Pebble 2023/01/21 19:52:25 Order _zGOXhozvwdTDaR7X6u2ZcWtazJWtYXgJezhDpcNt2g is fully authorized. Processing finalization
webserver # [ 33.464442] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] [http.example.test] Server responded with a certificate.
acme # [ 33.565715] pebble[661]: Pebble 2023/01/21 19:52:25 Issued certificate serial 6ad48ec2b291fc0c for order _zGOXhozvwdTDaR7X6u2ZcWtazJWtYXgJezhDpcNt2g
webserver # [ 33.470333] acme-http.example.test-start[1301]: + mv domainhash.txt certificates/
acme # [ 33.570985] pebble[661]: Pebble 2023/01/21 19:52:25 POST /my-order/ -> calling handler()
acme # [ 33.574995] pebble[661]: Pebble 2023/01/21 19:52:25 POST /certZ/ -> calling handler()
webserver # [ 33.476325] acme-http.example.test-start[1301]: + chown acme:acme certificates/domainhash.txt certificates/http.example.test.crt certificates/http.example.test.issuer.crt certificates/http.example.test.json certificates/http.example.test.key
webserver # [ 33.483757] acme-http.example.test-start[1301]: + cmp -s certificates/http.example.test.crt out/fullchain.pem
webserver # [ 33.487504] acme-http.example.test-start[1301]: + touch out/renewed
webserver # [ 33.492987] acme-http.example.test-start[1301]: + echo Installing new certificate
webserver # [ 33.493854] acme-http.example.test-start[1301]: Installing new certificate
webserver # [ 33.494660] acme-http.example.test-start[1301]: + cp -vp certificates/http.example.test.crt out/fullchain.pem
webserver # [ 33.499953] acme-http.example.test-start[1316]: 'certificates/http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 33.501667] acme-http.example.test-start[1301]: + cp -vp certificates/http.example.test.key out/key.pem
webserver # [ 33.506520] acme-http.example.test-start[1317]: 'certificates/http.example.test.key' -> 'out/key.pem'
webserver # [ 33.508299] acme-http.example.test-start[1301]: + cp -vp certificates/http.example.test.issuer.crt out/chain.pem
webserver # [ 33.513142] acme-http.example.test-start[1318]: 'certificates/http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 33.514953] acme-http.example.test-start[1301]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 33.520156] acme-http.example.test-start[1301]: + cat out/key.pem out/fullchain.pem
webserver # [ 33.525529] acme-http.example.test-start[1301]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 33.557083] systemd[1]: acme-http.example.test.service: Deactivated successfully.
webserver # [ 33.557975] systemd[1]: Finished Renew ACME certificate for http.example.test.
webserver # [ 33.558728] systemd[1]: acme-http.example.test.service: Consumed 150ms CPU time, received 12.7K IP traffic, sent 8.5K IP traffic.
webserver # [ 33.629931] nixos[1155]: finished switching to system configuration /nix/store/2n12rr72yd45ggxvqxa94b7pfw68avwy-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/renew/bin/switch-to-configuration test, in 8.68 seconds)
webserver: waiting for unit acme-finished-http.example.test.target
(finished: waiting for unit acme-finished-http.example.test.target, in 0.06 seconds)
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.03 seconds)
First subject in fullchain.pem: subject=cn = http.example.test
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem, in 0.09 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem, in 0.08 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.02 seconds)
(finished: subtest: Can renew certificates when they expire, in 9.03 seconds)
subtest: Handles email change correctly
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.02 seconds)
webserver: must succeed: /tmp/specialisation/accountchange/bin/switch-to-configuration test
webserver # [ 34.903249] nixos[1356]: switching to system configuration /nix/store/a3215x68bg25ns835r5xlpn7ysw9aji1-nixos-system-webserver-23.05pre-git
webserver # [ 34.925480] systemd[1]: Stopped target Local File Systems.
webserver # [ 34.929868] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 34.933334] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 35.165230] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 35.170182] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 35.174165] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (18)
webserver # [ 35.175056] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 35.175723] nscd[901]: 901 monitoring file `/etc/group` (21)
webserver # [ 35.176448] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 35.181971] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 35.184112] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 35.187879] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (18)
webserver # [ 35.188746] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 35.189675] nscd[901]: 901 monitoring file `/etc/passwd` (22)
webserver # [ 35.194656] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 35.314178] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 35.321451] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 35.322368] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 35.323512] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 35.324287] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 35.325277] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 35.326875] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 35.333113] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 35.699764] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # [ 36.305304] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 36.308012] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem).
webserver # [ 36.318508] systemd[1]: Starting Renew ACME certificate for http.example.test...
webserver # [ 36.352836] systemd[1]: Reached target Remote File Systems.
webserver # [ 36.353551] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 36.356636] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem).
webserver # [ 36.360604] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 36.364766] systemd[1]: Reached target Local File Systems.
webserver # [ 36.373504] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 36.379641] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 36.394152] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 36.395060] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 36.397435] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 36.429291] acme-http.example.test-start[1502]: + set -euo pipefail
webserver # [ 36.430249] acme-http.example.test-start[1502]: + echo 78c80081fedd8a7ae50d
webserver # [ 36.431262] acme-http.example.test-start[1502]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 36.435378] acme-http.example.test-start[1505]: ++ find accounts -name admin@example.test.key
webserver # [ 36.441337] acme-http.example.test-start[1502]: + '[' -e certificates/http.example.test.key -a -e certificates/http.example.test.crt -a -n '' ']'
webserver # [ 36.442577] acme-http.example.test-start[1502]: + lego --accept-tos --path . -d http.example.test --email admin@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir run
webserver # [ 36.471638] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 No key found for account admin@example.test. Generating a P256 key.
webserver # [ 36.473075] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 Saved key to accounts/acme.test/admin@example.test/keys/admin@example.test.key
acme # [ 36.624551] pebble[661]: Pebble 2023/01/21 19:52:28 GET /dir -> calling handler()
webserver # [ 36.526303] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] acme: Registering account for admin@example.test
acme # [ 36.629908] pebble[661]: Pebble 2023/01/21 19:52:28 HEAD /nonce-plz -> calling handler()
webserver # [ 36.532701] acme-http.example.test-start[1506]: !!!! HEADS UP !!!!
webserver # [ 36.533492] acme-http.example.test-start[1506]: Your account credentials have been saved in your Let's Encrypt
acme # [ 36.633966] pebble[661]: Pebble 2023/01/21 19:52:28 POST /sign-me-up -> calling handler()
webserver # [ 36.534470] acme-http.example.test-start[1506]: configuration directory at "accounts".
acme # [ 36.636319] pebble[661]: Pebble 2023/01/21 19:52:28 There are now 2 accounts in memory
webserver # [ 36.535287] acme-http.example.test-start[1506]: You should make a secure backup of this folder now. This
webserver # [ 36.536585] acme-http.example.test-start[1506]: configuration directory will also contain certificates and
webserver # [ 36.537360] acme-http.example.test-start[1506]: private keys obtained from Let's Encrypt so making regular
acme # [ 36.639380] pebble[661]: Pebble 2023/01/21 19:52:28 POST /order-plz -> calling handler()
webserver # [ 36.538467] acme-http.example.test-start[1506]: backups of this folder is ideal.
acme # [ 36.640271] pebble[661]: Pebble 2023/01/21 19:52:28 There are now 3 authorizations in the db
webserver # [ 36.539304] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: Obtaining bundled SAN certificate
acme # [ 36.641171] pebble[661]: Pebble 2023/01/21 19:52:28 Added order "t2cg0lVssG9UFFvR8u98hxtFT0HuFHCYAEAnnICQNYA" to the db
acme # [ 36.642297] pebble[661]: Pebble 2023/01/21 19:52:28 There are now 3 orders in the db
webserver # [ 36.597675] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] AuthURL: https://acme.test/authZ/YsbW5RvVTHVaNLwwq4zvDJw2T8CQyX1pmEGwSXlT5l4
webserver # [ 36.599212] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 36.601102] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: use http-01 solver
acme # [ 36.698290] pebble[661]: Pebble 2023/01/21 19:52:28 POST /authZ/ -> calling handler()
webserver # [ 36.602293] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: Trying to solve HTTP-01
acme # [ 36.706425] pebble[661]: Pebble 2023/01/21 19:52:28 POST /chalZ/ -> calling handler()
webserver # [ 36.612802] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] Served key authentication
webserver # [ 36.614133] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] Served key authentication
webserver # [ 36.615269] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] Served key authentication
acme # [ 36.714920] pebble[661]: Pebble 2023/01/21 19:52:28 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"http.example.test"}, Challenge:(*core.Challenge)(0xc0001b9220), Account:(*core.Account)(0xc0002efce0)}
acme # [ 36.720845] pebble[661]: Pebble 2023/01/21 19:52:28 Starting 3 validations.
acme # [ 36.721685] pebble[661]: Pebble 2023/01/21 19:52:28 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/YnjEWcQQBEmcVWOTQs5p_m4VWGJ_RnfjlqbLGzHt_ic
acme # [ 36.723361] pebble[661]: Pebble 2023/01/21 19:52:28 POST /authZ/ -> calling handler()
acme # [ 36.724289] pebble[661]: Pebble 2023/01/21 19:52:28 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/YnjEWcQQBEmcVWOTQs5p_m4VWGJ_RnfjlqbLGzHt_ic
acme # [ 36.725934] pebble[661]: Pebble 2023/01/21 19:52:28 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/YnjEWcQQBEmcVWOTQs5p_m4VWGJ_RnfjlqbLGzHt_ic
acme # [ 36.727640] pebble[661]: Pebble 2023/01/21 19:52:28 authz YsbW5RvVTHVaNLwwq4zvDJw2T8CQyX1pmEGwSXlT5l4 set VALID by completed challenge 8vknoUp7PbuXvxcRukBZkn2sjBPz76_1pm_dmkvRH5c
acme # [ 40.965691] pebble[661]: Pebble 2023/01/21 19:52:32 POST /authZ/ -> calling handler()
webserver # [ 40.864330] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] [http.example.test] The server validated our request
acme # [ 40.968281] pebble[661]: Pebble 2023/01/21 19:52:32 POST /finalize-order/ -> calling handler()
webserver # [ 40.866574] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] [http.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 40.868839] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 40.969188] pebble[661]: Pebble 2023/01/21 19:52:32 Order t2cg0lVssG9UFFvR8u98hxtFT0HuFHCYAEAnnICQNYA is fully authorized. Processing finalization
acme # [ 40.975241] pebble[661]: Pebble 2023/01/21 19:52:32 Issued certificate serial 3c85c77aadb91006 for order t2cg0lVssG9UFFvR8u98hxtFT0HuFHCYAEAnnICQNYA
acme # [ 40.977939] pebble[661]: Pebble 2023/01/21 19:52:32 POST /my-order/ -> calling handler()
acme # [ 40.981299] pebble[661]: Pebble 2023/01/21 19:52:32 POST /certZ/ -> calling handler()
webserver # [ 40.882965] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] [http.example.test] Server responded with a certificate.
webserver # [ 40.886378] acme-http.example.test-start[1502]: + mv domainhash.txt certificates/
webserver # [ 40.895397] acme-http.example.test-start[1502]: + chown acme:acme certificates/domainhash.txt certificates/http.example.test.crt certificates/http.example.test.issuer.crt certificates/http.example.test.json certificates/http.example.test.key
webserver # [ 40.902503] acme-http.example.test-start[1502]: + cmp -s certificates/http.example.test.crt out/fullchain.pem
webserver # [ 40.905846] acme-http.example.test-start[1502]: + touch out/renewed
webserver # [ 40.911221] acme-http.example.test-start[1502]: + echo Installing new certificate
webserver # [ 40.912262] acme-http.example.test-start[1502]: Installing new certificate
webserver # [ 40.913155] acme-http.example.test-start[1502]: + cp -vp certificates/http.example.test.crt out/fullchain.pem
webserver # [ 40.918232] acme-http.example.test-start[1517]: 'certificates/http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 40.919935] acme-http.example.test-start[1502]: + cp -vp certificates/http.example.test.key out/key.pem
webserver # [ 40.924403] acme-http.example.test-start[1518]: 'certificates/http.example.test.key' -> 'out/key.pem'
webserver # [ 40.926035] acme-http.example.test-start[1502]: + cp -vp certificates/http.example.test.issuer.crt out/chain.pem
webserver # [ 40.930838] acme-http.example.test-start[1519]: 'certificates/http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 40.932329] acme-http.example.test-start[1502]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 40.937830] acme-http.example.test-start[1502]: + cat out/key.pem out/fullchain.pem
webserver # [ 40.943590] acme-http.example.test-start[1502]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 40.972152] systemd[1]: acme-http.example.test.service: Deactivated successfully.
webserver # [ 40.973071] systemd[1]: Finished Renew ACME certificate for http.example.test.
webserver # [ 40.973788] systemd[1]: acme-http.example.test.service: Consumed 163ms CPU time, received 13.4K IP traffic, sent 9.2K IP traffic.
webserver # [ 41.030809] nixos[1356]: finished switching to system configuration /nix/store/a3215x68bg25ns835r5xlpn7ysw9aji1-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/accountchange/bin/switch-to-configuration test, in 7.04 seconds)
webserver: waiting for unit acme-finished-http.example.test.target
(finished: waiting for unit acme-finished-http.example.test.target, in 0.06 seconds)
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.02 seconds)
First subject in fullchain.pem: subject=cn = http.example.test
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem, in 0.07 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem, in 0.08 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.02 seconds)
(finished: subtest: Handles email change correctly, in 7.36 seconds)
webserver: must succeed: /tmp/specialisation/general/bin/switch-to-configuration test
webserver # [ 42.183417] nixos[1554]: switching to system configuration /nix/store/azqqk7z70crb86bg6h4bmv50p9afhkb7-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-finished-http.example.test.target, acme-fixperms.service, acme-http.example.test.timer, logrotate-checkconf.service
webserver # [ 42.210858] systemd[1]: Stopped target acme-finished-http.example.test.target.
webserver # [ 42.214363] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 42.216046] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 42.220561] systemd[1]: acme-http.example.test.timer: Deactivated successfully.
webserver # [ 42.222440] systemd[1]: Stopped Renew ACME Certificate for http.example.test.
webserver # [ 42.227031] systemd[1]: Stopped target Local File Systems.
webserver # [ 42.231769] systemd[1]: logrotate-checkconf.service: Deactivated successfully.
webserver # [ 42.233872] systemd[1]: Stopped Logrotate configuration check.
webserver # [ 42.237438] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 42.240468] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 42.442344] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 42.449112] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 42.452773] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (24)
webserver # [ 42.453425] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 42.453949] nscd[901]: 901 monitoring file `/etc/group` (27)
webserver # [ 42.454484] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 42.457176] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 42.459854] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 42.462754] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (24)
webserver # [ 42.463777] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 42.464644] nscd[901]: 901 monitoring file `/etc/passwd` (28)
webserver # [ 42.470062] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 42.610728] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 42.618757] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 42.620313] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 42.622212] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 42.624471] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 42.627699] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 42.629692] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 42.634417] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 43.205082] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # reloading the following units: dbus.service
webserver # [ 43.981120] systemd[1]: Reloading D-Bus System Message Bus...
webserver # [ 43.998286] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file
webserver # [ 44.028682] dbus-daemon[698]: [system] Reloaded configuration
webserver # [ 44.034171] dbus-send[1702]: method return time=1674330755.589722 sender=org.freedesktop.DBus -> destination=:1.17 serial=3 reply_serial=2
webserver # [ 44.043397] systemd[1]: Reloaded D-Bus System Message Bus.
webserver # [ 44.048816] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service
webserver # [ 44.077509] dbus-daemon[698]: [system] Reloaded configuration
webserver # [ 44.098716] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 44.129225] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 44.139693] systemd[1]: Reached target Local File Systems.
webserver # [ 44.151487] systemd[1]: Starting Logrotate configuration check...
webserver # [ 44.157771] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 44.175202] logrotate[1707]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
webserver # [ 44.187490] logrotate[1707]: reading config file /nix/store/fi6rzfpmn186wn8a0xqn62xiwkb7cqfw-logrotate.conf
webserver # [ 44.191739] logrotate[1707]: note: 'monthly' overrides previously specified 'weekly'
webserver # [ 44.198637] systemd[1]: Reached target Remote File Systems.
webserver # [ 44.199473] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 44.203267] systemd[1]: Starting Generate self-signed certificate for a.example.test...
webserver # [ 44.208178] systemd[1]: Starting Generate self-signed certificate for b.example.test...
webserver # [ 44.213615] systemd[1]: Starting Generate self-signed certificate for c.example.test...
webserver # [ 44.220255] logrotate[1707]: Reading state from file: /var/lib/logrotate.status
webserver # [ 44.221151] logrotate[1707]: state file /var/lib/logrotate.status does not exist
webserver # [ 44.221984] logrotate[1707]: Allocating hash table for state file, size 64 entries
webserver # [ 44.222975] logrotate[1707]: Handling 3 logs
webserver # [ 44.223751] logrotate[1707]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
webserver # [ 44.224792] logrotate[1707]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 44.229430] logrotate[1707]: considering log /var/log/btmp
webserver # [ 44.232139] logrotate[1707]: Creating new state
webserver # [ 44.232648] logrotate[1707]: Now: 2023-01-21 19:52
webserver # [ 44.233702] logrotate[1707]: Last rotated at 2023-01-21 19:00
webserver # [ 44.234613] logrotate[1707]: log does not need rotating (log has already been rotated)
webserver # [ 44.235847] logrotate[1707]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
webserver # [ 44.254370] logrotate[1707]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 44.261325] logrotate[1707]: considering log /var/log/wtmp
webserver # [ 44.266750] logrotate[1707]: Creating new state
webserver # [ 44.268801] logrotate[1707]: Now: 2023-01-21 19:52
webserver # [ 44.271396] logrotate[1707]: Last rotated at 2023-01-21 19:00
webserver # [ 44.280323] logrotate[1707]: log does not need rotating (log has already been rotated)
webserver # [ 44.287175] logrotate[1707]: rotating pattern: "/var/log/nginx/*.log" weekly (26 rotations)
webserver # [ 44.292752] logrotate[1707]: empty log files are not rotated, old logs are removed
webserver # [ 44.297296] logrotate[1707]: switching euid from 0 to 60 and egid from 0 to 60 (pid 1707)
webserver # [ 44.305434] logrotate[1707]: considering log /var/log/nginx/*.log
webserver # [ 44.310673] logrotate[1707]: log /var/log/nginx/*.log does not exist -- skipping
webserver # [ 44.313306] logrotate[1707]: Creating new state
webserver # [ 44.313819] logrotate[1707]: switching euid from 60 to 0 and egid from 60 to 0 (pid 1707)
webserver # [ 44.324228] systemd[1]: Finished Logrotate configuration check.
webserver # [ 44.332036] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 44.338165] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 44.342971] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 44.347103] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 44.350964] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 44.356241] systemd[1]: Started Renew ACME Certificate for a.example.test.
webserver # [ 44.360106] systemd[1]: Started Renew ACME Certificate for b.example.test.
webserver # [ 44.360877] systemd[1]: Started Renew ACME Certificate for c.example.test.
webserver # [ 44.924314] systemd[1]: acme-selfsigned-c.example.test.service: Deactivated successfully.
webserver # [ 44.925107] systemd[1]: Finished Generate self-signed certificate for c.example.test.
webserver # [ 45.142600] systemd[1]: acme-selfsigned-b.example.test.service: Deactivated successfully.
webserver # [ 45.143745] systemd[1]: Finished Generate self-signed certificate for b.example.test.
webserver # [ 45.164560] systemd[1]: acme-selfsigned-a.example.test.service: Deactivated successfully.
webserver # [ 45.165666] systemd[1]: Finished Generate self-signed certificate for a.example.test.
webserver # [ 45.176811] systemd[1]: Starting Nginx Web Server...
webserver # [ 45.496477] nginx-pre-start[1746]: nginx: the configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf syntax is ok
webserver # [ 45.498260] nginx-pre-start[1746]: nginx: configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf test is successful
webserver # [ 45.536215] systemd[1]: Started Nginx Web Server.
webserver # [ 45.548253] systemd[1]: Starting Renew ACME certificate for a.example.test...
webserver # [ 45.672332] acme-a.example.test-start[1748]: + set -euo pipefail
webserver # [ 45.673790] acme-a.example.test-start[1749]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 45.681036] acme-a.example.test-start[1749]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 45.687925] acme-a.example.test-start[1748]: + echo 9c8503f9419119933b04
webserver # [ 45.689325] acme-a.example.test-start[1748]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 45.692963] acme-a.example.test-start[1748]: + lego --accept-tos --path . -d a.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
webserver # [ 45.742584] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: using the "epoll" event method
webserver # [ 45.743714] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: nginx/1.22.1
webserver # [ 45.744965] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: built by gcc 11.3.0 (GCC)
webserver # [ 45.745869] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: OS: Linux 5.15.89
webserver # [ 45.747202] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 45.748841] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: start worker processes
webserver # [ 45.750611] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: start worker process 1757
acme # [ 45.912555] pebble[661]: Pebble 2023/01/21 19:52:37 GET /dir -> calling handler()
webserver # [ 45.815404] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: Obtaining bundled SAN certificate
acme # [ 45.919389] pebble[661]: Pebble 2023/01/21 19:52:37 HEAD /nonce-plz -> calling handler()
acme # [ 45.924190] pebble[661]: Pebble 2023/01/21 19:52:37 POST /order-plz -> calling handler()
acme # [ 45.927601] pebble[661]: Pebble 2023/01/21 19:52:37 There are now 4 authorizations in the db
acme # [ 45.931118] pebble[661]: Pebble 2023/01/21 19:52:37 Added order "qegQHmPSueQdENGAyLfbu7yLOUVXPHu2OYfY8RSIL9I" to the db
acme # [ 45.935625] pebble[661]: Pebble 2023/01/21 19:52:37 There are now 4 orders in the db
webserver # [ 45.881862] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] AuthURL: https://acme.test/authZ/_HvrWt4cvhzSVrkB-hEsbZQZPXGJJ45EMcrZxcqZGGE
webserver # [ 45.883642] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 45.982723] pebble[661]: Pebble 2023/01/21 19:52:37 POST /authZ/ -> calling handler()
webserver # [ 45.886850] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: use http-01 solver
webserver # [ 45.888687] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: Trying to solve HTTP-01
acme # [ 45.993788] pebble[661]: Pebble 2023/01/21 19:52:37 POST /chalZ/ -> calling handler()
acme # [ 46.000938] pebble[661]: Pebble 2023/01/21 19:52:37 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"a.example.test"}, Challenge:(*core.Challenge)(0xc0001b85a0), Account:(*core.Account)(0xc0001c8f00)}
acme # [ 46.010864] pebble[661]: Pebble 2023/01/21 19:52:37 Starting 3 validations.
acme # [ 46.015061] pebble[661]: Pebble 2023/01/21 19:52:37 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/rQGgp33AJvIeMkRNhi8iIFc4Bh-_-afZKhuB_MPs2yA
acme # [ 46.021345] pebble[661]: Pebble 2023/01/21 19:52:37 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/rQGgp33AJvIeMkRNhi8iIFc4Bh-_-afZKhuB_MPs2yA
acme # [ 46.027722] pebble[661]: Pebble 2023/01/21 19:52:37 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/rQGgp33AJvIeMkRNhi8iIFc4Bh-_-afZKhuB_MPs2yA
acme # [ 46.034256] pebble[661]: Pebble 2023/01/21 19:52:37 POST /authZ/ -> calling handler()
acme # [ 46.037559] pebble[661]: Pebble 2023/01/21 19:52:37 authz _HvrWt4cvhzSVrkB-hEsbZQZPXGJJ45EMcrZxcqZGGE set VALID by completed challenge kP6wLFkl4grkDrYtbR0--YaXy-KoHmABfrVJA7Pjny0
acme # [ 52.074995] pebble[661]: Pebble 2023/01/21 19:52:43 POST /authZ/ -> calling handler()
webserver # [ 51.974122] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] [a.example.test] The server validated our request
webserver # [ 51.979984] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] [a.example.test] acme: Validations succeeded; requesting certificates
acme # [ 52.084294] pebble[661]: Pebble 2023/01/21 19:52:43 POST /finalize-order/ -> calling handler()
webserver # [ 51.986621] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 52.091143] pebble[661]: Pebble 2023/01/21 19:52:43 Order qegQHmPSueQdENGAyLfbu7yLOUVXPHu2OYfY8RSIL9I is fully authorized. Processing finalization
webserver # [ 51.997971] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] [a.example.test] Server responded with a certificate.
acme # [ 52.097428] pebble[661]: Pebble 2023/01/21 19:52:43 Issued certificate serial 345b91e3874984d3 for order qegQHmPSueQdENGAyLfbu7yLOUVXPHu2OYfY8RSIL9I
webserver # [ 52.001218] acme-a.example.test-start[1748]: + mv domainhash.txt certificates/
acme # [ 52.103303] pebble[661]: Pebble 2023/01/21 19:52:43 POST /my-order/ -> calling handler()
acme # [ 52.106458] pebble[661]: Pebble 2023/01/21 19:52:43 POST /certZ/ -> calling handler()
webserver # [ 52.008611] acme-a.example.test-start[1748]: + chown acme:nginx certificates/a.example.test.crt certificates/a.example.test.issuer.crt certificates/a.example.test.json certificates/a.example.test.key certificates/domainhash.txt
webserver # [ 52.016683] acme-a.example.test-start[1748]: + cmp -s certificates/a.example.test.crt out/fullchain.pem
webserver # [ 52.020581] acme-a.example.test-start[1748]: + touch out/renewed
webserver # [ 52.026666] acme-a.example.test-start[1748]: + echo Installing new certificate
webserver # [ 52.027764] acme-a.example.test-start[1748]: Installing new certificate
webserver # [ 52.028532] acme-a.example.test-start[1748]: + cp -vp certificates/a.example.test.crt out/fullchain.pem
webserver # [ 52.034507] acme-a.example.test-start[1762]: 'certificates/a.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 52.036574] acme-a.example.test-start[1748]: + cp -vp certificates/a.example.test.key out/key.pem
webserver # [ 52.041851] acme-a.example.test-start[1763]: 'certificates/a.example.test.key' -> 'out/key.pem'
webserver # [ 52.043947] acme-a.example.test-start[1748]: + cp -vp certificates/a.example.test.issuer.crt out/chain.pem
webserver # [ 52.049056] acme-a.example.test-start[1764]: 'certificates/a.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 52.050821] acme-a.example.test-start[1748]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 52.057145] acme-a.example.test-start[1748]: + cat out/key.pem out/fullchain.pem
webserver # [ 52.063415] acme-a.example.test-start[1748]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 52.098635] systemd[1]: acme-a.example.test.service: Deactivated successfully.
webserver # [ 52.099609] systemd[1]: Finished Renew ACME certificate for a.example.test.
webserver # [ 52.102444] systemd[1]: acme-a.example.test.service: Consumed 190ms CPU time, received 11.2K IP traffic, sent 7.0K IP traffic.
webserver # [ 52.106214] systemd[1]: Reached target acme-account-d590213ed52603e9128d.target.
webserver # [ 52.110826] systemd[1]: Starting Renew ACME certificate for b.example.test...
webserver # [ 52.116441] systemd[1]: Starting Renew ACME certificate for c.example.test...
webserver # [ 52.240733] acme-b.example.test-start[1772]: + set -euo pipefail
webserver # [ 52.242596] acme-b.example.test-start[1774]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 52.244938] acme-c.example.test-start[1773]: + set -euo pipefail
webserver # [ 52.246555] acme-c.example.test-start[1775]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 52.256137] acme-b.example.test-start[1774]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 52.257581] acme-c.example.test-start[1775]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 52.266706] acme-b.example.test-start[1772]: + echo 0fe0254e2c124c865860
webserver # [ 52.267674] acme-b.example.test-start[1772]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 52.269922] acme-c.example.test-start[1773]: + echo ced4ccfc78dd04ff3014
webserver # [ 52.273018] acme-c.example.test-start[1773]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 52.275328] acme-c.example.test-start[1773]: + lego --accept-tos --path . -d c.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
webserver # [ 52.286097] acme-b.example.test-start[1772]: + lego --accept-tos --path . -d b.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
acme # [ 52.530784] pebble[661]: Pebble 2023/01/21 19:52:44 GET /dir -> calling handler()
webserver # [ 52.436789] acme-b.example.test-start[1780]: 2023/01/21 19:52:43 [INFO] [b.example.test] acme: Obtaining bundled SAN certificate
acme # [ 52.538199] pebble[661]: Pebble 2023/01/21 19:52:44 GET /dir -> calling handler()
webserver # [ 52.439492] acme-c.example.test-start[1781]: 2023/01/21 19:52:43 [INFO] [c.example.test] acme: Obtaining bundled SAN certificate
acme # [ 52.541698] pebble[661]: Pebble 2023/01/21 19:52:44 HEAD /nonce-plz -> calling handler()
acme # [ 52.546339] pebble[661]: Pebble 2023/01/21 19:52:44 POST /order-plz -> calling handler()
acme # [ 52.550722] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 5 authorizations in the db
acme # [ 52.554058] pebble[661]: Pebble 2023/01/21 19:52:44 Added order "c-642suO1aktXr4AAPEbU1552mv1e7mKdAPpIm1rBzQ" to the db
acme # [ 52.558199] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 5 orders in the db
acme # [ 52.561326] pebble[661]: Pebble 2023/01/21 19:52:44 HEAD /nonce-plz -> calling handler()
acme # [ 52.564562] pebble[661]: Pebble 2023/01/21 19:52:44 POST /order-plz -> calling handler()
acme # [ 52.567780] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 6 authorizations in the db
acme # [ 52.571156] pebble[661]: Pebble 2023/01/21 19:52:44 Added order "I7IO4F6DPgxA9CpCj_pO2hIZRalhM_NoEj5nF4h80xY" to the db
acme # [ 52.575669] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 6 orders in the db
webserver # [ 52.502620] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] AuthURL: https://acme.test/authZ/xmHXMD0IstpgGhmVTIt9e7AsjA8Teiw_GSYWSlH3VHc
webserver # [ 52.504205] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 52.506165] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] acme: use http-01 solver
acme # [ 52.603396] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler()
webserver # [ 52.507738] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] acme: Trying to solve HTTP-01
webserver # [ 52.510644] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] AuthURL: https://acme.test/authZ/O38eH0V5tOJB7m_x-qV-OEuDPPnZifmHxtuaHeiiPoE
webserver # [ 52.512147] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 52.513367] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] acme: use http-01 solver
webserver # [ 52.515215] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] acme: Trying to solve HTTP-01
acme # [ 52.611473] pebble[661]: Pebble 2023/01/21 19:52:44 POST /chalZ/ -> calling handler()
acme # [ 52.620463] pebble[661]: Pebble 2023/01/21 19:52:44 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"b.example.test"}, Challenge:(*core.Challenge)(0xc0001b8fa0), Account:(*core.Account)(0xc0001c8f00)}
acme # [ 52.630073] pebble[661]: Pebble 2023/01/21 19:52:44 Starting 3 validations.
acme # [ 52.630876] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://b.example.test:80/.well-known/acme-challenge/9yq7FQjYYW4T2C_BSQA5a1Dbpg3rhLYeAPg75rHhqAU
acme # [ 52.632429] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://b.example.test:80/.well-known/acme-challenge/9yq7FQjYYW4T2C_BSQA5a1Dbpg3rhLYeAPg75rHhqAU
acme # [ 52.634015] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://b.example.test:80/.well-known/acme-challenge/9yq7FQjYYW4T2C_BSQA5a1Dbpg3rhLYeAPg75rHhqAU
acme # [ 52.635599] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler()
acme # [ 52.636462] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler()
acme # [ 52.637366] pebble[661]: Pebble 2023/01/21 19:52:44 POST /chalZ/ -> calling handler()
acme # [ 52.638198] pebble[661]: Pebble 2023/01/21 19:52:44 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"c.example.test"}, Challenge:(*core.Challenge)(0xc0001b9540), Account:(*core.Account)(0xc0001c8f00)}
acme # [ 52.640465] pebble[661]: Pebble 2023/01/21 19:52:44 Starting 3 validations.
acme # [ 52.641248] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://c.example.test:80/.well-known/acme-challenge/MBoRr4R8y7MhnttV5nKkt3Am5AD_9IfEh5bjcizGq2E
acme # [ 52.642816] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://c.example.test:80/.well-known/acme-challenge/MBoRr4R8y7MhnttV5nKkt3Am5AD_9IfEh5bjcizGq2E
acme # [ 52.644358] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://c.example.test:80/.well-known/acme-challenge/MBoRr4R8y7MhnttV5nKkt3Am5AD_9IfEh5bjcizGq2E
acme # [ 52.645897] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler()
acme # [ 52.646761] pebble[661]: Pebble 2023/01/21 19:52:44 authz O38eH0V5tOJB7m_x-qV-OEuDPPnZifmHxtuaHeiiPoE set VALID by completed challenge aBE7VjARGYrXubikilfGofm0L9puGfXpSnh-d9jHh60
acme # [ 52.648357] pebble[661]: Pebble 2023/01/21 19:52:44 authz xmHXMD0IstpgGhmVTIt9e7AsjA8Teiw_GSYWSlH3VHc set VALID by completed challenge NYBfZ3H6A6ESMwxojXsVMUNuQRW6Qef4njwvwIptm2I
webserver # [ 55.864258] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] [c.example.test] The server validated our request
webserver # [ 55.865408] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] [c.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 55.867786] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 55.964659] pebble[661]: Pebble 2023/01/21 19:52:47 POST /authZ/ -> calling handler()
acme # [ 55.971306] pebble[661]: Pebble 2023/01/21 19:52:47 POST /finalize-order/ -> calling handler()
acme # [ 55.976774] pebble[661]: Pebble 2023/01/21 19:52:47 Order I7IO4F6DPgxA9CpCj_pO2hIZRalhM_NoEj5nF4h80xY is fully authorized. Processing finalization
acme # [ 55.983444] pebble[661]: Pebble 2023/01/21 19:52:47 Issued certificate serial 7ef7415a2ee0a88a for order I7IO4F6DPgxA9CpCj_pO2hIZRalhM_NoEj5nF4h80xY
webserver # [ 55.883976] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] [c.example.test] Server responded with a certificate.
acme # [ 55.988057] pebble[661]: Pebble 2023/01/21 19:52:47 POST /my-order/ -> calling handler()
acme # [ 55.989212] pebble[661]: Pebble 2023/01/21 19:52:47 POST /certZ/ -> calling handler()
webserver # [ 55.888715] acme-c.example.test-start[1773]: + mv domainhash.txt certificates/
webserver # [ 55.895170] acme-c.example.test-start[1773]: + chown acme:nginx certificates/c.example.test.crt certificates/c.example.test.issuer.crt certificates/c.example.test.json certificates/c.example.test.key certificates/domainhash.txt
webserver # [ 55.903383] acme-c.example.test-start[1773]: + cmp -s certificates/c.example.test.crt out/fullchain.pem
webserver # [ 55.907051] acme-c.example.test-start[1773]: + touch out/renewed
webserver # [ 55.912728] acme-c.example.test-start[1773]: + echo Installing new certificate
webserver # [ 55.913652] acme-c.example.test-start[1773]: Installing new certificate
webserver # [ 55.914597] acme-c.example.test-start[1773]: + cp -vp certificates/c.example.test.crt out/fullchain.pem
webserver # [ 55.920236] acme-c.example.test-start[1794]: 'certificates/c.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 55.922248] acme-c.example.test-start[1773]: + cp -vp certificates/c.example.test.key out/key.pem
webserver # [ 55.928198] acme-c.example.test-start[1795]: 'certificates/c.example.test.key' -> 'out/key.pem'
webserver # [ 55.930113] acme-c.example.test-start[1773]: + cp -vp certificates/c.example.test.issuer.crt out/chain.pem
webserver # [ 55.935498] acme-c.example.test-start[1796]: 'certificates/c.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 55.937153] acme-c.example.test-start[1773]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 55.942639] acme-c.example.test-start[1773]: + cat out/key.pem out/fullchain.pem
webserver # [ 55.948652] acme-c.example.test-start[1773]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 55.982551] systemd[1]: acme-c.example.test.service: Deactivated successfully.
webserver # [ 55.983545] systemd[1]: Finished Renew ACME certificate for c.example.test.
webserver # [ 55.986532] systemd[1]: acme-c.example.test.service: Consumed 185ms CPU time, received 11.2K IP traffic, sent 7.1K IP traffic.
webserver # [ 57.315628] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] [b.example.test] The server validated our request
webserver # [ 57.317538] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] [b.example.test] acme: Validations succeeded; requesting certificates
acme # [ 57.416022] pebble[661]: Pebble 2023/01/21 19:52:48 POST /authZ/ -> calling handler()
webserver # [ 57.318871] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 57.421363] pebble[661]: Pebble 2023/01/21 19:52:48 POST /finalize-order/ -> calling handler()
acme # [ 57.423729] pebble[661]: Pebble 2023/01/21 19:52:48 Order c-642suO1aktXr4AAPEbU1552mv1e7mKdAPpIm1rBzQ is fully authorized. Processing finalization
acme # [ 57.425591] pebble[661]: Pebble 2023/01/21 19:52:48 Issued certificate serial 4c9e17bc4bbeeeea for order c-642suO1aktXr4AAPEbU1552mv1e7mKdAPpIm1rBzQ
acme # [ 57.428044] pebble[661]: Pebble 2023/01/21 19:52:48 POST /my-order/ -> calling handler()
acme # [ 57.429258] pebble[661]: Pebble 2023/01/21 19:52:48 POST /certZ/ -> calling handler()
webserver # [ 57.329110] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] [b.example.test] Server responded with a certificate.
webserver # [ 57.331353] acme-b.example.test-start[1772]: + mv domainhash.txt certificates/
webserver # [ 57.337364] acme-b.example.test-start[1772]: + chown acme:nginx certificates/b.example.test.crt certificates/b.example.test.issuer.crt certificates/b.example.test.json certificates/b.example.test.key certificates/domainhash.txt
webserver # [ 57.345033] acme-b.example.test-start[1772]: + cmp -s certificates/b.example.test.crt out/fullchain.pem
webserver # [ 57.348453] acme-b.example.test-start[1772]: + touch out/renewed
webserver # [ 57.353540] acme-b.example.test-start[1772]: + echo Installing new certificate
webserver # [ 57.355192] acme-b.example.test-start[1772]: Installing new certificate
webserver # [ 57.356064] acme-b.example.test-start[1772]: + cp -vp certificates/b.example.test.crt out/fullchain.pem
webserver # [ 57.361287] acme-b.example.test-start[1808]: 'certificates/b.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 57.363327] acme-b.example.test-start[1772]: + cp -vp certificates/b.example.test.key out/key.pem
webserver # [ 57.368438] acme-b.example.test-start[1809]: 'certificates/b.example.test.key' -> 'out/key.pem'
webserver # [ 57.370335] acme-b.example.test-start[1772]: + cp -vp certificates/b.example.test.issuer.crt out/chain.pem
webserver # [ 57.375179] acme-b.example.test-start[1810]: 'certificates/b.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 57.377414] acme-b.example.test-start[1772]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 57.382467] acme-b.example.test-start[1772]: + cat out/key.pem out/fullchain.pem
webserver # [ 57.388147] acme-b.example.test-start[1772]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 57.423739] systemd[1]: acme-b.example.test.service: Deactivated successfully.
webserver # [ 57.424687] systemd[1]: Finished Renew ACME certificate for b.example.test.
webserver # [ 57.426267] systemd[1]: acme-b.example.test.service: Consumed 182ms CPU time, received 11.2K IP traffic, sent 7.1K IP traffic.
webserver # [ 57.430489] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 57.480312] systemd[1]: Reloading Nginx Web Server...
webserver # [ 57.581494] nginx[1820]: nginx: the configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf syntax is ok
webserver # [ 57.583028] nginx[1820]: nginx: configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf test is successful
webserver # [ 57.642228] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: signal 1 (SIGHUP) received from 1821, reconfiguring
webserver # [ 57.643423] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: reconfiguring
webserver # [ 57.654185] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 57.659990] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 57.661461] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 57.665364] systemd[1]: Reached target acme-finished-a.example.test.target.
webserver # [ 57.667713] systemd[1]: Reached target acme-finished-b.example.test.target.
webserver # [ 57.677604] systemd[1]: Reached target acme-finished-c.example.test.target.
webserver # [ 57.718080] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: using the "epoll" event method
webserver # [ 57.722661] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: start worker processes
webserver # [ 57.723588] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: start worker process 1823
webserver # the following new units were started: acme-a.example.test.timer, acme-account-d590213ed52603e9128d.target, acme-b.example.test.timer, acme-c.example.test.timer, acme-finished-a.example.test.target, acme-finished-b.example.test.target, acme-finished-c.example.test.target, nginx.service
webserver # [ 57.769777] nixos[1554]: finished switching to system configuration /nix/store/azqqk7z70crb86bg6h4bmv50p9afhkb7-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/general/bin/switch-to-configuration test, in 16.46 seconds)
subtest: Can request certificate with HTTP-01 challenge
webserver: waiting for unit acme-finished-a.example.test.target
webserver # [ 57.826151] nginx[1757]: 2023/01/21 19:52:49 [notice] 1757#1757: gracefully shutting down
webserver # [ 57.827099] nginx[1757]: 2023/01/21 19:52:49 [notice] 1757#1757: exiting
webserver # [ 57.827818] nginx[1757]: 2023/01/21 19:52:49 [notice] 1757#1757: exit
webserver # [ 57.831871] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: signal 17 (SIGCHLD) received from 1757
webserver # [ 57.833099] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: worker process 1757 exited with code 0
webserver # [ 57.834994] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: signal 29 (SIGIO) received
(finished: waiting for unit acme-finished-a.example.test.target, in 0.08 seconds)
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.03 seconds)
First subject in fullchain.pem: subject=cn = a.example.test
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem, in 0.11 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem, in 0.10 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: waiting for unit nginx.service
(finished: waiting for unit nginx.service, in 0.06 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1
webserver # [ 58.251860] nginx[1823]: 2023/01/21 19:52:49 [info] 1823#1823: *10 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1, in 0.08 seconds)
(finished: subtest: Can request certificate with HTTP-01 challenge, in 0.46 seconds)
subtest: Runs 1 cert for account creation before others
webserver: waiting for unit acme-finished-b.example.test.target
(finished: waiting for unit acme-finished-b.example.test.target, in 0.06 seconds)
webserver: waiting for unit acme-finished-c.example.test.target
(finished: waiting for unit acme-finished-c.example.test.target, in 0.06 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername b.example.test -connect b.example.test:443 < /dev/null 2>&1
webserver # [ 58.411604] nginx[1823]: 2023/01/21 19:52:49 [info] 1823#1823: *11 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername b.example.test -connect b.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername c.example.test -connect c.example.test:443 < /dev/null 2>&1
webserver # [ 58.439285] nginx[1823]: 2023/01/21 19:52:49 [info] 1823#1823: *12 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername c.example.test -connect c.example.test:443 < /dev/null 2>&1, in 0.02 seconds)
(finished: subtest: Runs 1 cert for account creation before others, in 0.18 seconds)
subtest: Certificates and accounts have safe + valid permissions
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5
webserver # 640 acme nginx
webserver # 640 acme nginx
webserver # 640 acme nginx
webserver # 640 acme nginx
webserver # 640 acme nginx
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5, in 0.03 seconds)
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/.lego/a.example.test/**/a.example.test* | tee /dev/stderr | grep '600 acme nginx' | wc -l) -eq 4
webserver # 600 acme nginx
webserver # 600 acme nginx
webserver # 600 acme nginx
webserver # 600 acme nginx
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/.lego/a.example.test/**/a.example.test* | tee /dev/stderr | grep '600 acme nginx' | wc -l) -eq 4, in 0.03 seconds)
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test | tee /dev/stderr | grep '750 acme nginx' | wc -l) -eq 1
webserver # 750 acme nginx
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test | tee /dev/stderr | grep '750 acme nginx' | wc -l) -eq 1, in 0.02 seconds)
webserver: must succeed: test $(find /var/lib/acme/accounts -type f -exec stat -L -c '%a %U %G' {} \; | tee /dev/stderr | grep -v '600 acme nginx' | wc -l) -eq 0
webserver # find: ‘/var/lib/acme/accounts’: No such file or directory
(finished: must succeed: test $(find /var/lib/acme/accounts -type f -exec stat -L -c '%a %U %G' {} \; | tee /dev/stderr | grep -v '600 acme nginx' | wc -l) -eq 0, in 0.03 seconds)
(finished: subtest: Certificates and accounts have safe + valid permissions, in 0.11 seconds)
subtest: Can generate valid selfsigned certs
webserver: must succeed: systemctl clean acme-a.example.test.service --what=state
webserver # [ 58.599056] systemd[1]: acme-a.example.test.service: Deactivated successfully.
webserver # [ 58.600513] systemd[1]: acme-a.example.test.service: Consumed 1ms CPU time, no IO, received 11.2K IP traffic, sent 7.0K IP traffic.
(finished: must succeed: systemctl clean acme-a.example.test.service --what=state, in 0.06 seconds)
webserver: must succeed: systemctl start acme-selfsigned-a.example.test.service
webserver # [ 58.641397] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 58.649846] systemd[1]: Starting Generate self-signed certificate for a.example.test...
webserver # [ 59.192600] systemd[1]: acme-selfsigned-a.example.test.service: Deactivated successfully.
webserver # [ 59.193707] systemd[1]: Finished Generate self-signed certificate for a.example.test.
(finished: must succeed: systemctl start acme-selfsigned-a.example.test.service, in 0.60 seconds)
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.03 seconds)
First subject in fullchain.pem: subject=cn = a.example.test
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem, in 0.10 seconds)
cert.pem issuer: CN = minica root ca 26429f
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem, in 0.10 seconds)
fullchain.pem issuer: CN = minica root ca 26429f
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5
webserver # 640 acme nginx
webserver # 640 acme nginx
webserver # 640 acme nginx
webserver # 640 acme nginx
webserver # 640 acme nginx
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5, in 0.04 seconds)
webserver: must succeed: systemctl start nginx-config-reload.service
webserver # [ 59.520832] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 59.578372] systemd[1]: Reloading Nginx Web Server...
webserver # [ 59.681306] nginx[1929]: nginx: the configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf syntax is ok
webserver # [ 59.682728] nginx[1929]: nginx: configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf test is successful
webserver # [ 59.741994] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: signal 1 (SIGHUP) received from 1930, reconfiguring
webserver # [ 59.743171] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: reconfiguring
webserver # [ 59.753691] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 59.758967] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 59.762470] systemd[1]: Finished nginx-config-reload.service.
(finished: must succeed: systemctl start nginx-config-reload.service, in 0.29 seconds)
(finished: subtest: Can generate valid selfsigned certs, in 1.22 seconds)
subtest: Correctly implements OCSP stapling
webserver # [ 59.811014] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: using the "epoll" event method
webserver # [ 59.812480] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: start worker processes
webserver # [ 59.814727] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: start worker process 1939
webserver: must succeed: /tmp/specialisation/ocsp-stapling/bin/switch-to-configuration test
webserver # [ 59.917487] nginx[1823]: 2023/01/21 19:52:51 [notice] 1823#1823: gracefully shutting down
webserver # [ 59.918504] nginx[1823]: 2023/01/21 19:52:51 [notice] 1823#1823: exiting
webserver # [ 59.919320] nginx[1823]: 2023/01/21 19:52:51 [notice] 1823#1823: exit
webserver # [ 59.921750] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: signal 17 (SIGCHLD) received from 1823
webserver # [ 59.922830] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: worker process 1823 exited with code 0
webserver # [ 59.924614] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: signal 29 (SIGIO) received
webserver # [ 60.626260] nixos[1940]: switching to system configuration /nix/store/9cxh8qddxwmnby00v8vb5i4nlfp3p3jj-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-b.example.test.timer, acme-c.example.test.timer, acme-finished-b.example.test.target, acme-finished-c.example.test.target, acme-fixperms.service
webserver # [ 60.649637] systemd[1]: acme-b.example.test.timer: Deactivated successfully.
webserver # [ 60.651210] systemd[1]: Stopped Renew ACME Certificate for b.example.test.
webserver # [ 60.654470] systemd[1]: acme-c.example.test.timer: Deactivated successfully.
webserver # [ 60.655779] systemd[1]: Stopped Renew ACME Certificate for c.example.test.
webserver # [ 60.659291] systemd[1]: Stopped target acme-finished-b.example.test.target.
webserver # [ 60.662336] systemd[1]: Stopped target acme-finished-c.example.test.target.
webserver # [ 60.665488] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 60.668311] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 60.672789] systemd[1]: Stopped target Local File Systems.
webserver # [ 60.676920] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 60.681360] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 60.936550] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 60.944098] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 60.948439] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (30)
webserver # [ 60.949255] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 60.949927] nscd[901]: 901 monitoring file `/etc/group` (33)
webserver # [ 60.950611] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 60.954956] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 60.956755] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 60.960072] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (30)
webserver # [ 60.960854] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 60.963792] nscd[901]: 901 monitoring file `/etc/passwd` (34)
webserver # [ 60.968159] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 61.102798] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 61.111522] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 61.113274] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 61.114305] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 61.116413] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 61.118598] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 61.120560] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 61.124605] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 61.710718] systemd[1]: Reloading.
webserver # [ 62.250834] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed.
webserver # setting up tmpfiles
webserver # restarting the following units: acme-a.example.test.timer, nginx.service
webserver # [ 62.413042] systemd[1]: acme-a.example.test.timer: Deactivated successfully.
webserver # [ 62.417883] systemd[1]: Stopped Renew ACME Certificate for a.example.test.
webserver # [ 62.421828] systemd[1]: Stopping Renew ACME Certificate for a.example.test...
webserver # [ 62.429780] systemd[1]: Started Renew ACME Certificate for a.example.test.
webserver # [ 62.436242] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 62.440964] systemd[1]: Stopping Nginx Web Server...
webserver # [ 62.443792] nginx[1939]: 2023/01/21 19:52:53 [notice] 1939#1939: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 62.449389] nginx[1939]: 2023/01/21 19:52:53 [notice] 1939#1939: exiting
webserver # [ 62.452655] nginx[1939]: 2023/01/21 19:52:53 [notice] 1939#1939: exit
webserver # [ 62.456220] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: signal 17 (SIGCHLD) received from 1939
webserver # [ 62.470198] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: worker process 1939 exited with code 0
webserver # [ 62.487026] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: exit
webserver # [ 62.493449] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 62.498962] systemd[1]: Stopped Nginx Web Server.
webserver # [ 62.503348] systemd[1]: nginx.service: Consumed 531ms CPU time, read 0B from disk, written 8.0K to disk, received 6.9K IP traffic, sent 13.5K IP traffic.
webserver # [ 62.513429] systemd[1]: Starting Nginx Web Server...
webserver # [ 62.598559] nginx-pre-start[2091]: nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/var/lib/acme/a.example.test/fullchain.pem"
webserver # [ 62.606568] nginx-pre-start[2091]: nginx: the configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf syntax is ok
webserver # [ 62.611336] nginx-pre-start[2091]: nginx: configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf test is successful
webserver # [ 62.629188] systemd[1]: Started Nginx Web Server.
webserver # starting the following units: acme-fixperms.service
webserver # [ 62.681790] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 62.686354] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 62.720109] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 62.759726] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 62.778932] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 62.783714] systemd[1]: Reached target Remote File Systems.
webserver # [ 62.800085] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 62.811240] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 62.817815] systemd[1]: Reached target Local File Systems.
webserver # [ 62.822778] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 62.825154] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 62.828253] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 62.836343] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 62.848415] systemd[1]: Generate self-signed certificate for a.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/a.example.test/key.pem).
webserver # [ 62.853253] systemd[1]: Starting Renew ACME certificate for a.example.test...
webserver # [ 62.896878] nginx[2092]: nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/var/lib/acme/a.example.test/fullchain.pem"
webserver # [ 62.901117] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: using the "epoll" event method
webserver # [ 62.902192] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: nginx/1.22.1
webserver # [ 62.903802] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: built by gcc 11.3.0 (GCC)
webserver # [ 62.904698] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: OS: Linux 5.15.89
webserver # [ 62.906117] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 62.908087] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: start worker processes
webserver # [ 62.909978] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: start worker process 2101
webserver # [ 62.939619] acme-a.example.test-start[2100]: + set -euo pipefail
webserver # [ 62.941201] acme-a.example.test-start[2102]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 62.948482] acme-a.example.test-start[2102]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 62.957817] acme-a.example.test-start[2100]: + echo 9c8503f9419119933b04
webserver # [ 62.958996] acme-a.example.test-start[2100]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 62.963388] acme-a.example.test-start[2100]: + lego --accept-tos --path . -d a.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run --must-staple
webserver # [ 63.003970] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 No key found for account hostmaster@example.test. Generating a P256 key.
webserver # [ 63.011737] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key
acme # [ 63.167138] pebble[661]: Pebble 2023/01/21 19:52:54 GET /dir -> calling handler()
webserver # [ 63.069363] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] acme: Registering account for hostmaster@example.test
acme # [ 63.176511] pebble[661]: Pebble 2023/01/21 19:52:54 HEAD /nonce-plz -> calling handler()
webserver # [ 63.080830] acme-a.example.test-start[2105]: !!!! HEADS UP !!!!
acme # [ 63.181401] pebble[661]: Pebble 2023/01/21 19:52:54 POST /sign-me-up -> calling handler()
acme # [ 63.185976] pebble[661]: Pebble 2023/01/21 19:52:54 There are now 3 accounts in memory
webserver # [ 63.083732] acme-a.example.test-start[2105]: Your account credentials have been saved in your Let's Encrypt
webserver # [ 63.087987] acme-a.example.test-start[2105]: configuration directory at "accounts".
acme # [ 63.189589] pebble[661]: Pebble 2023/01/21 19:52:54 POST /order-plz -> calling handler()
webserver # [ 63.091466] acme-a.example.test-start[2105]: You should make a secure backup of this folder now. This
webserver # [ 63.095109] acme-a.example.test-start[2105]: configuration directory will also contain certificates and
webserver # [ 63.098730] acme-a.example.test-start[2105]: private keys obtained from Let's Encrypt so making regular
webserver # [ 63.102492] acme-a.example.test-start[2105]: backups of this folder is ideal.
webserver # [ 63.105405] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: Obtaining bundled SAN certificate
webserver # [ 63.110085] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/order-plz :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: TTnERG4RDgc5x8bX3HjEfw
acme # [ 63.356085] pebble[661]: Pebble 2023/01/21 19:52:54 POST /order-plz -> calling handler()
acme # [ 63.357086] pebble[661]: Pebble 2023/01/21 19:52:54 There are now 7 authorizations in the db
acme # [ 63.358057] pebble[661]: Pebble 2023/01/21 19:52:54 Added order "sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4" to the db
acme # [ 63.359201] pebble[661]: Pebble 2023/01/21 19:52:54 There are now 7 orders in the db
acme # [ 63.414551] pebble[661]: Pebble 2023/01/21 19:52:54 POST /authZ/ -> calling handler()
acme # [ 63.419532] pebble[661]: Pebble 2023/01/21 19:52:54 POST /chalZ/ -> calling handler()
webserver # [ 63.314330] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] AuthURL: https://acme.test/authZ/D4tDWxfKHWtAWpcRkvTcNzHGTr_YNwG0vQUBojb5m-8
acme # [ 63.420936] pebble[661]: Pebble 2023/01/21 19:52:54 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"a.example.test"}, Challenge:(*core.Challenge)(0xc0000003c0), Account:(*core.Account)(0xc0002a2d80)}
webserver # [ 63.320877] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 63.424067] pebble[661]: Pebble 2023/01/21 19:52:54 Starting 3 validations.
webserver # [ 63.324099] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: use http-01 solver
acme # [ 63.425842] pebble[661]: Pebble 2023/01/21 19:52:54 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/ckzEn362rjxKfwwcIp1SLmxRt96jBRPW3JMy5I0qKII
webserver # [ 63.325227] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: Trying to solve HTTP-01
acme # [ 63.427253] pebble[661]: Pebble 2023/01/21 19:52:54 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/ckzEn362rjxKfwwcIp1SLmxRt96jBRPW3JMy5I0qKII
acme # [ 63.428636] pebble[661]: Pebble 2023/01/21 19:52:54 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/ckzEn362rjxKfwwcIp1SLmxRt96jBRPW3JMy5I0qKII
acme # [ 63.430041] pebble[661]: Pebble 2023/01/21 19:52:54 POST /authZ/ -> calling handler()
acme # [ 63.430787] pebble[661]: Pebble 2023/01/21 19:52:54 authz D4tDWxfKHWtAWpcRkvTcNzHGTr_YNwG0vQUBojb5m-8 set VALID by completed challenge -dSMn1t-N21NRc66J75CFssfSJyeWTVTOs5JoequOoI
acme # [ 69.101793] pebble[661]: Pebble 2023/01/21 19:53:00 POST /authZ/ -> calling handler()
webserver # [ 69.001278] acme-a.example.test-start[2105]: 2023/01/21 19:53:00 [INFO] [a.example.test] The server validated our request
webserver # [ 69.005150] acme-a.example.test-start[2105]: 2023/01/21 19:53:00 [INFO] [a.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 69.008221] acme-a.example.test-start[2105]: 2023/01/21 19:53:00 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 69.110975] pebble[661]: Pebble 2023/01/21 19:53:00 POST /finalize-order/ -> calling handler()
acme # [ 69.118139] pebble[661]: Pebble 2023/01/21 19:53:00 Order sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4 is fully authorized. Processing finalization
acme # [ 69.124736] pebble[661]: Pebble 2023/01/21 19:53:00 POST /my-order/ -> calling handler()
acme # [ 69.128106] pebble[661]: Pebble 2023/01/21 19:53:00 Issued certificate serial 576b7037abc343ab for order sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4
acme # [ 69.620876] pebble[661]: Pebble 2023/01/21 19:53:01 POST /my-order/ -> calling handler()
webserver # [ 69.519397] acme-a.example.test-start[2105]: 2023/01/21 19:53:01 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/my-order/sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4 :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: gMdggXzrrkLA0T6lTtKi4g
acme # [ 69.915489] pebble[661]: Pebble 2023/01/21 19:53:01 POST /my-order/ -> calling handler()
acme # [ 69.917436] pebble[661]: Pebble 2023/01/21 19:53:01 POST /certZ/ -> calling handler()
webserver # [ 69.818050] acme-a.example.test-start[2105]: 2023/01/21 19:53:01 [INFO] [a.example.test] Server responded with a certificate.
webserver # [ 69.821587] acme-a.example.test-start[2100]: + mv domainhash.txt certificates/
webserver # [ 69.829734] acme-a.example.test-start[2100]: + chown acme:nginx certificates/a.example.test.crt certificates/a.example.test.issuer.crt certificates/a.example.test.json certificates/a.example.test.key certificates/domainhash.txt
webserver # [ 69.838851] acme-a.example.test-start[2100]: + cmp -s certificates/a.example.test.crt out/fullchain.pem
webserver # [ 69.843158] acme-a.example.test-start[2100]: + touch out/renewed
webserver # [ 69.849080] acme-a.example.test-start[2100]: + echo Installing new certificate
webserver # [ 69.850018] acme-a.example.test-start[2100]: Installing new certificate
webserver # [ 69.850840] acme-a.example.test-start[2100]: + cp -vp certificates/a.example.test.crt out/fullchain.pem
webserver # [ 69.860840] acme-a.example.test-start[2114]: 'certificates/a.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 69.865513] acme-a.example.test-start[2100]: + cp -vp certificates/a.example.test.key out/key.pem
webserver # [ 69.873577] acme-a.example.test-start[2115]: 'certificates/a.example.test.key' -> 'out/key.pem'
webserver # [ 69.877583] acme-a.example.test-start[2100]: + cp -vp certificates/a.example.test.issuer.crt out/chain.pem
webserver # [ 69.885474] acme-a.example.test-start[2116]: 'certificates/a.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 69.889682] acme-a.example.test-start[2100]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 69.897993] acme-a.example.test-start[2100]: + cat out/key.pem out/fullchain.pem
webserver # [ 69.907533] acme-a.example.test-start[2100]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 69.947810] systemd[1]: acme-a.example.test.service: Deactivated successfully.
webserver # [ 69.948730] systemd[1]: Finished Renew ACME certificate for a.example.test.
webserver # [ 69.950104] systemd[1]: acme-a.example.test.service: Consumed 183ms CPU time, received 13.5K IP traffic, sent 10.0K IP traffic.
webserver # [ 69.955072] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 70.010704] systemd[1]: Reloading Nginx Web Server...
webserver # [ 70.118164] nginx[2126]: nginx: the configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf syntax is ok
webserver # [ 70.119603] nginx[2126]: nginx: configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf test is successful
webserver # [ 70.173736] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: signal 1 (SIGHUP) received from 2127, reconfiguring
webserver # [ 70.175458] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: reconfiguring
webserver # [ 70.186274] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 70.192526] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 70.195750] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 70.221398] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: using the "epoll" event method
webserver # [ 70.222459] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: start worker processes
webserver # [ 70.224038] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: start worker process 2129
webserver # [ 70.261954] nixos[1940]: finished switching to system configuration /nix/store/9cxh8qddxwmnby00v8vb5i4nlfp3p3jj-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/ocsp-stapling/bin/switch-to-configuration test, in 10.46 seconds)
webserver: waiting for unit acme-finished-a.example.test.target
webserver # [ 70.327792] nginx[2101]: 2023/01/21 19:53:01 [notice] 2101#2101: gracefully shutting down
webserver # [ 70.328663] nginx[2101]: 2023/01/21 19:53:01 [notice] 2101#2101: exiting
webserver # [ 70.329332] nginx[2101]: 2023/01/21 19:53:01 [notice] 2101#2101: exit
webserver # [ 70.334826] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: signal 17 (SIGCHLD) received from 2101
webserver # [ 70.336085] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: worker process 2101 exited with code 0
webserver # [ 70.337086] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: signal 29 (SIGIO) received
(finished: waiting for unit acme-finished-a.example.test.target, in 0.08 seconds)
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -ocsp_uri
client # depth=2 CN = Pebble Root CA 07ebd3
client # verify return:1
client # depth=1 CN = Pebble Intermediate CA 4d6099
client # verify return:1
client # depth=0 CN = a.example.test
client # verify return:1
client # DONE
webserver # [ 70.428062] nginx[2129]: 2023/01/21 19:53:01 [info] 2129#2129: *4 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -ocsp_uri, in 0.14 seconds)
OCSP Responder URL: http://acme.test:4002
(finished: subtest: Correctly implements OCSP stapling, in 10.72 seconds)
subtest: Can request certificate with HTTP-01 using lego's internal web server
webserver: must succeed: /tmp/specialisation/lego-server/bin/switch-to-configuration test
webserver # [ 71.381408] nixos[2142]: switching to system configuration /nix/store/ygv4c7n2raf4z061xqsq8dllmpcdr1rq-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-a.example.test.timer, acme-finished-a.example.test.target, acme-fixperms.service
webserver # [ 71.410329] systemd[1]: acme-a.example.test.timer: Deactivated successfully.
webserver # [ 71.411766] systemd[1]: Stopped Renew ACME Certificate for a.example.test.
webserver # [ 71.414655] systemd[1]: Stopped target acme-finished-a.example.test.target.
webserver # [ 71.417245] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 71.418312] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 71.422222] systemd[1]: Stopped target Local File Systems.
webserver # [ 71.426317] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 71.429190] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 71.651698] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 71.659141] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 71.663362] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (36)
webserver # [ 71.664227] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 71.664822] nscd[901]: 901 monitoring file `/etc/group` (39)
webserver # [ 71.665359] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 71.668101] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 71.669789] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 71.672967] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (36)
webserver # [ 71.673568] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 71.674272] nscd[901]: 901 monitoring file `/etc/passwd` (40)
webserver # [ 71.674804] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 71.803083] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 71.812420] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 71.813446] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 71.815165] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 71.816238] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 71.818346] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 71.820111] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 71.821850] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 72.335796] systemd[1]: Reloading.
webserver # [ 72.941709] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed.
webserver # setting up tmpfiles
webserver # restarting the following units: nginx.service
webserver # [ 73.108583] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 73.109771] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 73.113997] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 73.118590] nginx[2129]: 2023/01/21 19:53:04 [notice] 2129#2129: exiting
webserver # [ 73.122781] nginx[2129]: 2023/01/21 19:53:04 [notice] 2129#2129: exit
webserver # [ 73.126582] systemd[1]: Stopping Nginx Web Server...
webserver # [ 73.132475] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: signal 17 (SIGCHLD) received from 2129
webserver # [ 73.141365] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: worker process 2129 exited with code 0
webserver # [ 73.143171] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: exit
webserver # [ 73.143749] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 73.145058] systemd[1]: Stopped Nginx Web Server.
webserver # [ 73.146272] systemd[1]: nginx.service: Consumed 304ms CPU time, received 2.3K IP traffic, sent 4.5K IP traffic.
webserver # [ 73.164660] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 73.169668] systemd[1]: Starting Generate self-signed certificate for lego.example.test...
webserver # [ 73.397520] systemd[1]: acme-selfsigned-lego.example.test.service: Deactivated successfully.
webserver # [ 73.398440] systemd[1]: Finished Generate self-signed certificate for lego.example.test.
webserver # [ 73.405280] systemd[1]: Starting Nginx Web Server...
webserver # [ 73.500198] nginx-pre-start[2308]: nginx: the configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf syntax is ok
webserver # [ 73.501961] nginx-pre-start[2308]: nginx: configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf test is successful
webserver # [ 73.510159] systemd[1]: Started Nginx Web Server.
webserver # starting the following units: acme-fixperms.service
webserver # [ 73.540467] systemd[1]: Starting Renew ACME certificate for lego.example.test...
webserver # [ 73.569304] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 73.572131] systemd[1]: Generate self-signed certificate for lego.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/lego.example.test/key.pem).
webserver # [ 73.599985] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 73.604765] systemd[1]: Reached target Local File Systems.
webserver # [ 73.625642] systemd[1]: Reached target Remote File Systems.
webserver # [ 73.629781] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 73.631738] systemd[1]: Generate self-signed certificate for lego.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/lego.example.test/key.pem).
webserver # [ 73.657548] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 73.670047] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 73.685216] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 73.686780] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 73.689570] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 73.694097] systemd[1]: Started Renew ACME Certificate for lego.example.test.
webserver # [ 73.757370] acme-lego.example.test-start[2311]: + set -euo pipefail
webserver # [ 73.758835] acme-lego.example.test-start[2311]: + echo c6418a03e1c517eb4b15
webserver # [ 73.759693] acme-lego.example.test-start[2311]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 73.767257] acme-lego.example.test-start[2311]: + lego --accept-tos --path . -d lego.example.test --email hostmaster@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir run
webserver # [ 73.807739] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: using the "epoll" event method
webserver # [ 73.808679] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: nginx/1.22.1
webserver # [ 73.809698] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: built by gcc 11.3.0 (GCC)
webserver # [ 73.810510] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: OS: Linux 5.15.89
webserver # [ 73.811658] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 73.812702] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: start worker processes
webserver # [ 73.813698] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: start worker process 2320
acme # [ 73.967993] pebble[661]: Pebble 2023/01/21 19:53:05 GET /dir -> calling handler()
webserver # [ 73.870917] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: Obtaining bundled SAN certificate
acme # [ 73.974881] pebble[661]: Pebble 2023/01/21 19:53:05 HEAD /nonce-plz -> calling handler()
acme # [ 73.979267] pebble[661]: Pebble 2023/01/21 19:53:05 POST /order-plz -> calling handler()
acme # [ 73.982401] pebble[661]: Pebble 2023/01/21 19:53:05 There are now 8 authorizations in the db
acme # [ 73.985635] pebble[661]: Pebble 2023/01/21 19:53:05 Added order "4KReZbmlaElx_xQpFbgvQjx5K_7H0kvkFLIHc8Hv7G0" to the db
acme # [ 73.989624] pebble[661]: Pebble 2023/01/21 19:53:05 There are now 8 orders in the db
acme # [ 74.037574] pebble[661]: Pebble 2023/01/21 19:53:05 POST /authZ/ -> calling handler()
webserver # [ 73.936377] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] AuthURL: https://acme.test/authZ/00Q7iaATZuXyP0aFUZp9Yhj4AgHRu0_qtMBopOsifiw
webserver # [ 73.938191] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 73.940151] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: use http-01 solver
webserver # [ 73.942100] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: Trying to solve HTTP-01
acme # [ 74.046532] pebble[661]: Pebble 2023/01/21 19:53:05 POST /chalZ/ -> calling handler()
acme # [ 74.048152] pebble[661]: Pebble 2023/01/21 19:53:05 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"lego.example.test"}, Challenge:(*core.Challenge)(0xc000246280), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 74.051886] pebble[661]: Pebble 2023/01/21 19:53:05 Starting 3 validations.
webserver # [ 73.950636] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] Served key authentication
webserver # [ 73.952087] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] Served key authentication
acme # [ 74.053529] pebble[661]: Pebble 2023/01/21 19:53:05 Attempting to validate w/ HTTP: http://lego.example.test:80/.well-known/acme-challenge/xMZGNRFKAiIwroQT28KWbK8OJwnJTf4Ei2J5YKu0ePQ
webserver # [ 73.953293] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] Served key authentication
acme # [ 74.055485] pebble[661]: Pebble 2023/01/21 19:53:05 Attempting to validate w/ HTTP: http://lego.example.test:80/.well-known/acme-challenge/xMZGNRFKAiIwroQT28KWbK8OJwnJTf4Ei2J5YKu0ePQ
acme # [ 74.057123] pebble[661]: Pebble 2023/01/21 19:53:05 Attempting to validate w/ HTTP: http://lego.example.test:80/.well-known/acme-challenge/xMZGNRFKAiIwroQT28KWbK8OJwnJTf4Ei2J5YKu0ePQ
acme # [ 74.058714] pebble[661]: Pebble 2023/01/21 19:53:05 POST /authZ/ -> calling handler()
acme # [ 74.059595] pebble[661]: Pebble 2023/01/21 19:53:05 authz 00Q7iaATZuXyP0aFUZp9Yhj4AgHRu0_qtMBopOsifiw set VALID by completed challenge UYSefqkb5iea-TGST_8ge6y7RkSeT89cvLQL7pMHObQ
webserver # [ 77.804029] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] [lego.example.test] The server validated our request
webserver # [ 77.805298] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] [lego.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 77.808662] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 77.904337] pebble[661]: Pebble 2023/01/21 19:53:09 POST /authZ/ -> calling handler()
acme # [ 77.911881] pebble[661]: Pebble 2023/01/21 19:53:09 POST /finalize-order/ -> calling handler()
acme # [ 77.917988] pebble[661]: Pebble 2023/01/21 19:53:09 Order 4KReZbmlaElx_xQpFbgvQjx5K_7H0kvkFLIHc8Hv7G0 is fully authorized. Processing finalization
acme # [ 77.925018] pebble[661]: Pebble 2023/01/21 19:53:09 Issued certificate serial 35f3447b906f0e92 for order 4KReZbmlaElx_xQpFbgvQjx5K_7H0kvkFLIHc8Hv7G0
webserver # [ 77.826184] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] [lego.example.test] Server responded with a certificate.
acme # [ 77.930653] pebble[661]: Pebble 2023/01/21 19:53:09 POST /my-order/ -> calling handler()
webserver # [ 77.832355] acme-lego.example.test-start[2311]: + mv domainhash.txt certificates/
acme # [ 77.934774] pebble[661]: Pebble 2023/01/21 19:53:09 POST /certZ/ -> calling handler()
webserver # [ 77.841842] acme-lego.example.test-start[2311]: + chown root:nginx certificates/domainhash.txt certificates/lego.example.test.crt certificates/lego.example.test.issuer.crt certificates/lego.example.test.json certificates/lego.example.test.key
webserver # [ 77.856839] acme-lego.example.test-start[2311]: + cmp -s certificates/lego.example.test.crt out/fullchain.pem
webserver # [ 77.870369] acme-lego.example.test-start[2311]: + touch out/renewed
webserver # [ 77.878746] acme-lego.example.test-start[2311]: + echo Installing new certificate
webserver # [ 77.882396] acme-lego.example.test-start[2311]: Installing new certificate
webserver # [ 77.885578] acme-lego.example.test-start[2311]: + cp -vp certificates/lego.example.test.crt out/fullchain.pem
webserver # [ 77.891834] acme-lego.example.test-start[2325]: 'certificates/lego.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 77.893405] acme-lego.example.test-start[2311]: + cp -vp certificates/lego.example.test.key out/key.pem
webserver # [ 77.899633] acme-lego.example.test-start[2326]: 'certificates/lego.example.test.key' -> 'out/key.pem'
webserver # [ 77.901424] acme-lego.example.test-start[2311]: + cp -vp certificates/lego.example.test.issuer.crt out/chain.pem
webserver # [ 77.906150] acme-lego.example.test-start[2327]: 'certificates/lego.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 77.907652] acme-lego.example.test-start[2311]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 77.913374] acme-lego.example.test-start[2311]: + cat out/key.pem out/fullchain.pem
webserver # [ 77.918689] acme-lego.example.test-start[2311]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 77.951149] systemd[1]: acme-lego.example.test.service: Deactivated successfully.
webserver # [ 77.952222] systemd[1]: Finished Renew ACME certificate for lego.example.test.
webserver # [ 77.954362] systemd[1]: acme-lego.example.test.service: Consumed 174ms CPU time, received 12.6K IP traffic, sent 8.5K IP traffic.
webserver # [ 77.957550] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 78.008576] systemd[1]: Reloading Nginx Web Server...
webserver # [ 78.107450] nginx[2337]: nginx: the configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf syntax is ok
webserver # [ 78.108924] nginx[2337]: nginx: configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf test is successful
webserver # [ 78.153530] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: signal 1 (SIGHUP) received from 2338, reconfiguring
webserver # [ 78.154821] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: reconfiguring
webserver # [ 78.165778] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 78.169715] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 78.174567] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 78.178051] systemd[1]: Reached target acme-finished-lego.example.test.target.
webserver # [ 78.206022] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: using the "epoll" event method
webserver # [ 78.206961] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: start worker processes
webserver # [ 78.208030] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: start worker process 2340
webserver # the following new units were started: acme-finished-lego.example.test.target, acme-lego.example.test.timer
webserver # [ 78.234506] nixos[2142]: finished switching to system configuration /nix/store/ygv4c7n2raf4z061xqsq8dllmpcdr1rq-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/lego-server/bin/switch-to-configuration test, in 7.70 seconds)
webserver: waiting for unit acme-finished-lego.example.test.target
webserver # [ 78.310147] nginx[2320]: 2023/01/21 19:53:09 [notice] 2320#2320: gracefully shutting down
webserver # [ 78.310864] nginx[2320]: 2023/01/21 19:53:09 [notice] 2320#2320: exiting
webserver # [ 78.311472] nginx[2320]: 2023/01/21 19:53:09 [notice] 2320#2320: exit
(finished: waiting for unit acme-finished-lego.example.test.target, in 0.06 seconds)
webserver: waiting for unit nginx.service
webserver # [ 78.315629] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: signal 17 (SIGCHLD) received from 2320
webserver # [ 78.316645] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: worker process 2320 exited with code 0
webserver # [ 78.318087] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: signal 29 (SIGIO) received
(finished: waiting for unit nginx.service, in 0.06 seconds)
webserver: must succeed: echo HENLO && systemctl cat nginx.service
(finished: must succeed: echo HENLO && systemctl cat nginx.service, in 0.05 seconds)
webserver: must succeed: test "$(stat -c '%U' /var/lib/acme/* | uniq)" = "root"
(finished: must succeed: test "$(stat -c '%U' /var/lib/acme/* | uniq)" = "root", in 0.02 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1
webserver # [ 78.485592] nginx[2340]: 2023/01/21 19:53:10 [info] 2340#2340: *1 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername lego.example.test -connect lego.example.test:443 < /dev/null 2>&1
webserver # [ 78.519095] nginx[2340]: 2023/01/21 19:53:10 [info] 2340#2340: *2 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername lego.example.test -connect lego.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
(finished: subtest: Can request certificate with HTTP-01 using lego's internal web server, in 8.03 seconds)
subtest: Can request certificate with HTTP-01 when nginx startup is delayed
webserver # [ 78.575922] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 78.577192] nginx[2340]: 2023/01/21 19:53:10 [notice] 2340#2340: exiting
webserver # [ 78.578022] nginx[2340]: 2023/01/21 19:53:10 [notice] 2340#2340: exit
webserver # [ 78.580213] systemd[1]: Stopping Nginx Web Server...
webserver # [ 78.584724] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: signal 17 (SIGCHLD) received from 2340
webserver # [ 78.587225] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: worker process 2340 exited with code 0
webserver # [ 78.589362] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: exit
webserver # [ 78.602054] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 78.606227] systemd[1]: Stopped Nginx Web Server.
webserver # [ 78.607622] systemd[1]: nginx.service: Consumed 287ms CPU time, no IO, received 1.7K IP traffic, sent 5.6K IP traffic.
webserver: must succeed: /tmp/specialisation/slow-startup/bin/switch-to-configuration test
webserver # [ 79.571728] nixos[2374]: switching to system configuration /nix/store/21y5phzx5g5wi0i85jbj1k1418hl0mn8-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-finished-lego.example.test.target, acme-fixperms.service, acme-lego.example.test.timer
webserver # [ 79.599959] systemd[1]: Stopped target acme-finished-lego.example.test.target.
webserver # [ 79.603199] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 79.604691] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 79.610167] systemd[1]: acme-lego.example.test.timer: Deactivated successfully.
webserver # [ 79.611824] systemd[1]: Stopped Renew ACME Certificate for lego.example.test.
webserver # [ 79.616678] systemd[1]: Stopped target Local File Systems.
webserver # [ 79.622569] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 79.626505] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 79.898264] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 79.906148] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 79.911345] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (42)
webserver # [ 79.912524] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 79.913175] nscd[901]: 901 monitoring file `/etc/group` (45)
webserver # [ 79.913824] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 79.919780] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 79.921381] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 79.924113] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (42)
webserver # [ 79.926746] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 79.934848] nscd[901]: 901 monitoring file `/etc/passwd` (46)
webserver # [ 79.938452] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 80.082301] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 80.093980] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 80.095766] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 80.097755] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 80.100613] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 80.103450] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 80.109263] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 80.113772] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 80.707355] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # starting the following units: acme-fixperms.service
webserver # [ 81.495708] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 81.497285] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 81.572790] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 81.576641] systemd[1]: Reached target Remote File Systems.
webserver # [ 81.581769] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 81.582790] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 81.585819] systemd[1]: Reached target Local File Systems.
webserver # [ 81.612632] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 81.616734] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 81.618554] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 81.621595] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 81.624805] systemd[1]: Started Renew ACME Certificate for a.example.test.
webserver # [ 81.627186] systemd[1]: Started Renew ACME Certificate for slow.example.test.
webserver # [ 81.634487] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 81.654104] systemd[1]: Generate self-signed certificate for a.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/a.example.test/key.pem).
webserver # [ 81.677531] systemd[1]: Starting Generate self-signed certificate for slow.example.test...
webserver # [ 81.685767] systemd[1]: Starting my-slow-service.service...
webserver # [ 81.845380] systemd[1]: acme-selfsigned-slow.example.test.service: Deactivated successfully.
webserver # [ 81.855595] systemd[1]: Finished Generate self-signed certificate for slow.example.test.
webserver # [ 86.680138] systemd[1]: Started my-slow-service.service.
webserver # [ 86.691783] systemd[1]: Starting Nginx Web Server...
webserver # [ 86.904947] nginx-pre-start[2546]: nginx: the configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf syntax is ok
webserver # [ 86.914804] nginx-pre-start[2546]: nginx: configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf test is successful
webserver # [ 86.938265] systemd[1]: Started Nginx Web Server.
webserver # [ 86.959275] systemd[1]: Starting Renew ACME certificate for a.example.test...
webserver # [ 87.099245] acme-a.example.test-start[2548]: + set -euo pipefail
webserver # [ 87.109916] acme-a.example.test-start[2549]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 87.148318] acme-a.example.test-start[2549]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 87.153995] acme-a.example.test-start[2548]: + echo 9c8503f9419119933b04
webserver # [ 87.156624] acme-a.example.test-start[2548]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 87.164056] acme-a.example.test-start[2548]: + lego --accept-tos --path . -d a.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
webserver # [ 87.234675] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: using the "epoll" event method
webserver # [ 87.241054] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: nginx/1.22.1
webserver # [ 87.242313] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: built by gcc 11.3.0 (GCC)
webserver # [ 87.245277] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: OS: Linux 5.15.89
webserver # [ 87.246013] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 87.248987] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: start worker processes
webserver # [ 87.249727] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: start worker process 2556
acme # [ 87.488885] pebble[661]: Pebble 2023/01/21 19:53:19 GET /dir -> calling handler()
webserver # [ 87.397791] acme-a.example.test-start[2552]: 2023/01/21 19:53:18 [INFO] [a.example.test] acme: Obtaining bundled SAN certificate
acme # [ 87.504652] pebble[661]: Pebble 2023/01/21 19:53:19 HEAD /nonce-plz -> calling handler()
acme # [ 87.506949] pebble[661]: Pebble 2023/01/21 19:53:19 POST /order-plz -> calling handler()
acme # [ 87.508598] pebble[661]: Pebble 2023/01/21 19:53:19 Added order "PeL1mktipXXKmpKxJH1T0F8kWHLvodkGwT14aJ1878g" to the db
acme # [ 87.511037] pebble[661]: Pebble 2023/01/21 19:53:19 There are now 9 orders in the db
webserver # [ 87.513560] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] AuthURL: https://acme.test/authZ/D4tDWxfKHWtAWpcRkvTcNzHGTr_YNwG0vQUBojb5m-8
webserver # [ 87.516235] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] acme: authorization already valid; skipping challenge
acme # [ 87.614338] pebble[661]: Pebble 2023/01/21 19:53:19 POST /authZ/ -> calling handler()
webserver # [ 87.517538] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 87.519097] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 87.619542] pebble[661]: Pebble 2023/01/21 19:53:19 POST /finalize-order/ -> calling handler()
acme # [ 87.622431] pebble[661]: Pebble 2023/01/21 19:53:19 Order PeL1mktipXXKmpKxJH1T0F8kWHLvodkGwT14aJ1878g is fully authorized. Processing finalization
acme # [ 87.623985] pebble[661]: Pebble 2023/01/21 19:53:19 Issued certificate serial 2c01454e542b2fdf for order PeL1mktipXXKmpKxJH1T0F8kWHLvodkGwT14aJ1878g
acme # [ 87.626632] pebble[661]: Pebble 2023/01/21 19:53:19 POST /my-order/ -> calling handler()
acme # [ 87.627796] pebble[661]: Pebble 2023/01/21 19:53:19 POST /certZ/ -> calling handler()
webserver # [ 87.527464] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] Server responded with a certificate.
webserver # [ 87.530874] acme-a.example.test-start[2548]: + mv domainhash.txt certificates/
webserver # [ 87.541036] acme-a.example.test-start[2548]: + chown acme:nginx certificates/a.example.test.crt certificates/a.example.test.issuer.crt certificates/a.example.test.json certificates/a.example.test.key certificates/domainhash.txt
webserver # [ 87.553497] acme-a.example.test-start[2548]: + cmp -s certificates/a.example.test.crt out/fullchain.pem
webserver # [ 87.560151] acme-a.example.test-start[2548]: + touch out/renewed
webserver # [ 87.571284] acme-a.example.test-start[2548]: + echo Installing new certificate
webserver # [ 87.572847] acme-a.example.test-start[2548]: Installing new certificate
webserver # [ 87.574219] acme-a.example.test-start[2548]: + cp -vp certificates/a.example.test.crt out/fullchain.pem
webserver # [ 87.588524] acme-a.example.test-start[2562]: 'certificates/a.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 87.594585] acme-a.example.test-start[2548]: + cp -vp certificates/a.example.test.key out/key.pem
webserver # [ 87.609880] acme-a.example.test-start[2563]: 'certificates/a.example.test.key' -> 'out/key.pem'
webserver # [ 87.612094] acme-a.example.test-start[2548]: + cp -vp certificates/a.example.test.issuer.crt out/chain.pem
webserver # [ 87.618363] acme-a.example.test-start[2564]: 'certificates/a.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 87.620227] acme-a.example.test-start[2548]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 87.629402] acme-a.example.test-start[2548]: + cat out/key.pem out/fullchain.pem
webserver # [ 87.636408] acme-a.example.test-start[2548]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 87.675499] systemd[1]: acme-a.example.test.service: Deactivated successfully.
webserver # [ 87.676698] systemd[1]: Finished Renew ACME certificate for a.example.test.
webserver # [ 87.683155] systemd[1]: acme-a.example.test.service: Consumed 174ms CPU time, received 8.3K IP traffic, sent 5.0K IP traffic.
webserver # [ 87.693725] systemd[1]: Starting Renew ACME certificate for slow.example.test...
webserver # [ 87.787934] acme-slow.example.test-start[2572]: + set -euo pipefail
webserver # [ 87.789491] acme-slow.example.test-start[2573]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 87.796780] acme-slow.example.test-start[2573]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 87.805219] acme-slow.example.test-start[2572]: + echo 5e47a70b1338fcb3915d
webserver # [ 87.806376] acme-slow.example.test-start[2572]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 87.810541] acme-slow.example.test-start[2572]: + lego --accept-tos --path . -d slow.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
acme # [ 88.000880] pebble[661]: Pebble 2023/01/21 19:53:19 GET /dir -> calling handler()
webserver # [ 87.904034] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: Obtaining bundled SAN certificate
acme # [ 88.008292] pebble[661]: Pebble 2023/01/21 19:53:19 HEAD /nonce-plz -> calling handler()
acme # [ 88.013649] pebble[661]: Pebble 2023/01/21 19:53:19 POST /order-plz -> calling handler()
acme # [ 88.016921] pebble[661]: Pebble 2023/01/21 19:53:19 There are now 9 authorizations in the db
acme # [ 88.020434] pebble[661]: Pebble 2023/01/21 19:53:19 Added order "lEp6KFiJVx-ejr-U35cXHnGH7UglGx0PdH_JjfX3Ktw" to the db
acme # [ 88.024729] pebble[661]: Pebble 2023/01/21 19:53:19 There are now 10 orders in the db
webserver # [ 87.970921] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] AuthURL: https://acme.test/authZ/xQEFn2V8kCXdJGBS_GLkEdl7USChJazUvTgJNdOQUuQ
acme # [ 88.072309] pebble[661]: Pebble 2023/01/21 19:53:19 POST /authZ/ -> calling handler()
webserver # [ 87.972597] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 87.974914] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: use http-01 solver
webserver # [ 87.976132] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: Trying to solve HTTP-01
acme # [ 88.080302] pebble[661]: Pebble 2023/01/21 19:53:19 POST /chalZ/ -> calling handler()
acme # [ 88.090471] pebble[661]: Pebble 2023/01/21 19:53:19 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"slow.example.test"}, Challenge:(*core.Challenge)(0xc000246dc0), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 88.100918] pebble[661]: Pebble 2023/01/21 19:53:19 Starting 3 validations.
acme # [ 88.103794] pebble[661]: Pebble 2023/01/21 19:53:19 Attempting to validate w/ HTTP: http://slow.example.test:80/.well-known/acme-challenge/MwVQKihG_APDWqpjiINdDHqRS0RjHBm5n49373n8r64
acme # [ 88.110254] pebble[661]: Pebble 2023/01/21 19:53:19 Attempting to validate w/ HTTP: http://slow.example.test:80/.well-known/acme-challenge/MwVQKihG_APDWqpjiINdDHqRS0RjHBm5n49373n8r64
acme # [ 88.116625] pebble[661]: Pebble 2023/01/21 19:53:19 Attempting to validate w/ HTTP: http://slow.example.test:80/.well-known/acme-challenge/MwVQKihG_APDWqpjiINdDHqRS0RjHBm5n49373n8r64
acme # [ 88.122965] pebble[661]: Pebble 2023/01/21 19:53:19 POST /authZ/ -> calling handler()
acme # [ 88.126548] pebble[661]: Pebble 2023/01/21 19:53:19 authz xQEFn2V8kCXdJGBS_GLkEdl7USChJazUvTgJNdOQUuQ set VALID by completed challenge wW3vxfhP6pqF9sgJ9pi-xkJUYtnvtzkpQUJnPkiXJIo
webserver # [ 94.309250] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] [slow.example.test] The server validated our request
webserver # [ 94.310768] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] [slow.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 94.314134] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 94.410123] pebble[661]: Pebble 2023/01/21 19:53:25 POST /authZ/ -> calling handler()
acme # [ 94.418446] pebble[661]: Pebble 2023/01/21 19:53:25 POST /finalize-order/ -> calling handler()
acme # [ 94.424270] pebble[661]: Pebble 2023/01/21 19:53:25 Order lEp6KFiJVx-ejr-U35cXHnGH7UglGx0PdH_JjfX3Ktw is fully authorized. Processing finalization
acme # [ 94.430912] pebble[661]: Pebble 2023/01/21 19:53:25 Issued certificate serial 4c0f732864428c5a for order lEp6KFiJVx-ejr-U35cXHnGH7UglGx0PdH_JjfX3Ktw
webserver # [ 94.330975] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] [slow.example.test] Server responded with a certificate.
acme # [ 94.436346] pebble[661]: Pebble 2023/01/21 19:53:25 POST /my-order/ -> calling handler()
acme # [ 94.440117] pebble[661]: Pebble 2023/01/21 19:53:25 POST /certZ/ -> calling handler()
webserver # [ 94.338567] acme-slow.example.test-start[2572]: + mv domainhash.txt certificates/
webserver # [ 94.347605] acme-slow.example.test-start[2572]: + chown acme:nginx certificates/domainhash.txt certificates/slow.example.test.crt certificates/slow.example.test.issuer.crt certificates/slow.example.test.json certificates/slow.example.test.key
webserver # [ 94.362547] acme-slow.example.test-start[2572]: + cmp -s certificates/slow.example.test.crt out/fullchain.pem
webserver # [ 94.369651] acme-slow.example.test-start[2572]: + touch out/renewed
webserver # [ 94.377675] acme-slow.example.test-start[2572]: + echo Installing new certificate
webserver # [ 94.381686] acme-slow.example.test-start[2572]: Installing new certificate
webserver # [ 94.385027] acme-slow.example.test-start[2572]: + cp -vp certificates/slow.example.test.crt out/fullchain.pem
webserver # [ 94.393213] acme-slow.example.test-start[2585]: 'certificates/slow.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 94.398326] acme-slow.example.test-start[2572]: + cp -vp certificates/slow.example.test.key out/key.pem
webserver # [ 94.406441] acme-slow.example.test-start[2586]: 'certificates/slow.example.test.key' -> 'out/key.pem'
webserver # [ 94.411765] acme-slow.example.test-start[2572]: + cp -vp certificates/slow.example.test.issuer.crt out/chain.pem
webserver # [ 94.421255] acme-slow.example.test-start[2587]: 'certificates/slow.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 94.426507] acme-slow.example.test-start[2572]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 94.434934] acme-slow.example.test-start[2572]: + cat out/key.pem out/fullchain.pem
webserver # [ 94.443913] acme-slow.example.test-start[2572]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 94.483185] systemd[1]: acme-slow.example.test.service: Deactivated successfully.
webserver # [ 94.490726] systemd[1]: Finished Renew ACME certificate for slow.example.test.
webserver # [ 94.499328] systemd[1]: acme-slow.example.test.service: Consumed 182ms CPU time, received 11.2K IP traffic, sent 7.1K IP traffic.
webserver # [ 94.505672] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 94.556917] systemd[1]: Reloading Nginx Web Server...
webserver # [ 94.661531] nginx[2597]: nginx: the configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf syntax is ok
webserver # [ 94.663016] nginx[2597]: nginx: configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf test is successful
webserver # [ 94.724844] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: signal 1 (SIGHUP) received from 2598, reconfiguring
webserver # [ 94.728985] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: reconfiguring
webserver # [ 94.737589] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 94.744292] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 94.746786] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 94.751403] systemd[1]: Reached target acme-finished-a.example.test.target.
webserver # [ 94.753792] systemd[1]: Reached target acme-finished-slow.example.test.target.
webserver # [ 94.797179] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: using the "epoll" event method
webserver # [ 94.798549] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: start worker processes
webserver # [ 94.800223] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: start worker process 2600
webserver # the following new units were started: acme-a.example.test.timer, acme-finished-a.example.test.target, acme-finished-slow.example.test.target, acme-slow.example.test.timer, my-slow-service.service, nginx.service
webserver # [ 94.840513] nixos[2374]: finished switching to system configuration /nix/store/21y5phzx5g5wi0i85jbj1k1418hl0mn8-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/slow-startup/bin/switch-to-configuration test, in 16.20 seconds)
webserver: waiting for unit acme-finished-slow.example.test.target
webserver # [ 94.903151] nginx[2556]: 2023/01/21 19:53:26 [notice] 2556#2556: gracefully shutting down
webserver # [ 94.907325] nginx[2556]: 2023/01/21 19:53:26 [notice] 2556#2556: exiting
webserver # [ 94.915548] nginx[2556]: 2023/01/21 19:53:26 [notice] 2556#2556: exit
webserver # [ 94.919776] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: signal 17 (SIGCHLD) received from 2556
webserver # [ 94.924697] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: worker process 2556 exited with code 0
webserver # [ 94.928625] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: signal 29 (SIGIO) received
(finished: waiting for unit acme-finished-slow.example.test.target, in 0.09 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/cert.pem, in 0.11 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/fullchain.pem, in 0.11 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: waiting for unit nginx.service
(finished: waiting for unit nginx.service, in 0.06 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername slow.example.test -connect slow.example.test:443 < /dev/null 2>&1
webserver # [ 95.268679] nginx[2600]: 2023/01/21 19:53:26 [info] 2600#2600: *4 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername slow.example.test -connect slow.example.test:443 < /dev/null 2>&1, in 0.05 seconds)
(finished: subtest: Can request certificate with HTTP-01 when nginx startup is delayed, in 16.76 seconds)
subtest: Works with caddy
webserver: must succeed: /tmp/specialisation/caddy/bin/switch-to-configuration test
webserver # [ 96.176759] nixos[2623]: switching to system configuration /nix/store/pxaaz1za0y1brmzh58ykk9f4k83xd1xv-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-a.example.test.timer, acme-finished-a.example.test.target, acme-finished-slow.example.test.target, acme-fixperms.service, acme-slow.example.test.timer, logrotate-checkconf.service, my-slow-service.service, nginx.service, systemd-sysctl.service
webserver # [ 96.211930] systemd[1]: acme-a.example.test.timer: Deactivated successfully.
webserver # [ 96.213435] systemd[1]: Stopped Renew ACME Certificate for a.example.test.
webserver # [ 96.216858] systemd[1]: Stopped target acme-finished-a.example.test.target.
webserver # [ 96.220198] systemd[1]: Stopped target acme-finished-slow.example.test.target.
webserver # [ 96.223204] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 96.224959] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 96.230528] systemd[1]: acme-slow.example.test.timer: Deactivated successfully.
webserver # [ 96.232442] systemd[1]: Stopped Renew ACME Certificate for slow.example.test.
webserver # [ 96.236635] systemd[1]: Stopped target Local File Systems.
webserver # [ 96.241689] systemd[1]: logrotate-checkconf.service: Deactivated successfully.
webserver # [ 96.244155] systemd[1]: Stopped Logrotate configuration check.
webserver # [ 96.252955] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 96.256812] systemd[1]: Stopping my-slow-service.service...
webserver # [ 96.260338] systemd[1]: my-slow-service.service: Deactivated successfully.
webserver # [ 96.261581] systemd[1]: Stopped my-slow-service.service.
webserver # [ 96.270186] systemd[1]: Stopped target Remote File Systems.
webserver # [ 96.273036] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 96.274091] nginx[2600]: 2023/01/21 19:53:27 [notice] 2600#2600: exiting
webserver # [ 96.274736] nginx[2600]: 2023/01/21 19:53:27 [notice] 2600#2600: exit
webserver # [ 96.276249] systemd[1]: Stopping Nginx Web Server...
webserver # [ 96.276860] systemd[1]: systemd-sysctl.service: Deactivated successfully.
webserver # [ 96.284989] systemd[1]: Stopped Apply Kernel Variables.
webserver # [ 96.285739] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: signal 17 (SIGCHLD) received from 2600
webserver # [ 96.289369] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: worker process 2600 exited with code 0
webserver # [ 96.296512] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: exit
webserver # [ 96.299170] systemd[1]: run-credentials-systemd\x2dsysctl.service.mount: Deactivated successfully.
webserver # [ 96.305808] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 96.307934] systemd[1]: Stopped Nginx Web Server.
webserver # [ 96.309032] systemd[1]: nginx.service: Consumed 356ms CPU time, no IO, received 2.3K IP traffic, sent 4.5K IP traffic.
webserver # activating the configuration...
webserver # removing group ‘nginx’
webserver # [ 96.522965] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 96.531180] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 96.535150] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (48)
webserver # [ 96.535984] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 96.536654] nscd[901]: 901 monitoring file `/etc/group` (51)
webserver # removing user ‘nginx’
webserver # [ 96.539190] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 96.543191] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 96.545403] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 96.548461] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (48)
webserver # [ 96.552716] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 96.554157] nscd[901]: 901 monitoring file `/etc/passwd` (52)
webserver # [ 96.554779] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 96.678182] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 96.685863] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 96.687294] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 96.688517] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 96.690466] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 96.693631] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 96.697399] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 96.704264] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 97.185469] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service, systemd-sysctl.service
webserver # [ 97.813093] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 97.813976] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 97.884360] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 97.886883] systemd[1]: Reached target Local File Systems.
webserver # [ 97.903517] systemd[1]: Starting Logrotate configuration check...
webserver # [ 97.916859] logrotate[2773]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
webserver # [ 97.919930] logrotate[2773]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf
webserver # [ 97.921726] logrotate[2773]: note: 'monthly' overrides previously specified 'weekly'
webserver # [ 97.929561] logrotate[2773]: Reading state from file: /var/lib/logrotate.status
webserver # [ 97.932367] logrotate[2773]: state file /var/lib/logrotate.status does not exist
webserver # [ 97.937879] logrotate[2773]: Allocating hash table for state file, size 64 entries
webserver # [ 97.942209] logrotate[2773]: Handling 2 logs
webserver # [ 97.942814] logrotate[2773]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
webserver # [ 97.946750] logrotate[2773]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 97.954297] logrotate[2773]: considering log /var/log/btmp
webserver # [ 97.958072] logrotate[2773]: Creating new state
webserver # [ 97.958705] logrotate[2773]: Now: 2023-01-21 19:53
webserver # [ 97.963979] logrotate[2773]: Last rotated at 2023-01-21 19:00
webserver # [ 97.970994] logrotate[2773]: log does not need rotating (log has already been rotated)
webserver # [ 97.977040] logrotate[2773]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
webserver # [ 97.981641] logrotate[2773]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 97.989212] logrotate[2773]: considering log /var/log/wtmp
webserver # [ 97.990637] logrotate[2773]: Creating new state
webserver # [ 97.993141] logrotate[2773]: Now: 2023-01-21 19:53
webserver # [ 97.996410] logrotate[2773]: Last rotated at 2023-01-21 19:00
webserver # [ 97.998433] logrotate[2773]: log does not need rotating (log has already been rotated)
webserver # [ 98.002559] systemd[1]: Finished Logrotate configuration check.
webserver # [ 98.011109] systemd[1]: Reached target Remote File Systems.
webserver # [ 98.013283] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 98.020714] systemd[1]: Starting Apply Kernel Variables...
webserver # [ 98.025461] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 98.029871] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 98.036590] systemd[1]: Starting Generate self-signed certificate for example.test...
webserver # [ 98.040306] systemd[1]: Finished Apply Kernel Variables.
webserver # [ 98.041064] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 98.056937] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 98.058332] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 98.060783] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 98.067244] systemd[1]: Started Renew ACME Certificate for example.test.
webserver # [ 98.307560] systemd[1]: acme-selfsigned-example.test.service: Deactivated successfully.
webserver # [ 98.308752] systemd[1]: Finished Generate self-signed certificate for example.test.
webserver # [ 98.321027] systemd[1]: Starting Caddy...
webserver # [ 99.570578] caddy[2791]: {"level":"info","ts":1674330811.1285412,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 99.597257] caddy[2791]: Valid configuration
webserver # [ 99.653314] caddy[2796]: {"level":"info","ts":1674330811.211298,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 99.683144] systemd[1]: Started Caddy.
webserver # [ 99.691406] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 99.783309] acme-example.test-start[2804]: + set -euo pipefail
webserver # [ 99.786867] acme-example.test-start[2804]: + echo f296e6482529fca9f20a
webserver # [ 99.789874] acme-example.test-start[2804]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 99.796634] acme-example.test-start[2804]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir run
acme # [ 99.990344] pebble[661]: Pebble 2023/01/21 19:53:31 GET /dir -> calling handler()
webserver # [ 99.893133] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] acme: Obtaining bundled SAN certificate
acme # [ 99.997293] pebble[661]: Pebble 2023/01/21 19:53:31 HEAD /nonce-plz -> calling handler()
acme # [ 100.002302] pebble[661]: Pebble 2023/01/21 19:53:31 POST /order-plz -> calling handler()
acme # [ 100.005683] pebble[661]: Pebble 2023/01/21 19:53:31 There are now 10 authorizations in the db
acme # [ 100.009183] pebble[661]: Pebble 2023/01/21 19:53:31 Added order "IK3xMDfsSs-MLgqN7B_bBPcBfZrH9k3dkzwdsm3v46U" to the db
acme # [ 100.013548] pebble[661]: Pebble 2023/01/21 19:53:31 There are now 11 orders in the db
acme # [ 100.059956] pebble[661]: Pebble 2023/01/21 19:53:31 POST /authZ/ -> calling handler()
webserver # [ 99.958340] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/authZ/z0znXovRPadSL-OjEFkopTzzSLuqJ3kBWWdu0LrfLCc :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: pdO7jvDyTM3nl9tvMrP_hg
webserver # [ 100.193771] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] AuthURL: https://acme.test/authZ/z0znXovRPadSL-OjEFkopTzzSLuqJ3kBWWdu0LrfLCc
acme # [ 100.295176] pebble[661]: Pebble 2023/01/21 19:53:31 POST /authZ/ -> calling handler()
webserver # [ 100.195725] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] acme: use dns-01 solver
webserver # [ 100.197342] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] acme: Preparing to solve DNS-01
webserver # [ 100.252663] caddy[2796]: {"level":"error","ts":1674330811.8108575,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"a.exmaple.test","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error"}
webserver # [ 100.255678] caddy[2796]: {"level":"error","ts":1674330811.8109186,"logger":"tls.obtain","msg":"will retry","error":"[a.exmaple.test] Obtain: registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error","attempt":1,"retrying_in":60,"elapsed":0.535585668,"max_duration":2592000}
dnsserver # [ 110.283460] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:53:41 Added DNS-01 TXT challenge for Host "_acme-challenge.example.test." - Value "ABxQxyPTmOfHINex26k4OFPNgbknWPRw3C0U2qXLLKk"
webserver # [ 110.246033] acme-example.test-start[2806]: 2023/01/21 19:53:41 [INFO] [_acme-challenge.example.test.] dns-hook.sh present _acme-challenge.example.test. ABxQxyPTmOfHINex26k4OFPNgbknWPRw3C0U2qXLLKk
webserver # [ 110.247815] acme-example.test-start[2806]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 110.249078] acme-example.test-start[2806]: Dload Upload Total Spent Left Speed
webserver # [ 110.250508] acme-example.test-start[2806]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 97 0 0 100 97 0 14415 --:--:-- --:--:-- --:--:-- 16166
webserver # [ 110.252648] acme-example.test-start[2806]: 2023/01/21 19:53:41 [INFO] [*.example.test] acme: Trying to solve DNS-01
webserver # [ 120.252963] acme-example.test-start[2806]: 2023/01/21 19:53:51 [INFO] [*.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53]
webserver # [ 121.259446] acme-example.test-start[2806]: 2023/01/21 19:53:52 [INFO] Wait for propagation [timeout: 1s, interval: 1s]
acme # [ 121.366391] pebble[661]: Pebble 2023/01/21 19:53:52 POST /chalZ/ -> calling handler()
acme # [ 121.372690] pebble[661]: Pebble 2023/01/21 19:53:52 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"example.test"}, Challenge:(*core.Challenge)(0xc000247540), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 121.381124] pebble[661]: Pebble 2023/01/21 19:53:52 Starting 3 validations.
acme # [ 121.384406] pebble[661]: Pebble 2023/01/21 19:53:52 POST /authZ/ -> calling handler()
acme # [ 121.387710] pebble[661]: Pebble 2023/01/21 19:53:52 authz z0znXovRPadSL-OjEFkopTzzSLuqJ3kBWWdu0LrfLCc set VALID by completed challenge w2h5FDwMUpPD9A-2dwdYv8mYnX46xEJdd5aRtzb09iE
acme # [ 125.933498] pebble[661]: Pebble 2023/01/21 19:53:57 POST /authZ/ -> calling handler()
webserver # [ 125.832676] acme-example.test-start[2806]: 2023/01/21 19:53:57 [INFO] [*.example.test] The server validated our request
webserver # [ 125.837434] acme-example.test-start[2806]: 2023/01/21 19:53:57 [INFO] [*.example.test] acme: Cleaning DNS-01 challenge
dnsserver # [ 135.909344] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:54:07 Removed DNS-01 TXT challenge for Host "_acme-challenge.example.test."
webserver # [ 135.871668] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] [_acme-challenge.example.test.] dns-hook.sh cleanup _acme-challenge.example.test. ABxQxyPTmOfHINex26k4OFPNgbknWPRw3C0U2qXLLKk
webserver # [ 135.874011] acme-example.test-start[2806]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 135.875974] acme-example.test-start[2806]: Dload Upload Total Spent Left Speed
acme # [ 135.979264] pebble[661]: Pebble 2023/01/21 19:54:07 POST /finalize-order/ -> calling handler()
webserver # [ 135.877260] acme-example.test-start[2806]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 41 0 0 100 41 0 6471 --:--:-- --:--:-- --:--:-- 6833
webserver # [ 135.879093] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] [*.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 135.881092] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 135.980273] pebble[661]: Pebble 2023/01/21 19:54:07 Order IK3xMDfsSs-MLgqN7B_bBPcBfZrH9k3dkzwdsm3v46U is fully authorized. Processing finalization
acme # [ 135.985984] pebble[661]: Pebble 2023/01/21 19:54:07 Issued certificate serial 717678717ab2a76a for order IK3xMDfsSs-MLgqN7B_bBPcBfZrH9k3dkzwdsm3v46U
acme # [ 135.987519] pebble[661]: Pebble 2023/01/21 19:54:07 POST /my-order/ -> calling handler()
acme # [ 135.990149] pebble[661]: Pebble 2023/01/21 19:54:07 POST /certZ/ -> calling handler()
webserver # [ 135.892449] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] [*.example.test] Server responded with a certificate.
webserver # [ 135.894838] acme-example.test-start[2804]: + mv domainhash.txt certificates/
webserver # [ 135.900018] acme-example.test-start[2804]: + chown acme:caddy certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 135.906481] acme-example.test-start[2804]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 135.909759] acme-example.test-start[2804]: + touch out/renewed
webserver # [ 135.914474] acme-example.test-start[2804]: + echo Installing new certificate
webserver # [ 135.915596] acme-example.test-start[2804]: Installing new certificate
webserver # [ 135.916742] acme-example.test-start[2804]: + cp -vp certificates/_.example.test.crt out/fullchain.pem
webserver # [ 135.921019] acme-example.test-start[2819]: 'certificates/_.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 135.922619] acme-example.test-start[2804]: + cp -vp certificates/_.example.test.key out/key.pem
webserver # [ 135.927049] acme-example.test-start[2820]: 'certificates/_.example.test.key' -> 'out/key.pem'
webserver # [ 135.929120] acme-example.test-start[2804]: + cp -vp certificates/_.example.test.issuer.crt out/chain.pem
webserver # [ 135.932713] acme-example.test-start[2821]: 'certificates/_.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 135.934602] acme-example.test-start[2804]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 135.938716] acme-example.test-start[2804]: + cat out/key.pem out/fullchain.pem
webserver # [ 135.943405] acme-example.test-start[2804]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 135.989174] systemd[1]: Reloading Caddy...
webserver # [ 136.001292] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 136.002927] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 136.005052] systemd[1]: acme-example.test.service: Consumed 242ms CPU time, received 12.2K IP traffic, sent 9.6K IP traffic.
webserver # [ 136.009840] systemd[1]: Reached target acme-finished-example.test.target.
webserver # [ 136.039358] caddy[2828]: {"level":"info","ts":1674330847.5973384,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 136.060414] caddy[2796]: {"level":"error","ts":1674330847.6185493,"logger":"tls","msg":"job failed","error":"a.exmaple.test: obtaining certificate: context canceled"}
webserver # [ 136.066011] systemd[1]: Reloaded Caddy.
webserver # the following new units were started: acme-example.test.timer, acme-finished-example.test.target, caddy.service
webserver # [ 136.117633] nixos[2623]: finished switching to system configuration /nix/store/pxaaz1za0y1brmzh58ykk9f4k83xd1xv-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/caddy/bin/switch-to-configuration test, in 40.81 seconds)
webserver: waiting for unit acme-finished-example.test.target
(finished: waiting for unit acme-finished-example.test.target, in 0.06 seconds)
webserver: waiting for unit caddy.service
(finished: waiting for unit caddy.service, in 0.05 seconds)
webserver: must succeed: systemctl restart caddy.service
webserver # [ 136.275617] systemd[1]: Stopping Caddy...
webserver # [ 136.279525] systemd[1]: caddy.service: Deactivated successfully.
webserver # [ 136.280521] systemd[1]: Stopped Caddy.
webserver # [ 136.281062] systemd[1]: caddy.service: Consumed 288ms CPU time, read 0B from disk, written 40.0K to disk, received 4.2K IP traffic, sent 4.3K IP traffic.
webserver # [ 136.288727] systemd[1]: Starting Caddy...
webserver # [ 136.336431] caddy[2850]: {"level":"info","ts":1674330847.8944345,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 136.344547] caddy[2850]: Valid configuration
webserver # [ 136.390455] caddy[2855]: {"level":"info","ts":1674330847.9484727,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 136.399581] systemd[1]: Started Caddy.
(finished: must succeed: systemctl restart caddy.service, in 0.16 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
(finished: subtest: Works with caddy, in 41.16 seconds)
subtest: security.acme changes reflect on caddy
webserver: must succeed: /tmp/specialisation/caddy-change-acme-conf/bin/switch-to-configuration test
webserver # [ 136.919588] caddy[2855]: {"level":"error","ts":1674330848.4778376,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"a.exmaple.test","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error"}
webserver # [ 136.924347] caddy[2855]: {"level":"error","ts":1674330848.4819188,"logger":"tls.obtain","msg":"will retry","error":"[a.exmaple.test] Obtain: registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error","attempt":1,"retrying_in":60,"elapsed":0.51991105,"max_duration":2592000}
webserver # [ 137.251329] nixos[2868]: switching to system configuration /nix/store/931vyxxfbz7pvbiyfd39ajl0n6y4mfxd-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-account-d590213ed52603e9128d.target
webserver # [ 137.272992] systemd[1]: Stopped target acme-account-d590213ed52603e9128d.target.
webserver # [ 137.275509] systemd[1]: Stopped target Local File Systems.
webserver # [ 137.279622] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 137.282151] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 137.493875] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 137.498112] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 137.501580] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (54)
webserver # [ 137.502253] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 137.502953] nscd[901]: 901 monitoring file `/etc/group` (57)
webserver # [ 137.503486] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 137.507953] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 137.515050] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 137.518551] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (54)
webserver # [ 137.519625] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 137.524380] nscd[901]: 901 monitoring file `/etc/passwd` (58)
webserver # [ 137.525765] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 137.648784] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 137.657117] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 137.658365] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 137.659829] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 137.661355] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 137.664279] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 137.667215] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 137.670167] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 138.148435] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # [ 138.797597] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 138.800100] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 138.810736] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 138.860759] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 138.861709] systemd[1]: Reached target Remote File Systems.
webserver # [ 138.863363] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 138.870248] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 138.878257] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 138.884289] systemd[1]: Reached target Local File Systems.
webserver # [ 138.888329] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 138.902958] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 138.904642] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 138.906340] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 138.945968] acme-example.test-start[3015]: + set -euo pipefail
webserver # [ 138.946958] acme-example.test-start[3015]: + echo f296e6482529fca9f20a
webserver # [ 138.947959] acme-example.test-start[3015]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 138.951601] acme-example.test-start[3015]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec384 --dns exec --dns.disable-cp --server https://acme.test/dir run
webserver # [ 138.984027] acme-example.test-start[3018]: 2023/01/21 19:54:10 No key found for account hostmaster@example.test. Generating a P384 key.
webserver # [ 138.996367] acme-example.test-start[3018]: 2023/01/21 19:54:10 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key
acme # [ 139.146839] pebble[661]: Pebble 2023/01/21 19:54:10 GET /dir -> calling handler()
webserver # [ 139.049096] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] acme: Registering account for hostmaster@example.test
acme # [ 139.152910] pebble[661]: Pebble 2023/01/21 19:54:10 HEAD /nonce-plz -> calling handler()
acme # [ 139.159764] pebble[661]: Pebble 2023/01/21 19:54:10 POST /sign-me-up -> calling handler()
acme # [ 139.173390] pebble[661]: Pebble 2023/01/21 19:54:10 There are now 4 accounts in memory
webserver # [ 139.077426] acme-example.test-start[3018]: !!!! HEADS UP !!!!
webserver # [ 139.078224] acme-example.test-start[3018]: Your account credentials have been saved in your Let's Encrypt
webserver # [ 139.079288] acme-example.test-start[3018]: configuration directory at "accounts".
webserver # [ 139.080172] acme-example.test-start[3018]: You should make a secure backup of this folder now. This
webserver # [ 139.082976] acme-example.test-start[3018]: configuration directory will also contain certificates and
webserver # [ 139.084658] acme-example.test-start[3018]: private keys obtained from Let's Encrypt so making regular
webserver # [ 139.085696] acme-example.test-start[3018]: backups of this folder is ideal.
webserver # [ 139.086558] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] acme: Obtaining bundled SAN certificate
acme # [ 139.189299] pebble[661]: Pebble 2023/01/21 19:54:10 POST /order-plz -> calling handler()
acme # [ 139.192782] pebble[661]: Pebble 2023/01/21 19:54:10 There are now 11 authorizations in the db
acme # [ 139.196587] pebble[661]: Pebble 2023/01/21 19:54:10 Added order "ykVQCCU0UI1JhxBNrlwrAC7Gj0uyoH4UYHaNrLpuE2M" to the db
acme # [ 139.201055] pebble[661]: Pebble 2023/01/21 19:54:10 There are now 12 orders in the db
acme # [ 139.259290] pebble[661]: Pebble 2023/01/21 19:54:10 POST /authZ/ -> calling handler()
webserver # [ 139.162920] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] AuthURL: https://acme.test/authZ/rBAOY0To2lF-L20FkA4icvxq7z7KB9i1HDllGvwhiCI
webserver # [ 139.164813] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] acme: use dns-01 solver
webserver # [ 139.165883] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] acme: Preparing to solve DNS-01
webserver # [ 149.205978] acme-example.test-start[3018]: 2023/01/21 19:54:20 [INFO] [_acme-challenge.example.test.] dns-hook.sh present _acme-challenge.example.test. j5vOW8bPT8w2m7ym1ERr-rvI2XTw_ejqnemLZUiRy8Q
dnsserver # [ 149.244635] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:54:20 Added DNS-01 TXT challenge for Host "_acme-challenge.example.test." - Value "j5vOW8bPT8w2m7ym1ERr-rvI2XTw_ejqnemLZUiRy8Q"
webserver # [ 149.207823] acme-example.test-start[3018]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 149.209642] acme-example.test-start[3018]: Dload Upload Total Spent Left Speed
webserver # [ 149.211340] acme-example.test-start[3018]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 97 0 0 100 97 0 14292 --:--:-- --:--:-- --:--:-- 16166
webserver # [ 149.213193] acme-example.test-start[3018]: 2023/01/21 19:54:20 [INFO] [*.example.test] acme: Trying to solve DNS-01
webserver # [ 159.214246] acme-example.test-start[3018]: 2023/01/21 19:54:30 [INFO] [*.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53]
webserver # [ 160.214956] acme-example.test-start[3018]: 2023/01/21 19:54:31 [INFO] Wait for propagation [timeout: 1s, interval: 1s]
acme # [ 160.323949] pebble[661]: Pebble 2023/01/21 19:54:31 POST /chalZ/ -> calling handler()
acme # [ 160.331285] pebble[661]: Pebble 2023/01/21 19:54:31 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"example.test"}, Challenge:(*core.Challenge)(0xc0002460a0), Account:(*core.Account)(0xc0004494a0)}
acme # [ 160.345728] pebble[661]: Pebble 2023/01/21 19:54:31 Starting 3 validations.
acme # [ 160.349196] pebble[661]: Pebble 2023/01/21 19:54:31 POST /authZ/ -> calling handler()
acme # [ 160.352531] pebble[661]: Pebble 2023/01/21 19:54:31 authz rBAOY0To2lF-L20FkA4icvxq7z7KB9i1HDllGvwhiCI set VALID by completed challenge GGJ96mC0hhK9j2xUaOTaGTAz7lC45Q_2pgRE4okHK7w
acme # [ 163.826546] pebble[661]: Pebble 2023/01/21 19:54:35 POST /authZ/ -> calling handler()
webserver # [ 163.730241] acme-example.test-start[3018]: 2023/01/21 19:54:35 [INFO] [*.example.test] The server validated our request
webserver # [ 163.735504] acme-example.test-start[3018]: 2023/01/21 19:54:35 [INFO] [*.example.test] acme: Cleaning DNS-01 challenge
dnsserver # [ 173.811576] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:54:45 Removed DNS-01 TXT challenge for Host "_acme-challenge.example.test."
webserver # [ 173.774007] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] [_acme-challenge.example.test.] dns-hook.sh cleanup _acme-challenge.example.test. j5vOW8bPT8w2m7ym1ERr-rvI2XTw_ejqnemLZUiRy8Q
webserver # [ 173.775758] acme-example.test-start[3018]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 173.777089] acme-example.test-start[3018]: Dload Upload Total Spent Left Speed
webserver # [ 173.780245] acme-example.test-start[3018]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 41 0 0 100 41 0 6074 --:--:-- --:--:-- --:--:-- 6833
webserver # [ 173.783333] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] [*.example.test] acme: Validations succeeded; requesting certificates
acme # [ 173.886277] pebble[661]: Pebble 2023/01/21 19:54:45 POST /finalize-order/ -> calling handler()
webserver # [ 173.794045] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 173.894036] pebble[661]: Pebble 2023/01/21 19:54:45 Order ykVQCCU0UI1JhxBNrlwrAC7Gj0uyoH4UYHaNrLpuE2M is fully authorized. Processing finalization
acme # [ 173.903397] pebble[661]: Pebble 2023/01/21 19:54:45 Issued certificate serial 31a51921b9d23aad for order ykVQCCU0UI1JhxBNrlwrAC7Gj0uyoH4UYHaNrLpuE2M
acme # [ 173.912000] pebble[661]: Pebble 2023/01/21 19:54:45 POST /my-order/ -> calling handler()
acme # [ 173.919644] pebble[661]: Pebble 2023/01/21 19:54:45 POST /certZ/ -> calling handler()
webserver # [ 173.822835] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] [*.example.test] Server responded with a certificate.
webserver # [ 173.828323] acme-example.test-start[3015]: + mv domainhash.txt certificates/
webserver # [ 173.835647] acme-example.test-start[3015]: + chown acme:caddy certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 173.845024] acme-example.test-start[3015]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 173.849755] acme-example.test-start[3015]: + touch out/renewed
webserver # [ 173.856931] acme-example.test-start[3015]: + echo Installing new certificate
webserver # [ 173.857854] acme-example.test-start[3015]: Installing new certificate
webserver # [ 173.858667] acme-example.test-start[3015]: + cp -vp certificates/_.example.test.crt out/fullchain.pem
webserver # [ 173.864562] acme-example.test-start[3031]: 'certificates/_.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 173.866492] acme-example.test-start[3015]: + cp -vp certificates/_.example.test.key out/key.pem
webserver # [ 173.871589] acme-example.test-start[3032]: 'certificates/_.example.test.key' -> 'out/key.pem'
webserver # [ 173.873385] acme-example.test-start[3015]: + cp -vp certificates/_.example.test.issuer.crt out/chain.pem
webserver # [ 173.878198] acme-example.test-start[3033]: 'certificates/_.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 173.879883] acme-example.test-start[3015]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 173.885153] acme-example.test-start[3015]: + cat out/key.pem out/fullchain.pem
webserver # [ 173.891484] acme-example.test-start[3015]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 173.945046] systemd[1]: Reloading Caddy...
webserver # [ 173.957776] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 173.959343] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 173.961852] systemd[1]: acme-example.test.service: Consumed 257ms CPU time, received 12.5K IP traffic, sent 10.2K IP traffic.
webserver # [ 173.994365] caddy[3040]: {"level":"info","ts":1674330885.5524197,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 174.017267] systemd[1]: Reloaded Caddy.
webserver # [ 174.021161] caddy[2855]: {"level":"error","ts":1674330885.5791254,"logger":"tls","msg":"job failed","error":"a.exmaple.test: obtaining certificate: context canceled"}
webserver # [ 174.091155] nixos[2868]: finished switching to system configuration /nix/store/931vyxxfbz7pvbiyfd39ajl0n6y4mfxd-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/caddy-change-acme-conf/bin/switch-to-configuration test, in 37.62 seconds)
webserver: waiting for unit acme-finished-example.test.target
(finished: waiting for unit acme-finished-example.test.target, in 0.06 seconds)
webserver: waiting for unit caddy.service
(finished: waiting for unit caddy.service, in 0.06 seconds)
webserver: must succeed: systemctl restart caddy.service
webserver # [ 174.278604] systemd[1]: Stopping Caddy...
webserver # [ 174.282197] systemd[1]: caddy.service: Deactivated successfully.
webserver # [ 174.283582] systemd[1]: Stopped Caddy.
webserver # [ 174.284530] systemd[1]: caddy.service: Consumed 157ms CPU time, read 0B from disk, written 32.0K to disk, received 5.2K IP traffic, sent 6.8K IP traffic.
webserver # [ 174.298305] systemd[1]: Starting Caddy...
webserver # [ 174.348859] caddy[3062]: {"level":"info","ts":1674330885.906802,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 174.366515] caddy[3062]: Valid configuration
webserver # [ 174.417436] caddy[3067]: {"level":"info","ts":1674330885.975439,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""}
webserver # [ 174.436949] systemd[1]: Started Caddy.
(finished: must succeed: systemctl restart caddy.service, in 0.21 seconds)
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key
client # depth=2 CN = Pebble Root CA 07ebd3
client # verify return:1
client # depth=1 CN = Pebble Intermediate CA 4d6099
client # verify return:1
client # depth=0 CN = *.example.test
client # verify return:1
client # DONE
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key, in 0.14 seconds)
Key type: Public-Key: (384 bit)
(finished: subtest: security.acme changes reflect on caddy, in 38.15 seconds)
subtest: Works with nginx
webserver: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test
webserver # [ 174.961031] caddy[3067]: {"level":"error","ts":1674330886.5192947,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"a.exmaple.test","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error"}
webserver # [ 174.965796] caddy[3067]: {"level":"error","ts":1674330886.5233324,"logger":"tls.obtain","msg":"will retry","error":"[a.exmaple.test] Obtain: registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error","attempt":1,"retrying_in":60,"elapsed":0.520930174,"max_duration":2592000}
webserver # [ 175.400596] nixos[3080]: switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-fixperms.service, caddy.service, logrotate-checkconf.service, systemd-sysctl.service
webserver # [ 175.424233] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 175.425803] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 175.435062] systemd[1]: Stopping Caddy...
webserver # [ 175.438083] systemd[1]: caddy.service: Deactivated successfully.
webserver # [ 175.439532] systemd[1]: Stopped Caddy.
webserver # [ 175.441118] systemd[1]: caddy.service: Consumed 132ms CPU time, received 3.3K IP traffic, sent 4.9K IP traffic.
webserver # [ 175.450934] systemd[1]: Stopped target Local File Systems.
webserver # [ 175.454137] systemd[1]: logrotate-checkconf.service: Deactivated successfully.
webserver # [ 175.456187] systemd[1]: Stopped Logrotate configuration check.
webserver # [ 175.465137] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 175.466794] systemd[1]: Stopped target Remote File Systems.
webserver # [ 175.470744] systemd[1]: systemd-sysctl.service: Deactivated successfully.
webserver # [ 175.472284] systemd[1]: Stopped Apply Kernel Variables.
webserver # [ 175.475132] systemd[1]: run-credentials-systemd\x2dsysctl.service.mount: Deactivated successfully.
webserver # activating the configuration...
webserver # removing group ‘caddy’
webserver # [ 175.719184] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 175.724096] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 175.730179] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (60)
webserver # removing user ‘caddy’
webserver # [ 175.741069] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 175.741768] nscd[901]: 901 monitoring file `/etc/group` (63)
webserver # [ 175.742576] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 175.743978] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 175.745498] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 175.751692] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (60)
webserver # [ 175.753178] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 175.753839] nscd[901]: 901 monitoring file `/etc/passwd` (64)
webserver # [ 175.754817] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 175.868573] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 175.876135] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 175.877300] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 175.878734] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 175.883443] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 175.885512] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 175.887540] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 175.891767] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 176.376124] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # restarting the following units: acme-example.test.timer
webserver # [ 177.006453] systemd[1]: acme-example.test.timer: Deactivated successfully.
webserver # [ 177.007766] systemd[1]: Stopped Renew ACME Certificate for example.test.
webserver # [ 177.008880] systemd[1]: Stopping Renew ACME Certificate for example.test...
webserver # [ 177.010185] systemd[1]: Started Renew ACME Certificate for example.test.
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service, systemd-sysctl.service
webserver # [ 177.046921] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 177.048150] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 177.079193] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 177.082128] systemd[1]: Reached target Local File Systems.
webserver # [ 177.118217] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 177.124907] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 177.126486] systemd[1]: Reached target Remote File Systems.
webserver # [ 177.130044] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 177.132971] systemd[1]: Starting Apply Kernel Variables...
webserver # [ 177.150536] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 177.152528] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 177.155560] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 177.166177] systemd[1]: Finished Apply Kernel Variables.
webserver # [ 177.168565] systemd[1]: Started Renew ACME Certificate for nginx-dns.example.test.
webserver # [ 177.170302] systemd[1]: Started Renew ACME Certificate for nginx-http.example.test.
webserver # [ 177.171879] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 177.174034] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 177.179368] systemd[1]: Starting Generate self-signed certificate for nginx-dns.example.test...
webserver # [ 177.182732] systemd[1]: Starting Generate self-signed certificate for nginx-http.example.test...
webserver # [ 177.187322] systemd[1]: Starting Logrotate configuration check...
webserver # [ 177.199858] logrotate[3244]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
webserver # [ 177.201716] logrotate[3244]: reading config file /nix/store/fi6rzfpmn186wn8a0xqn62xiwkb7cqfw-logrotate.conf
webserver # [ 177.207029] logrotate[3244]: note: 'monthly' overrides previously specified 'weekly'
webserver # [ 177.210379] logrotate[3244]: Reading state from file: /var/lib/logrotate.status
webserver # [ 177.216663] logrotate[3244]: state file /var/lib/logrotate.status does not exist
webserver # [ 177.219093] logrotate[3244]: Allocating hash table for state file, size 64 entries
webserver # [ 177.219912] logrotate[3244]: Handling 3 logs
webserver # [ 177.222460] logrotate[3244]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
webserver # [ 177.227116] logrotate[3244]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 177.231089] logrotate[3244]: considering log /var/log/btmp
webserver # [ 177.231711] logrotate[3244]: Creating new state
webserver # [ 177.234061] logrotate[3244]: Now: 2023-01-21 19:54
webserver # [ 177.234641] logrotate[3244]: Last rotated at 2023-01-21 19:00
webserver # [ 177.238051] logrotate[3244]: log does not need rotating (log has already been rotated)
webserver # [ 177.238729] logrotate[3244]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
webserver # [ 177.242107] logrotate[3244]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 177.246087] logrotate[3244]: considering log /var/log/wtmp
webserver # [ 177.246750] logrotate[3244]: Creating new state
webserver # [ 177.250088] logrotate[3244]: Now: 2023-01-21 19:54
webserver # [ 177.250695] logrotate[3244]: Last rotated at 2023-01-21 19:00
webserver # [ 177.254077] logrotate[3244]: log does not need rotating (log has already been rotated)
webserver # [ 177.256951] logrotate[3244]: rotating pattern: "/var/log/nginx/*.log" weekly (26 rotations)
webserver # [ 177.257808] logrotate[3244]: empty log files are not rotated, old logs are removed
webserver # [ 177.261059] logrotate[3244]: switching euid from 0 to 60 and egid from 0 to 60 (pid 3244)
webserver # [ 177.261737] logrotate[3244]: considering log /var/log/nginx/access.log
webserver # [ 177.265078] logrotate[3244]: Creating new state
webserver # [ 177.265503] logrotate[3244]: Now: 2023-01-21 19:54
webserver # [ 177.267966] logrotate[3244]: Last rotated at 2023-01-21 19:00
webserver # [ 177.268482] logrotate[3244]: log does not need rotating (log has already been rotated)
webserver # [ 177.272147] logrotate[3244]: considering log /var/log/nginx/error.log
webserver # [ 177.272726] logrotate[3244]: Creating new state
webserver # [ 177.274789] logrotate[3244]: Now: 2023-01-21 19:54
webserver # [ 177.275537] logrotate[3244]: Last rotated at 2023-01-21 19:00
webserver # [ 177.276473] logrotate[3244]: log does not need rotating (log has already been rotated)
webserver # [ 177.286976] logrotate[3244]: switching euid from 60 to 0 and egid from 60 to 0 (pid 3244)
webserver # [ 177.288184] systemd[1]: Finished Logrotate configuration check.
webserver # [ 177.479869] systemd[1]: acme-selfsigned-nginx-dns.example.test.service: Deactivated successfully.
webserver # [ 177.483112] systemd[1]: Finished Generate self-signed certificate for nginx-dns.example.test.
webserver # [ 177.571025] systemd[1]: acme-selfsigned-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 177.572101] systemd[1]: Finished Generate self-signed certificate for nginx-http.example.test.
webserver # [ 177.577866] systemd[1]: Starting Nginx Web Server...
webserver # [ 177.685035] nginx-pre-start[3270]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 177.686685] nginx-pre-start[3270]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 177.695374] systemd[1]: Started Nginx Web Server.
webserver # [ 177.711614] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 177.816232] acme-example.test-start[3272]: + set -euo pipefail
webserver # [ 177.817409] acme-example.test-start[3272]: + echo f296e6482529fca9f20a
webserver # [ 177.818362] acme-example.test-start[3272]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 177.823037] acme-example.test-start[3274]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 177.832123] acme-example.test-start[3272]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 177.834625] acme-example.test-start[3272]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 177.878309] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: using the "epoll" event method
webserver # [ 177.879392] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: nginx/1.22.1
webserver # [ 177.880098] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: built by gcc 11.3.0 (GCC)
webserver # [ 177.880950] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: OS: Linux 5.15.89
webserver # [ 177.881576] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 177.884080] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: start worker processes
webserver # [ 177.884783] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: start worker process 3280
acme # [ 178.035552] pebble[661]: Pebble 2023/01/21 19:54:49 GET /dir -> calling handler()
webserver # [ 177.937777] acme-example.test-start[3275]: 2023/01/21 19:54:49 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 177.941949] acme-example.test-start[3272]: + mv domainhash.txt certificates/
webserver # [ 177.948238] acme-example.test-start[3272]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 177.956684] acme-example.test-start[3272]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 177.960974] acme-example.test-start[3272]: + touch out/renewed
webserver # [ 177.966866] acme-example.test-start[3272]: + echo Installing new certificate
webserver # [ 177.967762] acme-example.test-start[3272]: Installing new certificate
webserver # [ 177.968603] acme-example.test-start[3272]: + cp -vp certificates/_.example.test.crt out/fullchain.pem
webserver # [ 177.974272] acme-example.test-start[3285]: 'certificates/_.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 177.976041] acme-example.test-start[3272]: + cp -vp certificates/_.example.test.key out/key.pem
webserver # [ 177.981113] acme-example.test-start[3286]: 'certificates/_.example.test.key' -> 'out/key.pem'
webserver # [ 177.982784] acme-example.test-start[3272]: + cp -vp certificates/_.example.test.issuer.crt out/chain.pem
webserver # [ 177.991040] acme-example.test-start[3287]: 'certificates/_.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 177.995327] acme-example.test-start[3272]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 178.003234] acme-example.test-start[3272]: + cat out/key.pem out/fullchain.pem
webserver # [ 178.011780] acme-example.test-start[3272]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 178.051545] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 178.058529] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 178.064933] systemd[1]: acme-example.test.service: Consumed 159ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 178.075646] systemd[1]: Reached target acme-account-d590213ed52603e9128d.target.
webserver # [ 178.093443] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test...
webserver # [ 178.103464] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test...
webserver # [ 178.199875] acme-nginx-http.example.test-start[3296]: + set -euo pipefail
webserver # [ 178.203715] acme-nginx-http.example.test-start[3297]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 178.211944] acme-nginx-dns.example.test-start[3295]: + set -euo pipefail
webserver # [ 178.221242] acme-nginx-dns.example.test-start[3295]: + echo 59d0420c322ea19728a7
webserver # [ 178.233077] acme-nginx-dns.example.test-start[3295]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 178.247280] acme-nginx-dns.example.test-start[3295]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test run
webserver # [ 178.272428] acme-nginx-http.example.test-start[3297]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 178.286426] acme-nginx-http.example.test-start[3296]: + echo 197b6592b1395f3f8747
webserver # [ 178.291744] acme-nginx-http.example.test-start[3296]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 178.306366] acme-nginx-http.example.test-start[3296]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run
acme # [ 178.499138] pebble[661]: Pebble 2023/01/21 19:54:50 GET /dir -> calling handler()
acme # [ 178.512391] pebble[661]: Pebble 2023/01/21 19:54:50 HEAD /nonce-plz -> calling handler()
acme # [ 178.515077] pebble[661]: Pebble 2023/01/21 19:54:50 GET /dir -> calling handler()
webserver # [ 178.403951] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:49 [INFO] [nginx-dns.example.test, nginx-dns-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 178.518681] pebble[661]: Pebble 2023/01/21 19:54:50 POST /order-plz -> calling handler()
acme # [ 178.520296] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 12 authorizations in the db
acme # [ 178.521420] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 13 authorizations in the db
webserver # [ 178.418790] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:49 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 178.522316] pebble[661]: Pebble 2023/01/21 19:54:50 Added order "EhyJpjsXW49vBtEE05wW0Noi4wXbktY7m2GKZJbuySs" to the db
acme # [ 178.524301] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 13 orders in the db
acme # [ 178.526524] pebble[661]: Pebble 2023/01/21 19:54:50 HEAD /nonce-plz -> calling handler()
acme # [ 178.527475] pebble[661]: Pebble 2023/01/21 19:54:50 POST /order-plz -> calling handler()
acme # [ 178.528371] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 14 authorizations in the db
acme # [ 178.529316] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 15 authorizations in the db
acme # [ 178.530275] pebble[661]: Pebble 2023/01/21 19:54:50 Added order "iBLUcJx2b6YKkEFzJXc3HGdnaCcOG7f3tenmx2q_OSg" to the db
acme # [ 178.531443] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 14 orders in the db
acme # [ 178.582305] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler()
acme # [ 178.587433] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler()
acme # [ 178.637821] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler()
webserver # [ 178.537125] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] AuthURL: https://acme.test/authZ/LN4YzltycfKJT4EPpMHs803KIZj-EP1ezUlY_DvLy-w
acme # [ 178.642725] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler()
webserver # [ 178.540286] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] AuthURL: https://acme.test/authZ/FKNrVvzfmFMf1U7rWM9cBlPTpHsY4Sq70XMJr1dtAVY
acme # [ 178.650412] pebble[661]: Pebble 2023/01/21 19:54:50 POST /chalZ/ -> calling handler()
webserver # [ 178.548183] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 178.553306] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: Could not find solver for: http-01
webserver # [ 178.557808] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: use dns-01 solver
webserver # [ 178.561945] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 178.567288] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] acme: Could not find solver for: http-01
webserver # [ 178.572461] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] acme: use dns-01 solver
webserver # [ 178.577038] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: Preparing to solve DNS-01
webserver # [ 178.581731] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/dOUWidS-gsh2zzCbsxDKOwZiTu94OuGZyN3r_x5C6i4
webserver # [ 178.588034] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/pPLJa6Jo-cT0jPGljYJL-ixdY1mQHKFnfXVnETXxjms
webserver # [ 178.594452] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 178.599684] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] acme: use http-01 solver
webserver # [ 178.604326] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 178.609399] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http.example.test] acme: use http-01 solver
webserver # [ 178.613820] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] acme: Trying to solve HTTP-01
webserver # [ 178.618652] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/chalZ/6tcrczrbLuKwmabb6jRjcDm5xtNScA10uWClzSo6f1U :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: kx_3frR8LuKl6j828Hjn4Q
acme # [ 178.878100] pebble[661]: Pebble 2023/01/21 19:54:50 POST /chalZ/ -> calling handler()
acme # [ 178.881487] pebble[661]: Pebble 2023/01/21 19:54:50 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000246d20), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 178.886205] pebble[661]: Pebble 2023/01/21 19:54:50 Starting 3 validations.
acme # [ 178.889327] pebble[661]: Pebble 2023/01/21 19:54:50 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/bNMLJmUa_dip3tlKLi02_XKfsn3p71MZlvLVutUkV88
acme # [ 178.896379] pebble[661]: Pebble 2023/01/21 19:54:50 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/bNMLJmUa_dip3tlKLi02_XKfsn3p71MZlvLVutUkV88
acme # [ 178.903339] pebble[661]: Pebble 2023/01/21 19:54:50 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/bNMLJmUa_dip3tlKLi02_XKfsn3p71MZlvLVutUkV88
acme # [ 178.910347] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler()
acme # [ 178.913648] pebble[661]: Pebble 2023/01/21 19:54:50 authz dOUWidS-gsh2zzCbsxDKOwZiTu94OuGZyN3r_x5C6i4 set VALID by completed challenge 6tcrczrbLuKwmabb6jRjcDm5xtNScA10uWClzSo6f1U
acme # [ 184.222418] pebble[661]: Pebble 2023/01/21 19:54:55 POST /authZ/ -> calling handler()
webserver # [ 184.121549] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:55 [INFO] [nginx-http-alias.example.test] The server validated our request
webserver # [ 184.127532] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:55 [INFO] [nginx-http.example.test] acme: Trying to solve HTTP-01
acme # [ 184.231361] pebble[661]: Pebble 2023/01/21 19:54:55 POST /chalZ/ -> calling handler()
acme # [ 184.237959] pebble[661]: Pebble 2023/01/21 19:54:55 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http.example.test"}, Challenge:(*core.Challenge)(0xc0002470e0), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 184.247833] pebble[661]: Pebble 2023/01/21 19:54:55 Starting 3 validations.
acme # [ 184.251124] pebble[661]: Pebble 2023/01/21 19:54:55 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/2F5QCn6aIxOjBE4lby8HotutapbD0PeLFOmUdUua8C8
acme # [ 184.257181] pebble[661]: Pebble 2023/01/21 19:54:55 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/2F5QCn6aIxOjBE4lby8HotutapbD0PeLFOmUdUua8C8
acme # [ 184.263286] pebble[661]: Pebble 2023/01/21 19:54:55 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/2F5QCn6aIxOjBE4lby8HotutapbD0PeLFOmUdUua8C8
acme # [ 184.269195] pebble[661]: Pebble 2023/01/21 19:54:55 POST /authZ/ -> calling handler()
acme # [ 184.272127] pebble[661]: Pebble 2023/01/21 19:54:55 authz pPLJa6Jo-cT0jPGljYJL-ixdY1mQHKFnfXVnETXxjms set VALID by completed challenge pbNg28Bzw8ok27Fv8Zm2kkHvkUkRRIDnAeEA_KXDKSs
webserver # [ 187.287788] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] [nginx-http.example.test] The server validated our request
webserver # [ 187.290109] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates
acme # [ 187.388417] pebble[661]: Pebble 2023/01/21 19:54:58 POST /authZ/ -> calling handler()
webserver # [ 187.291812] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 187.393582] pebble[661]: Pebble 2023/01/21 19:54:58 POST /finalize-order/ -> calling handler()
acme # [ 187.396401] pebble[661]: Pebble 2023/01/21 19:54:58 Order iBLUcJx2b6YKkEFzJXc3HGdnaCcOG7f3tenmx2q_OSg is fully authorized. Processing finalization
acme # [ 187.399389] pebble[661]: Pebble 2023/01/21 19:54:58 Issued certificate serial 3ff80e8b93998376 for order iBLUcJx2b6YKkEFzJXc3HGdnaCcOG7f3tenmx2q_OSg
acme # [ 187.401679] pebble[661]: Pebble 2023/01/21 19:54:58 POST /my-order/ -> calling handler()
acme # [ 187.402668] pebble[661]: Pebble 2023/01/21 19:54:58 POST /certZ/ -> calling handler()
webserver # [ 187.301971] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] [nginx-http.example.test] Server responded with a certificate.
webserver # [ 187.305458] acme-nginx-http.example.test-start[3296]: + mv domainhash.txt certificates/
webserver # [ 187.311313] acme-nginx-http.example.test-start[3296]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key
webserver # [ 187.318848] acme-nginx-http.example.test-start[3296]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 187.322508] acme-nginx-http.example.test-start[3296]: + touch out/renewed
webserver # [ 187.327410] acme-nginx-http.example.test-start[3296]: + echo Installing new certificate
webserver # [ 187.328731] acme-nginx-http.example.test-start[3296]: Installing new certificate
webserver # [ 187.330153] acme-nginx-http.example.test-start[3296]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 187.337008] acme-nginx-http.example.test-start[3315]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 187.339072] acme-nginx-http.example.test-start[3296]: + cp -vp certificates/nginx-http.example.test.key out/key.pem
webserver # [ 187.342943] acme-nginx-http.example.test-start[3316]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem'
webserver # [ 187.345219] acme-nginx-http.example.test-start[3296]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem
webserver # [ 187.349756] acme-nginx-http.example.test-start[3317]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 187.352090] acme-nginx-http.example.test-start[3296]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 187.356478] acme-nginx-http.example.test-start[3296]: + cat out/key.pem out/fullchain.pem
webserver # [ 187.361583] acme-nginx-http.example.test-start[3296]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 187.388237] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 187.389319] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test.
webserver # [ 187.390723] systemd[1]: acme-nginx-http.example.test.service: Consumed 176ms CPU time, received 16.0K IP traffic, sent 10.8K IP traffic.
dnsserver # [ 188.614713] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:55:00 Added DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns.example.test." - Value "sEomZCNggHCCrpD1Oh8Gr5SEEHTzaLBIxinJoH5yCdo"
webserver # [ 188.578172] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:00 [INFO] [_acme-challenge.nginx-dns.example.test.] dns-hook.sh present _acme-challenge.nginx-dns.example.test. sEomZCNggHCCrpD1Oh8Gr5SEEHTzaLBIxinJoH5yCdo
webserver # [ 188.580156] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 188.581754] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed
webserver # [ 188.583380] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 107 0 0 100 107 0 16288 --:--:-- --:--:-- --:--:-- 17833
webserver # [ 188.585208] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:00 [INFO] [nginx-dns.example.test] acme: Trying to solve DNS-01
webserver # [ 198.584432] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:10 [INFO] [nginx-dns.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53]
webserver # [ 199.586700] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:11 [INFO] Wait for propagation [timeout: 1s, interval: 1s]
acme # [ 199.695312] pebble[661]: Pebble 2023/01/21 19:55:11 POST /chalZ/ -> calling handler()
acme # [ 199.702139] pebble[661]: Pebble 2023/01/21 19:55:11 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-dns.example.test"}, Challenge:(*core.Challenge)(0xc000246b40), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 199.710901] pebble[661]: Pebble 2023/01/21 19:55:11 Starting 3 validations.
acme # [ 199.713692] pebble[661]: Pebble 2023/01/21 19:55:11 POST /authZ/ -> calling handler()
acme # [ 199.716917] pebble[661]: Pebble 2023/01/21 19:55:11 authz LN4YzltycfKJT4EPpMHs803KIZj-EP1ezUlY_DvLy-w set VALID by completed challenge kJqJLal4EvpjRMu5OY7yOw9p6sxuS1xhDbIbCZ9alqQ
acme # [ 204.725568] pebble[661]: Pebble 2023/01/21 19:55:16 POST /authZ/ -> calling handler()
webserver # [ 204.624368] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:16 [INFO] [nginx-dns.example.test] The server validated our request
webserver # [ 204.630562] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:16 [INFO] [nginx-dns.example.test] acme: Cleaning DNS-01 challenge
dnsserver # [ 214.709986] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:55:26 Removed DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns.example.test."
webserver # [ 214.673193] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:26 [INFO] [_acme-challenge.nginx-dns.example.test.] dns-hook.sh cleanup _acme-challenge.nginx-dns.example.test. sEomZCNggHCCrpD1Oh8Gr5SEEHTzaLBIxinJoH5yCdo
webserver # [ 214.675308] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 214.676759] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed
webserver # [ 214.678056] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 51 0 0 100 51 0 7195 --:--:-- --:--:-- --:--:-- 7285
webserver # [ 214.679978] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:26 [INFO] sequence: wait for 1s
webserver # [ 215.677437] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:27 [INFO] [nginx-dns-alias.example.test] acme: Preparing to solve DNS-01
dnsserver # [ 225.753741] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:55:37 Added DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns-alias.example.test." - Value "d4l1m19ZutQOCJc6QY_eqajrpHmdrbvyThGHGEeAlnw"
webserver # [ 225.715487] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:37 [INFO] [_acme-challenge.nginx-dns-alias.example.test.] dns-hook.sh present _acme-challenge.nginx-dns-alias.example.test. d4l1m19ZutQOCJc6QY_eqajrpHmdrbvyThGHGEeAlnw
webserver # [ 225.724292] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 225.729479] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed
webserver # [ 225.734253] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 113 0 0 100 113 0 18056 --:--:-- --:--:-- --:--:-- 18833
webserver # [ 225.741657] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:37 [INFO] [nginx-dns-alias.example.test] acme: Trying to solve DNS-01
webserver # [ 235.725240] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:47 [INFO] [nginx-dns-alias.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53]
webserver # [ 236.726413] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:48 [INFO] Wait for propagation [timeout: 1s, interval: 1s]
acme # [ 236.834276] pebble[661]: Pebble 2023/01/21 19:55:48 POST /chalZ/ -> calling handler()
webserver # [ 236.732810] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:48 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/chalZ/bM0WGwIn88QU_Nsuq2D3YheQPPddgWMIwFZzBdpQ4Sc :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: 1CF_se6fMF0jFNGbGAjzAA
acme # [ 237.011302] pebble[661]: Pebble 2023/01/21 19:55:48 POST /chalZ/ -> calling handler()
acme # [ 237.012543] pebble[661]: Pebble 2023/01/21 19:55:48 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-dns-alias.example.test"}, Challenge:(*core.Challenge)(0xc000246960), Account:(*core.Account)(0xc0002a2d80)}
acme # [ 237.016483] pebble[661]: Pebble 2023/01/21 19:55:48 Starting 3 validations.
acme # [ 237.017399] pebble[661]: Pebble 2023/01/21 19:55:48 POST /authZ/ -> calling handler()
acme # [ 237.018326] pebble[661]: Pebble 2023/01/21 19:55:48 authz FKNrVvzfmFMf1U7rWM9cBlPTpHsY4Sq70XMJr1dtAVY set VALID by completed challenge bM0WGwIn88QU_Nsuq2D3YheQPPddgWMIwFZzBdpQ4Sc
acme # [ 244.439934] pebble[661]: Pebble 2023/01/21 19:55:55 POST /authZ/ -> calling handler()
webserver # [ 244.338809] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:55 [INFO] [nginx-dns-alias.example.test] The server validated our request
webserver # [ 244.344780] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:55 [INFO] [nginx-dns-alias.example.test] acme: Cleaning DNS-01 challenge
webserver # [ 254.375929] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:05 [INFO] [_acme-challenge.nginx-dns-alias.example.test.] dns-hook.sh cleanup _acme-challenge.nginx-dns-alias.example.test. d4l1m19ZutQOCJc6QY_eqajrpHmdrbvyThGHGEeAlnw
dnsserver # [ 254.415420] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:56:05 Removed DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns-alias.example.test."
webserver # [ 254.378267] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 254.380075] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed
webserver # [ 254.381292] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 57 0 0 100 57 0 8897 --:--:-- --:--:-- --:--:-- 9500
webserver # [ 254.383121] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:05 [INFO] [nginx-dns.example.test, nginx-dns-alias.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 254.386306] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:05 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 254.483166] pebble[661]: Pebble 2023/01/21 19:56:06 POST /finalize-order/ -> calling handler()
acme # [ 254.491371] pebble[661]: Pebble 2023/01/21 19:56:06 Order EhyJpjsXW49vBtEE05wW0Noi4wXbktY7m2GKZJbuySs is fully authorized. Processing finalization
acme # [ 254.498163] pebble[661]: Pebble 2023/01/21 19:56:06 POST /my-order/ -> calling handler()
acme # [ 254.501553] pebble[661]: Pebble 2023/01/21 19:56:06 Issued certificate serial 06121ada1a7c75b1 for order EhyJpjsXW49vBtEE05wW0Noi4wXbktY7m2GKZJbuySs
acme # [ 255.000682] pebble[661]: Pebble 2023/01/21 19:56:06 POST /my-order/ -> calling handler()
acme # [ 255.004449] pebble[661]: Pebble 2023/01/21 19:56:06 POST /certZ/ -> calling handler()
webserver # [ 254.903651] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:06 [INFO] [nginx-dns.example.test] Server responded with a certificate.
webserver # [ 254.912728] acme-nginx-dns.example.test-start[3295]: + mv domainhash.txt certificates/
webserver # [ 254.920744] acme-nginx-dns.example.test-start[3295]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key
webserver # [ 254.935770] acme-nginx-dns.example.test-start[3295]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem
webserver # [ 254.942987] acme-nginx-dns.example.test-start[3295]: + touch out/renewed
webserver # [ 254.950625] acme-nginx-dns.example.test-start[3295]: + echo Installing new certificate
webserver # [ 254.954782] acme-nginx-dns.example.test-start[3295]: Installing new certificate
webserver # [ 254.959055] acme-nginx-dns.example.test-start[3295]: + cp -vp certificates/nginx-dns.example.test.crt out/fullchain.pem
webserver # [ 254.966582] acme-nginx-dns.example.test-start[3342]: 'certificates/nginx-dns.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 254.972504] acme-nginx-dns.example.test-start[3295]: + cp -vp certificates/nginx-dns.example.test.key out/key.pem
webserver # [ 254.979108] acme-nginx-dns.example.test-start[3343]: 'certificates/nginx-dns.example.test.key' -> 'out/key.pem'
webserver # [ 254.984633] acme-nginx-dns.example.test-start[3295]: + cp -vp certificates/nginx-dns.example.test.issuer.crt out/chain.pem
webserver # [ 254.992296] acme-nginx-dns.example.test-start[3344]: 'certificates/nginx-dns.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 254.998356] acme-nginx-dns.example.test-start[3295]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 255.005232] acme-nginx-dns.example.test-start[3295]: + cat out/key.pem out/fullchain.pem
webserver # [ 255.013402] acme-nginx-dns.example.test-start[3295]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 255.050426] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully.
webserver # [ 255.058675] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test.
webserver # [ 255.067069] systemd[1]: acme-nginx-dns.example.test.service: Consumed 279ms CPU time, received 19.8K IP traffic, sent 15.4K IP traffic.
webserver # [ 255.074273] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 255.117833] systemd[1]: Reloading Nginx Web Server...
webserver # [ 255.217116] nginx[3354]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 255.223619] nginx[3354]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 255.283471] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: signal 1 (SIGHUP) received from 3355, reconfiguring
webserver # [ 255.293504] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: reconfiguring
webserver # [ 255.321103] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 255.328408] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 255.339175] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 255.351419] systemd[1]: Reached target acme-finished-nginx-dns.example.test.target.
webserver # [ 255.360438] systemd[1]: Reached target acme-finished-nginx-http.example.test.target.
webserver # [ 255.375975] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: using the "epoll" event method
webserver # [ 255.382955] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: start worker processes
webserver # [ 255.390359] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: start worker process 3357
webserver # the following new units were started: acme-account-d590213ed52603e9128d.target, acme-finished-nginx-dns.example.test.target, acme-finished-nginx-http.example.test.target, acme-nginx-dns.example.test.timer, acme-nginx-http.example.test.timer, nginx.service
webserver # [ 255.428987] nixos[3080]: finished switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test, in 80.83 seconds)
webserver: waiting for unit acme-finished-nginx-http.example.test.target
webserver # [ 255.483941] nginx[3280]: 2023/01/21 19:56:07 [notice] 3280#3280: gracefully shutting down
webserver # [ 255.488040] nginx[3280]: 2023/01/21 19:56:07 [notice] 3280#3280: exiting
webserver # [ 255.492969] nginx[3280]: 2023/01/21 19:56:07 [notice] 3280#3280: exit
webserver # [ 255.497104] nginx[3271]: 2023/01/21 19:56:07 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3280
webserver # [ 255.501979] nginx[3271]: 2023/01/21 19:56:07 [notice] 3271#3271: worker process 3280 exited with code 0
webserver # [ 255.506839] nginx[3271]: 2023/01/21 19:56:07 [notice] 3271#3271: signal 29 (SIGIO) received
(finished: waiting for unit acme-finished-nginx-http.example.test.target, in 0.09 seconds)
webserver: waiting for unit acme-finished-nginx-dns.example.test.target
(finished: waiting for unit acme-finished-nginx-dns.example.test.target, in 0.06 seconds)
webserver: waiting for unit nginx.service
(finished: waiting for unit nginx.service, in 0.07 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem, in 0.11 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem, in 0.10 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/cert.pem, in 0.11 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/fullchain.pem, in 0.11 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1
webserver # [ 256.143539] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *7 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http-alias.example.test -connect nginx-http-alias.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http-alias.example.test -connect nginx-http-alias.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns.example.test -connect nginx-dns.example.test:443 < /dev/null 2>&1
webserver # [ 256.190395] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *8 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns.example.test -connect nginx-dns.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns-alias.example.test -connect nginx-dns-alias.example.test:443 < /dev/null 2>&1
webserver # [ 256.225282] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *9 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns-alias.example.test -connect nginx-dns-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard.example.test -connect nginx-wildcard.example.test:443 < /dev/null 2>&1
webserver # [ 256.259312] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *10 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
webserver # [ 256.293395] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *11 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard.example.test -connect nginx-wildcard.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard-alias.example.test -connect nginx-wildcard-alias.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard-alias.example.test -connect nginx-wildcard-alias.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
(finished: subtest: Works with nginx, in 81.75 seconds)
subtest: Can reload nginx when timer triggers renewal
webserver: must succeed: systemctl clean acme-nginx-http.example.test.service --what=state
webserver # [ 256.331426] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *12 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
webserver # [ 256.394985] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 256.399803] systemd[1]: acme-nginx-http.example.test.service: Consumed 1ms CPU time, no IO, received 16.0K IP traffic, sent 10.8K IP traffic.
(finished: must succeed: systemctl clean acme-nginx-http.example.test.service --what=state, in 0.08 seconds)
webserver: must succeed: systemctl start acme-selfsigned-nginx-http.example.test.service
webserver # [ 256.451781] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 256.466170] systemd[1]: Starting Generate self-signed certificate for nginx-http.example.test...
webserver # [ 256.748705] systemd[1]: acme-selfsigned-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 256.758434] systemd[1]: Finished Generate self-signed certificate for nginx-http.example.test.
(finished: must succeed: systemctl start acme-selfsigned-nginx-http.example.test.service, in 0.36 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem, in 0.11 seconds)
cert.pem issuer: CN = minica root ca 26429f
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem, in 0.10 seconds)
fullchain.pem issuer: CN = minica root ca 26429f
webserver: must succeed: systemctl start nginx-config-reload.service
webserver # [ 257.019288] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 257.077174] systemd[1]: Reloading Nginx Web Server...
webserver # [ 257.182824] nginx[3415]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 257.188348] nginx[3415]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 257.250349] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: signal 1 (SIGHUP) received from 3416, reconfiguring
webserver # [ 257.259444] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: reconfiguring
webserver # [ 257.282152] systemd[1]: Reloaded Nginx Web Server.
(finished: must succeed: systemctl start nginx-config-reload.service, in 0.31 seconds)
webserver: must succeed: systemctl start test-renew-nginx.target
webserver # [ 257.287961] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 257.299447] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 257.325960] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: using the "epoll" event method
webserver # [ 257.330627] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: start worker processes
webserver # [ 257.337774] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: start worker process 3420
webserver # [ 257.343989] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 257.350669] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem).
webserver # [ 257.365229] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test...
webserver # [ 257.411739] acme-nginx-http.example.test-start[3422]: + set -euo pipefail
webserver # [ 257.412848] acme-nginx-http.example.test-start[3423]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 257.418030] acme-nginx-http.example.test-start[3423]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 257.423624] acme-nginx-http.example.test-start[3422]: + echo 197b6592b1395f3f8747
webserver # [ 257.424536] acme-nginx-http.example.test-start[3422]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 257.427840] acme-nginx-http.example.test-start[3422]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run
webserver # [ 257.435326] nginx[3357]: 2023/01/21 19:56:08 [notice] 3357#3357: gracefully shutting down
webserver # [ 257.436082] nginx[3357]: 2023/01/21 19:56:08 [notice] 3357#3357: exiting
webserver # [ 257.436640] nginx[3357]: 2023/01/21 19:56:08 [notice] 3357#3357: exit
webserver # [ 257.440620] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3357
webserver # [ 257.441456] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: worker process 3357 exited with code 0
webserver # [ 257.442461] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: signal 29 (SIGIO) received
webserver # [ 257.459640] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 No key found for account hostmaster@example.test. Generating a P256 key.
webserver # [ 257.461347] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key
acme # [ 257.611555] pebble[661]: Pebble 2023/01/21 19:56:09 GET /dir -> calling handler()
webserver # [ 257.513579] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] acme: Registering account for hostmaster@example.test
acme # [ 257.617450] pebble[661]: Pebble 2023/01/21 19:56:09 HEAD /nonce-plz -> calling handler()
webserver # [ 257.520418] acme-nginx-http.example.test-start[3426]: !!!! HEADS UP !!!!
acme # [ 257.622133] pebble[661]: Pebble 2023/01/21 19:56:09 POST /sign-me-up -> calling handler()
acme # [ 257.625361] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 5 accounts in memory
webserver # [ 257.523343] acme-nginx-http.example.test-start[3426]: Your account credentials have been saved in your Let's Encrypt
webserver # [ 257.527947] acme-nginx-http.example.test-start[3426]: configuration directory at "accounts".
webserver # [ 257.529997] acme-nginx-http.example.test-start[3426]: You should make a secure backup of this folder now. This
webserver # [ 257.531008] acme-nginx-http.example.test-start[3426]: configuration directory will also contain certificates and
acme # [ 257.630792] pebble[661]: Pebble 2023/01/21 19:56:09 POST /order-plz -> calling handler()
webserver # [ 257.532036] acme-nginx-http.example.test-start[3426]: private keys obtained from Let's Encrypt so making regular
webserver # [ 257.533045] acme-nginx-http.example.test-start[3426]: backups of this folder is ideal.
webserver # [ 257.533955] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 257.634411] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 16 authorizations in the db
acme # [ 257.638054] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 17 authorizations in the db
acme # [ 257.641628] pebble[661]: Pebble 2023/01/21 19:56:09 Added order "RO9kZSTE7Q6QvCeMVstotVtKFjefTNrKPFs1ixYPr2M" to the db
acme # [ 257.645915] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 15 orders in the db
acme # [ 257.689687] pebble[661]: Pebble 2023/01/21 19:56:09 POST /authZ/ -> calling handler()
webserver # [ 257.645371] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/9Yk7bFdIxXye9kOlXXOCzF34TU-rerb3085IRt2U3oU
webserver # [ 257.647193] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg
webserver # [ 257.649655] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 257.651626] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] acme: use http-01 solver
acme # [ 257.746234] pebble[661]: Pebble 2023/01/21 19:56:09 POST /authZ/ -> calling handler()
webserver # [ 257.653382] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 257.655188] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test] acme: use http-01 solver
webserver # [ 257.656519] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] acme: Trying to solve HTTP-01
acme # [ 257.756011] pebble[661]: Pebble 2023/01/21 19:56:09 POST /chalZ/ -> calling handler()
acme # [ 257.762651] pebble[661]: Pebble 2023/01/21 19:56:09 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000247e00), Account:(*core.Account)(0xc000217680)}
acme # [ 257.771284] pebble[661]: Pebble 2023/01/21 19:56:09 Starting 3 validations.
acme # [ 257.774035] pebble[661]: Pebble 2023/01/21 19:56:09 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/ER2iSs3sEQCE8Z_G9uKxr5ZjO_IJ56Imk06ywbl4wko
acme # [ 257.780515] pebble[661]: Pebble 2023/01/21 19:56:09 POST /authZ/ -> calling handler()
acme # [ 257.783644] pebble[661]: Pebble 2023/01/21 19:56:09 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/ER2iSs3sEQCE8Z_G9uKxr5ZjO_IJ56Imk06ywbl4wko
acme # [ 257.790108] pebble[661]: Pebble 2023/01/21 19:56:09 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/ER2iSs3sEQCE8Z_G9uKxr5ZjO_IJ56Imk06ywbl4wko
acme # [ 257.797317] pebble[661]: Pebble 2023/01/21 19:56:09 authz 9Yk7bFdIxXye9kOlXXOCzF34TU-rerb3085IRt2U3oU set VALID by completed challenge obNFyPsxj127T4rl7be4AHh0WFpfqjzEDxBQrsr7tWw
acme # [ 262.829634] pebble[661]: Pebble 2023/01/21 19:56:14 POST /authZ/ -> calling handler()
webserver # [ 262.727757] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:14 [INFO] [nginx-http-alias.example.test] The server validated our request
webserver # [ 262.729215] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:14 [INFO] [nginx-http.example.test] acme: Trying to solve HTTP-01
acme # [ 262.831716] pebble[661]: Pebble 2023/01/21 19:56:14 POST /chalZ/ -> calling handler()
acme # [ 262.834332] pebble[661]: Pebble 2023/01/21 19:56:14 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http.example.test"}, Challenge:(*core.Challenge)(0xc0001b8000), Account:(*core.Account)(0xc000217680)}
acme # [ 262.840507] pebble[661]: Pebble 2023/01/21 19:56:14 Starting 3 validations.
acme # [ 262.841250] pebble[661]: Pebble 2023/01/21 19:56:14 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/zIpfqcUZb0naKA3fpWCHnFHXXJHMjnZ2V1Q9l2BM7bU
acme # [ 262.844326] pebble[661]: Pebble 2023/01/21 19:56:14 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/zIpfqcUZb0naKA3fpWCHnFHXXJHMjnZ2V1Q9l2BM7bU
acme # [ 262.851785] pebble[661]: Pebble 2023/01/21 19:56:14 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/zIpfqcUZb0naKA3fpWCHnFHXXJHMjnZ2V1Q9l2BM7bU
acme # [ 262.858723] pebble[661]: Pebble 2023/01/21 19:56:14 POST /authZ/ -> calling handler()
acme # [ 262.861738] pebble[661]: Pebble 2023/01/21 19:56:14 authz aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg set VALID by completed challenge kwt9ODuf3mnXLy1hSdiOw2PDNswQrcmoIaHgjENQBvY
acme # [ 268.346555] pebble[661]: Pebble 2023/01/21 19:56:19 POST /authZ/ -> calling handler()
webserver # [ 268.245370] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] [nginx-http.example.test] The server validated our request
webserver # [ 268.247855] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 268.250273] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 268.352477] pebble[661]: Pebble 2023/01/21 19:56:19 POST /finalize-order/ -> calling handler()
acme # [ 268.353563] pebble[661]: Pebble 2023/01/21 19:56:19 Order RO9kZSTE7Q6QvCeMVstotVtKFjefTNrKPFs1ixYPr2M is fully authorized. Processing finalization
acme # [ 268.358059] pebble[661]: Pebble 2023/01/21 19:56:19 Issued certificate serial 15d0250b10afd6f1 for order RO9kZSTE7Q6QvCeMVstotVtKFjefTNrKPFs1ixYPr2M
acme # [ 268.360180] pebble[661]: Pebble 2023/01/21 19:56:19 POST /my-order/ -> calling handler()
acme # [ 268.361301] pebble[661]: Pebble 2023/01/21 19:56:19 POST /certZ/ -> calling handler()
webserver # [ 268.260982] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] [nginx-http.example.test] Server responded with a certificate.
webserver # [ 268.264463] acme-nginx-http.example.test-start[3422]: + mv domainhash.txt certificates/
webserver # [ 268.270840] acme-nginx-http.example.test-start[3422]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key
webserver # [ 268.279376] acme-nginx-http.example.test-start[3422]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 268.283657] acme-nginx-http.example.test-start[3422]: + touch out/renewed
webserver # [ 268.289625] acme-nginx-http.example.test-start[3422]: + echo Installing new certificate
webserver # [ 268.290691] acme-nginx-http.example.test-start[3422]: Installing new certificate
webserver # [ 268.291713] acme-nginx-http.example.test-start[3422]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 268.298400] acme-nginx-http.example.test-start[3435]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 268.300825] acme-nginx-http.example.test-start[3422]: + cp -vp certificates/nginx-http.example.test.key out/key.pem
webserver # [ 268.305598] acme-nginx-http.example.test-start[3436]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem'
webserver # [ 268.307782] acme-nginx-http.example.test-start[3422]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem
webserver # [ 268.312756] acme-nginx-http.example.test-start[3437]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 268.314680] acme-nginx-http.example.test-start[3422]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 268.319756] acme-nginx-http.example.test-start[3422]: + cat out/key.pem out/fullchain.pem
webserver # [ 268.325594] acme-nginx-http.example.test-start[3422]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 268.354705] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 268.355784] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test.
webserver # [ 268.358194] systemd[1]: acme-nginx-http.example.test.service: Consumed 156ms CPU time, received 16.2K IP traffic, sent 10.8K IP traffic.
webserver # [ 268.361297] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 268.404425] systemd[1]: Reloading Nginx Web Server...
webserver # [ 268.481230] nginx[3447]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 268.482378] nginx[3447]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 268.526991] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: signal 1 (SIGHUP) received from 3448, reconfiguring
webserver # [ 268.527881] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: reconfiguring
webserver # [ 268.538066] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 268.541601] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 268.542527] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 268.546759] systemd[1]: Reached target test-renew-nginx.target.
(finished: must succeed: systemctl start test-renew-nginx.target, in 11.27 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem
webserver # [ 268.576938] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: using the "epoll" event method
webserver # [ 268.578228] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: start worker processes
webserver # [ 268.582358] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: start worker process 3452
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem, in 0.08 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem
webserver # [ 268.684827] nginx[3420]: 2023/01/21 19:56:20 [notice] 3420#3420: gracefully shutting down
webserver # [ 268.685801] nginx[3420]: 2023/01/21 19:56:20 [notice] 3420#3420: exiting
webserver # [ 268.686601] nginx[3420]: 2023/01/21 19:56:20 [notice] 3420#3420: exit
webserver # [ 268.689520] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3420
webserver # [ 268.690546] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: worker process 3420 exited with code 0
webserver # [ 268.692088] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: signal 29 (SIGIO) received
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem, in 0.08 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1
webserver # [ 268.744862] nginx[3452]: 2023/01/21 19:56:20 [info] 3452#3452: *19 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
(finished: subtest: Can reload nginx when timer triggers renewal, in 12.41 seconds)
subtest: Can remove an alias from a domain + cert is updated
webserver: must succeed: /tmp/specialisation/nginx-remove-alias/bin/switch-to-configuration test
webserver # [ 269.514214] nixos[3464]: switching to system configuration /nix/store/1bimh35my92p0qgizjlvl63vpbcsbfzv-nixos-system-webserver-23.05pre-git
webserver # [ 269.532528] systemd[1]: Stopped target Local File Systems.
webserver # [ 269.535380] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 269.537632] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 269.713636] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 269.721112] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 269.724194] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (66)
webserver # [ 269.724796] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 269.725518] nscd[901]: 901 monitoring file `/etc/group` (69)
webserver # [ 269.726277] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 269.728956] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 269.730333] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 269.732835] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (66)
webserver # [ 269.737508] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 269.739098] nscd[901]: 901 monitoring file `/etc/passwd` (70)
webserver # [ 269.739764] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 269.836023] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 269.846278] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 269.847675] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 269.850531] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 269.853620] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 269.856411] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 269.858974] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 269.860582] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 270.220572] systemd[1]: Reloading.
webserver # [ 270.679166] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed.
webserver # setting up tmpfiles
webserver # restarting the following units: nginx.service
webserver # [ 270.825616] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 270.826910] nginx[3452]: 2023/01/21 19:56:22 [notice] 3452#3452: exiting
webserver # [ 270.827682] nginx[3452]: 2023/01/21 19:56:22 [notice] 3452#3452: exit
webserver # [ 270.829833] systemd[1]: Stopping Nginx Web Server...
webserver # [ 270.834459] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3452
webserver # [ 270.836212] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: worker process 3452 exited with code 0
webserver # [ 270.837798] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: exit
webserver # [ 270.849861] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 270.854355] systemd[1]: Stopped Nginx Web Server.
webserver # [ 270.857068] systemd[1]: nginx.service: Consumed 610ms CPU time, no IO, received 12.3K IP traffic, sent 27.0K IP traffic.
webserver # [ 270.864271] systemd[1]: Starting Nginx Web Server...
webserver # [ 270.979044] nginx-pre-start[3612]: nginx: the configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf syntax is ok
webserver # [ 270.980700] nginx-pre-start[3612]: nginx: configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf test is successful
webserver # [ 270.989162] systemd[1]: Started Nginx Web Server.
webserver # [ 271.034348] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 271.038179] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 271.052728] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 271.143453] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 271.146218] systemd[1]: Reached target Remote File Systems.
webserver # [ 271.160062] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 271.161116] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 271.168456] systemd[1]: Reached target Local File Systems.
webserver # [ 271.187064] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 271.189089] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 271.194629] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 271.198429] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 271.202156] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 271.209467] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem).
webserver # [ 271.219991] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem).
webserver # [ 271.273572] acme-example.test-start[3616]: + set -euo pipefail
webserver # [ 271.274970] acme-example.test-start[3616]: + echo f296e6482529fca9f20a
webserver # [ 271.275744] acme-example.test-start[3616]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 271.281156] acme-example.test-start[3619]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 271.290306] acme-example.test-start[3616]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 271.292758] acme-example.test-start[3616]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 271.316331] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: using the "epoll" event method
webserver # [ 271.317513] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: nginx/1.22.1
webserver # [ 271.318941] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: built by gcc 11.3.0 (GCC)
webserver # [ 271.319855] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: OS: Linux 5.15.89
webserver # [ 271.322407] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 271.324084] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: start worker processes
webserver # [ 271.326030] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: start worker process 3625
acme # [ 271.491070] pebble[661]: Pebble 2023/01/21 19:56:23 GET /dir -> calling handler()
webserver # [ 271.393435] acme-example.test-start[3620]: 2023/01/21 19:56:22 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 271.398523] acme-example.test-start[3616]: + mv domainhash.txt certificates/
webserver # [ 271.405027] acme-example.test-start[3616]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 271.413261] acme-example.test-start[3616]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 271.417405] acme-example.test-start[3616]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 271.446412] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 271.447326] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 271.449273] systemd[1]: acme-example.test.service: Consumed 161ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 271.456292] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test...
webserver # [ 271.461809] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test...
webserver # [ 271.579804] acme-nginx-dns.example.test-start[3633]: + set -euo pipefail
webserver # [ 271.580840] acme-nginx-dns.example.test-start[3633]: + echo 59d0420c322ea19728a7
webserver # [ 271.582209] acme-nginx-http.example.test-start[3634]: + set -euo pipefail
webserver # [ 271.583682] acme-nginx-http.example.test-start[3635]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 271.585403] acme-nginx-dns.example.test-start[3633]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 271.590726] acme-nginx-dns.example.test-start[3638]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 271.594435] acme-nginx-http.example.test-start[3635]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 271.602838] acme-nginx-dns.example.test-start[3633]: + '[' -e certificates/nginx-dns.example.test.key -a -e certificates/nginx-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 271.607259] acme-nginx-dns.example.test-start[3633]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test renew --no-random-sleep --days 30
webserver # [ 271.621274] acme-nginx-http.example.test-start[3634]: + echo aba4d0213fd23644df4a
webserver # [ 271.623801] acme-nginx-http.example.test-start[3634]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 271.627785] acme-nginx-http.example.test-start[3634]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
acme # [ 271.861457] pebble[661]: Pebble 2023/01/21 19:56:23 GET /dir -> calling handler()
webserver # [ 271.763933] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] acme: Obtaining bundled SAN certificate
acme # [ 271.868875] pebble[661]: Pebble 2023/01/21 19:56:23 HEAD /nonce-plz -> calling handler()
acme # [ 271.876063] pebble[661]: Pebble 2023/01/21 19:56:23 POST /order-plz -> calling handler()
acme # [ 271.878208] pebble[661]: Pebble 2023/01/21 19:56:23 Added order "-kRQOJc3j8YRYuLZ19FjOZurLJd92AUmFIWdquNFlUs" to the db
acme # [ 271.879454] pebble[661]: Pebble 2023/01/21 19:56:23 There are now 16 orders in the db
acme # [ 271.880803] pebble[661]: Pebble 2023/01/21 19:56:23 GET /dir -> calling handler()
webserver # [ 271.779869] acme-nginx-dns.example.test-start[3639]: 2023/01/21 19:56:23 [nginx-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 271.784712] acme-nginx-dns.example.test-start[3633]: + mv domainhash.txt certificates/
webserver # [ 271.791388] acme-nginx-dns.example.test-start[3633]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key
webserver # [ 271.799736] acme-nginx-dns.example.test-start[3633]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem
webserver # [ 271.804239] acme-nginx-dns.example.test-start[3633]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
acme # [ 271.935950] pebble[661]: Pebble 2023/01/21 19:56:23 POST /authZ/ -> calling handler()
webserver # [ 271.834459] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: FCsQmDrRk8fTGNhs0LpPYQ
webserver # [ 271.842223] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully.
webserver # [ 271.843611] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test.
webserver # [ 271.844574] systemd[1]: acme-nginx-dns.example.test.service: Consumed 162ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic.
acme # [ 272.097987] pebble[661]: Pebble 2023/01/21 19:56:23 POST /authZ/ -> calling handler()
webserver # [ 271.997178] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg
webserver # [ 271.999507] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] acme: authorization already valid; skipping challenge
webserver # [ 272.001079] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] acme: Validations succeeded; requesting certificates
acme # [ 272.102046] pebble[661]: Pebble 2023/01/21 19:56:23 POST /finalize-order/ -> calling handler()
webserver # [ 272.002575] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 272.106594] pebble[661]: Pebble 2023/01/21 19:56:23 Order -kRQOJc3j8YRYuLZ19FjOZurLJd92AUmFIWdquNFlUs is fully authorized. Processing finalization
acme # [ 272.108091] pebble[661]: Pebble 2023/01/21 19:56:23 Issued certificate serial 49329bf628ab6c5f for order -kRQOJc3j8YRYuLZ19FjOZurLJd92AUmFIWdquNFlUs
acme # [ 272.110147] pebble[661]: Pebble 2023/01/21 19:56:23 POST /my-order/ -> calling handler()
acme # [ 272.112118] pebble[661]: Pebble 2023/01/21 19:56:23 POST /certZ/ -> calling handler()
webserver # [ 272.012980] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] Server responded with a certificate.
webserver # [ 272.016431] acme-nginx-http.example.test-start[3634]: + mv domainhash.txt certificates/
webserver # [ 272.025752] acme-nginx-http.example.test-start[3634]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key
webserver # [ 272.034054] acme-nginx-http.example.test-start[3634]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 272.038047] acme-nginx-http.example.test-start[3634]: + touch out/renewed
webserver # [ 272.043976] acme-nginx-http.example.test-start[3634]: + echo Installing new certificate
webserver # [ 272.044763] acme-nginx-http.example.test-start[3634]: Installing new certificate
webserver # [ 272.045775] acme-nginx-http.example.test-start[3634]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 272.051456] acme-nginx-http.example.test-start[3661]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 272.053413] acme-nginx-http.example.test-start[3634]: + cp -vp certificates/nginx-http.example.test.key out/key.pem
webserver # [ 272.057774] acme-nginx-http.example.test-start[3662]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem'
webserver # [ 272.059438] acme-nginx-http.example.test-start[3634]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem
webserver # [ 272.064069] acme-nginx-http.example.test-start[3663]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 272.065654] acme-nginx-http.example.test-start[3634]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 272.071033] acme-nginx-http.example.test-start[3634]: + cat out/key.pem out/fullchain.pem
webserver # [ 272.077126] acme-nginx-http.example.test-start[3634]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 272.109538] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 272.110679] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test.
webserver # [ 272.113839] systemd[1]: acme-nginx-http.example.test.service: Consumed 172ms CPU time, received 8.8K IP traffic, sent 5.8K IP traffic.
webserver # [ 272.119615] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 272.167846] systemd[1]: Reloading Nginx Web Server...
webserver # [ 272.260293] nginx[3673]: nginx: the configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf syntax is ok
webserver # [ 272.261456] nginx[3673]: nginx: configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf test is successful
webserver # [ 272.310198] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: signal 1 (SIGHUP) received from 3674, reconfiguring
webserver # [ 272.311799] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: reconfiguring
webserver # [ 272.321292] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 272.326635] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 272.327624] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 272.378395] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: using the "epoll" event method
webserver # [ 272.379632] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: start worker processes
webserver # [ 272.385164] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: start worker process 3676
webserver # [ 272.404342] nixos[3464]: finished switching to system configuration /nix/store/1bimh35my92p0qgizjlvl63vpbcsbfzv-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/nginx-remove-alias/bin/switch-to-configuration test, in 3.63 seconds)
webserver: waiting for unit acme-finished-nginx-http.example.test.target
(finished: waiting for unit acme-finished-nginx-http.example.test.target, in 0.05 seconds)
webserver: waiting for unit nginx.service
webserver # [ 272.487870] nginx[3625]: 2023/01/21 19:56:24 [notice] 3625#3625: gracefully shutting down
webserver # [ 272.488650] nginx[3625]: 2023/01/21 19:56:24 [notice] 3625#3625: exiting
webserver # [ 272.489242] nginx[3625]: 2023/01/21 19:56:24 [notice] 3625#3625: exit
webserver # [ 272.492551] nginx[3613]: 2023/01/21 19:56:24 [notice] 3613#3613: signal 17 (SIGCHLD) received from 3625
webserver # [ 272.493352] nginx[3613]: 2023/01/21 19:56:24 [notice] 3613#3613: worker process 3625 exited with code 0
webserver # [ 272.494178] nginx[3613]: 2023/01/21 19:56:24 [notice] 3613#3613: signal 29 (SIGIO) received
(finished: waiting for unit nginx.service, in 0.05 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1
webserver # [ 272.561304] nginx[3676]: 2023/01/21 19:56:24 [info] 3676#3676: *1 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
webserver # [ 272.612469] nginx[3676]: 2023/01/21 19:56:24 [info] 3676#3676: *2 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: subtest: Can remove an alias from a domain + cert is updated, in 3.92 seconds)
subtest: security.acme changes reflect on web server
webserver: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test
webserver # [ 273.489154] nixos[3693]: switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git
webserver # [ 273.516983] systemd[1]: Stopped target Local File Systems.
webserver # [ 273.522051] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 273.525620] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 273.772084] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 273.779128] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 273.783291] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (72)
webserver # [ 273.784160] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 273.784828] nscd[901]: 901 monitoring file `/etc/group` (75)
webserver # [ 273.785873] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 273.789955] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 273.792821] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 273.796564] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (72)
webserver # [ 273.797611] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 273.798596] nscd[901]: 901 monitoring file `/etc/passwd` (76)
webserver # [ 273.807099] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 273.915187] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 273.925817] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 273.934841] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 273.940561] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 273.945231] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 273.950874] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 273.952829] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 273.954528] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 274.419389] systemd[1]: Reloading.
webserver # [ 274.896575] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed.
webserver # setting up tmpfiles
webserver # restarting the following units: nginx.service
webserver # [ 275.043556] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 275.044877] nginx[3676]: 2023/01/21 19:56:26 [notice] 3676#3676: exiting
webserver # [ 275.045682] nginx[3676]: 2023/01/21 19:56:26 [notice] 3676#3676: exit
webserver # [ 275.050722] systemd[1]: Stopping Nginx Web Server...
webserver # [ 275.052498] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: signal 17 (SIGCHLD) received from 3676
webserver # [ 275.055115] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: worker process 3676 exited with code 0
webserver # [ 275.057071] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: exit
webserver # [ 275.069118] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 275.071396] systemd[1]: Stopped Nginx Web Server.
webserver # [ 275.074777] systemd[1]: nginx.service: Consumed 336ms CPU time, no IO, received 1.8K IP traffic, sent 5.6K IP traffic.
webserver # [ 275.080996] systemd[1]: Starting Nginx Web Server...
webserver # [ 275.197920] nginx-pre-start[3841]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 275.199662] nginx-pre-start[3841]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 275.208430] systemd[1]: Started Nginx Web Server.
webserver # [ 275.253541] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 275.257049] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 275.272334] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 275.362411] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 275.365210] systemd[1]: Reached target Remote File Systems.
webserver # [ 275.376647] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 275.377693] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 275.387819] systemd[1]: Reached target Local File Systems.
webserver # [ 275.401769] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 275.405190] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 275.410720] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 275.416453] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 275.420722] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 275.428507] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem).
webserver # [ 275.441962] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem).
webserver # [ 275.491534] acme-example.test-start[3845]: + set -euo pipefail
webserver # [ 275.492879] acme-example.test-start[3845]: + echo f296e6482529fca9f20a
webserver # [ 275.493704] acme-example.test-start[3845]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 275.498838] acme-example.test-start[3848]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 275.508057] acme-example.test-start[3845]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 275.510602] acme-example.test-start[3845]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 275.525334] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: using the "epoll" event method
webserver # [ 275.526523] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: nginx/1.22.1
webserver # [ 275.527963] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: built by gcc 11.3.0 (GCC)
webserver # [ 275.528951] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: OS: Linux 5.15.89
webserver # [ 275.529834] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: getrlimit(RLIMIT_NOFILE): 1024:524288
webserver # [ 275.534050] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker processes
webserver # [ 275.536702] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker process 3853
acme # [ 275.706499] pebble[661]: Pebble 2023/01/21 19:56:27 GET /dir -> calling handler()
webserver # [ 275.608772] acme-example.test-start[3849]: 2023/01/21 19:56:27 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 275.613766] acme-example.test-start[3845]: + mv domainhash.txt certificates/
webserver # [ 275.620815] acme-example.test-start[3845]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 275.629124] acme-example.test-start[3845]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 275.633111] acme-example.test-start[3845]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 275.663432] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 275.664480] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 275.666729] systemd[1]: acme-example.test.service: Consumed 159ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 275.673374] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test...
webserver # [ 275.679233] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test...
webserver # [ 275.781061] acme-nginx-dns.example.test-start[3861]: + set -euo pipefail
webserver # [ 275.781912] acme-nginx-dns.example.test-start[3861]: + echo 59d0420c322ea19728a7
webserver # [ 275.782816] acme-nginx-dns.example.test-start[3861]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 275.786826] acme-nginx-http.example.test-start[3862]: + set -euo pipefail
webserver # [ 275.788403] acme-nginx-http.example.test-start[3864]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 275.791320] acme-nginx-dns.example.test-start[3866]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 275.798343] acme-nginx-http.example.test-start[3864]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 275.801316] acme-nginx-dns.example.test-start[3861]: + '[' -e certificates/nginx-dns.example.test.key -a -e certificates/nginx-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 275.804187] acme-nginx-dns.example.test-start[3861]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test renew --no-random-sleep --days 30
webserver # [ 275.812117] acme-nginx-http.example.test-start[3862]: + echo 197b6592b1395f3f8747
webserver # [ 275.815441] acme-nginx-http.example.test-start[3862]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 275.822464] acme-nginx-http.example.test-start[3862]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run
acme # [ 276.035175] pebble[661]: Pebble 2023/01/21 19:56:27 GET /dir -> calling handler()
acme # [ 276.036866] pebble[661]: Pebble 2023/01/21 19:56:27 GET /dir -> calling handler()
webserver # [ 275.935942] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 276.039477] pebble[661]: Pebble 2023/01/21 19:56:27 HEAD /nonce-plz -> calling handler()
webserver # [ 275.938459] acme-nginx-dns.example.test-start[3867]: 2023/01/21 19:56:27 [nginx-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
acme # [ 276.042310] pebble[661]: Pebble 2023/01/21 19:56:27 POST /order-plz -> calling handler()
webserver # [ 275.942499] acme-nginx-dns.example.test-start[3861]: + mv domainhash.txt certificates/
acme # [ 276.044109] pebble[661]: Pebble 2023/01/21 19:56:27 Added order "OWip2NuYtxK3bGB3MPqNPCssRZ2lCGoVkwd4BECKArk" to the db
acme # [ 276.045785] pebble[661]: Pebble 2023/01/21 19:56:27 There are now 17 orders in the db
webserver # [ 275.948467] acme-nginx-dns.example.test-start[3861]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key
webserver # [ 275.955351] acme-nginx-dns.example.test-start[3861]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem
webserver # [ 275.958736] acme-nginx-dns.example.test-start[3861]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 275.981623] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully.
webserver # [ 275.982391] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test.
webserver # [ 275.984104] systemd[1]: acme-nginx-dns.example.test.service: Consumed 127ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic.
acme # [ 276.104464] pebble[661]: Pebble 2023/01/21 19:56:27 POST /authZ/ -> calling handler()
acme # [ 276.160158] pebble[661]: Pebble 2023/01/21 19:56:27 POST /authZ/ -> calling handler()
webserver # [ 276.059462] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/9Yk7bFdIxXye9kOlXXOCzF34TU-rerb3085IRt2U3oU
acme # [ 276.162878] pebble[661]: Pebble 2023/01/21 19:56:27 POST /finalize-order/ -> calling handler()
webserver # [ 276.061404] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg
webserver # [ 276.062840] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http-alias.example.test] acme: authorization already valid; skipping challenge
webserver # [ 276.064042] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test] acme: authorization already valid; skipping challenge
acme # [ 276.163960] pebble[661]: Pebble 2023/01/21 19:56:27 Order OWip2NuYtxK3bGB3MPqNPCssRZ2lCGoVkwd4BECKArk is fully authorized. Processing finalization
webserver # [ 276.065268] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 276.066643] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 276.168768] pebble[661]: Pebble 2023/01/21 19:56:27 Issued certificate serial 4a6fbcf72be51151 for order OWip2NuYtxK3bGB3MPqNPCssRZ2lCGoVkwd4BECKArk
acme # [ 276.170812] pebble[661]: Pebble 2023/01/21 19:56:27 POST /my-order/ -> calling handler()
acme # [ 276.172773] pebble[661]: Pebble 2023/01/21 19:56:27 POST /certZ/ -> calling handler()
webserver # [ 276.074039] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test] Server responded with a certificate.
webserver # [ 276.077186] acme-nginx-http.example.test-start[3862]: + mv domainhash.txt certificates/
webserver # [ 276.082704] acme-nginx-http.example.test-start[3862]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key
webserver # [ 276.089953] acme-nginx-http.example.test-start[3862]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 276.093330] acme-nginx-http.example.test-start[3862]: + touch out/renewed
webserver # [ 276.098023] acme-nginx-http.example.test-start[3862]: + echo Installing new certificate
webserver # [ 276.098956] acme-nginx-http.example.test-start[3862]: Installing new certificate
webserver # [ 276.099995] acme-nginx-http.example.test-start[3862]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 276.105068] acme-nginx-http.example.test-start[3889]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 276.106739] acme-nginx-http.example.test-start[3862]: + cp -vp certificates/nginx-http.example.test.key out/key.pem
webserver # [ 276.111565] acme-nginx-http.example.test-start[3890]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem'
webserver # [ 276.113643] acme-nginx-http.example.test-start[3862]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem
webserver # [ 276.118571] acme-nginx-http.example.test-start[3891]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 276.120053] acme-nginx-http.example.test-start[3862]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 276.125876] acme-nginx-http.example.test-start[3862]: + cat out/key.pem out/fullchain.pem
webserver # [ 276.131654] acme-nginx-http.example.test-start[3862]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 276.162331] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 276.163136] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test.
webserver # [ 276.163790] systemd[1]: acme-nginx-http.example.test.service: Consumed 147ms CPU time, received 9.6K IP traffic, sent 5.9K IP traffic.
webserver # [ 276.167817] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 276.211842] systemd[1]: Reloading Nginx Web Server...
webserver # [ 276.289297] nginx[3901]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 276.290421] nginx[3901]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 276.333979] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: signal 1 (SIGHUP) received from 3902, reconfiguring
webserver # [ 276.334927] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: reconfiguring
webserver # [ 276.344421] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 276.349430] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 276.350316] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 276.388021] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: using the "epoll" event method
webserver # [ 276.389178] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker processes
webserver # [ 276.390271] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker process 3904
webserver # [ 276.415970] nixos[3693]: finished switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test, in 3.73 seconds)
webserver: waiting for unit nginx.service
(finished: waiting for unit nginx.service, in 0.05 seconds)
webserver # [ 276.493117] nginx[3853]: 2023/01/21 19:56:28 [notice] 3853#3853: gracefully shutting down
webserver # [ 276.494092] nginx[3853]: 2023/01/21 19:56:28 [notice] 3853#3853: exiting
webserver # [ 276.494799] nginx[3853]: 2023/01/21 19:56:28 [notice] 3853#3853: exit
webserver # [ 276.499957] nginx[3842]: 2023/01/21 19:56:28 [notice] 3842#3842: signal 17 (SIGCHLD) received from 3853
webserver # [ 276.501090] nginx[3842]: 2023/01/21 19:56:28 [notice] 3842#3842: worker process 3853 exited with code 0
webserver # [ 276.502136] nginx[3842]: 2023/01/21 19:56:28 [notice] 3842#3842: signal 29 (SIGIO) received
webserver: must succeed: /tmp/specialisation/nginx-change-acme-conf/bin/switch-to-configuration test
webserver # [ 277.370670] nixos[3917]: switching to system configuration /nix/store/mdh8cv5xg8k7bqqk2sgxcvlyn4wbaw5b-nixos-system-webserver-23.05pre-git
webserver # [ 277.394530] systemd[1]: Stopped target Local File Systems.
webserver # [ 277.398622] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 277.401496] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 277.624538] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 277.632074] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 277.635988] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (78)
webserver # [ 277.636741] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 277.637405] nscd[901]: 901 monitoring file `/etc/group` (81)
webserver # [ 277.638095] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 277.641167] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 277.642818] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 277.645591] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (78)
webserver # [ 277.649981] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 277.650653] nscd[901]: 901 monitoring file `/etc/passwd` (82)
webserver # [ 277.653070] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 277.769274] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 277.776692] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 277.778372] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 277.779378] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 277.781361] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 277.784114] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 277.786160] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 277.789383] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 278.163088] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # [ 278.782836] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 278.785159] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 278.794334] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 278.819095] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 278.822501] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 278.825083] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem).
webserver # [ 278.866286] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 278.868254] systemd[1]: Reached target Remote File Systems.
webserver # [ 278.875473] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 278.877045] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 278.879307] systemd[1]: Reached target Local File Systems.
webserver # [ 278.896418] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 278.897310] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 278.899652] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 278.905176] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 278.910143] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 278.915818] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem).
webserver # [ 278.928171] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem).
webserver # [ 278.935232] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test...
webserver # [ 278.975528] acme-example.test-start[4062]: + set -euo pipefail
webserver # [ 278.976807] acme-example.test-start[4062]: + echo f296e6482529fca9f20a
webserver # [ 278.977607] acme-example.test-start[4062]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 278.983028] acme-example.test-start[4066]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 278.991277] acme-example.test-start[4062]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 278.993520] acme-example.test-start[4062]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 279.042048] acme-nginx-http.example.test-start[4064]: + set -euo pipefail
webserver # [ 279.042997] acme-nginx-http.example.test-start[4072]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 279.049165] acme-nginx-http.example.test-start[4072]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 279.055749] acme-nginx-http.example.test-start[4064]: + echo 197b6592b1395f3f8747
webserver # [ 279.056607] acme-nginx-http.example.test-start[4064]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 279.060124] acme-nginx-http.example.test-start[4064]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec384 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run
acme # [ 279.256783] pebble[661]: Pebble 2023/01/21 19:56:30 GET /dir -> calling handler()
webserver # [ 279.159807] acme-example.test-start[4067]: 2023/01/21 19:56:30 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 279.167090] acme-example.test-start[4062]: + mv domainhash.txt certificates/
webserver # [ 279.173832] acme-example.test-start[4062]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 279.186800] acme-example.test-start[4062]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 279.190767] acme-example.test-start[4062]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 279.223958] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 279.224935] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 279.225782] systemd[1]: acme-example.test.service: Consumed 159ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic.
webserver # [ 279.237280] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test...
acme # [ 279.362198] pebble[661]: Pebble 2023/01/21 19:56:30 GET /dir -> calling handler()
webserver # [ 279.262621] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 279.366940] pebble[661]: Pebble 2023/01/21 19:56:30 HEAD /nonce-plz -> calling handler()
acme # [ 279.373820] pebble[661]: Pebble 2023/01/21 19:56:30 POST /order-plz -> calling handler()
acme # [ 279.380779] pebble[661]: Pebble 2023/01/21 19:56:30 There are now 18 authorizations in the db
acme # [ 279.385198] pebble[661]: Pebble 2023/01/21 19:56:30 There are now 19 authorizations in the db
acme # [ 279.389025] pebble[661]: Pebble 2023/01/21 19:56:30 Added order "IcGHQQhZ4S2x6sOo3T4cVn06IFxlwZB-V2rL0MOYPeg" to the db
acme # [ 279.393854] pebble[661]: Pebble 2023/01/21 19:56:30 There are now 18 orders in the db
webserver # [ 279.316360] acme-nginx-dns.example.test-start[4087]: + set -euo pipefail
webserver # [ 279.317453] acme-nginx-dns.example.test-start[4087]: + echo 59d0420c322ea19728a7
webserver # [ 279.318610] acme-nginx-dns.example.test-start[4087]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 279.323447] acme-nginx-dns.example.test-start[4089]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 279.335827] acme-nginx-dns.example.test-start[4087]: + '[' -e certificates/nginx-dns.example.test.key -a -e certificates/nginx-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 279.338567] acme-nginx-dns.example.test-start[4087]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test renew --no-random-sleep --days 30
acme # [ 279.447880] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler()
acme # [ 279.500883] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler()
webserver # [ 279.406097] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/jgtPZXsQmimot6G9BI6gO0IDp0qwLYragE8Eowiz_Wc
webserver # [ 279.407445] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/-KxNQns8EIjMbOgspl_Z70tqt8EQuEjTdqo7dFvcsnI
acme # [ 279.512093] pebble[661]: Pebble 2023/01/21 19:56:31 POST /chalZ/ -> calling handler()
webserver # [ 279.410178] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 279.412578] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] acme: use http-01 solver
acme # [ 279.517693] pebble[661]: Pebble 2023/01/21 19:56:31 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc0001b9ea0), Account:(*core.Account)(0xc0004494a0)}
acme # [ 279.520275] pebble[661]: Pebble 2023/01/21 19:56:31 Starting 3 validations.
acme # [ 279.521142] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/W74usfuMaBcKT_U363dyAV6BEohOjFMjh5stAPHoDvw
webserver # [ 279.414079] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 279.525668] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler()
webserver # [ 279.424182] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test] acme: use http-01 solver
webserver # [ 279.426064] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] acme: Trying to solve HTTP-01
acme # [ 279.527296] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/W74usfuMaBcKT_U363dyAV6BEohOjFMjh5stAPHoDvw
acme # [ 279.531961] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/W74usfuMaBcKT_U363dyAV6BEohOjFMjh5stAPHoDvw
webserver # [ 279.427462] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/authZ/jgtPZXsQmimot6G9BI6gO0IDp0qwLYragE8Eowiz_Wc :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: nDVqPc7GooqpAgqgE0zp2g
acme # [ 279.537981] pebble[661]: Pebble 2023/01/21 19:56:31 GET /dir -> calling handler()
webserver # [ 279.438358] acme-nginx-dns.example.test-start[4090]: 2023/01/21 19:56:30 [nginx-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
acme # [ 279.540484] pebble[661]: Pebble 2023/01/21 19:56:31 authz jgtPZXsQmimot6G9BI6gO0IDp0qwLYragE8Eowiz_Wc set VALID by completed challenge VdLKfb75475F74QTF5yQ3_Rs--R4DkXYDKMNNPmWpNs
webserver # [ 279.443062] acme-nginx-dns.example.test-start[4087]: + mv domainhash.txt certificates/
webserver # [ 279.449183] acme-nginx-dns.example.test-start[4087]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key
webserver # [ 279.456841] acme-nginx-dns.example.test-start[4087]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem
webserver # [ 279.460744] acme-nginx-dns.example.test-start[4087]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 279.486422] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully.
webserver # [ 279.487417] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test.
webserver # [ 279.490046] systemd[1]: acme-nginx-dns.example.test.service: Consumed 143ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic.
acme # [ 279.715179] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler()
webserver # [ 279.619602] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:31 [INFO] [nginx-http-alias.example.test] The server validated our request
acme # [ 279.723745] pebble[661]: Pebble 2023/01/21 19:56:31 POST /chalZ/ -> calling handler()
webserver # [ 279.621835] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:31 [INFO] [nginx-http.example.test] acme: Trying to solve HTTP-01
acme # [ 279.728647] pebble[661]: Pebble 2023/01/21 19:56:31 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http.example.test"}, Challenge:(*core.Challenge)(0xc000246140), Account:(*core.Account)(0xc0004494a0)}
acme # [ 279.732760] pebble[661]: Pebble 2023/01/21 19:56:31 Starting 3 validations.
acme # [ 279.735577] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/5F7DQc8z7vIYyU0xFWSURxmdr-KQQT5HrmrgkZh-2PI
acme # [ 279.738769] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler()
acme # [ 279.740727] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/5F7DQc8z7vIYyU0xFWSURxmdr-KQQT5HrmrgkZh-2PI
acme # [ 279.745891] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/5F7DQc8z7vIYyU0xFWSURxmdr-KQQT5HrmrgkZh-2PI
acme # [ 279.752354] pebble[661]: Pebble 2023/01/21 19:56:31 authz -KxNQns8EIjMbOgspl_Z70tqt8EQuEjTdqo7dFvcsnI set VALID by completed challenge sW5G8bUYd9SbPAjUrOrci5HRnpxtoYQrzIHLLDOm0EI
acme # [ 285.709889] pebble[661]: Pebble 2023/01/21 19:56:37 POST /authZ/ -> calling handler()
webserver # [ 285.614744] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] [nginx-http.example.test] The server validated our request
webserver # [ 285.616189] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates
acme # [ 285.723905] pebble[661]: Pebble 2023/01/21 19:56:37 POST /finalize-order/ -> calling handler()
acme # [ 285.732716] pebble[661]: Pebble 2023/01/21 19:56:37 Order IcGHQQhZ4S2x6sOo3T4cVn06IFxlwZB-V2rL0MOYPeg is fully authorized. Processing finalization
webserver # [ 285.641842] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 285.748468] pebble[661]: Pebble 2023/01/21 19:56:37 Issued certificate serial 04aeef5879153560 for order IcGHQQhZ4S2x6sOo3T4cVn06IFxlwZB-V2rL0MOYPeg
acme # [ 285.761131] pebble[661]: Pebble 2023/01/21 19:56:37 POST /my-order/ -> calling handler()
acme # [ 285.769734] pebble[661]: Pebble 2023/01/21 19:56:37 POST /certZ/ -> calling handler()
webserver # [ 285.673387] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] [nginx-http.example.test] Server responded with a certificate.
webserver # [ 285.684456] acme-nginx-http.example.test-start[4064]: + mv domainhash.txt certificates/
webserver # [ 285.694305] acme-nginx-http.example.test-start[4064]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key
webserver # [ 285.714714] acme-nginx-http.example.test-start[4064]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 285.722573] acme-nginx-http.example.test-start[4064]: + touch out/renewed
webserver # [ 285.731705] acme-nginx-http.example.test-start[4064]: + echo Installing new certificate
webserver # [ 285.736083] acme-nginx-http.example.test-start[4064]: Installing new certificate
webserver # [ 285.740770] acme-nginx-http.example.test-start[4064]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem
webserver # [ 285.748657] acme-nginx-http.example.test-start[4106]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 285.755139] acme-nginx-http.example.test-start[4064]: + cp -vp certificates/nginx-http.example.test.key out/key.pem
webserver # [ 285.762453] acme-nginx-http.example.test-start[4107]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem'
webserver # [ 285.768855] acme-nginx-http.example.test-start[4064]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem
webserver # [ 285.776421] acme-nginx-http.example.test-start[4108]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 285.791137] acme-nginx-http.example.test-start[4064]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 285.803433] acme-nginx-http.example.test-start[4064]: + cat out/key.pem out/fullchain.pem
webserver # [ 285.813702] acme-nginx-http.example.test-start[4064]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 285.870376] 422nn8sf83rd54wkkfnxjs3vr7fz6g7k-acme-postrun[4115]: uid=0(root) gid=0(root) groups=0(root),60(nginx)
webserver # [ 285.886256] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully.
webserver # [ 285.896730] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test.
webserver # [ 285.902794] systemd[1]: acme-nginx-http.example.test.service: Consumed 224ms CPU time, received 14.8K IP traffic, sent 10.7K IP traffic.
webserver # [ 285.913325] systemd[1]: Starting nginx-config-reload.service...
webserver # [ 285.961325] systemd[1]: Reloading Nginx Web Server...
webserver # [ 286.073050] nginx[4120]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok
webserver # [ 286.079422] nginx[4120]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful
webserver # [ 286.143340] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: signal 1 (SIGHUP) received from 4121, reconfiguring
webserver # [ 286.164423] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: reconfiguring
webserver # [ 286.181743] systemd[1]: Reloaded Nginx Web Server.
webserver # [ 286.190759] systemd[1]: nginx-config-reload.service: Deactivated successfully.
webserver # [ 286.203764] systemd[1]: Finished nginx-config-reload.service.
webserver # [ 286.237457] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: using the "epoll" event method
webserver # [ 286.242440] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: start worker processes
webserver # [ 286.250499] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: start worker process 4123
webserver # [ 286.276672] nixos[3917]: finished switching to system configuration /nix/store/mdh8cv5xg8k7bqqk2sgxcvlyn4wbaw5b-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/nginx-change-acme-conf/bin/switch-to-configuration test, in 9.77 seconds)
webserver: waiting for unit acme-finished-nginx-http.example.test.target
webserver # [ 286.339229] nginx[3904]: 2023/01/21 19:56:37 [notice] 3904#3904: gracefully shutting down
webserver # [ 286.348150] nginx[3904]: 2023/01/21 19:56:37 [notice] 3904#3904: exiting
webserver # [ 286.357844] nginx[3904]: 2023/01/21 19:56:37 [notice] 3904#3904: exit
webserver # [ 286.360442] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: signal 17 (SIGCHLD) received from 3904
webserver # [ 286.362356] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: worker process 3904 exited with code 0
webserver # [ 286.364072] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: signal 29 (SIGIO) received
(finished: waiting for unit acme-finished-nginx-http.example.test.target, in 0.10 seconds)
webserver: waiting for unit nginx.service
(finished: waiting for unit nginx.service, in 0.08 seconds)
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key
client # depth=2 CN = Pebble Root CA 07ebd3
client # verify return:1
client # depth=1 CN = Pebble Intermediate CA 4d6099
client # verify return:1
client # depth=0 CN = nginx-http.example.test
client # verify return:1
client # DONE
webserver # [ 286.576068] nginx[4123]: 2023/01/21 19:56:38 [info] 4123#4123: *7 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key, in 0.17 seconds)
Key type: Public-Key: (384 bit)
(finished: subtest: security.acme changes reflect on web server, in 13.98 seconds)
subtest: Works with httpd
webserver: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test
webserver # [ 287.697419] nixos[4140]: switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: acme-finished-nginx-dns.example.test.target, acme-finished-nginx-http.example.test.target, acme-fixperms.service, acme-nginx-dns.example.test.timer, acme-nginx-http.example.test.timer, logrotate-checkconf.service, nginx.service, test-renew-nginx.target
webserver # [ 287.738058] systemd[1]: Stopped target acme-finished-nginx-dns.example.test.target.
webserver # [ 287.743523] systemd[1]: Stopped target acme-finished-nginx-http.example.test.target.
webserver # [ 287.748949] systemd[1]: acme-fixperms.service: Deactivated successfully.
webserver # [ 287.753103] systemd[1]: Stopped Fix owner and group of all ACME certificates.
webserver # [ 287.760347] systemd[1]: acme-nginx-dns.example.test.timer: Deactivated successfully.
webserver # [ 287.765820] systemd[1]: Stopped Renew ACME Certificate for nginx-dns.example.test.
webserver # [ 287.774389] systemd[1]: acme-nginx-http.example.test.timer: Deactivated successfully.
webserver # [ 287.782072] systemd[1]: Stopped Renew ACME Certificate for nginx-http.example.test.
webserver # [ 287.782873] systemd[1]: Stopped target Local File Systems.
webserver # [ 287.803081] systemd[1]: logrotate-checkconf.service: Deactivated successfully.
webserver # [ 287.810627] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 287.815472] systemd[1]: Stopped Logrotate configuration check.
webserver # [ 287.820464] nginx[4123]: 2023/01/21 19:56:39 [notice] 4123#4123: signal 15 (SIGTERM) received from 1, exiting
webserver # [ 287.822248] nginx[4123]: 2023/01/21 19:56:39 [notice] 4123#4123: exiting
webserver # [ 287.825352] nginx[4123]: 2023/01/21 19:56:39 [notice] 4123#4123: exit
webserver # [ 287.830172] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 287.841705] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: signal 17 (SIGCHLD) received from 4123
webserver # [ 287.848745] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: worker process 4123 exited with code 0
webserver # [ 287.858565] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: exit
webserver # [ 287.861777] systemd[1]: Stopping Nginx Web Server...
webserver # [ 287.864522] systemd[1]: Stopped target Remote File Systems.
webserver # [ 287.868583] systemd[1]: Stopped target test-renew-nginx.target.
webserver # [ 287.871613] systemd[1]: nginx.service: Deactivated successfully.
webserver # [ 287.874717] systemd[1]: Stopped Nginx Web Server.
webserver # [ 287.877126] systemd[1]: nginx.service: Consumed 481ms CPU time, no IO, received 3.7K IP traffic, sent 6.4K IP traffic.
webserver # activating the configuration...
webserver # removing group ‘nginx’
webserver # [ 288.148474] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 288.161226] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # removing user ‘nginx’
webserver # [ 288.168073] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (84)
webserver # [ 288.178824] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 288.187971] nscd[901]: 901 monitoring file `/etc/group` (87)
webserver # [ 288.193443] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 288.196785] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 288.202764] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 288.208644] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (84)
webserver # [ 288.213223] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 288.218657] nscd[901]: 901 monitoring file `/etc/passwd` (88)
webserver # [ 288.222834] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 288.387293] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 288.402095] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 288.412058] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 288.418834] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 288.426787] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 288.432171] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 288.438966] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 288.443491] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 289.024996] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # reloading the following units: dbus.service
webserver # [ 289.728320] systemd[1]: Reloading D-Bus System Message Bus...
webserver # [ 289.743623] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file
webserver # [ 289.772276] dbus-daemon[698]: [system] Reloaded configuration
webserver # [ 289.774249] dbus-send[4290]: method return time=1674331001.331981 sender=org.freedesktop.DBus -> destination=:1.51 serial=3 reply_serial=2
webserver # [ 289.780117] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file
webserver # [ 289.800859] dbus-daemon[698]: [system] Reloaded configuration
webserver # [ 289.804412] systemd[1]: Reloaded D-Bus System Message Bus.
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service
webserver # [ 289.842106] systemd[1]: Starting Fix owner and group of all ACME certificates...
webserver # [ 289.843236] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 289.866169] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 289.916537] systemd[1]: Finished Fix owner and group of all ACME certificates.
webserver # [ 289.920342] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 289.922691] systemd[1]: Reached target Remote File Systems.
webserver # [ 289.927239] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 289.928494] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 289.931031] systemd[1]: Reached target Local File Systems.
webserver # [ 289.948105] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 289.949481] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 289.952236] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 289.955284] systemd[1]: Started Renew ACME Certificate for httpd-dns.example.test.
webserver # [ 289.957427] systemd[1]: Started Renew ACME Certificate for httpd-http.example.test.
webserver # [ 289.959261] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 289.963409] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 289.967838] systemd[1]: Starting Generate self-signed certificate for httpd-dns.example.test...
webserver # [ 289.972813] systemd[1]: Starting Generate self-signed certificate for httpd-http.example.test...
webserver # [ 289.976096] systemd[1]: Starting Logrotate configuration check...
webserver # [ 289.988878] logrotate[4302]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
webserver # [ 289.992190] logrotate[4302]: reading config file /nix/store/iqb68zysi2r5kq82241wrwvb84z6akj1-logrotate.conf
webserver # [ 290.003257] logrotate[4302]: note: 'monthly' overrides previously specified 'weekly'
webserver # [ 290.007755] logrotate[4302]: Reading state from file: /var/lib/logrotate.status
webserver # [ 290.011114] logrotate[4302]: state file /var/lib/logrotate.status does not exist
webserver # [ 290.011841] logrotate[4302]: Allocating hash table for state file, size 64 entries
webserver # [ 290.015127] logrotate[4302]: Handling 3 logs
webserver # [ 290.015621] logrotate[4302]: rotating pattern: "/var/log/btmp" monthly (1 rotations)
webserver # [ 290.019081] logrotate[4302]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 290.023079] logrotate[4302]: considering log /var/log/btmp
webserver # [ 290.023722] logrotate[4302]: Creating new state
webserver # [ 290.027065] logrotate[4302]: Now: 2023-01-21 19:56
webserver # [ 290.027643] logrotate[4302]: Last rotated at 2023-01-21 19:00
webserver # [ 290.031111] logrotate[4302]: log does not need rotating (log has already been rotated)
webserver # [ 290.034100] logrotate[4302]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)
webserver # [ 290.036998] logrotate[4302]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed
webserver # [ 290.041078] logrotate[4302]: considering log /var/log/wtmp
webserver # [ 290.041686] logrotate[4302]: Creating new state
webserver # [ 290.044053] logrotate[4302]: Now: 2023-01-21 19:56
webserver # [ 290.044607] logrotate[4302]: Last rotated at 2023-01-21 19:00
webserver # [ 290.048093] logrotate[4302]: log does not need rotating (log has already been rotated)
webserver # [ 290.051020] logrotate[4302]: rotating pattern: "/var/log/httpd/*.log" after 1 days (28 rotations)
webserver # [ 290.054018] logrotate[4302]: empty log files are not rotated, old logs are removed
webserver # [ 290.054800] logrotate[4302]: switching euid from 0 to 54 and egid from 0 to 54 (pid 4302)
webserver # [ 290.060110] logrotate[4302]: considering log /var/log/httpd/*.log
webserver # [ 290.060766] logrotate[4302]: log /var/log/httpd/*.log does not exist -- skipping
webserver # [ 290.064067] logrotate[4302]: Creating new state
webserver # [ 290.064548] logrotate[4302]: not running postrotate script, since no logs were rotated
webserver # [ 290.068064] logrotate[4302]: switching euid from 54 to 0 and egid from 54 to 0 (pid 4302)
webserver # [ 290.071119] systemd[1]: Finished Logrotate configuration check.
webserver # [ 290.471817] systemd[1]: acme-selfsigned-httpd-dns.example.test.service: Deactivated successfully.
webserver # [ 290.475361] systemd[1]: Finished Generate self-signed certificate for httpd-dns.example.test.
webserver # [ 290.504539] systemd[1]: acme-selfsigned-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 290.505851] systemd[1]: Finished Generate self-signed certificate for httpd-http.example.test.
webserver # [ 290.513535] systemd[1]: Starting Apache HTTPD...
webserver # [ 290.750415] systemd[1]: httpd.service: Can't open PID file /run/httpd/httpd.pid (yet?) after start: Operation not permitted
webserver # [ 290.762106] systemd[1]: Started Apache HTTPD.
webserver # [ 290.766936] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 290.829338] acme-example.test-start[4396]: + set -euo pipefail
webserver # [ 290.830290] acme-example.test-start[4396]: + echo f296e6482529fca9f20a
webserver # [ 290.831288] acme-example.test-start[4396]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 290.835721] acme-example.test-start[4496]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 290.843200] acme-example.test-start[4396]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 290.845172] acme-example.test-start[4396]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
acme # [ 291.025937] pebble[661]: Pebble 2023/01/21 19:56:42 GET /dir -> calling handler()
webserver # [ 290.928253] acme-example.test-start[4497]: 2023/01/21 19:56:42 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 290.933063] acme-example.test-start[4396]: + mv domainhash.txt certificates/
webserver # [ 290.939666] acme-example.test-start[4396]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 290.947914] acme-example.test-start[4396]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 290.952303] acme-example.test-start[4396]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 290.981637] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 290.982584] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 290.984114] systemd[1]: acme-example.test.service: Consumed 142ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 290.989752] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test...
webserver # [ 290.994734] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test...
webserver # [ 291.100495] acme-httpd-dns.example.test-start[4509]: + set -euo pipefail
webserver # [ 291.101581] acme-httpd-dns.example.test-start[4509]: + echo 0a349e39464efbfff571
webserver # [ 291.102973] acme-httpd-dns.example.test-start[4509]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 291.105814] acme-httpd-http.example.test-start[4510]: + set -euo pipefail
webserver # [ 291.106748] acme-httpd-http.example.test-start[4512]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 291.109767] acme-httpd-dns.example.test-start[4509]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test run
webserver # [ 291.117725] acme-httpd-http.example.test-start[4512]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 291.125019] acme-httpd-http.example.test-start[4510]: + echo c63f2de46052d3f916bc
webserver # [ 291.125712] acme-httpd-http.example.test-start[4510]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 291.129425] acme-httpd-http.example.test-start[4510]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run
acme # [ 291.358514] pebble[661]: Pebble 2023/01/21 19:56:42 GET /dir -> calling handler()
webserver # [ 291.263937] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test, httpd-dns-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 291.369758] pebble[661]: Pebble 2023/01/21 19:56:42 HEAD /nonce-plz -> calling handler()
acme # [ 291.374653] pebble[661]: Pebble 2023/01/21 19:56:42 POST /order-plz -> calling handler()
webserver # [ 291.277640] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 291.379084] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 20 authorizations in the db
acme # [ 291.384483] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 21 authorizations in the db
acme # [ 291.388112] pebble[661]: Pebble 2023/01/21 19:56:42 Added order "4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI" to the db
acme # [ 291.392781] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 19 orders in the db
acme # [ 291.396142] pebble[661]: Pebble 2023/01/21 19:56:42 GET /dir -> calling handler()
acme # [ 291.399269] pebble[661]: Pebble 2023/01/21 19:56:42 HEAD /nonce-plz -> calling handler()
acme # [ 291.402628] pebble[661]: Pebble 2023/01/21 19:56:42 POST /order-plz -> calling handler()
acme # [ 291.406005] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 22 authorizations in the db
acme # [ 291.409535] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 23 authorizations in the db
acme # [ 291.413021] pebble[661]: Pebble 2023/01/21 19:56:42 Added order "wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A" to the db
acme # [ 291.417652] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 20 orders in the db
acme # [ 291.432800] pebble[661]: Pebble 2023/01/21 19:56:42 POST /authZ/ -> calling handler()
acme # [ 291.442048] pebble[661]: Pebble 2023/01/21 19:56:42 POST /authZ/ -> calling handler()
webserver # [ 291.387562] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] AuthURL: https://acme.test/authZ/f0Uf_c_u5a94s2vN7GDyWbY9uBd2H6IWNA-j1SF8e_M
acme # [ 291.488768] pebble[661]: Pebble 2023/01/21 19:56:43 POST /authZ/ -> calling handler()
webserver # [ 291.389771] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] AuthURL: https://acme.test/authZ/7Q4pWRv62-NQ2RipC18Rrl818i3CYKx3wCran4wrMYs
webserver # [ 291.391508] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 291.393377] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: Could not find solver for: http-01
webserver # [ 291.395185] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: use dns-01 solver
webserver # [ 291.397208] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 291.398602] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] acme: Could not find solver for: http-01
webserver # [ 291.399988] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] acme: use dns-01 solver
webserver # [ 291.401793] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: Preparing to solve DNS-01
acme # [ 291.498013] pebble[661]: Pebble 2023/01/21 19:56:43 POST /authZ/ -> calling handler()
webserver # [ 291.403177] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/qktsfNMOFenY55UUzSPAzzfGLaMv75Ntj3NH7eHr4jc
webserver # [ 291.405314] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/kbV9vVnnki-TIMq8i_YIm_pzCt8bGnIhF7SeU3osN64
webserver # [ 291.406846] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 291.506463] pebble[661]: Pebble 2023/01/21 19:56:43 POST /chalZ/ -> calling handler()
webserver # [ 291.408462] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] acme: use http-01 solver
webserver # [ 291.410716] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 291.411859] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver
webserver # [ 291.413064] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01
acme # [ 291.511649] pebble[661]: Pebble 2023/01/21 19:56:43 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc000001b80), Account:(*core.Account)(0xc000217680)}
acme # [ 291.523035] pebble[661]: Pebble 2023/01/21 19:56:43 Starting 3 validations.
acme # [ 291.526732] pebble[661]: Pebble 2023/01/21 19:56:43 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Py5PVyRiSMZH2R7aCvjW9xoNlgbatS_YUq4eWc1SQh4
acme # [ 291.533445] pebble[661]: Pebble 2023/01/21 19:56:43 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Py5PVyRiSMZH2R7aCvjW9xoNlgbatS_YUq4eWc1SQh4
acme # [ 291.540148] pebble[661]: Pebble 2023/01/21 19:56:43 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Py5PVyRiSMZH2R7aCvjW9xoNlgbatS_YUq4eWc1SQh4
acme # [ 291.546833] pebble[661]: Pebble 2023/01/21 19:56:43 POST /authZ/ -> calling handler()
acme # [ 291.550311] pebble[661]: Pebble 2023/01/21 19:56:43 authz qktsfNMOFenY55UUzSPAzzfGLaMv75Ntj3NH7eHr4jc set VALID by completed challenge VfSl6FMB7qnPzqtt3ptEcgx5GOWVCEZvwZFpXmPcOYI
acme # [ 296.911907] pebble[661]: Pebble 2023/01/21 19:56:48 POST /authZ/ -> calling handler()
webserver # [ 296.811529] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:48 [INFO] [httpd-http.example.test] The server validated our request
webserver # [ 296.813673] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:48 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01
acme # [ 296.916086] pebble[661]: Pebble 2023/01/21 19:56:48 POST /chalZ/ -> calling handler()
acme # [ 296.920257] pebble[661]: Pebble 2023/01/21 19:56:48 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000000000), Account:(*core.Account)(0xc000217680)}
acme # [ 296.924932] pebble[661]: Pebble 2023/01/21 19:56:48 Starting 3 validations.
acme # [ 296.926871] pebble[661]: Pebble 2023/01/21 19:56:48 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/B4mVoDUieg0xKe4hmBkdwu6iGIDoStZdCTdWB0qrXBY
acme # [ 296.929170] pebble[661]: Pebble 2023/01/21 19:56:48 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/B4mVoDUieg0xKe4hmBkdwu6iGIDoStZdCTdWB0qrXBY
acme # [ 296.931858] pebble[661]: Pebble 2023/01/21 19:56:48 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/B4mVoDUieg0xKe4hmBkdwu6iGIDoStZdCTdWB0qrXBY
acme # [ 296.933636] pebble[661]: Pebble 2023/01/21 19:56:48 POST /authZ/ -> calling handler()
acme # [ 296.934493] pebble[661]: Pebble 2023/01/21 19:56:48 authz kbV9vVnnki-TIMq8i_YIm_pzCt8bGnIhF7SeU3osN64 set VALID by completed challenge vKE_4mVCclTpBLURrcOL8DJCRq2mRr2dPIk-Q1xcMz4
dnsserver # [ 301.466820] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:56:53 Added DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns.example.test." - Value "WUjxuFLvv-Rd6S-u-tzIdfSJWV4VwzDsC6GPysWN3tE"
webserver # [ 301.429536] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:52 [INFO] [_acme-challenge.httpd-dns.example.test.] dns-hook.sh present _acme-challenge.httpd-dns.example.test. WUjxuFLvv-Rd6S-u-tzIdfSJWV4VwzDsC6GPysWN3tE
webserver # [ 301.431493] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 301.433621] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed
webserver # [ 301.435381] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 107 0 0 100 107 0 17092 --:--:-- --:--:-- --:--:-- 17833
webserver # [ 301.437226] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:52 [INFO] [httpd-dns.example.test] acme: Trying to solve DNS-01
acme # [ 302.955366] pebble[661]: Pebble 2023/01/21 19:56:54 POST /authZ/ -> calling handler()
webserver # [ 302.855036] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] [httpd-http-alias.example.test] The server validated our request
acme # [ 302.957915] pebble[661]: Pebble 2023/01/21 19:56:54 POST /finalize-order/ -> calling handler()
webserver # [ 302.856814] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 302.858399] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/finalize-order/wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: 4cybYm-AQky4CRcGxYLluw
webserver # [ 303.120512] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 303.223529] pebble[661]: Pebble 2023/01/21 19:56:54 POST /finalize-order/ -> calling handler()
acme # [ 303.230090] pebble[661]: Pebble 2023/01/21 19:56:54 Order wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A is fully authorized. Processing finalization
acme # [ 303.236723] pebble[661]: Pebble 2023/01/21 19:56:54 Issued certificate serial 37667859f94a2884 for order wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A
acme # [ 303.243047] pebble[661]: Pebble 2023/01/21 19:56:54 POST /my-order/ -> calling handler()
webserver # [ 303.143968] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] [httpd-http.example.test] Server responded with a certificate.
acme # [ 303.246138] pebble[661]: Pebble 2023/01/21 19:56:54 POST /certZ/ -> calling handler()
webserver # [ 303.146979] acme-httpd-http.example.test-start[4510]: + mv domainhash.txt certificates/
webserver # [ 303.152964] acme-httpd-http.example.test-start[4510]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key
webserver # [ 303.167619] acme-httpd-http.example.test-start[4510]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 303.174578] acme-httpd-http.example.test-start[4510]: + touch out/renewed
webserver # [ 303.182624] acme-httpd-http.example.test-start[4510]: + echo Installing new certificate
webserver # [ 303.186239] acme-httpd-http.example.test-start[4510]: Installing new certificate
webserver # [ 303.189836] acme-httpd-http.example.test-start[4510]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 303.198335] acme-httpd-http.example.test-start[4531]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 303.203690] acme-httpd-http.example.test-start[4510]: + cp -vp certificates/httpd-http.example.test.key out/key.pem
webserver # [ 303.212043] acme-httpd-http.example.test-start[4532]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem'
webserver # [ 303.217151] acme-httpd-http.example.test-start[4510]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem
webserver # [ 303.225372] acme-httpd-http.example.test-start[4533]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 303.231042] acme-httpd-http.example.test-start[4510]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 303.238279] acme-httpd-http.example.test-start[4510]: + cat out/key.pem out/fullchain.pem
webserver # [ 303.247702] acme-httpd-http.example.test-start[4510]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 303.288067] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 303.292132] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test.
webserver # [ 303.295870] systemd[1]: acme-httpd-http.example.test.service: Consumed 176ms CPU time, received 16.0K IP traffic, sent 11.4K IP traffic.
webserver # [ 311.436452] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:02 [INFO] [httpd-dns.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53]
webserver # [ 312.439332] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:03 [INFO] Wait for propagation [timeout: 1s, interval: 1s]
acme # [ 312.547078] pebble[661]: Pebble 2023/01/21 19:57:04 POST /chalZ/ -> calling handler()
acme # [ 312.552430] pebble[661]: Pebble 2023/01/21 19:57:04 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-dns.example.test"}, Challenge:(*core.Challenge)(0xc000247b80), Account:(*core.Account)(0xc000217680)}
acme # [ 312.556750] pebble[661]: Pebble 2023/01/21 19:57:04 Starting 3 validations.
acme # [ 312.557550] pebble[661]: Pebble 2023/01/21 19:57:04 POST /authZ/ -> calling handler()
acme # [ 312.560652] pebble[661]: Pebble 2023/01/21 19:57:04 authz f0Uf_c_u5a94s2vN7GDyWbY9uBd2H6IWNA-j1SF8e_M set VALID by completed challenge emcgvgpcwcKKRXfC0-G2jXBtkQhdt2ZcqHEkQhQlPIs
acme # [ 317.476491] pebble[661]: Pebble 2023/01/21 19:57:09 POST /authZ/ -> calling handler()
webserver # [ 317.375812] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:08 [INFO] [httpd-dns.example.test] The server validated our request
webserver # [ 317.377363] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:08 [INFO] [httpd-dns.example.test] acme: Cleaning DNS-01 challenge
dnsserver # [ 327.452763] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:57:19 Removed DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns.example.test."
webserver # [ 327.415348] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:18 [INFO] [_acme-challenge.httpd-dns.example.test.] dns-hook.sh cleanup _acme-challenge.httpd-dns.example.test. WUjxuFLvv-Rd6S-u-tzIdfSJWV4VwzDsC6GPysWN3tE
webserver # [ 327.423807] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 327.429102] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed
webserver # [ 327.434228] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 51 0 0 100 51 0 7729 --:--:-- --:--:-- --:--:-- 8500
webserver # [ 327.441824] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:18 [INFO] sequence: wait for 1s
webserver # [ 328.424527] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:19 [INFO] [httpd-dns-alias.example.test] acme: Preparing to solve DNS-01
webserver # [ 338.460607] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:30 [INFO] [_acme-challenge.httpd-dns-alias.example.test.] dns-hook.sh present _acme-challenge.httpd-dns-alias.example.test. SksjvuhQ8H2QxTjHmKWzhgMbgYX29vfOXa16GLyO2ag
webserver # [ 338.462211] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current
dnsserver # [ 338.499354] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:57:30 Added DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns-alias.example.test." - Value "SksjvuhQ8H2QxTjHmKWzhgMbgYX29vfOXa16GLyO2ag"
webserver # [ 338.463544] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed
webserver # [ 338.465065] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 113 0 0 100 113 0 18436 --:--:-- --:--:-- --:--:-- 18833
webserver # [ 338.467322] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:30 [INFO] [httpd-dns-alias.example.test] acme: Trying to solve DNS-01
webserver # [ 348.467696] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:40 [INFO] [httpd-dns-alias.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53]
webserver # [ 349.468586] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:41 [INFO] Wait for propagation [timeout: 1s, interval: 1s]
acme # [ 349.576856] pebble[661]: Pebble 2023/01/21 19:57:41 POST /chalZ/ -> calling handler()
acme # [ 349.583404] pebble[661]: Pebble 2023/01/21 19:57:41 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-dns-alias.example.test"}, Challenge:(*core.Challenge)(0xc0002479a0), Account:(*core.Account)(0xc000217680)}
acme # [ 349.592422] pebble[661]: Pebble 2023/01/21 19:57:41 Starting 3 validations.
acme # [ 349.595727] pebble[661]: Pebble 2023/01/21 19:57:41 POST /authZ/ -> calling handler()
acme # [ 349.599293] pebble[661]: Pebble 2023/01/21 19:57:41 authz 7Q4pWRv62-NQ2RipC18Rrl818i3CYKx3wCran4wrMYs set VALID by completed challenge Ho3dO65kaEi4eUZA6TqFz0dBAoezEriFbZcQc0PCdD0
acme # [ 355.863913] pebble[661]: Pebble 2023/01/21 19:57:47 POST /authZ/ -> calling handler()
webserver # [ 355.763045] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:47 [INFO] [httpd-dns-alias.example.test] The server validated our request
webserver # [ 355.767100] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:47 [INFO] [httpd-dns-alias.example.test] acme: Cleaning DNS-01 challenge
dnsserver # [ 365.839672] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:57:57 Removed DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns-alias.example.test."
webserver # [ 365.803543] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] [_acme-challenge.httpd-dns-alias.example.test.] dns-hook.sh cleanup _acme-challenge.httpd-dns-alias.example.test. SksjvuhQ8H2QxTjHmKWzhgMbgYX29vfOXa16GLyO2ag
webserver # [ 365.808754] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current
webserver # [ 365.810043] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed
acme # [ 365.911730] pebble[661]: Pebble 2023/01/21 19:57:57 POST /finalize-order/ -> calling handler()
webserver # [ 365.811203] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 57 0 0 100 57 0 8172 --:--:-- --:--:-- --:--:-- 9500
acme # [ 365.913488] pebble[661]: Pebble 2023/01/21 19:57:57 Order 4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI is fully authorized. Processing finalization
webserver # [ 365.814211] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] [httpd-dns.example.test, httpd-dns-alias.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 365.816426] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 365.918660] pebble[661]: Pebble 2023/01/21 19:57:57 Issued certificate serial 4ce3f5ccd7662676 for order 4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI
acme # [ 365.920460] pebble[661]: Pebble 2023/01/21 19:57:57 POST /my-order/ -> calling handler()
webserver # [ 365.821344] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/my-order/4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: s28yLgRNOsGGIUGjDlDarg
acme # [ 366.076544] pebble[661]: Pebble 2023/01/21 19:57:57 POST /my-order/ -> calling handler()
acme # [ 366.079365] pebble[661]: Pebble 2023/01/21 19:57:57 POST /certZ/ -> calling handler()
webserver # [ 365.980978] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] [httpd-dns.example.test] Server responded with a certificate.
webserver # [ 365.985995] acme-httpd-dns.example.test-start[4509]: + mv domainhash.txt certificates/
webserver # [ 365.994298] acme-httpd-dns.example.test-start[4509]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key
webserver # [ 366.003055] acme-httpd-dns.example.test-start[4509]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem
webserver # [ 366.007316] acme-httpd-dns.example.test-start[4509]: + touch out/renewed
webserver # [ 366.013281] acme-httpd-dns.example.test-start[4509]: + echo Installing new certificate
webserver # [ 366.014319] acme-httpd-dns.example.test-start[4509]: Installing new certificate
webserver # [ 366.015215] acme-httpd-dns.example.test-start[4509]: + cp -vp certificates/httpd-dns.example.test.crt out/fullchain.pem
webserver # [ 366.021424] acme-httpd-dns.example.test-start[4552]: 'certificates/httpd-dns.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 366.023801] acme-httpd-dns.example.test-start[4509]: + cp -vp certificates/httpd-dns.example.test.key out/key.pem
webserver # [ 366.029087] acme-httpd-dns.example.test-start[4553]: 'certificates/httpd-dns.example.test.key' -> 'out/key.pem'
webserver # [ 366.031858] acme-httpd-dns.example.test-start[4509]: + cp -vp certificates/httpd-dns.example.test.issuer.crt out/chain.pem
webserver # [ 366.039307] acme-httpd-dns.example.test-start[4554]: 'certificates/httpd-dns.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 366.041663] acme-httpd-dns.example.test-start[4509]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 366.049766] acme-httpd-dns.example.test-start[4509]: + cat out/key.pem out/fullchain.pem
webserver # [ 366.057780] acme-httpd-dns.example.test-start[4509]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 366.093179] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully.
webserver # [ 366.094293] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test.
webserver # [ 366.098657] systemd[1]: acme-httpd-dns.example.test.service: Consumed 268ms CPU time, received 19.0K IP traffic, sent 14.7K IP traffic.
webserver # [ 366.101973] systemd[1]: Starting httpd-config-reload.service...
webserver # [ 366.159633] httpd[4563]: Syntax OK
webserver # [ 366.199194] systemd[1]: Reloading Apache HTTPD...
webserver # [ 366.253132] systemd[1]: Reloaded Apache HTTPD.
webserver # [ 366.258808] systemd[1]: httpd-config-reload.service: Deactivated successfully.
webserver # [ 366.260340] systemd[1]: Finished httpd-config-reload.service.
webserver # [ 366.263563] systemd[1]: Reached target acme-finished-httpd-dns.example.test.target.
webserver # [ 366.265718] systemd[1]: Reached target acme-finished-httpd-http.example.test.target.
webserver # the following new units were started: acme-finished-httpd-dns.example.test.target, acme-finished-httpd-http.example.test.target, acme-httpd-dns.example.test.timer, acme-httpd-http.example.test.timer, httpd.service
webserver # [ 366.353685] nixos[4140]: finished switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test, in 79.68 seconds)
webserver: waiting for unit acme-finished-httpd-http.example.test.target
(finished: waiting for unit acme-finished-httpd-http.example.test.target, in 0.05 seconds)
webserver: waiting for unit acme-finished-httpd-dns.example.test.target
(finished: waiting for unit acme-finished-httpd-dns.example.test.target, in 0.05 seconds)
webserver: waiting for unit httpd.service
(finished: waiting for unit httpd.service, in 0.06 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem, in 0.11 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem, in 0.08 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/cert.pem, in 0.07 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/fullchain.pem, in 0.07 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http-alias.example.test -connect httpd-http-alias.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http-alias.example.test -connect httpd-http-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns.example.test -connect httpd-dns.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns.example.test -connect httpd-dns.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns-alias.example.test -connect httpd-dns-alias.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns-alias.example.test -connect httpd-dns-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard.example.test -connect httpd-wildcard.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard.example.test -connect httpd-wildcard.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard-alias.example.test -connect httpd-wildcard-alias.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard-alias.example.test -connect httpd-wildcard-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
(finished: subtest: Works with httpd, in 80.44 seconds)
subtest: Can reload httpd when timer triggers renewal
webserver: must succeed: systemctl clean acme-httpd-http.example.test.service --what=state
webserver # [ 367.144145] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 367.148540] systemd[1]: acme-httpd-http.example.test.service: Consumed 1ms CPU time, no IO, received 16.0K IP traffic, sent 11.4K IP traffic.
(finished: must succeed: systemctl clean acme-httpd-http.example.test.service --what=state, in 0.07 seconds)
webserver: must succeed: systemctl start acme-selfsigned-httpd-http.example.test.service
webserver # [ 367.195256] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 367.203870] systemd[1]: Starting Generate self-signed certificate for httpd-http.example.test...
webserver # [ 367.584071] systemd[1]: acme-selfsigned-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 367.584920] systemd[1]: Finished Generate self-signed certificate for httpd-http.example.test.
(finished: must succeed: systemctl start acme-selfsigned-httpd-http.example.test.service, in 0.44 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem, in 0.07 seconds)
cert.pem issuer: CN = minica root ca 26429f
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem, in 0.07 seconds)
fullchain.pem issuer: CN = minica root ca 26429f
webserver: must succeed: systemctl start httpd-config-reload.service
webserver # [ 367.769301] systemd[1]: Starting httpd-config-reload.service...
webserver # [ 367.834877] httpd[4783]: Syntax OK
webserver # [ 367.879028] systemd[1]: Reloading Apache HTTPD...
webserver # [ 367.940064] systemd[1]: Reloaded Apache HTTPD.
webserver # [ 367.943818] systemd[1]: httpd-config-reload.service: Deactivated successfully.
webserver # [ 367.945258] systemd[1]: Finished httpd-config-reload.service.
(finished: must succeed: systemctl start httpd-config-reload.service, in 0.22 seconds)
webserver: must succeed: systemctl start test-renew-httpd.target
webserver # [ 368.007433] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 368.009871] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem).
webserver # [ 368.022472] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test...
webserver # [ 368.098305] acme-httpd-http.example.test-start[4792]: + set -euo pipefail
webserver # [ 368.099955] acme-httpd-http.example.test-start[4951]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 368.106095] acme-httpd-http.example.test-start[4951]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 368.112861] acme-httpd-http.example.test-start[4792]: + echo c63f2de46052d3f916bc
webserver # [ 368.114156] acme-httpd-http.example.test-start[4792]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 368.118732] acme-httpd-http.example.test-start[4792]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run
webserver # [ 368.153926] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 No key found for account hostmaster@example.test. Generating a P256 key.
webserver # [ 368.155735] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key
acme # [ 368.307772] pebble[661]: Pebble 2023/01/21 19:57:59 GET /dir -> calling handler()
webserver # [ 368.210417] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] acme: Registering account for hostmaster@example.test
acme # [ 368.314361] pebble[661]: Pebble 2023/01/21 19:57:59 HEAD /nonce-plz -> calling handler()
webserver # [ 368.217710] acme-httpd-http.example.test-start[4954]: !!!! HEADS UP !!!!
webserver # [ 368.218598] acme-httpd-http.example.test-start[4954]: Your account credentials have been saved in your Let's Encrypt
acme # [ 368.319254] pebble[661]: Pebble 2023/01/21 19:57:59 POST /sign-me-up -> calling handler()
webserver # [ 368.219685] acme-httpd-http.example.test-start[4954]: configuration directory at "accounts".
webserver # [ 368.221081] acme-httpd-http.example.test-start[4954]: You should make a secure backup of this folder now. This
webserver # [ 368.222314] acme-httpd-http.example.test-start[4954]: configuration directory will also contain certificates and
webserver # [ 368.223405] acme-httpd-http.example.test-start[4954]: private keys obtained from Let's Encrypt so making regular
webserver # [ 368.224453] acme-httpd-http.example.test-start[4954]: backups of this folder is ideal.
acme # [ 368.322335] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 6 accounts in memory
webserver # [ 368.225312] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 368.328708] pebble[661]: Pebble 2023/01/21 19:57:59 POST /order-plz -> calling handler()
acme # [ 368.333369] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 24 authorizations in the db
acme # [ 368.337267] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 25 authorizations in the db
acme # [ 368.340941] pebble[661]: Pebble 2023/01/21 19:57:59 Added order "_9crOuLok7N7xIj6yuvmYWe_1uq5pPELsyNtd_JZL1s" to the db
acme # [ 368.345657] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 21 orders in the db
acme # [ 368.387011] pebble[661]: Pebble 2023/01/21 19:57:59 POST /authZ/ -> calling handler()
webserver # [ 368.342870] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/wrz4tBgwLacLFy_y-VfbmX3pNOCRdiqGfOHrTegeMc0
webserver # [ 368.344403] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/HoLPIVnDNOqEs6GP6baZuQPvzWMLUfbYdsszZW9Mxd0
acme # [ 368.443775] pebble[661]: Pebble 2023/01/21 19:58:00 POST /authZ/ -> calling handler()
webserver # [ 368.347013] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 368.452449] pebble[661]: Pebble 2023/01/21 19:58:00 POST /chalZ/ -> calling handler()
webserver # [ 368.353222] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver
webserver # [ 368.358945] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 368.456570] pebble[661]: Pebble 2023/01/21 19:58:00 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc0003766e0), Account:(*core.Account)(0xc000434d20)}
acme # [ 368.468030] pebble[661]: Pebble 2023/01/21 19:58:00 Starting 3 validations.
acme # [ 368.468883] pebble[661]: Pebble 2023/01/21 19:58:00 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/TOygOIS-zwclcixX2FdSUVm2v5Q7dADbOy0ot1J73NI
webserver # [ 368.366266] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test] acme: use http-01 solver
acme # [ 368.470552] pebble[661]: Pebble 2023/01/21 19:58:00 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/TOygOIS-zwclcixX2FdSUVm2v5Q7dADbOy0ot1J73NI
webserver # [ 368.370760] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01
acme # [ 368.472360] pebble[661]: Pebble 2023/01/21 19:58:00 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/TOygOIS-zwclcixX2FdSUVm2v5Q7dADbOy0ot1J73NI
acme # [ 368.473998] pebble[661]: Pebble 2023/01/21 19:58:00 POST /authZ/ -> calling handler()
acme # [ 368.474865] pebble[661]: Pebble 2023/01/21 19:58:00 authz wrz4tBgwLacLFy_y-VfbmX3pNOCRdiqGfOHrTegeMc0 set VALID by completed challenge -fcgUBpwoF3L-y0d4OBWqLSnMRGjr11uSk5e4bw23k8
acme # [ 371.907362] pebble[661]: Pebble 2023/01/21 19:58:03 POST /authZ/ -> calling handler()
webserver # [ 371.807029] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:03 [INFO] [httpd-http-alias.example.test] The server validated our request
acme # [ 371.916388] pebble[661]: Pebble 2023/01/21 19:58:03 POST /chalZ/ -> calling handler()
webserver # [ 371.813536] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:03 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01
acme # [ 371.918774] pebble[661]: Pebble 2023/01/21 19:58:03 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc0003768c0), Account:(*core.Account)(0xc000434d20)}
acme # [ 371.922599] pebble[661]: Pebble 2023/01/21 19:58:03 Starting 3 validations.
acme # [ 371.923392] pebble[661]: Pebble 2023/01/21 19:58:03 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Fui2XVBuabmnXWhg7r2dpi81Fxdj65IBXa-Pzd3tEbg
acme # [ 371.924989] pebble[661]: Pebble 2023/01/21 19:58:03 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Fui2XVBuabmnXWhg7r2dpi81Fxdj65IBXa-Pzd3tEbg
acme # [ 371.926558] pebble[661]: Pebble 2023/01/21 19:58:03 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Fui2XVBuabmnXWhg7r2dpi81Fxdj65IBXa-Pzd3tEbg
acme # [ 371.928127] pebble[661]: Pebble 2023/01/21 19:58:03 POST /authZ/ -> calling handler()
acme # [ 371.929000] pebble[661]: Pebble 2023/01/21 19:58:03 authz HoLPIVnDNOqEs6GP6baZuQPvzWMLUfbYdsszZW9Mxd0 set VALID by completed challenge U_OsEyxRIsmVbiJuNW559hx1fVFIGQvv_hBepuuATM8
acme # [ 376.651388] pebble[661]: Pebble 2023/01/21 19:58:08 POST /authZ/ -> calling handler()
webserver # [ 376.551296] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] [httpd-http.example.test] The server validated our request
acme # [ 376.662299] pebble[661]: Pebble 2023/01/21 19:58:08 POST /finalize-order/ -> calling handler()
webserver # [ 376.557844] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates
acme # [ 376.663695] pebble[661]: Pebble 2023/01/21 19:58:08 Order _9crOuLok7N7xIj6yuvmYWe_1uq5pPELsyNtd_JZL1s is fully authorized. Processing finalization
acme # [ 376.670604] pebble[661]: Pebble 2023/01/21 19:58:08 POST /my-order/ -> calling handler()
webserver # [ 376.565604] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 376.671543] pebble[661]: Pebble 2023/01/21 19:58:08 Issued certificate serial 34269dabbe4f272c for order _9crOuLok7N7xIj6yuvmYWe_1uq5pPELsyNtd_JZL1s
acme # [ 377.174892] pebble[661]: Pebble 2023/01/21 19:58:08 POST /my-order/ -> calling handler()
acme # [ 377.176838] pebble[661]: Pebble 2023/01/21 19:58:08 POST /certZ/ -> calling handler()
webserver # [ 377.076957] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] [httpd-http.example.test] Server responded with a certificate.
webserver # [ 377.083256] acme-httpd-http.example.test-start[4792]: + mv domainhash.txt certificates/
webserver # [ 377.089817] acme-httpd-http.example.test-start[4792]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key
webserver # [ 377.097222] acme-httpd-http.example.test-start[4792]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 377.100511] acme-httpd-http.example.test-start[4792]: + touch out/renewed
webserver # [ 377.105515] acme-httpd-http.example.test-start[4792]: + echo Installing new certificate
webserver # [ 377.106727] acme-httpd-http.example.test-start[4792]: Installing new certificate
webserver # [ 377.108041] acme-httpd-http.example.test-start[4792]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 377.112444] acme-httpd-http.example.test-start[4963]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 377.114176] acme-httpd-http.example.test-start[4792]: + cp -vp certificates/httpd-http.example.test.key out/key.pem
webserver # [ 377.118732] acme-httpd-http.example.test-start[4964]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem'
webserver # [ 377.120869] acme-httpd-http.example.test-start[4792]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem
webserver # [ 377.125098] acme-httpd-http.example.test-start[4965]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 377.126667] acme-httpd-http.example.test-start[4792]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 377.131773] acme-httpd-http.example.test-start[4792]: + cat out/key.pem out/fullchain.pem
webserver # [ 377.137159] acme-httpd-http.example.test-start[4792]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 377.164603] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 377.165597] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test.
webserver # [ 377.168329] systemd[1]: acme-httpd-http.example.test.service: Consumed 181ms CPU time, received 17.0K IP traffic, sent 11.6K IP traffic.
webserver # [ 377.171046] systemd[1]: Starting httpd-config-reload.service...
webserver # [ 377.220079] httpd[4974]: Syntax OK
webserver # [ 377.255994] systemd[1]: Reloading Apache HTTPD...
webserver # [ 377.303366] systemd[1]: Reloaded Apache HTTPD.
webserver # [ 377.307979] systemd[1]: httpd-config-reload.service: Deactivated successfully.
webserver # [ 377.309138] systemd[1]: Finished httpd-config-reload.service.
webserver # [ 377.311418] systemd[1]: Reached target test-renew-httpd.target.
(finished: must succeed: systemctl start test-renew-httpd.target, in 9.37 seconds)
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem, in 0.08 seconds)
cert.pem issuer: CN = Pebble Intermediate CA 4d6099
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem, in 0.08 seconds)
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1, in 0.04 seconds)
(finished: subtest: Can reload httpd when timer triggers renewal, in 10.43 seconds)
subtest: Can remove an alias from a domain + cert is updated
webserver: must succeed: /tmp/specialisation/httpd-remove-alias/bin/switch-to-configuration test
webserver # [ 378.375607] nixos[5151]: switching to system configuration /nix/store/x2j6ck2x0cjmsrnsdw8kxxh6sf0xjzx3-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: httpd.service
webserver # [ 378.408789] systemd[1]: Stopping Apache HTTPD...
webserver # [ 378.424764] systemd[1]: Stopped target Local File Systems.
webserver # [ 378.438739] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 378.441696] systemd[1]: Stopped target Remote File Systems.
webserver # [ 378.515009] systemd[1]: httpd.service: Deactivated successfully.
webserver # [ 378.515863] systemd[1]: Stopped Apache HTTPD.
webserver # [ 378.517672] systemd[1]: httpd.service: Consumed 298ms CPU time, read 0B from disk, written 12.0K to disk, received 12.1K IP traffic, sent 27.5K IP traffic.
webserver # activating the configuration...
webserver # [ 378.776988] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 378.784153] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 378.788528] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (90)
webserver # [ 378.789322] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 378.789978] nscd[901]: 901 monitoring file `/etc/group` (93)
webserver # [ 378.790646] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 378.794167] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 378.797082] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 378.800990] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (90)
webserver # [ 378.801750] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 378.802570] nscd[901]: 901 monitoring file `/etc/passwd` (94)
webserver # [ 378.805051] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 378.948578] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 378.956248] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 378.957880] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 378.958912] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 378.962273] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 378.964575] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 378.967122] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 378.970281] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 379.438374] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # starting the following units: httpd.service
webserver # [ 380.117880] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 380.120514] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 380.130166] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 380.182520] systemd[1]: Reached target Remote File Systems.
webserver # [ 380.184582] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 380.188485] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 380.190152] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem).
webserver # [ 380.201268] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem).
webserver # [ 380.209860] systemd[1]: Starting Apache HTTPD...
webserver # [ 380.211870] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 380.223512] systemd[1]: Reached target Local File Systems.
webserver # [ 380.255295] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 380.265583] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 380.280804] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 380.286557] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 380.294946] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 380.299139] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 380.303036] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem).
webserver # [ 380.353368] acme-example.test-start[5297]: + set -euo pipefail
webserver # [ 380.354760] acme-example.test-start[5297]: + echo f296e6482529fca9f20a
webserver # [ 380.355583] acme-example.test-start[5297]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 380.360987] acme-example.test-start[5306]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 380.369737] acme-example.test-start[5297]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 380.372235] acme-example.test-start[5297]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 380.406553] systemd[1]: httpd.service: Can't open PID file /run/httpd/httpd.pid (yet?) after start: Operation not permitted
webserver # [ 380.435616] systemd[1]: Started Apache HTTPD.
acme # [ 380.601293] pebble[661]: Pebble 2023/01/21 19:58:12 GET /dir -> calling handler()
webserver # [ 380.503549] acme-example.test-start[5307]: 2023/01/21 19:58:12 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 380.508226] acme-example.test-start[5297]: + mv domainhash.txt certificates/
webserver # [ 380.513931] acme-example.test-start[5297]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 380.520879] acme-example.test-start[5297]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 380.524733] acme-example.test-start[5297]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 380.552555] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 380.553453] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 380.555457] systemd[1]: acme-example.test.service: Consumed 170ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 380.562669] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test...
webserver # [ 380.569379] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test...
webserver # [ 380.689397] acme-httpd-http.example.test-start[5481]: + set -euo pipefail
webserver # [ 380.690864] acme-httpd-http.example.test-start[5482]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 380.693270] acme-httpd-dns.example.test-start[5480]: + set -euo pipefail
webserver # [ 380.694827] acme-httpd-dns.example.test-start[5480]: + echo 0a349e39464efbfff571
webserver # [ 380.696213] acme-httpd-dns.example.test-start[5480]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 380.702328] acme-httpd-dns.example.test-start[5485]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 380.704667] acme-httpd-http.example.test-start[5482]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 380.713650] acme-httpd-http.example.test-start[5481]: + echo 25a568200b41a707b1f8
webserver # [ 380.715504] acme-httpd-http.example.test-start[5481]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 380.717756] acme-httpd-dns.example.test-start[5480]: + '[' -e certificates/httpd-dns.example.test.key -a -e certificates/httpd-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 380.727066] acme-httpd-dns.example.test-start[5480]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test renew --no-random-sleep --days 30
webserver # [ 380.735924] acme-httpd-http.example.test-start[5481]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run
acme # [ 380.968368] pebble[661]: Pebble 2023/01/21 19:58:12 GET /dir -> calling handler()
webserver # [ 380.871848] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: Obtaining bundled SAN certificate
acme # [ 380.972964] pebble[661]: Pebble 2023/01/21 19:58:12 GET /dir -> calling handler()
webserver # [ 380.873468] acme-httpd-dns.example.test-start[5487]: 2023/01/21 19:58:12 [httpd-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 380.880295] acme-httpd-dns.example.test-start[5480]: + mv domainhash.txt certificates/
acme # [ 380.977415] pebble[661]: Pebble 2023/01/21 19:58:12 HEAD /nonce-plz -> calling handler()
acme # [ 380.982908] pebble[661]: Pebble 2023/01/21 19:58:12 POST /order-plz -> calling handler()
webserver # [ 380.885749] acme-httpd-dns.example.test-start[5480]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key
acme # [ 380.986256] pebble[661]: Pebble 2023/01/21 19:58:12 There are now 26 authorizations in the db
acme # [ 380.989506] pebble[661]: Pebble 2023/01/21 19:58:12 Added order "P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM" to the db
webserver # [ 380.892363] acme-httpd-dns.example.test-start[5480]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem
acme # [ 380.993850] pebble[661]: Pebble 2023/01/21 19:58:12 There are now 22 orders in the db
webserver # [ 380.896106] acme-httpd-dns.example.test-start[5480]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 380.919361] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully.
webserver # [ 380.920161] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test.
webserver # [ 380.920825] systemd[1]: acme-httpd-dns.example.test.service: Consumed 149ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic.
acme # [ 381.041184] pebble[661]: Pebble 2023/01/21 19:58:12 POST /authZ/ -> calling handler()
webserver # [ 380.940550] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/UEaVsmJf_NNHu4123w0NCziZo8wLBmkOm0wOBY1M_kA
webserver # [ 380.943222] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01
webserver # [ 380.944963] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: use http-01 solver
acme # [ 381.047015] pebble[661]: Pebble 2023/01/21 19:58:12 POST /chalZ/ -> calling handler()
webserver # [ 380.946472] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01
acme # [ 381.048868] pebble[661]: Pebble 2023/01/21 19:58:12 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc000376dc0), Account:(*core.Account)(0xc000434d20)}
acme # [ 381.053752] pebble[661]: Pebble 2023/01/21 19:58:12 Starting 3 validations.
acme # [ 381.055401] pebble[661]: Pebble 2023/01/21 19:58:12 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/KQRBQUZVBvCPAzn-Mk-Y9D72pxBW0WSnqeMVvhYkJsE
acme # [ 381.057129] pebble[661]: Pebble 2023/01/21 19:58:12 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/KQRBQUZVBvCPAzn-Mk-Y9D72pxBW0WSnqeMVvhYkJsE
acme # [ 381.058821] pebble[661]: Pebble 2023/01/21 19:58:12 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/KQRBQUZVBvCPAzn-Mk-Y9D72pxBW0WSnqeMVvhYkJsE
acme # [ 381.060526] pebble[661]: Pebble 2023/01/21 19:58:12 POST /authZ/ -> calling handler()
acme # [ 381.061420] pebble[661]: Pebble 2023/01/21 19:58:12 authz UEaVsmJf_NNHu4123w0NCziZo8wLBmkOm0wOBY1M_kA set VALID by completed challenge 4gcHXMQCJs2r8ukbzXHsKLWWvNt_D8oFnU-wl5qLHo4
acme # [ 384.882330] pebble[661]: Pebble 2023/01/21 19:58:16 POST /authZ/ -> calling handler()
acme # [ 384.884239] pebble[661]: Pebble 2023/01/21 19:58:16 POST /finalize-order/ -> calling handler()
webserver # [ 384.782105] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] [httpd-http.example.test] The server validated our request
webserver # [ 384.783923] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] [httpd-http.example.test] acme: Validations succeeded; requesting certificates
webserver # [ 384.785421] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/finalize-order/P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: sM9EuHSMgNVrOrk_m1Kp_g
webserver # [ 385.071555] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 385.174296] pebble[661]: Pebble 2023/01/21 19:58:16 POST /finalize-order/ -> calling handler()
acme # [ 385.175386] pebble[661]: Pebble 2023/01/21 19:58:16 Order P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM is fully authorized. Processing finalization
acme # [ 385.179760] pebble[661]: Pebble 2023/01/21 19:58:16 Issued certificate serial 2ff5c3b0ef14b850 for order P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM
acme # [ 385.181350] pebble[661]: Pebble 2023/01/21 19:58:16 POST /my-order/ -> calling handler()
acme # [ 385.183318] pebble[661]: Pebble 2023/01/21 19:58:16 POST /certZ/ -> calling handler()
webserver # [ 385.083967] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] [httpd-http.example.test] Server responded with a certificate.
webserver # [ 385.087795] acme-httpd-http.example.test-start[5481]: + mv domainhash.txt certificates/
webserver # [ 385.093141] acme-httpd-http.example.test-start[5481]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key
webserver # [ 385.100288] acme-httpd-http.example.test-start[5481]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 385.103765] acme-httpd-http.example.test-start[5481]: + touch out/renewed
webserver # [ 385.108369] acme-httpd-http.example.test-start[5481]: + echo Installing new certificate
webserver # [ 385.109358] acme-httpd-http.example.test-start[5481]: Installing new certificate
webserver # [ 385.110250] acme-httpd-http.example.test-start[5481]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 385.115286] acme-httpd-http.example.test-start[5508]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 385.117384] acme-httpd-http.example.test-start[5481]: + cp -vp certificates/httpd-http.example.test.key out/key.pem
webserver # [ 385.121654] acme-httpd-http.example.test-start[5509]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem'
webserver # [ 385.123506] acme-httpd-http.example.test-start[5481]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem
webserver # [ 385.127785] acme-httpd-http.example.test-start[5510]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 385.129938] acme-httpd-http.example.test-start[5481]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 385.134380] acme-httpd-http.example.test-start[5481]: + cat out/key.pem out/fullchain.pem
webserver # [ 385.139517] acme-httpd-http.example.test-start[5481]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 385.168340] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 385.169362] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test.
webserver # [ 385.171473] systemd[1]: acme-httpd-http.example.test.service: Consumed 174ms CPU time, received 11.7K IP traffic, sent 8.4K IP traffic.
webserver # [ 385.174780] systemd[1]: Starting httpd-config-reload.service...
webserver # [ 385.225494] httpd[5519]: Syntax OK
webserver # [ 385.264422] systemd[1]: Reloading Apache HTTPD...
webserver # [ 385.319305] systemd[1]: Reloaded Apache HTTPD.
webserver # [ 385.325240] systemd[1]: httpd-config-reload.service: Deactivated successfully.
webserver # [ 385.326683] systemd[1]: Finished httpd-config-reload.service.
webserver # [ 385.406067] nixos[5151]: finished switching to system configuration /nix/store/x2j6ck2x0cjmsrnsdw8kxxh6sf0xjzx3-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/httpd-remove-alias/bin/switch-to-configuration test, in 7.87 seconds)
webserver: waiting for unit acme-finished-httpd-http.example.test.target
(finished: waiting for unit acme-finished-httpd-http.example.test.target, in 0.06 seconds)
webserver: waiting for unit httpd.service
(finished: waiting for unit httpd.service, in 0.06 seconds)
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds)
(finished: subtest: Can remove an alias from a domain + cert is updated, in 8.18 seconds)
subtest: security.acme changes reflect on web server
webserver: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test
webserver # [ 386.565724] nixos[5699]: switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git
webserver # stopping the following units: httpd.service
webserver # [ 386.585016] systemd[1]: Stopping Apache HTTPD...
webserver # [ 386.589420] systemd[1]: Stopped target Local File Systems.
webserver # [ 386.596957] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 386.599861] systemd[1]: Stopped target Remote File Systems.
webserver # [ 386.669973] systemd[1]: httpd.service: Deactivated successfully.
webserver # [ 386.670780] systemd[1]: Stopped Apache HTTPD.
webserver # [ 386.672223] systemd[1]: httpd.service: Consumed 179ms CPU time, no IO, received 3.2K IP traffic, sent 7.5K IP traffic.
webserver # activating the configuration...
webserver # [ 386.899357] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 386.907203] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 386.911188] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (96)
webserver # [ 386.912048] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 386.912712] nscd[901]: 901 monitoring file `/etc/group` (99)
webserver # [ 386.913671] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 386.916973] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 386.920038] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 386.922843] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (96)
webserver # [ 386.923796] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 386.926495] nscd[901]: 901 monitoring file `/etc/passwd` (100)
webserver # [ 386.929422] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 387.031300] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 387.038920] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 387.040476] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 387.041608] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 387.046588] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 387.049239] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 387.053479] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 387.055189] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 388.795180] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # starting the following units: httpd.service
webserver # [ 389.410583] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 389.412321] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 389.418821] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 389.441258] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 389.443272] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 389.445606] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem).
webserver # [ 389.481032] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 389.482973] systemd[1]: Reached target Remote File Systems.
webserver # [ 389.489691] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 389.490556] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 389.493130] systemd[1]: Reached target Local File Systems.
webserver # [ 389.508409] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 389.509136] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 389.510857] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 389.515413] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 389.520302] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 389.526115] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem).
webserver # [ 389.532144] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem).
webserver # [ 389.540266] systemd[1]: Starting Apache HTTPD...
webserver # [ 389.575082] acme-example.test-start[5845]: + set -euo pipefail
webserver # [ 389.575939] acme-example.test-start[5845]: + echo f296e6482529fca9f20a
webserver # [ 389.576995] acme-example.test-start[5845]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 389.582039] acme-example.test-start[5854]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 389.592640] acme-example.test-start[5845]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 389.594377] acme-example.test-start[5845]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 389.634061] systemd[1]: httpd.service: Can't open PID file /run/httpd/httpd.pid (yet?) after start: Operation not permitted
webserver # [ 389.652441] systemd[1]: Started Apache HTTPD.
acme # [ 389.800402] pebble[661]: Pebble 2023/01/21 19:58:21 GET /dir -> calling handler()
webserver # [ 389.700815] acme-example.test-start[5855]: 2023/01/21 19:58:21 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 389.705137] acme-example.test-start[5845]: + mv domainhash.txt certificates/
webserver # [ 389.710303] acme-example.test-start[5845]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 389.716548] acme-example.test-start[5845]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 389.720093] acme-example.test-start[5845]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 389.746481] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 389.747404] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 389.749421] systemd[1]: acme-example.test.service: Consumed 130ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 389.756425] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test...
webserver # [ 389.762034] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test...
webserver # [ 389.847837] acme-httpd-dns.example.test-start[6028]: + set -euo pipefail
webserver # [ 389.848643] acme-httpd-dns.example.test-start[6028]: + echo 0a349e39464efbfff571
webserver # [ 389.849476] acme-httpd-dns.example.test-start[6028]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 389.851145] acme-httpd-http.example.test-start[6029]: + set -euo pipefail
webserver # [ 389.852142] acme-httpd-http.example.test-start[6031]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 389.856107] acme-httpd-dns.example.test-start[6033]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 389.859186] acme-httpd-http.example.test-start[6031]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 389.866104] acme-httpd-dns.example.test-start[6028]: + '[' -e certificates/httpd-dns.example.test.key -a -e certificates/httpd-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 389.869436] acme-httpd-dns.example.test-start[6028]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test renew --no-random-sleep --days 30
webserver # [ 389.877338] acme-httpd-http.example.test-start[6029]: + echo c63f2de46052d3f916bc
webserver # [ 389.882805] acme-httpd-http.example.test-start[6029]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 389.885065] acme-httpd-http.example.test-start[6029]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run
acme # [ 390.094666] pebble[661]: Pebble 2023/01/21 19:58:21 GET /dir -> calling handler()
acme # [ 390.096790] pebble[661]: Pebble 2023/01/21 19:58:21 GET /dir -> calling handler()
webserver # [ 389.995759] acme-httpd-dns.example.test-start[6034]: 2023/01/21 19:58:21 [httpd-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 390.000052] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 390.103744] pebble[661]: Pebble 2023/01/21 19:58:21 HEAD /nonce-plz -> calling handler()
webserver # [ 390.003194] acme-httpd-dns.example.test-start[6028]: + mv domainhash.txt certificates/
acme # [ 390.108156] pebble[661]: Pebble 2023/01/21 19:58:21 POST /order-plz -> calling handler()
acme # [ 390.110179] pebble[661]: Pebble 2023/01/21 19:58:21 There are now 27 authorizations in the db
acme # [ 390.112278] pebble[661]: Pebble 2023/01/21 19:58:21 Added order "RDULNOpQXLBDg3qnWLfdYxQYlacm9kh1NyTgK3kx170" to the db
webserver # [ 390.009505] acme-httpd-dns.example.test-start[6028]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key
acme # [ 390.113585] pebble[661]: Pebble 2023/01/21 19:58:21 There are now 23 orders in the db
webserver # [ 390.016966] acme-httpd-dns.example.test-start[6028]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem
webserver # [ 390.020572] acme-httpd-dns.example.test-start[6028]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 390.043451] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully.
webserver # [ 390.044414] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test.
webserver # [ 390.045644] systemd[1]: acme-httpd-dns.example.test.service: Consumed 116ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic.
acme # [ 390.172413] pebble[661]: Pebble 2023/01/21 19:58:21 POST /authZ/ -> calling handler()
acme # [ 390.228546] pebble[661]: Pebble 2023/01/21 19:58:21 POST /authZ/ -> calling handler()
webserver # [ 390.127625] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/HoLPIVnDNOqEs6GP6baZuQPvzWMLUfbYdsszZW9Mxd0
webserver # [ 390.129324] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/PDIGskIQeJa94NMharLa0P3n5ujaP1TkLZpK2mlIASM
webserver # [ 390.131721] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http.example.test] acme: authorization already valid; skipping challenge
webserver # [ 390.134039] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 390.235163] pebble[661]: Pebble 2023/01/21 19:58:21 POST /chalZ/ -> calling handler()
webserver # [ 390.135598] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver
webserver # [ 390.137240] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01
acme # [ 390.238364] pebble[661]: Pebble 2023/01/21 19:58:21 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000377680), Account:(*core.Account)(0xc000434d20)}
acme # [ 390.241861] pebble[661]: Pebble 2023/01/21 19:58:21 Starting 3 validations.
acme # [ 390.243327] pebble[661]: Pebble 2023/01/21 19:58:21 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/lR3CJgllqF5IlxmqcfodHuI_vAN5rYddwZbpnUXk1k4
acme # [ 390.245418] pebble[661]: Pebble 2023/01/21 19:58:21 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/lR3CJgllqF5IlxmqcfodHuI_vAN5rYddwZbpnUXk1k4
acme # [ 390.247138] pebble[661]: Pebble 2023/01/21 19:58:21 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/lR3CJgllqF5IlxmqcfodHuI_vAN5rYddwZbpnUXk1k4
acme # [ 390.248801] pebble[661]: Pebble 2023/01/21 19:58:21 POST /authZ/ -> calling handler()
acme # [ 390.249638] pebble[661]: Pebble 2023/01/21 19:58:21 authz PDIGskIQeJa94NMharLa0P3n5ujaP1TkLZpK2mlIASM set VALID by completed challenge 72nczfx4EUXQOqz7ldfRqKBisPVvH8ctoCkndSkzq_A
webserver # [ 395.621026] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] [httpd-http-alias.example.test] The server validated our request
acme # [ 395.721753] pebble[661]: Pebble 2023/01/21 19:58:27 POST /authZ/ -> calling handler()
webserver # [ 395.623210] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates
acme # [ 395.725971] pebble[661]: Pebble 2023/01/21 19:58:27 POST /finalize-order/ -> calling handler()
webserver # [ 395.624922] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 395.726760] pebble[661]: Pebble 2023/01/21 19:58:27 Order RDULNOpQXLBDg3qnWLfdYxQYlacm9kh1NyTgK3kx170 is fully authorized. Processing finalization
acme # [ 395.729373] pebble[661]: Pebble 2023/01/21 19:58:27 Issued certificate serial 2ea9d36e5d56c79c for order RDULNOpQXLBDg3qnWLfdYxQYlacm9kh1NyTgK3kx170
acme # [ 395.730578] pebble[661]: Pebble 2023/01/21 19:58:27 POST /my-order/ -> calling handler()
acme # [ 395.731850] pebble[661]: Pebble 2023/01/21 19:58:27 POST /certZ/ -> calling handler()
webserver # [ 395.632963] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] [httpd-http.example.test] Server responded with a certificate.
webserver # [ 395.636792] acme-httpd-http.example.test-start[6029]: + mv domainhash.txt certificates/
webserver # [ 395.642825] acme-httpd-http.example.test-start[6029]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key
webserver # [ 395.650945] acme-httpd-http.example.test-start[6029]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 395.655041] acme-httpd-http.example.test-start[6029]: + touch out/renewed
webserver # [ 395.660347] acme-httpd-http.example.test-start[6029]: + echo Installing new certificate
webserver # [ 395.661299] acme-httpd-http.example.test-start[6029]: Installing new certificate
webserver # [ 395.662265] acme-httpd-http.example.test-start[6029]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 395.667623] acme-httpd-http.example.test-start[6056]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 395.669748] acme-httpd-http.example.test-start[6029]: + cp -vp certificates/httpd-http.example.test.key out/key.pem
webserver # [ 395.674748] acme-httpd-http.example.test-start[6057]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem'
webserver # [ 395.676823] acme-httpd-http.example.test-start[6029]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem
webserver # [ 395.681385] acme-httpd-http.example.test-start[6058]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 395.683124] acme-httpd-http.example.test-start[6029]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 395.688239] acme-httpd-http.example.test-start[6029]: + cat out/key.pem out/fullchain.pem
webserver # [ 395.694098] acme-httpd-http.example.test-start[6029]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 395.727058] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 395.728020] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test.
webserver # [ 395.728917] systemd[1]: acme-httpd-http.example.test.service: Consumed 148ms CPU time, received 12.6K IP traffic, sent 8.0K IP traffic.
webserver # [ 395.734522] systemd[1]: Starting httpd-config-reload.service...
webserver # [ 395.796651] httpd[6067]: Syntax OK
webserver # [ 395.837727] systemd[1]: Reloading Apache HTTPD...
webserver # [ 395.894196] systemd[1]: Reloaded Apache HTTPD.
webserver # [ 395.898266] systemd[1]: httpd-config-reload.service: Deactivated successfully.
webserver # [ 395.899692] systemd[1]: Finished httpd-config-reload.service.
webserver # [ 395.993181] nixos[5699]: finished switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test, in 10.28 seconds)
webserver: waiting for unit httpd.service
(finished: waiting for unit httpd.service, in 0.06 seconds)
webserver: must succeed: /tmp/specialisation/httpd-change-acme-conf/bin/switch-to-configuration test
webserver # [ 396.943251] nixos[6243]: switching to system configuration /nix/store/nb2vc26pdhpjrw4a1xln1fz06rxy92ay-nixos-system-webserver-23.05pre-git
webserver # [ 396.964654] systemd[1]: Stopped target Local File Systems.
webserver # [ 396.969344] systemd[1]: Stopped target All Network Interfaces (deprecated).
webserver # [ 396.972635] systemd[1]: Stopped target Remote File Systems.
webserver # activating the configuration...
webserver # [ 397.191057] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch
webserver # [ 397.196157] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists)
webserver # [ 397.199594] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (102)
webserver # [ 397.200358] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 397.200969] nscd[901]: 901 monitoring file `/etc/group` (105)
webserver # [ 397.201592] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 397.205963] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch
webserver # [ 397.212181] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists)
webserver # [ 397.215881] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (102)
webserver # [ 397.216674] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 397.217297] nscd[901]: 901 monitoring file `/etc/passwd` (106)
webserver # [ 397.218155] nscd[901]: 901 monitoring directory `/etc` (2)
webserver # [ 397.353669] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch
webserver # [ 397.361349] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 397.363053] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 397.367055] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 397.368423] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 397.370664] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch
webserver # [ 397.373549] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch
webserver # [ 397.377080] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch
webserver # [ 397.852741] systemd[1]: Reloading.
webserver # setting up tmpfiles
webserver # [ 398.421332] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 398.423103] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 398.429935] systemd[1]: Starting Renew ACME certificate for example.test...
webserver # [ 398.450626] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 398.452531] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 398.455326] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem).
webserver # [ 398.478407] systemd[1]: Reached target All Network Interfaces (deprecated).
webserver # [ 398.480051] systemd[1]: Reached target Remote File Systems.
webserver # [ 398.481045] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 398.484129] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem).
webserver # [ 398.488167] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem).
webserver # [ 398.492533] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem).
webserver # [ 398.499699] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test...
webserver # [ 398.503099] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/).
webserver # [ 398.511244] systemd[1]: Reached target Local File Systems.
webserver # [ 398.535831] systemd[1]: Starting Load Kernel Module efi_pstore...
webserver # [ 398.549721] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully.
webserver # [ 398.550958] systemd[1]: Finished Load Kernel Module efi_pstore.
webserver # [ 398.553181] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore).
webserver # [ 398.555287] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem).
webserver # [ 398.561790] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem).
webserver # [ 398.587659] acme-example.test-start[6388]: + set -euo pipefail
webserver # [ 398.588482] acme-example.test-start[6388]: + echo f296e6482529fca9f20a
webserver # [ 398.589407] acme-example.test-start[6388]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 398.595054] acme-example.test-start[6393]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 398.603384] acme-example.test-start[6388]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 398.605387] acme-example.test-start[6388]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30
webserver # [ 398.624768] acme-httpd-http.example.test-start[6389]: + set -euo pipefail
webserver # [ 398.625936] acme-httpd-http.example.test-start[6399]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 398.631349] acme-httpd-http.example.test-start[6399]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge
webserver # [ 398.636963] acme-httpd-http.example.test-start[6389]: + echo c63f2de46052d3f916bc
webserver # [ 398.637945] acme-httpd-http.example.test-start[6389]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 398.641409] acme-httpd-http.example.test-start[6389]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec384 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run
acme # [ 398.828072] pebble[661]: Pebble 2023/01/21 19:58:30 GET /dir -> calling handler()
webserver # [ 398.732719] acme-example.test-start[6394]: 2023/01/21 19:58:30 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
webserver # [ 398.740777] acme-example.test-start[6388]: + mv domainhash.txt certificates/
webserver # [ 398.746751] acme-example.test-start[6388]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key
webserver # [ 398.753863] acme-example.test-start[6388]: + cmp -s certificates/_.example.test.crt out/fullchain.pem
webserver # [ 398.757304] acme-example.test-start[6388]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
acme # [ 398.875105] pebble[661]: Pebble 2023/01/21 19:58:30 GET /dir -> calling handler()
webserver # [ 398.781907] systemd[1]: acme-example.test.service: Deactivated successfully.
webserver # [ 398.782616] systemd[1]: Finished Renew ACME certificate for example.test.
webserver # [ 398.785133] systemd[1]: acme-example.test.service: Consumed 121ms CPU time, received 2.5K IP traffic, sent 978B IP traffic.
webserver # [ 398.788413] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate
acme # [ 398.892535] pebble[661]: Pebble 2023/01/21 19:58:30 HEAD /nonce-plz -> calling handler()
webserver # [ 398.792850] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test...
acme # [ 398.897052] pebble[661]: Pebble 2023/01/21 19:58:30 POST /order-plz -> calling handler()
acme # [ 398.902262] pebble[661]: Pebble 2023/01/21 19:58:30 There are now 28 authorizations in the db
acme # [ 398.903392] pebble[661]: Pebble 2023/01/21 19:58:30 There are now 29 authorizations in the db
acme # [ 398.904379] pebble[661]: Pebble 2023/01/21 19:58:30 Added order "7NzakdRsp0ghxrVTi_Ln7X6ry2bvRydOnL-rFYQnwZE" to the db
acme # [ 398.905918] pebble[661]: Pebble 2023/01/21 19:58:30 There are now 24 orders in the db
webserver # [ 398.838216] acme-httpd-dns.example.test-start[6414]: + set -euo pipefail
webserver # [ 398.839024] acme-httpd-dns.example.test-start[6414]: + echo 0a349e39464efbfff571
webserver # [ 398.839820] acme-httpd-dns.example.test-start[6414]: + cmp -s domainhash.txt certificates/domainhash.txt
webserver # [ 398.843487] acme-httpd-dns.example.test-start[6416]: ++ find accounts -name hostmaster@example.test.key
webserver # [ 398.849605] acme-httpd-dns.example.test-start[6414]: + '[' -e certificates/httpd-dns.example.test.key -a -e certificates/httpd-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']'
webserver # [ 398.851274] acme-httpd-dns.example.test-start[6414]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test renew --no-random-sleep --days 30
acme # [ 398.964994] pebble[661]: Pebble 2023/01/21 19:58:30 POST /authZ/ -> calling handler()
acme # [ 399.020518] pebble[661]: Pebble 2023/01/21 19:58:30 POST /authZ/ -> calling handler()
acme # [ 399.027703] pebble[661]: Pebble 2023/01/21 19:58:30 POST /chalZ/ -> calling handler()
webserver # [ 398.925912] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/fvPNNv2tOEbZWCwqn3To7ubZD88BwLT9W6RcoJV-WBg
webserver # [ 398.927697] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/Vgxobycl5RM4kxYFY37L42PSrf-m8FrIZNAAJUsdzGM
acme # [ 399.032854] pebble[661]: Pebble 2023/01/21 19:58:30 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc0001b8820), Account:(*core.Account)(0xc0004494a0)}
acme # [ 399.035363] pebble[661]: Pebble 2023/01/21 19:58:30 Starting 3 validations.
webserver # [ 398.930077] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 399.036246] pebble[661]: Pebble 2023/01/21 19:58:30 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/nRkjT3hKue13DE1VkGV6odDb9xMxi2vsepJSqNx6WZU
webserver # [ 398.935138] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] acme: use http-01 solver
acme # [ 399.040869] pebble[661]: Pebble 2023/01/21 19:58:30 POST /authZ/ -> calling handler()
webserver # [ 398.939414] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01
acme # [ 399.042124] pebble[661]: Pebble 2023/01/21 19:58:30 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/nRkjT3hKue13DE1VkGV6odDb9xMxi2vsepJSqNx6WZU
webserver # [ 398.941286] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver
webserver # [ 398.943067] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01
acme # [ 399.046621] pebble[661]: Pebble 2023/01/21 19:58:30 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/nRkjT3hKue13DE1VkGV6odDb9xMxi2vsepJSqNx6WZU
acme # [ 399.049929] pebble[661]: Pebble 2023/01/21 19:58:30 GET /dir -> calling handler()
webserver # [ 398.949125] acme-httpd-dns.example.test-start[6417]: 2023/01/21 19:58:30 [httpd-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal.
acme # [ 399.055385] pebble[661]: Pebble 2023/01/21 19:58:30 authz fvPNNv2tOEbZWCwqn3To7ubZD88BwLT9W6RcoJV-WBg set VALID by completed challenge SGxyzLnS1KJ90pzARH7Ri7s_nW_dnqHgzodP0_U6UcM
webserver # [ 398.955289] acme-httpd-dns.example.test-start[6414]: + mv domainhash.txt certificates/
webserver # [ 398.961545] acme-httpd-dns.example.test-start[6414]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key
webserver # [ 398.969675] acme-httpd-dns.example.test-start[6414]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem
webserver # [ 398.973605] acme-httpd-dns.example.test-start[6414]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem
webserver # [ 399.002392] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully.
webserver # [ 399.003397] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test.
webserver # [ 399.006333] systemd[1]: acme-httpd-dns.example.test.service: Consumed 130ms CPU time, received 2.5K IP traffic, sent 1.2K IP traffic.
acme # [ 403.637560] pebble[661]: Pebble 2023/01/21 19:58:35 POST /authZ/ -> calling handler()
webserver # [ 403.540488] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:35 [INFO] [httpd-http.example.test] The server validated our request
acme # [ 403.644513] pebble[661]: Pebble 2023/01/21 19:58:35 POST /chalZ/ -> calling handler()
webserver # [ 403.542742] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:35 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01
acme # [ 403.650026] pebble[661]: Pebble 2023/01/21 19:58:35 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000377ea0), Account:(*core.Account)(0xc0004494a0)}
acme # [ 403.652850] pebble[661]: Pebble 2023/01/21 19:58:35 Starting 3 validations.
acme # [ 403.653658] pebble[661]: Pebble 2023/01/21 19:58:35 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/i_c9t0i6atHvrarEhvtslmom9s5xzTEYyiZokbzNiK4
acme # [ 403.657454] pebble[661]: Pebble 2023/01/21 19:58:35 POST /authZ/ -> calling handler()
acme # [ 403.660987] pebble[661]: Pebble 2023/01/21 19:58:35 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/i_c9t0i6atHvrarEhvtslmom9s5xzTEYyiZokbzNiK4
acme # [ 403.663955] pebble[661]: Pebble 2023/01/21 19:58:35 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/i_c9t0i6atHvrarEhvtslmom9s5xzTEYyiZokbzNiK4
acme # [ 403.670285] pebble[661]: Pebble 2023/01/21 19:58:35 authz Vgxobycl5RM4kxYFY37L42PSrf-m8FrIZNAAJUsdzGM set VALID by completed challenge izgj16IRVA2uPGLpNgWMN9rRj1g5RAVxb0k18xirwlc
acme # [ 411.129561] pebble[661]: Pebble 2023/01/21 19:58:42 POST /authZ/ -> calling handler()
webserver # [ 411.033771] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] [httpd-http-alias.example.test] The server validated our request
webserver # [ 411.035721] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates
acme # [ 411.143552] pebble[661]: Pebble 2023/01/21 19:58:42 POST /finalize-order/ -> calling handler()
acme # [ 411.149025] pebble[661]: Pebble 2023/01/21 19:58:42 Order 7NzakdRsp0ghxrVTi_Ln7X6ry2bvRydOnL-rFYQnwZE is fully authorized. Processing finalization
webserver # [ 411.049792] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
acme # [ 411.153955] pebble[661]: Pebble 2023/01/21 19:58:42 Issued certificate serial 50d1c3eccbf566f5 for order 7NzakdRsp0ghxrVTi_Ln7X6ry2bvRydOnL-rFYQnwZE
acme # [ 411.155658] pebble[661]: Pebble 2023/01/21 19:58:42 POST /my-order/ -> calling handler()
acme # [ 411.161655] pebble[661]: Pebble 2023/01/21 19:58:42 POST /certZ/ -> calling handler()
webserver # [ 411.063513] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] [httpd-http.example.test] Server responded with a certificate.
webserver # [ 411.069871] acme-httpd-http.example.test-start[6389]: + mv domainhash.txt certificates/
webserver # [ 411.077081] acme-httpd-http.example.test-start[6389]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key
webserver # [ 411.085208] acme-httpd-http.example.test-start[6389]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 411.089492] acme-httpd-http.example.test-start[6389]: + touch out/renewed
webserver # [ 411.095591] acme-httpd-http.example.test-start[6389]: + echo Installing new certificate
webserver # [ 411.096623] acme-httpd-http.example.test-start[6389]: Installing new certificate
webserver # [ 411.097881] acme-httpd-http.example.test-start[6389]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem
webserver # [ 411.103657] acme-httpd-http.example.test-start[6433]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem'
webserver # [ 411.105982] acme-httpd-http.example.test-start[6389]: + cp -vp certificates/httpd-http.example.test.key out/key.pem
webserver # [ 411.112868] acme-httpd-http.example.test-start[6434]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem'
webserver # [ 411.115170] acme-httpd-http.example.test-start[6389]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem
webserver # [ 411.120164] acme-httpd-http.example.test-start[6435]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem'
webserver # [ 411.122220] acme-httpd-http.example.test-start[6389]: + ln -sf fullchain.pem out/cert.pem
webserver # [ 411.128097] acme-httpd-http.example.test-start[6389]: + cat out/key.pem out/fullchain.pem
webserver # [ 411.133744] acme-httpd-http.example.test-start[6389]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed
webserver # [ 411.171439] ff138gkahjg2i8scp5lf2280cnjw7s6j-acme-postrun[6442]: uid=0(root) gid=0(root) groups=0(root),54(wwwrun)
webserver # [ 411.175445] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully.
webserver # [ 411.178699] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test.
webserver # [ 411.182239] systemd[1]: acme-httpd-http.example.test.service: Consumed 180ms CPU time, received 15.6K IP traffic, sent 10.7K IP traffic.
webserver # [ 411.185765] systemd[1]: Starting httpd-config-reload.service...
webserver # [ 411.244609] httpd[6446]: Syntax OK
webserver # [ 411.285429] systemd[1]: Reloading Apache HTTPD...
webserver # [ 411.333144] systemd[1]: Reloaded Apache HTTPD.
webserver # [ 411.337277] systemd[1]: httpd-config-reload.service: Deactivated successfully.
webserver # [ 411.338582] systemd[1]: Finished httpd-config-reload.service.
webserver # [ 411.400448] nixos[6243]: finished switching to system configuration /nix/store/nb2vc26pdhpjrw4a1xln1fz06rxy92ay-nixos-system-webserver-23.05pre-git
(finished: must succeed: /tmp/specialisation/httpd-change-acme-conf/bin/switch-to-configuration test, in 15.31 seconds)
webserver: waiting for unit acme-finished-httpd-http.example.test.target
(finished: waiting for unit acme-finished-httpd-http.example.test.target, in 0.06 seconds)
webserver: waiting for unit httpd.service
(finished: waiting for unit httpd.service, in 0.06 seconds)
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key
client # depth=2 CN = Pebble Root CA 07ebd3
client # verify return:1
client # depth=1 CN = Pebble Intermediate CA 4d6099
client # verify return:1
client # depth=0 CN = httpd-http.example.test
client # verify return:1
client # DONE
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key, in 0.12 seconds)
Key type: Public-Key: (384 bit)
(finished: subtest: security.acme changes reflect on web server, in 25.96 seconds)
(finished: run the VM test script, in 412.46 seconds)
test script finished in 412.58s
cleanup
kill machine (pid 6)
acme # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10)
kill machine (pid 17)
client # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10)
kill machine (pid 27)
dnsserver # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10)
kill machine (pid 38)
webserver # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10)
(finished: cleanup, in 0.25 seconds)
kill vlan (pid 5)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment