Created
January 21, 2023 21:30
-
-
Save mweinelt/cb4460149479878316b46c116518c88f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Machine state will be reset. To keep it, pass --keep-vm-state | |
start all VLans | |
start vlan | |
running vlan (pid 5; ctl /build/vde1.ctl) | |
(finished: start all VLans, in 0.00 seconds) | |
run the VM test script | |
additionally exposed symbols: | |
acme, client, dnsserver, webserver, | |
vlan1, | |
start_all, test_script, machines, vlans, driver, log, os, create_machine, subtest, run_tests, join_all, retry, serial_stdout_off, serial_stdout_on, polling_condition, Machine | |
start all VMs | |
acme: starting vm | |
acme: waiting for monitor prompt | |
acme # Formatting '/build/vm-state-acme/acme.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16 | |
(finished: waiting for monitor prompt, in 0.00 seconds) | |
acme: QEMU running (pid 6) | |
client: starting vm | |
client: waiting for monitor prompt | |
client # Formatting '/build/vm-state-client/client.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16 | |
(finished: waiting for monitor prompt, in 0.00 seconds) | |
client: QEMU running (pid 17) | |
dnsserver: starting vm | |
dnsserver # Formatting '/build/vm-state-dnsserver/dnsserver.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16 | |
dnsserver: waiting for monitor prompt | |
(finished: waiting for monitor prompt, in 0.00 seconds) | |
dnsserver: QEMU running (pid 27) | |
webserver: starting vm | |
acme # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org) | |
webserver: waiting for monitor prompt | |
webserver # Formatting '/build/vm-state-webserver/webserver.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=1073741824 lazy_refcounts=off refcount_bits=16 | |
(finished: waiting for monitor prompt, in 0.00 seconds) | |
webserver: QEMU running (pid 38) | |
(finished: start all VMs, in 0.19 seconds) | |
dnsserver: waiting for unit pebble-challtestsrv.service | |
dnsserver: waiting for the VM to finish booting | |
client # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org) | |
acme # | |
acme # | |
acme # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00 | |
acme # Press Ctrl-B to configure iPXE (PCI 00:03.0)... | |
acme # | |
acme # | |
acme # | |
acme # | |
dnsserver # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org) | |
acme # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00 | |
acme # Press Ctrl-B to configure iPXE (PCI 00:09.0)... | |
acme # | |
acme # | |
client # | |
client # | |
acme # Booting from ROM... | |
client # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00 | |
client # Press Ctrl-B to configure iPXE (PCI 00:03.0)... | |
client # | |
client # | |
client # | |
client # | |
client # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00 | |
client # Press Ctrl-B to configure iPXE (PCI 00:09.0)... | |
client # | |
client # | |
client # Booting from ROM... | |
client # Probing EDD (edd=off to disable)... ok | |
webserver # cSeaBIOS (version rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org) | |
dnsserver # | |
dnsserver # | |
dnsserver # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00 | |
dnsserver # Press Ctrl-B to configure iPXE (PCI 00:03.0)... | |
dnsserver # | |
dnsserver # | |
dnsserver # | |
dnsserver # | |
dnsserver # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00 | |
dnsserver # Press Ctrl-B to configure iPXE (PCI 00:09.0)... | |
dnsserver # | |
dnsserver # | |
dnsserver # Booting from ROM... | |
webserver # | |
webserver # | |
webserver # iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+3EFD0CF0+3EF30CF0 CA00 | |
webserver # Press Ctrl-B to configure iPXE (PCI 00:03.0)... | |
webserver # | |
webserver # | |
webserver # | |
webserver # | |
webserver # iPXE (http://ipxe.org) 00:09.0 CB00 PCI2.10 PnP PMM 3EFD0CF0 3EF30CF0 CB00 | |
webserver # Press Ctrl-B to configure iPXE (PCI 00:09.0)... | |
webserver # | |
webserver # | |
webserver # Booting from ROM... | |
acme # Probing EDD (edd=off to disable)... oc[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023 | |
acme # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/fhivd03v034pfaga4clmirshyn56cijx-nixos-system-acme-23.05pre-git/init regInfo=/nix/store/nf4n2grg5di5ifsp24qi5w1mp1azjm7c-closure-info/registration console=ttyS0 | |
acme # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' | |
acme # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' | |
acme # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' | |
acme # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 | |
client # c[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023 | |
acme # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format. | |
client # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/w28qid4kn2h5f274cbxbjz183g9s3mk0-nixos-system-client-23.05pre-git/init regInfo=/nix/store/vdlvvnqbbk0b103w7xvn345kxbl0r5ay-closure-info/registration console=ttyS0 | |
client # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' | |
client # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' | |
acme # [ 0.000000] signal: max sigframe size: 1776 | |
client # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' | |
client # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 | |
acme # [ 0.000000] BIOS-provided physical RAM map: | |
client # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format. | |
client # [ 0.000000] signal: max sigframe size: 1776 | |
client # [ 0.000000] BIOS-provided physical RAM map: | |
client # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable | |
acme # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable | |
client # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
client # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
client # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable | |
client # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
acme # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
client # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
client # [ 0.000000] NX (Execute Disable) protection: active | |
acme # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
client # [ 0.000000] extended physical RAM map: | |
client # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable | |
client # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
client # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
acme # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable | |
client # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable | |
client # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable | |
client # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable | |
acme # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
client # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
client # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
acme # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.000000] SMBIOS 2.8 present. | |
client # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 | |
client # [ 0.000000] Hypervisor detected: KVM | |
client # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00 | |
client # [ 0.000000] kvm-clock: cpu 0, msr 1c201001, primary cpu clock | |
acme # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.000001] kvm-clock: using sched offset of 376033256 cycles | |
client # [ 0.000003] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns | |
client # [ 0.000008] tsc: Detected 2794.748 MHz processor | |
acme # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
client # [ 0.001329] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000 | |
client # [ 0.001438] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT | |
client # [ 0.004627] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf] | |
client # [ 0.004682] Using GB pages for direct mapping | |
acme # [ 0.000000] NX (Execute Disable) protection: active | |
client # [ 0.004992] RAMDISK: [mem 0x3f41e000-0x3ffcffff] | |
client # [ 0.005007] ACPI: Early table checksum verification disabled | |
acme # [ 0.000000] extended physical RAM map: | |
client # [ 0.005013] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS ) | |
client # [ 0.005021] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.005028] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable | |
client # [ 0.005035] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.005039] ACPI: FACS 0x000000003FFE0000 000040 | |
client # [ 0.005043] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.005047] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
client # [ 0.005051] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.005055] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed] | |
client # [ 0.005057] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979] | |
client # [ 0.005059] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f] | |
acme # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
client # [ 0.005061] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65] | |
client # [ 0.005062] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d] | |
client # [ 0.005064] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5] | |
client # [ 0.005319] No NUMA configuration found | |
client # [ 0.005321] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff] | |
acme # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable | |
client # [ 0.005329] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff] | |
client # [ 0.005359] Zone ranges: | |
client # [ 0.005360] DMA [mem 0x0000000000001000-0x0000000000ffffff] | |
client # [ 0.005363] DMA32 [mem 0x0000000001000000-0x000000003ffdafff] | |
acme # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable | |
dnsserver # Probing EDD (edd=off to disable)... ock[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023 | |
client # [ 0.005365] Normal empty | |
client # [ 0.005367] Device empty | |
acme # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable | |
client # [ 0.005369] Movable zone start for each node | |
client # [ 0.005370] Early memory node ranges | |
acme # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
client # [ 0.005371] node 0: [mem 0x0000000000001000-0x000000000009efff] | |
acme # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.005374] node 0: [mem 0x0000000000100000-0x000000003ffdafff] | |
acme # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.005376] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff] | |
acme # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
client # [ 0.005615] On node 0, zone DMA: 1 pages in unavailable ranges | |
acme # [ 0.000000] SMBIOS 2.8 present. | |
client # [ 0.005636] On node 0, zone DMA: 97 pages in unavailable ranges | |
acme # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 | |
client # [ 0.008297] On node 0, zone DMA32: 37 pages in unavailable ranges | |
acme # [ 0.000000] Hypervisor detected: KVM | |
client # [ 0.008762] ACPI: PM-Timer IO Port: 0x608 | |
acme # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00 | |
client # [ 0.008777] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) | |
acme # [ 0.000000] kvm-clock: cpu 0, msr 2aa01001, primary cpu clock | |
client # [ 0.008810] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23 | |
acme # [ 0.000001] kvm-clock: using sched offset of 387237478 cycles | |
client # [ 0.008814] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) | |
acme # [ 0.000004] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns | |
client # [ 0.008817] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) | |
acme # [ 0.000009] tsc: Detected 2794.748 MHz processor | |
dnsserver # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/ginlw6jq0nm2cxjpci6553sh5bahj2vx-nixos-system-dnsserver-23.05pre-git/init regInfo=/nix/store/q1n104ibfdxpvmssmjgmmg2pxy6hfp1q-closure-info/registration console=ttyS0 | |
client # [ 0.008819] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) | |
acme # [ 0.001297] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000 | |
client # [ 0.008821] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) | |
acme # [ 0.001425] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT | |
acme # [ 0.004729] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf] | |
acme # [ 0.004785] Using GB pages for direct mapping | |
acme # [ 0.005116] RAMDISK: [mem 0x3f41e000-0x3ffcffff] | |
dnsserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' | |
acme # [ 0.005135] ACPI: Early table checksum verification disabled | |
client # [ 0.008823] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) | |
client # [ 0.008827] ACPI: Using ACPI (MADT) for SMP configuration information | |
client # [ 0.008829] ACPI: HPET id: 0x8086a201 base: 0xfed00000 | |
client # [ 0.008835] TSC deadline timer available | |
client # [ 0.008840] smpboot: Allowing 1 CPUs, 0 hotplug CPUs | |
client # [ 0.008877] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff] | |
client # [ 0.008880] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff] | |
client # [ 0.008882] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff] | |
client # [ 0.008883] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff] | |
acme # [ 0.005143] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS ) | |
client # [ 0.008885] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
acme # [ 0.005150] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' | |
acme # [ 0.005160] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' | |
acme # [ 0.005167] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 | |
acme # [ 0.005174] ACPI: FACS 0x000000003FFE0000 000040 | |
dnsserver # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format. | |
acme # [ 0.005178] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.000000] signal: max sigframe size: 1776 | |
acme # [ 0.005184] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.000000] BIOS-provided physical RAM map: | |
client # [ 0.008887] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
acme # [ 0.005189] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.008889] [mem 0x40000000-0xfeffbfff] available for PCI devices | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable | |
client # [ 0.008891] Booting paravirtualized kernel on KVM | |
acme # [ 0.005192] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed] | |
acme # [ 0.005195] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979] | |
client # [ 0.008895] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns | |
acme # [ 0.005199] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f] | |
client # [ 0.013119] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1 | |
acme # [ 0.005201] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65] | |
client # [ 0.013465] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152 | |
acme # [ 0.005203] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d] | |
client # [ 0.013512] kvm-guest: setup async PF for cpu 0 | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
client # [ 0.013518] kvm-guest: stealtime: cpu 0, msr 3e232080 | |
acme # [ 0.005204] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5] | |
acme # [ 0.005524] No NUMA configuration found | |
client # [ 0.013522] kvm-guest: PV spinlocks disabled, single CPU | |
acme # [ 0.005527] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff] | |
client # [ 0.013530] Built 1 zonelists, mobility grouping on. Total pages: 257754 | |
client # [ 0.013532] Policy zone: DMA32 | |
acme # [ 0.005537] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff] | |
acme # [ 0.005572] Zone ranges: | |
acme # [ 0.005576] DMA [mem 0x0000000000001000-0x0000000000ffffff] | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
acme # [ 0.005579] DMA32 [mem 0x0000000001000000-0x000000003ffdafff] | |
acme # [ 0.005582] Normal empty | |
acme # [ 0.005583] Device empty | |
client # [ 0.013534] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/w28qid4kn2h5f274cbxbjz183g9s3mk0-nixos-system-client-23.05pre-git/init regInfo=/nix/store/vdlvvnqbbk0b103w7xvn345kxbl0r5ay-closure-info/registration console=ttyS0 | |
acme # [ 0.005585] Movable zone start for each node | |
acme # [ 0.005587] Early memory node ranges | |
client # [ 0.013584] clocksource: clock= boot option is deprecated - use clocksource=xyz | |
acme # [ 0.005588] node 0: [mem 0x0000000000001000-0x000000000009efff] | |
acme # [ 0.005592] node 0: [mem 0x0000000000100000-0x000000003ffdafff] | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable | |
client # [ 0.013645] Unknown kernel command line parameters "regInfo=/nix/store/vdlvvnqbbk0b103w7xvn345kxbl0r5ay-closure-info/registration", will be passed to user space. | |
acme # [ 0.005595] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff] | |
acme # [ 0.005823] On node 0, zone DMA: 1 pages in unavailable ranges | |
client # [ 0.013675] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) | |
acme # [ 0.005848] On node 0, zone DMA: 97 pages in unavailable ranges | |
client # [ 0.013692] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear) | |
acme # [ 0.008606] On node 0, zone DMA32: 37 pages in unavailable ranges | |
client # [ 0.013718] mem auto-init: stack:off, heap alloc:off, heap free:off | |
acme # [ 0.009085] ACPI: PM-Timer IO Port: 0x608 | |
acme # [ 0.009100] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
acme # [ 0.009134] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23 | |
client # [ 0.016044] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved) | |
acme # [ 0.009139] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) | |
client # [ 0.017020] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 | |
acme # [ 0.009141] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) | |
client # [ 0.017053] ftrace: allocating 35265 entries in 138 pages | |
client # [ 0.037113] ftrace: allocated 138 pages with 3 groups | |
acme # [ 0.009144] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) | |
client # [ 0.037517] rcu: Hierarchical RCU implementation. | |
acme # [ 0.009146] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) | |
client # [ 0.037520] rcu: RCU event tracing is enabled. | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
acme # [ 0.009148] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) | |
client # [ 0.037521] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1. | |
acme # [ 0.009152] ACPI: Using ACPI (MADT) for SMP configuration information | |
client # [ 0.037523] Trampoline variant of Tasks RCU enabled. | |
acme # [ 0.009154] ACPI: HPET id: 0x8086a201 base: 0xfed00000 | |
client # [ 0.037525] Rude variant of Tasks RCU enabled. | |
acme # [ 0.009160] TSC deadline timer available | |
client # [ 0.037526] Tracing variant of Tasks RCU enabled. | |
acme # [ 0.009165] smpboot: Allowing 1 CPUs, 0 hotplug CPUs | |
client # [ 0.037527] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
acme # [ 0.009201] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff] | |
client # [ 0.037529] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1 | |
acme # [ 0.009205] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff] | |
client # [ 0.042843] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16 | |
acme # [ 0.009207] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff] | |
client # [ 0.043311] rcu: Offload RCU callbacks from CPUs: (none). | |
client # [ 0.043347] random: crng init done | |
acme # [ 0.009208] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff] | |
client # [ 0.047109] Console: colour VGA+ 80x25 | |
client # [ 0.135228] printk: console [ttyS0] enabled | |
acme # [ 0.009211] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
client # [ 0.135734] ACPI: Core revision 20210730 | |
dnsserver # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
acme # [ 0.009213] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
acme # [ 0.009215] [mem 0x40000000-0xfeffbfff] available for PCI devices | |
client # [ 0.136319] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns | |
acme # [ 0.009217] Booting paravirtualized kernel on KVM | |
client # [ 0.137389] APIC: Switch to symmetric I/O mode setup | |
client # [ 0.138143] x2apic enabled | |
dnsserver # [ 0.000000] NX (Execute Disable) protection: active | |
acme # [ 0.009221] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns | |
client # [ 0.138656] Switched APIC routing to physical x2apic. | |
acme # [ 0.013414] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1 | |
dnsserver # [ 0.000000] extended physical RAM map: | |
acme # [ 0.013744] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152 | |
acme # [ 0.013793] kvm-guest: setup async PF for cpu 0 | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable | |
client # [ 0.140212] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 | |
acme # [ 0.013800] kvm-guest: stealtime: cpu 0, msr 3e232080 | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
acme # [ 0.013805] kvm-guest: PV spinlocks disabled, single CPU | |
client # [ 0.140883] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
acme # [ 0.013815] Built 1 zonelists, mobility grouping on. Total pages: 257754 | |
acme # [ 0.013818] Policy zone: DMA32 | |
client # [ 0.142018] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748) | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable | |
client # [ 0.143016] pid_max: default: 32768 minimum: 301 | |
client # [ 0.144048] LSM: Security Framework initializing | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable | |
client # [ 0.144541] landlock: Up and running. | |
client # [ 0.144918] Yama: becoming mindful. | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable | |
client # [ 0.145026] SELinux: Initializing. | |
acme # [ 0.013820] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/fhivd03v034pfaga4clmirshyn56cijx-nixos-system-acme-23.05pre-git/init regInfo=/nix/store/nf4n2grg5di5ifsp24qi5w1mp1azjm7c-closure-info/registration console=ttyS0 | |
client # [ 0.145397] LSM support for eBPF active | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
acme # [ 0.013868] clocksource: clock= boot option is deprecated - use clocksource=xyz | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.146252] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.147017] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
acme # [ 0.013912] Unknown kernel command line parameters "regInfo=/nix/store/nf4n2grg5di5ifsp24qi5w1mp1azjm7c-closure-info/registration", will be passed to user space. | |
dnsserver # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
acme # [ 0.013944] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) | |
dnsserver # [ 0.000000] SMBIOS 2.8 present. | |
client # [ 0.148363] x86/cpu: User Mode Instruction Prevention (UMIP) activated | |
acme # [ 0.013962] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear) | |
client # [ 0.149102] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127 | |
dnsserver # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 | |
client # [ 0.149708] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0 | |
acme # [ 0.013992] mem auto-init: stack:off, heap alloc:off, heap free:off | |
dnsserver # [ 0.000000] Hypervisor detected: KVM | |
dnsserver # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00 | |
client # [ 0.150022] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization | |
client # [ 0.151016] Spectre V2 : Mitigation: Retpolines | |
acme # [ 0.016344] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved) | |
dnsserver # [ 0.000000] kvm-clock: cpu 0, msr 23201001, primary cpu clock | |
dnsserver # [ 0.000001] kvm-clock: using sched offset of 366134552 cycles | |
acme # [ 0.017141] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 | |
client # [ 0.151459] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch | |
acme # [ 0.017176] ftrace: allocating 35265 entries in 138 pages | |
client # [ 0.152015] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT | |
dnsserver # [ 0.000004] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns | |
acme # [ 0.037549] ftrace: allocated 138 pages with 3 groups | |
dnsserver # [ 0.000008] tsc: Detected 2794.748 MHz processor | |
client # [ 0.153015] Spectre V2 : Enabling Speculation Barrier for firmware calls | |
acme # [ 0.037957] rcu: Hierarchical RCU implementation. | |
acme # [ 0.037960] rcu: RCU event tracing is enabled. | |
dnsserver # [ 0.001173] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000 | |
client # [ 0.154015] RETBleed: Mitigation: untrained return thunk | |
acme # [ 0.037961] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1. | |
dnsserver # [ 0.001272] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT | |
client # [ 0.154557] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier | |
acme # [ 0.037963] Trampoline variant of Tasks RCU enabled. | |
dnsserver # [ 0.004467] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf] | |
acme # [ 0.037964] Rude variant of Tasks RCU enabled. | |
dnsserver # [ 0.004526] Using GB pages for direct mapping | |
client # [ 0.155017] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp | |
acme # [ 0.037966] Tracing variant of Tasks RCU enabled. | |
dnsserver # [ 0.004751] RAMDISK: [mem 0x3f41e000-0x3ffcffff] | |
acme # [ 0.037967] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. | |
dnsserver # [ 0.004765] ACPI: Early table checksum verification disabled | |
dnsserver # [ 0.004780] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS ) | |
acme # [ 0.037969] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1 | |
acme # [ 0.043736] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16 | |
dnsserver # [ 0.004788] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.044199] rcu: Offload RCU callbacks from CPUs: (none). | |
acme # [ 0.044243] random: crng init done | |
dnsserver # [ 0.004795] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.048196] Console: colour VGA+ 80x25 | |
acme # [ 0.186198] printk: console [ttyS0] enabled | |
acme # [ 0.186681] ACPI: Core revision 20210730 | |
dnsserver # [ 0.004801] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.004805] ACPI: FACS 0x000000003FFE0000 000040 | |
acme # [ 0.187245] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns | |
dnsserver # [ 0.004808] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.188302] APIC: Switch to symmetric I/O mode setup | |
acme # [ 0.189025] x2apic enabled | |
dnsserver # [ 0.004811] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.004815] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.189567] Switched APIC routing to physical x2apic. | |
dnsserver # [ 0.004818] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed] | |
dnsserver # [ 0.004820] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979] | |
webserver # Probing EDD (edd=off to disable)... oc[ 0.000000] Linux version 5.15.89 (nixbld@localhost) (gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.39) #1-NixOS SMP Wed Jan 18 10:48:59 UTC 2023 | |
acme # [ 0.191587] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 | |
dnsserver # [ 0.004821] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f] | |
acme # [ 0.192203] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
dnsserver # [ 0.004823] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65] | |
acme # [ 0.193404] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748) | |
dnsserver # [ 0.004824] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d] | |
webserver # [ 0.000000] Command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/dpicg1vsplswvqx8bwlbjgxihydzc51q-nixos-system-webserver-23.05pre-git/init regInfo=/nix/store/8rr5j0fjq4yv8lhnpr0b3jz0z3lqk7z5-closure-info/registration console=ttyS0 | |
acme # [ 0.194401] pid_max: default: 32768 minimum: 301 | |
dnsserver # [ 0.004826] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5] | |
acme # [ 0.194922] LSM: Security Framework initializing | |
client # [ 0.168696] Freeing SMP alternatives memory: 32K | |
webserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' | |
dnsserver # [ 0.005076] No NUMA configuration found | |
acme # [ 0.195426] landlock: Up and running. | |
acme # [ 0.195800] Yama: becoming mindful. | |
webserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' | |
dnsserver # [ 0.005079] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff] | |
acme # [ 0.196153] SELinux: Initializing. | |
client # [ 0.169155] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0) | |
acme # [ 0.196421] LSM support for eBPF active | |
webserver # [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' | |
dnsserver # [ 0.005087] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff] | |
dnsserver # [ 0.005115] Zone ranges: | |
client # [ 0.170139] Performance Events: Fam17h+ core perfctr, AMD PMU driver. | |
webserver # [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 | |
client # [ 0.170808] ... version: 0 | |
dnsserver # [ 0.005116] DMA [mem 0x0000000000001000-0x0000000000ffffff] | |
acme # [ 0.197061] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
client # [ 0.171017] ... bit width: 48 | |
client # [ 0.171418] ... generic registers: 6 | |
webserver # [ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format. | |
acme # [ 0.197403] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.005119] DMA32 [mem 0x0000000001000000-0x000000003ffdafff] | |
dnsserver # [ 0.005121] Normal empty | |
webserver # [ 0.000000] signal: max sigframe size: 1776 | |
client # [ 0.171820] ... value mask: 0000ffffffffffff | |
dnsserver # [ 0.005123] Device empty | |
webserver # [ 0.000000] BIOS-provided physical RAM map: | |
dnsserver # [ 0.005124] Movable zone start for each node | |
client # [ 0.172017] ... max period: 00007fffffffffff | |
acme # [ 0.198809] x86/cpu: User Mode Instruction Prevention (UMIP) activated | |
dnsserver # [ 0.005126] Early memory node ranges | |
client # [ 0.172564] ... fixed-purpose events: 0 | |
webserver # [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable | |
client # [ 0.172973] ... event mask: 000000000000003f | |
acme # [ 0.199488] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127 | |
dnsserver # [ 0.005127] node 0: [mem 0x0000000000001000-0x000000000009efff] | |
webserver # [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
acme # [ 0.200401] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0 | |
client # [ 0.173115] rcu: Hierarchical SRCU implementation. | |
dnsserver # [ 0.005129] node 0: [mem 0x0000000000100000-0x000000003ffdafff] | |
acme # [ 0.201036] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization | |
dnsserver # [ 0.005131] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff] | |
client # [ 0.174069] smp: Bringing up secondary CPUs ... | |
webserver # [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
client # [ 0.174549] smp: Brought up 1 node, 1 CPU | |
acme # [ 0.201404] Spectre V2 : Mitigation: Retpolines | |
dnsserver # [ 0.005404] On node 0, zone DMA: 1 pages in unavailable ranges | |
client # [ 0.174974] smpboot: Max logical packages: 1 | |
webserver # [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000003ffdafff] usable | |
dnsserver # [ 0.005426] On node 0, zone DMA: 97 pages in unavailable ranges | |
acme # [ 0.202401] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch | |
client # [ 0.175019] smpboot: Total of 1 processors activated (5589.49 BogoMIPS) | |
dnsserver # [ 0.008086] On node 0, zone DMA32: 37 pages in unavailable ranges | |
acme # [ 0.203401] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT | |
dnsserver # [ 0.008556] ACPI: PM-Timer IO Port: 0x608 | |
client # [ 0.176078] devtmpfs: initialized | |
acme # [ 0.204081] Spectre V2 : Enabling Speculation Barrier for firmware calls | |
client # [ 0.176509] x86/mm: Memory block size: 128MB | |
webserver # [ 0.000000] BIOS-e820: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
dnsserver # [ 0.008569] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) | |
acme # [ 0.204401] RETBleed: Mitigation: untrained return thunk | |
dnsserver # [ 0.008602] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23 | |
client # [ 0.177238] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns | |
acme # [ 0.205407] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier | |
dnsserver # [ 0.008607] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) | |
webserver # [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.178020] futex hash table entries: 256 (order: 2, 16384 bytes, linear) | |
acme # [ 0.206403] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp | |
dnsserver # [ 0.008609] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) | |
client # [ 0.178765] pinctrl core: initialized pinctrl subsystem | |
dnsserver # [ 0.008612] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) | |
client # [ 0.179396] NET: Registered PF_NETLINK/PF_ROUTE protocol family | |
dnsserver # [ 0.008614] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) | |
webserver # [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.180119] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations | |
dnsserver # [ 0.008616] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) | |
dnsserver # [ 0.008620] ACPI: Using ACPI (MADT) for SMP configuration information | |
client # [ 0.180881] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations | |
dnsserver # [ 0.008622] ACPI: HPET id: 0x8086a201 base: 0xfed00000 | |
client # [ 0.181025] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations | |
dnsserver # [ 0.008628] TSC deadline timer available | |
webserver # [ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
client # [ 0.181884] audit: initializing netlink subsys (disabled) | |
dnsserver # [ 0.008633] smpboot: Allowing 1 CPUs, 0 hotplug CPUs | |
webserver # [ 0.000000] NX (Execute Disable) protection: active | |
client # [ 0.182151] thermal_sys: Registered thermal governor 'bang_bang' | |
webserver # [ 0.000000] extended physical RAM map: | |
dnsserver # [ 0.008668] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff] | |
client # [ 0.182153] thermal_sys: Registered thermal governor 'step_wise' | |
webserver # [ 0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009fbff] usable | |
dnsserver # [ 0.008671] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff] | |
client # [ 0.182802] thermal_sys: Registered thermal governor 'user_space' | |
client # [ 0.183022] cpuidle: using governor menu | |
webserver # [ 0.000000] reserve setup_data: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
dnsserver # [ 0.008672] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff] | |
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
dnsserver # [ 0.008674] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff] | |
client # [ 0.184442] audit: type=2000 audit(1674330711.577:1): state=initialized audit_enabled=0 res=1 | |
client # [ 0.185101] ACPI: bus type PCI registered | |
dnsserver # [ 0.008676] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
webserver # [ 0.000000] reserve setup_data: [mem 0x0000000000100000-0x00000000008c131f] usable | |
client # [ 0.185515] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 | |
dnsserver # [ 0.008678] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1320-0x00000000008c134f] usable | |
client # [ 0.186114] PCI: Using configuration type 1 for base access | |
dnsserver # [ 0.008680] [mem 0x40000000-0xfeffbfff] available for PCI devices | |
client # [ 0.186676] PCI: Using configuration type 1 for extended access | |
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000008c1350-0x000000003ffdafff] usable | |
dnsserver # [ 0.008681] Booting paravirtualized kernel on KVM | |
webserver # [ 0.000000] reserve setup_data: [mem 0x000000003ffdb000-0x000000003fffffff] reserved | |
client # [ 0.187862] Kprobes globally optimized | |
dnsserver # [ 0.008685] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns | |
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000feffc000-0x00000000feffffff] reserved | |
client # [ 0.188113] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages | |
dnsserver # [ 0.013015] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1 | |
webserver # [ 0.000000] reserve setup_data: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved | |
client # [ 0.188801] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages | |
dnsserver # [ 0.013309] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152 | |
acme # [ 0.220624] Freeing SMP alternatives memory: 32K | |
client # [ 0.189409] ACPI: Added _OSI(Module Device) | |
webserver # [ 0.000000] reserve setup_data: [mem 0x000000fd00000000-0x000000ffffffffff] reserved | |
dnsserver # [ 0.013354] kvm-guest: setup async PF for cpu 0 | |
webserver # [ 0.000000] SMBIOS 2.8 present. | |
client # [ 0.189832] ACPI: Added _OSI(Processor Device) | |
dnsserver # [ 0.013360] kvm-guest: stealtime: cpu 0, msr 3e232080 | |
acme # [ 0.221288] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0) | |
client # [ 0.190025] ACPI: Added _OSI(3.0 _SCP Extensions) | |
dnsserver # [ 0.013365] kvm-guest: PV spinlocks disabled, single CPU | |
client # [ 0.190499] ACPI: Added _OSI(Processor Aggregator Device) | |
webserver # [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 | |
acme # [ 0.221571] Performance Events: Fam17h+ core perfctr, AMD PMU driver. | |
dnsserver # [ 0.013374] Built 1 zonelists, mobility grouping on. Total pages: 257754 | |
webserver # [ 0.000000] Hypervisor detected: KVM | |
client # [ 0.191018] ACPI: Added _OSI(Linux-Dell-Video) | |
acme # [ 0.222247] ... version: 0 | |
dnsserver # [ 0.013376] Policy zone: DMA32 | |
client # [ 0.191470] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio) | |
acme # [ 0.222405] ... bit width: 48 | |
webserver # [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00 | |
acme # [ 0.222827] ... generic registers: 6 | |
client # [ 0.191978] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics) | |
webserver # [ 0.000000] kvm-clock: cpu 0, msr 25e01001, primary cpu clock | |
acme # [ 0.223245] ... value mask: 0000ffffffffffff | |
webserver # [ 0.000001] kvm-clock: using sched offset of 385992062 cycles | |
acme # [ 0.223404] ... max period: 00007fffffffffff | |
client # [ 0.192698] ACPI: 1 ACPI AML tables successfully acquired and loaded | |
acme # [ 0.223931] ... fixed-purpose events: 0 | |
acme # [ 0.224322] ... event mask: 000000000000003f | |
webserver # [ 0.000004] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns | |
dnsserver # [ 0.013378] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/ginlw6jq0nm2cxjpci6553sh5bahj2vx-nixos-system-dnsserver-23.05pre-git/init regInfo=/nix/store/q1n104ibfdxpvmssmjgmmg2pxy6hfp1q-closure-info/registration console=ttyS0 | |
webserver # [ 0.000009] tsc: Detected 2794.748 MHz processor | |
acme # [ 0.224559] rcu: Hierarchical SRCU implementation. | |
dnsserver # [ 0.013430] clocksource: clock= boot option is deprecated - use clocksource=xyz | |
webserver # [ 0.001259] last_pfn = 0x3ffdb max_arch_pfn = 0x400000000 | |
client # [ 0.194257] ACPI: Interpreter enabled | |
acme # [ 0.225443] smp: Bringing up secondary CPUs ... | |
client # [ 0.194701] ACPI: PM: (supports S0 S3 S4 S5) | |
acme # [ 0.225897] smp: Brought up 1 node, 1 CPU | |
webserver # [ 0.001351] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT | |
client # [ 0.195026] ACPI: Using IOAPIC for interrupt routing | |
acme # [ 0.226308] smpboot: Max logical packages: 1 | |
dnsserver # [ 0.013479] Unknown kernel command line parameters "regInfo=/nix/store/q1n104ibfdxpvmssmjgmmg2pxy6hfp1q-closure-info/registration", will be passed to user space. | |
webserver # [ 0.004543] found SMP MP-table at [mem 0x000f5bb0-0x000f5bbf] | |
acme # [ 0.226405] smpboot: Total of 1 processors activated (5589.49 BogoMIPS) | |
webserver # [ 0.004599] Using GB pages for direct mapping | |
client # [ 0.195569] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug | |
dnsserver # [ 0.013507] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) | |
webserver # [ 0.004800] RAMDISK: [mem 0x3f41e000-0x3ffcffff] | |
acme # [ 0.227432] devtmpfs: initialized | |
client # [ 0.196122] ACPI: Enabled 2 GPEs in block 00 to 0F | |
dnsserver # [ 0.013521] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear) | |
acme # [ 0.227823] x86/mm: Memory block size: 128MB | |
webserver # [ 0.004816] ACPI: Early table checksum verification disabled | |
dnsserver # [ 0.013548] mem auto-init: stack:off, heap alloc:off, heap free:off | |
webserver # [ 0.004823] ACPI: RSDP 0x00000000000F59D0 000014 (v00 BOCHS ) | |
acme # [ 0.228558] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns | |
webserver # [ 0.004831] ACPI: RSDT 0x000000003FFE1AC6 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
acme # [ 0.229405] futex hash table entries: 256 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.015807] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved) | |
client # [ 0.198786] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) | |
acme # [ 0.230167] pinctrl core: initialized pinctrl subsystem | |
webserver # [ 0.004838] ACPI: FACP 0x000000003FFE197A 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.016611] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 | |
client # [ 0.199027] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] | |
dnsserver # [ 0.016644] ftrace: allocating 35265 entries in 138 pages | |
acme # [ 0.230779] NET: Registered PF_NETLINK/PF_ROUTE protocol family | |
webserver # [ 0.004845] ACPI: DSDT 0x000000003FFE0040 00193A (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.200108] acpiphp: Slot [3] registered | |
dnsserver # [ 0.035546] ftrace: allocated 138 pages with 3 groups | |
webserver # [ 0.004849] ACPI: FACS 0x000000003FFE0000 000040 | |
client # [ 0.200549] acpiphp: Slot [4] registered | |
dnsserver # [ 0.035927] rcu: Hierarchical RCU implementation. | |
acme # [ 0.231775] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations | |
client # [ 0.200987] acpiphp: Slot [5] registered | |
dnsserver # [ 0.035929] rcu: RCU event tracing is enabled. | |
webserver # [ 0.004853] ACPI: APIC 0x000000003FFE19EE 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.201039] acpiphp: Slot [6] registered | |
acme # [ 0.232416] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations | |
client # [ 0.201457] acpiphp: Slot [7] registered | |
dnsserver # [ 0.035930] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1. | |
webserver # [ 0.004857] ACPI: HPET 0x000000003FFE1A66 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
client # [ 0.201896] acpiphp: Slot [8] registered | |
dnsserver # [ 0.035932] Trampoline variant of Tasks RCU enabled. | |
acme # [ 0.233205] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations | |
client # [ 0.202041] acpiphp: Slot [9] registered | |
dnsserver # [ 0.035933] Rude variant of Tasks RCU enabled. | |
acme # [ 0.233416] audit: initializing netlink subsys (disabled) | |
client # [ 0.202464] acpiphp: Slot [10] registered | |
webserver # [ 0.004861] ACPI: WAET 0x000000003FFE1A9E 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001) | |
dnsserver # [ 0.035934] Tracing variant of Tasks RCU enabled. | |
client # [ 0.202899] acpiphp: Slot [11] registered | |
webserver # [ 0.004865] ACPI: Reserving FACP table memory at [mem 0x3ffe197a-0x3ffe19ed] | |
acme # [ 0.234137] thermal_sys: Registered thermal governor 'bang_bang' | |
client # [ 0.203038] acpiphp: Slot [12] registered | |
dnsserver # [ 0.035936] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. | |
client # [ 0.203495] acpiphp: Slot [13] registered | |
acme # [ 0.234139] thermal_sys: Registered thermal governor 'step_wise' | |
webserver # [ 0.004868] ACPI: Reserving DSDT table memory at [mem 0x3ffe0040-0x3ffe1979] | |
dnsserver # [ 0.035937] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1 | |
client # [ 0.203965] acpiphp: Slot [14] registered | |
acme # [ 0.234404] thermal_sys: Registered thermal governor 'user_space' | |
webserver # [ 0.004870] ACPI: Reserving FACS table memory at [mem 0x3ffe0000-0x3ffe003f] | |
client # [ 0.204040] acpiphp: Slot [15] registered | |
dnsserver # [ 0.040990] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16 | |
acme # [ 0.235043] cpuidle: using governor menu | |
client # [ 0.204496] acpiphp: Slot [16] registered | |
dnsserver # [ 0.041466] rcu: Offload RCU callbacks from CPUs: (none). | |
webserver # [ 0.004871] ACPI: Reserving APIC table memory at [mem 0x3ffe19ee-0x3ffe1a65] | |
client # [ 0.204964] acpiphp: Slot [17] registered | |
dnsserver # [ 0.041502] random: crng init done | |
client # [ 0.205043] acpiphp: Slot [18] registered | |
acme # [ 0.236233] audit: type=2000 audit(1674330711.552:1): state=initialized audit_enabled=0 res=1 | |
dnsserver # [ 0.045357] Console: colour VGA+ 80x25 | |
webserver # [ 0.004873] ACPI: Reserving HPET table memory at [mem 0x3ffe1a66-0x3ffe1a9d] | |
client # [ 0.205510] acpiphp: Slot [19] registered | |
dnsserver # [ 0.170903] printk: console [ttyS0] enabled | |
acme # [ 0.236513] ACPI: bus type PCI registered | |
webserver # [ 0.004875] ACPI: Reserving WAET table memory at [mem 0x3ffe1a9e-0x3ffe1ac5] | |
client # [ 0.205968] acpiphp: Slot [20] registered | |
dnsserver # [ 0.171403] ACPI: Core revision 20210730 | |
webserver # [ 0.005113] No NUMA configuration found | |
acme # [ 0.236945] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 | |
client # [ 0.206040] acpiphp: Slot [21] registered | |
client # [ 0.206496] acpiphp: Slot [22] registered | |
acme # [ 0.237520] PCI: Using configuration type 1 for base access | |
webserver # [ 0.005116] Faking a node at [mem 0x0000000000000000-0x000000003ffdafff] | |
dnsserver # [ 0.171987] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns | |
client # [ 0.206926] acpiphp: Slot [23] registered | |
acme # [ 0.238071] PCI: Using configuration type 1 for extended access | |
client # [ 0.207039] acpiphp: Slot [24] registered | |
webserver # [ 0.005124] NODE_DATA(0) allocated [mem 0x3ffd6000-0x3ffdafff] | |
dnsserver # [ 0.173080] APIC: Switch to symmetric I/O mode setup | |
webserver # [ 0.005154] Zone ranges: | |
client # [ 0.207484] acpiphp: Slot [25] registered | |
dnsserver # [ 0.173843] x2apic enabled | |
client # [ 0.207939] acpiphp: Slot [26] registered | |
webserver # [ 0.005156] DMA [mem 0x0000000000001000-0x0000000000ffffff] | |
acme # [ 0.239366] Kprobes globally optimized | |
client # [ 0.208036] acpiphp: Slot [27] registered | |
dnsserver # [ 0.174376] Switched APIC routing to physical x2apic. | |
webserver # [ 0.005158] DMA32 [mem 0x0000000001000000-0x000000003ffdafff] | |
client # [ 0.208476] acpiphp: Slot [28] registered | |
webserver # [ 0.005161] Normal empty | |
acme # [ 0.239522] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages | |
webserver # [ 0.005163] Device empty | |
client # [ 0.209022] acpiphp: Slot [29] registered | |
webserver # [ 0.005164] Movable zone start for each node | |
acme # [ 0.240204] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages | |
client # [ 0.209481] acpiphp: Slot [30] registered | |
dnsserver # [ 0.175950] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 | |
webserver # [ 0.005166] Early memory node ranges | |
client # [ 0.209911] acpiphp: Slot [31] registered | |
acme # [ 0.240819] ACPI: Added _OSI(Module Device) | |
client # [ 0.210030] PCI host bridge to bus 0000:00 | |
webserver # [ 0.005167] node 0: [mem 0x0000000000001000-0x000000000009efff] | |
acme # [ 0.241253] ACPI: Added _OSI(Processor Device) | |
dnsserver # [ 0.176628] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
client # [ 0.210461] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] | |
acme # [ 0.241415] ACPI: Added _OSI(3.0 _SCP Extensions) | |
webserver # [ 0.005169] node 0: [mem 0x0000000000100000-0x000000003ffdafff] | |
acme # [ 0.241885] ACPI: Added _OSI(Processor Aggregator Device) | |
dnsserver # [ 0.177774] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748) | |
client # [ 0.211019] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] | |
webserver # [ 0.005171] Initmem setup node 0 [mem 0x0000000000001000-0x000000003ffdafff] | |
acme # [ 0.242403] ACPI: Added _OSI(Linux-Dell-Video) | |
dnsserver # [ 0.178761] pid_max: default: 32768 minimum: 301 | |
webserver # [ 0.005393] On node 0, zone DMA: 1 pages in unavailable ranges | |
client # [ 0.211715] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] | |
acme # [ 0.242839] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio) | |
dnsserver # [ 0.179793] LSM: Security Framework initializing | |
acme # [ 0.243352] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics) | |
webserver # [ 0.005417] On node 0, zone DMA: 97 pages in unavailable ranges | |
dnsserver # [ 0.180303] landlock: Up and running. | |
client # [ 0.212018] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window] | |
dnsserver # [ 0.180761] Yama: becoming mindful. | |
webserver # [ 0.008120] On node 0, zone DMA32: 37 pages in unavailable ranges | |
dnsserver # [ 0.181148] SELinux: Initializing. | |
client # [ 0.212839] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window] | |
webserver # [ 0.008589] ACPI: PM-Timer IO Port: 0x608 | |
dnsserver # [ 0.181571] LSM support for eBPF active | |
acme # [ 0.244139] ACPI: 1 ACPI AML tables successfully acquired and loaded | |
client # [ 0.213019] pci_bus 0000:00: root bus resource [bus 00-ff] | |
webserver # [ 0.008604] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) | |
dnsserver # [ 0.182004] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
webserver # [ 0.008636] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23 | |
client # [ 0.213857] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 | |
webserver # [ 0.008641] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) | |
acme # [ 0.245663] ACPI: Interpreter enabled | |
dnsserver # [ 0.182763] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
acme # [ 0.246076] ACPI: PM: (supports S0 S3 S4 S5) | |
webserver # [ 0.008643] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) | |
client # [ 0.214848] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 | |
acme # [ 0.246413] ACPI: Using IOAPIC for interrupt routing | |
dnsserver # [ 0.184159] x86/cpu: User Mode Instruction Prevention (UMIP) activated | |
webserver # [ 0.008645] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) | |
webserver # [ 0.008647] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) | |
dnsserver # [ 0.184846] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127 | |
acme # [ 0.246954] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug | |
client # [ 0.215874] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180 | |
acme # [ 0.247515] ACPI: Enabled 2 GPEs in block 00 to 0F | |
webserver # [ 0.008649] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) | |
dnsserver # [ 0.185761] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0 | |
webserver # [ 0.008653] ACPI: Using ACPI (MADT) for SMP configuration information | |
dnsserver # [ 0.186767] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization | |
webserver # [ 0.008655] ACPI: HPET id: 0x8086a201 base: 0xfed00000 | |
webserver # [ 0.008662] TSC deadline timer available | |
dnsserver # [ 0.187762] Spectre V2 : Mitigation: Retpolines | |
webserver # [ 0.008667] smpboot: Allowing 1 CPUs, 0 hotplug CPUs | |
dnsserver # [ 0.188274] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch | |
webserver # [ 0.008702] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff] | |
acme # [ 0.250289] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) | |
dnsserver # [ 0.188761] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT | |
webserver # [ 0.008706] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff] | |
acme # [ 0.250417] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] | |
dnsserver # [ 0.189761] Spectre V2 : Enabling Speculation Barrier for firmware calls | |
webserver # [ 0.008708] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff] | |
client # [ 0.219426] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef] | |
acme # [ 0.251508] acpiphp: Slot [3] registered | |
dnsserver # [ 0.190761] RETBleed: Mitigation: untrained return thunk | |
acme # [ 0.251960] acpiphp: Slot [4] registered | |
webserver # [ 0.008710] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff] | |
acme # [ 0.252429] acpiphp: Slot [5] registered | |
dnsserver # [ 0.191304] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier | |
acme # [ 0.252881] acpiphp: Slot [6] registered | |
webserver # [ 0.008712] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
acme # [ 0.253345] acpiphp: Slot [7] registered | |
dnsserver # [ 0.191762] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp | |
acme # [ 0.253429] acpiphp: Slot [8] registered | |
webserver # [ 0.008714] PM: hibernation: Registered nosave memory: [mem 0x008c1000-0x008c1fff] | |
client # [ 0.221496] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] | |
acme # [ 0.253886] acpiphp: Slot [9] registered | |
webserver # [ 0.008716] [mem 0x40000000-0xfeffbfff] available for PCI devices | |
client # [ 0.222018] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] | |
acme # [ 0.254347] acpiphp: Slot [10] registered | |
webserver # [ 0.008718] Booting paravirtualized kernel on KVM | |
acme # [ 0.254433] acpiphp: Slot [11] registered | |
client # [ 0.222730] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] | |
acme # [ 0.254909] acpiphp: Slot [12] registered | |
webserver # [ 0.008722] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns | |
client # [ 0.223018] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] | |
acme # [ 0.255364] acpiphp: Slot [13] registered | |
acme # [ 0.255436] acpiphp: Slot [14] registered | |
webserver # [ 0.012907] setup_percpu: NR_CPUS:384 nr_cpumask_bits:384 nr_cpu_ids:1 nr_node_ids:1 | |
acme # [ 0.255887] acpiphp: Slot [15] registered | |
client # [ 0.223983] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300 | |
acme # [ 0.256358] acpiphp: Slot [16] registered | |
webserver # [ 0.013205] percpu: Embedded 60 pages/cpu s208896 r8192 d28672 u2097152 | |
acme # [ 0.256429] acpiphp: Slot [17] registered | |
webserver # [ 0.013251] kvm-guest: setup async PF for cpu 0 | |
acme # [ 0.256940] acpiphp: Slot [18] registered | |
webserver # [ 0.013256] kvm-guest: stealtime: cpu 0, msr 3e232080 | |
acme # [ 0.257428] acpiphp: Slot [19] registered | |
webserver # [ 0.013261] kvm-guest: PV spinlocks disabled, single CPU | |
acme # [ 0.257928] acpiphp: Slot [20] registered | |
acme # [ 0.258392] acpiphp: Slot [21] registered | |
webserver # [ 0.013269] Built 1 zonelists, mobility grouping on. Total pages: 257754 | |
webserver # [ 0.013272] Policy zone: DMA32 | |
acme # [ 0.258430] acpiphp: Slot [22] registered | |
acme # [ 0.258896] acpiphp: Slot [23] registered | |
client # [ 0.227313] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f] | |
acme # [ 0.259389] acpiphp: Slot [24] registered | |
acme # [ 0.259430] acpiphp: Slot [25] registered | |
acme # [ 0.260430] acpiphp: Slot [26] registered | |
webserver # [ 0.013274] Kernel command line: console=ttyS0 panic=1 boot.panic_on_fail clock=acpi_pm loglevel=7 net.ifnames=0 init=/nix/store/dpicg1vsplswvqx8bwlbjgxihydzc51q-nixos-system-webserver-23.05pre-git/init regInfo=/nix/store/8rr5j0fjq4yv8lhnpr0b3jz0z3lqk7z5-closure-info/registration console=ttyS0 | |
acme # [ 0.260906] acpiphp: Slot [27] registered | |
webserver # [ 0.013322] clocksource: clock= boot option is deprecated - use clocksource=xyz | |
acme # [ 0.261363] acpiphp: Slot [28] registered | |
client # [ 0.229289] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000 | |
acme # [ 0.261659] acpiphp: Slot [29] registered | |
acme # [ 0.262139] acpiphp: Slot [30] registered | |
client # [ 0.230317] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI | |
acme # [ 0.262429] acpiphp: Slot [31] registered | |
webserver # [ 0.013373] Unknown kernel command line parameters "regInfo=/nix/store/8rr5j0fjq4yv8lhnpr0b3jz0z3lqk7z5-closure-info/registration", will be passed to user space. | |
client # [ 0.231026] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB | |
acme # [ 0.262852] PCI host bridge to bus 0000:00 | |
webserver # [ 0.013402] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) | |
dnsserver # [ 0.206019] Freeing SMP alternatives memory: 32K | |
acme # [ 0.263277] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] | |
client # [ 0.232079] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000 | |
webserver # [ 0.013427] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear) | |
acme # [ 0.263406] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] | |
webserver # [ 0.013456] mem auto-init: stack:off, heap alloc:off, heap free:off | |
dnsserver # [ 0.206694] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0) | |
acme # [ 0.264121] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] | |
dnsserver # [ 0.206923] Performance Events: Fam17h+ core perfctr, AMD PMU driver. | |
acme # [ 0.264406] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window] | |
webserver # [ 0.015666] Memory: 982052K/1048036K available (12295K kernel code, 2281K rwdata, 7316K rodata, 1920K init, 4480K bss, 65724K reserved, 0K cma-reserved) | |
dnsserver # [ 0.207687] ... version: 0 | |
dnsserver # [ 0.207763] ... bit width: 48 | |
acme # [ 0.265219] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window] | |
webserver # [ 0.016461] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 | |
dnsserver # [ 0.208232] ... generic registers: 6 | |
acme # [ 0.265406] pci_bus 0000:00: root bus resource [bus 00-ff] | |
webserver # [ 0.016496] ftrace: allocating 35265 entries in 138 pages | |
dnsserver # [ 0.208665] ... value mask: 0000ffffffffffff | |
client # [ 0.233950] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref] | |
webserver # [ 0.035732] ftrace: allocated 138 pages with 3 groups | |
dnsserver # [ 0.208763] ... max period: 00007fffffffffff | |
acme # [ 0.266208] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 | |
webserver # [ 0.036101] rcu: Hierarchical RCU implementation. | |
dnsserver # [ 0.209330] ... fixed-purpose events: 0 | |
webserver # [ 0.036103] rcu: RCU event tracing is enabled. | |
dnsserver # [ 0.209763] ... event mask: 000000000000003f | |
webserver # [ 0.036105] rcu: RCU restricting CPUs from NR_CPUS=384 to nr_cpu_ids=1. | |
acme # [ 0.267270] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 | |
dnsserver # [ 0.210457] rcu: Hierarchical SRCU implementation. | |
webserver # [ 0.036107] Trampoline variant of Tasks RCU enabled. | |
webserver # [ 0.036108] Rude variant of Tasks RCU enabled. | |
dnsserver # [ 0.211157] smp: Bringing up secondary CPUs ... | |
client # [ 0.236021] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff] | |
webserver # [ 0.036109] Tracing variant of Tasks RCU enabled. | |
dnsserver # [ 0.211693] smp: Brought up 1 node, 1 CPU | |
acme # [ 0.268279] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180 | |
dnsserver # [ 0.211767] smpboot: Max logical packages: 1 | |
webserver # [ 0.036110] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. | |
dnsserver # [ 0.212252] smpboot: Total of 1 processors activated (5589.49 BogoMIPS) | |
webserver # [ 0.036112] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1 | |
webserver # [ 0.041390] NR_IRQS: 24832, nr_irqs: 256, preallocated irqs: 16 | |
dnsserver # [ 0.213137] devtmpfs: initialized | |
webserver # [ 0.041874] rcu: Offload RCU callbacks from CPUs: (none). | |
dnsserver # [ 0.213580] x86/mm: Memory block size: 128MB | |
webserver # [ 0.041911] random: crng init done | |
webserver # [ 0.045820] Console: colour VGA+ 80x25 | |
webserver # [ 0.142401] printk: console [ttyS0] enabled | |
dnsserver # [ 0.214056] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns | |
webserver # [ 0.142888] ACPI: Core revision 20210730 | |
acme # [ 0.271793] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef] | |
dnsserver # [ 0.214767] futex hash table entries: 256 (order: 2, 16384 bytes, linear) | |
webserver # [ 0.143448] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns | |
dnsserver # [ 0.215579] pinctrl core: initialized pinctrl subsystem | |
webserver # [ 0.144480] APIC: Switch to symmetric I/O mode setup | |
webserver # [ 0.145215] x2apic enabled | |
dnsserver # [ 0.216145] NET: Registered PF_NETLINK/PF_ROUTE protocol family | |
acme # [ 0.273433] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] | |
webserver # [ 0.145728] Switched APIC routing to physical x2apic. | |
dnsserver # [ 0.216870] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations | |
acme # [ 0.274194] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] | |
dnsserver # [ 0.217637] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations | |
client # [ 0.240945] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref] | |
acme # [ 0.274405] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] | |
webserver # [ 0.147171] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 | |
webserver # [ 0.147818] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
dnsserver # [ 0.217772] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations | |
dnsserver # [ 0.218609] audit: initializing netlink subsys (disabled) | |
client # [ 0.241089] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] | |
acme # [ 0.275151] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] | |
dnsserver # [ 0.218898] thermal_sys: Registered thermal governor 'bang_bang' | |
client # [ 0.242726] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000 | |
webserver # [ 0.148914] Calibrating delay loop (skipped) preset value.. 5589.49 BogoMIPS (lpj=2794748) | |
acme # [ 0.275670] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300 | |
dnsserver # [ 0.218900] thermal_sys: Registered thermal governor 'step_wise' | |
webserver # [ 0.149912] pid_max: default: 32768 minimum: 301 | |
dnsserver # [ 0.219531] thermal_sys: Registered thermal governor 'user_space' | |
webserver # [ 0.150422] LSM: Security Framework initializing | |
webserver # [ 0.150934] landlock: Up and running. | |
dnsserver # [ 0.219771] cpuidle: using governor menu | |
webserver # [ 0.151311] Yama: becoming mindful. | |
client # [ 0.244020] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f] | |
webserver # [ 0.151921] SELinux: Initializing. | |
webserver # [ 0.152298] LSM support for eBPF active | |
dnsserver # [ 0.221221] audit: type=2000 audit(1674330711.620:1): state=initialized audit_enabled=0 res=1 | |
dnsserver # [ 0.221862] ACPI: bus type PCI registered | |
webserver # [ 0.153143] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
acme # [ 0.279008] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f] | |
dnsserver # [ 0.222330] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 | |
client # [ 0.245798] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff] | |
webserver # [ 0.153913] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.222873] PCI: Using configuration type 1 for base access | |
webserver # [ 0.155180] x86/cpu: User Mode Instruction Prevention (UMIP) activated | |
dnsserver # [ 0.223512] PCI: Using configuration type 1 for extended access | |
webserver # [ 0.155998] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127 | |
acme # [ 0.281213] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000 | |
dnsserver # [ 0.224816] Kprobes globally optimized | |
webserver # [ 0.156735] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0 | |
dnsserver # [ 0.225338] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages | |
acme # [ 0.281739] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI | |
webserver # [ 0.156919] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization | |
webserver # [ 0.157913] Spectre V2 : Mitigation: Retpolines | |
dnsserver # [ 0.225767] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages | |
acme # [ 0.282411] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB | |
webserver # [ 0.158911] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch | |
dnsserver # [ 0.226943] ACPI: Added _OSI(Module Device) | |
dnsserver # [ 0.227423] ACPI: Added _OSI(Processor Device) | |
webserver # [ 0.159771] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT | |
dnsserver # [ 0.227774] ACPI: Added _OSI(3.0 _SCP Extensions) | |
acme # [ 0.283443] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000 | |
webserver # [ 0.159911] Spectre V2 : Enabling Speculation Barrier for firmware calls | |
dnsserver # [ 0.228302] ACPI: Added _OSI(Processor Aggregator Device) | |
webserver # [ 0.160911] RETBleed: Mitigation: untrained return thunk | |
dnsserver # [ 0.228766] ACPI: Added _OSI(Linux-Dell-Video) | |
client # [ 0.250021] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref] | |
dnsserver # [ 0.229264] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio) | |
webserver # [ 0.161495] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier | |
acme # [ 0.285408] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref] | |
dnsserver # [ 0.229768] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics) | |
webserver # [ 0.161912] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp | |
dnsserver # [ 0.231069] ACPI: 1 ACPI AML tables successfully acquired and loaded | |
client # [ 0.251743] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref] | |
acme # [ 0.288022] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff] | |
dnsserver # [ 0.232967] ACPI: Interpreter enabled | |
client # [ 0.253125] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00 | |
dnsserver # [ 0.233381] ACPI: PM: (supports S0 S3 S4 S5) | |
dnsserver # [ 0.233766] ACPI: Using IOAPIC for interrupt routing | |
dnsserver # [ 0.234340] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug | |
client # [ 0.254759] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f] | |
dnsserver # [ 0.234872] ACPI: Enabled 2 GPEs in block 00 to 0F | |
client # [ 0.256018] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff] | |
dnsserver # [ 0.237766] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) | |
dnsserver # [ 0.238480] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] | |
dnsserver # [ 0.238885] acpiphp: Slot [3] registered | |
dnsserver # [ 0.239365] acpiphp: Slot [4] registered | |
acme # [ 0.292979] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref] | |
dnsserver # [ 0.239788] acpiphp: Slot [5] registered | |
dnsserver # [ 0.240262] acpiphp: Slot [6] registered | |
acme # [ 0.293466] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] | |
dnsserver # [ 0.240738] acpiphp: Slot [7] registered | |
dnsserver # [ 0.240790] acpiphp: Slot [8] registered | |
dnsserver # [ 0.241268] acpiphp: Slot [9] registered | |
acme # [ 0.295120] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000 | |
client # [ 0.260020] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref] | |
dnsserver # [ 0.241748] acpiphp: Slot [10] registered | |
webserver # [ 0.177142] Freeing SMP alternatives memory: 32K | |
dnsserver # [ 0.241796] acpiphp: Slot [11] registered | |
dnsserver # [ 0.242272] acpiphp: Slot [12] registered | |
webserver # [ 0.177798] smpboot: CPU0: AMD EPYC 7402P 24-Core Processor (family: 0x17, model: 0x31, stepping: 0x0) | |
dnsserver # [ 0.242747] acpiphp: Slot [13] registered | |
acme # [ 0.296409] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f] | |
dnsserver # [ 0.242805] acpiphp: Slot [14] registered | |
webserver # [ 0.178041] Performance Events: Fam17h+ core perfctr, AMD PMU driver. | |
dnsserver # [ 0.243273] acpiphp: Slot [15] registered | |
webserver # [ 0.178701] ... version: 0 | |
client # [ 0.262783] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200 | |
dnsserver # [ 0.243732] acpiphp: Slot [16] registered | |
webserver # [ 0.178914] ... bit width: 48 | |
dnsserver # [ 0.243787] acpiphp: Slot [17] registered | |
webserver # [ 0.179306] ... generic registers: 6 | |
dnsserver # [ 0.244265] acpiphp: Slot [18] registered | |
webserver # [ 0.179697] ... value mask: 0000ffffffffffff | |
acme # [ 0.298126] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff] | |
dnsserver # [ 0.244738] acpiphp: Slot [19] registered | |
webserver # [ 0.179914] ... max period: 00007fffffffffff | |
dnsserver # [ 0.244790] acpiphp: Slot [20] registered | |
webserver # [ 0.180447] ... fixed-purpose events: 0 | |
dnsserver # [ 0.245266] acpiphp: Slot [21] registered | |
webserver # [ 0.180840] ... event mask: 000000000000003f | |
dnsserver # [ 0.245730] acpiphp: Slot [22] registered | |
webserver # [ 0.181035] rcu: Hierarchical SRCU implementation. | |
dnsserver # [ 0.245788] acpiphp: Slot [23] registered | |
dnsserver # [ 0.246259] acpiphp: Slot [24] registered | |
webserver # [ 0.181888] smp: Bringing up secondary CPUs ... | |
dnsserver # [ 0.246750] acpiphp: Slot [25] registered | |
webserver # [ 0.181918] smp: Brought up 1 node, 1 CPU | |
dnsserver # [ 0.246789] acpiphp: Slot [26] registered | |
webserver # [ 0.182322] smpboot: Max logical packages: 1 | |
client # [ 0.265019] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf] | |
dnsserver # [ 0.247272] acpiphp: Slot [27] registered | |
webserver # [ 0.182765] smpboot: Total of 1 processors activated (5589.49 BogoMIPS) | |
dnsserver # [ 0.247744] acpiphp: Slot [28] registered | |
webserver # [ 0.183297] devtmpfs: initialized | |
dnsserver # [ 0.248023] acpiphp: Slot [29] registered | |
webserver # [ 0.183696] x86/mm: Memory block size: 128MB | |
dnsserver # [ 0.248498] acpiphp: Slot [30] registered | |
client # [ 0.267020] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff] | |
dnsserver # [ 0.248789] acpiphp: Slot [31] registered | |
dnsserver # [ 0.249252] PCI host bridge to bus 0000:00 | |
webserver # [ 0.184198] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns | |
acme # [ 0.302198] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref] | |
dnsserver # [ 0.249726] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] | |
webserver # [ 0.184918] futex hash table entries: 256 (order: 2, 16384 bytes, linear) | |
webserver # [ 0.185666] pinctrl core: initialized pinctrl subsystem | |
dnsserver # [ 0.249765] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] | |
dnsserver # [ 0.250526] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] | |
webserver # [ 0.186314] NET: Registered PF_NETLINK/PF_ROUTE protocol family | |
acme # [ 0.303410] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref] | |
dnsserver # [ 0.250764] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window] | |
webserver # [ 0.187019] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations | |
webserver # [ 0.187755] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations | |
dnsserver # [ 0.251596] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window] | |
client # [ 0.270756] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref] | |
acme # [ 0.305234] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00 | |
dnsserver # [ 0.251764] pci_bus 0000:00: root bus resource [bus 00-ff] | |
webserver # [ 0.187928] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations | |
webserver # [ 0.188746] audit: initializing netlink subsys (disabled) | |
dnsserver # [ 0.252558] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 | |
webserver # [ 0.189085] thermal_sys: Registered thermal governor 'bang_bang' | |
webserver # [ 0.189087] thermal_sys: Registered thermal governor 'step_wise' | |
dnsserver # [ 0.253656] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 | |
webserver # [ 0.189706] thermal_sys: Registered thermal governor 'user_space' | |
webserver # [ 0.189921] cpuidle: using governor menu | |
dnsserver # [ 0.254664] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180 | |
webserver # [ 0.191365] audit: type=2000 audit(1674330711.693:1): state=initialized audit_enabled=0 res=1 | |
client # [ 0.273999] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200 | |
webserver # [ 0.192023] ACPI: bus type PCI registered | |
acme # [ 0.307415] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f] | |
webserver # [ 0.192460] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 | |
webserver # [ 0.193035] PCI: Using configuration type 1 for base access | |
client # [ 0.275020] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f] | |
webserver # [ 0.193626] PCI: Using configuration type 1 for extended access | |
acme # [ 0.309407] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff] | |
dnsserver # [ 0.258095] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef] | |
webserver # [ 0.194853] Kprobes globally optimized | |
client # [ 0.276732] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff] | |
webserver # [ 0.195040] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages | |
webserver # [ 0.195756] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages | |
dnsserver # [ 0.259784] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] | |
webserver # [ 0.196369] ACPI: Added _OSI(Module Device) | |
webserver # [ 0.196830] ACPI: Added _OSI(Processor Device) | |
dnsserver # [ 0.260581] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] | |
webserver # [ 0.196927] ACPI: Added _OSI(3.0 _SCP Extensions) | |
dnsserver # [ 0.260764] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] | |
webserver # [ 0.197450] ACPI: Added _OSI(Processor Aggregator Device) | |
webserver # [ 0.197916] ACPI: Added _OSI(Linux-Dell-Video) | |
acme # [ 0.313172] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref] | |
webserver # [ 0.198374] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio) | |
dnsserver # [ 0.261570] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] | |
webserver # [ 0.198906] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics) | |
dnsserver # [ 0.262027] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300 | |
webserver # [ 0.199630] ACPI: 1 ACPI AML tables successfully acquired and loaded | |
client # [ 0.280020] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref] | |
webserver # [ 0.201203] ACPI: Interpreter enabled | |
webserver # [ 0.201607] ACPI: PM: (supports S0 S3 S4 S5) | |
dnsserver # [ 0.265341] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f] | |
webserver # [ 0.201924] ACPI: Using IOAPIC for interrupt routing | |
acme # [ 0.317230] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200 | |
client # [ 0.283064] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200 | |
webserver # [ 0.202448] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug | |
webserver # [ 0.203027] ACPI: Enabled 2 GPEs in block 00 to 0F | |
dnsserver # [ 0.267456] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000 | |
acme # [ 0.318406] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf] | |
client # [ 0.284724] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f] | |
dnsserver # [ 0.268104] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI | |
webserver # [ 0.205710] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) | |
dnsserver # [ 0.268771] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB | |
client # [ 0.286018] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff] | |
acme # [ 0.320144] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff] | |
webserver # [ 0.205935] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] | |
webserver # [ 0.206973] acpiphp: Slot [3] registered | |
webserver # [ 0.207412] acpiphp: Slot [4] registered | |
dnsserver # [ 0.269861] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000 | |
webserver # [ 0.207847] acpiphp: Slot [5] registered | |
webserver # [ 0.207939] acpiphp: Slot [6] registered | |
webserver # [ 0.208384] acpiphp: Slot [7] registered | |
webserver # [ 0.208824] acpiphp: Slot [8] registered | |
dnsserver # [ 0.271766] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref] | |
webserver # [ 0.208938] acpiphp: Slot [9] registered | |
webserver # [ 0.209402] acpiphp: Slot [10] registered | |
webserver # [ 0.209849] acpiphp: Slot [11] registered | |
webserver # [ 0.209938] acpiphp: Slot [12] registered | |
webserver # [ 0.210378] acpiphp: Slot [13] registered | |
webserver # [ 0.210838] acpiphp: Slot [14] registered | |
webserver # [ 0.210938] acpiphp: Slot [15] registered | |
client # [ 0.290759] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref] | |
dnsserver # [ 0.274338] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff] | |
webserver # [ 0.211373] acpiphp: Slot [16] registered | |
acme # [ 0.323408] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref] | |
webserver # [ 0.211817] acpiphp: Slot [17] registered | |
webserver # [ 0.211941] acpiphp: Slot [18] registered | |
webserver # [ 0.212384] acpiphp: Slot [19] registered | |
webserver # [ 0.212824] acpiphp: Slot [20] registered | |
webserver # [ 0.212937] acpiphp: Slot [21] registered | |
webserver # [ 0.213390] acpiphp: Slot [22] registered | |
client # [ 0.293064] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000 | |
webserver # [ 0.213864] acpiphp: Slot [23] registered | |
webserver # [ 0.213938] acpiphp: Slot [24] registered | |
acme # [ 0.326515] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200 | |
webserver # [ 0.214396] acpiphp: Slot [25] registered | |
webserver # [ 0.214841] acpiphp: Slot [26] registered | |
client # [ 0.294736] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f] | |
webserver # [ 0.214938] acpiphp: Slot [27] registered | |
webserver # [ 0.215397] acpiphp: Slot [28] registered | |
acme # [ 0.328135] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f] | |
webserver # [ 0.215922] acpiphp: Slot [29] registered | |
webserver # [ 0.216374] acpiphp: Slot [30] registered | |
client # [ 0.296018] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff] | |
webserver # [ 0.216835] acpiphp: Slot [31] registered | |
webserver # [ 0.216931] PCI host bridge to bus 0000:00 | |
acme # [ 0.329405] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff] | |
dnsserver # [ 0.278768] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref] | |
webserver # [ 0.217361] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] | |
webserver # [ 0.217915] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] | |
dnsserver # [ 0.279572] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] | |
webserver # [ 0.218610] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] | |
webserver # [ 0.218915] pci_bus 0000:00: root bus resource [mem 0x40000000-0xfebfffff window] | |
dnsserver # [ 0.280555] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000 | |
webserver # [ 0.219670] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window] | |
webserver # [ 0.219916] pci_bus 0000:00: root bus resource [bus 00-ff] | |
webserver # [ 0.220720] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 | |
dnsserver # [ 0.281764] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f] | |
client # [ 0.300768] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref] | |
webserver # [ 0.221744] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 | |
dnsserver # [ 0.283507] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff] | |
acme # [ 0.334172] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref] | |
webserver # [ 0.222776] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180 | |
client # [ 0.303119] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000 | |
acme # [ 0.336477] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200 | |
client # [ 0.304685] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf] | |
webserver # [ 0.226258] pci 0000:00:01.1: reg 0x20: [io 0xc1e0-0xc1ef] | |
acme # [ 0.338077] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f] | |
webserver # [ 0.227935] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] | |
dnsserver # [ 0.286767] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref] | |
client # [ 0.306724] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff] | |
webserver # [ 0.228667] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] | |
webserver # [ 0.228915] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] | |
acme # [ 0.339406] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff] | |
webserver # [ 0.229645] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] | |
dnsserver # [ 0.288517] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref] | |
webserver # [ 0.230190] pci 0000:00:01.2: [8086:7020] type 00 class 0x0c0300 | |
dnsserver # [ 0.289873] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00 | |
client # [ 0.310020] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref] | |
acme # [ 0.343407] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref] | |
webserver # [ 0.233176] pci 0000:00:01.2: reg 0x20: [io 0xc100-0xc11f] | |
dnsserver # [ 0.291500] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f] | |
client # [ 0.311708] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref] | |
webserver # [ 0.234893] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000 | |
dnsserver # [ 0.292764] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff] | |
webserver # [ 0.235252] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI | |
acme # [ 0.346168] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000 | |
client # [ 0.313168] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000 | |
webserver # [ 0.235921] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB | |
webserver # [ 0.237024] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000 | |
client # [ 0.315951] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff] | |
webserver # [ 0.238718] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref] | |
dnsserver # [ 0.296641] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref] | |
acme # [ 0.349359] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f] | |
client # [ 0.318019] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref] | |
acme # [ 0.350406] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff] | |
webserver # [ 0.240917] pci 0000:00:02.0: reg 0x18: [mem 0xfebd0000-0xfebd0fff] | |
client # [ 0.320622] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000 | |
dnsserver # [ 0.300746] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200 | |
acme # [ 0.354294] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref] | |
dnsserver # [ 0.301764] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf] | |
webserver # [ 0.245711] pci 0000:00:02.0: reg 0x30: [mem 0xfebc0000-0xfebcffff pref] | |
client # [ 0.323020] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff] | |
webserver # [ 0.245972] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] | |
dnsserver # [ 0.303520] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff] | |
webserver # [ 0.247602] pci 0000:00:03.0: [1af4:1000] type 00 class 0x020000 | |
client # [ 0.324866] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff] | |
acme # [ 0.358553] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000 | |
webserver # [ 0.250633] pci 0000:00:03.0: reg 0x10: [io 0xc120-0xc13f] | |
client # [ 0.328020] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref] | |
acme # [ 0.360160] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf] | |
dnsserver # [ 0.306767] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref] | |
webserver # [ 0.251915] pci 0000:00:03.0: reg 0x14: [mem 0xfebd1000-0xfebd1fff] | |
acme # [ 0.361406] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff] | |
dnsserver # [ 0.309843] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200 | |
client # [ 0.331130] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00 | |
webserver # [ 0.255637] pci 0000:00:03.0: reg 0x20: [mem 0xfe000000-0xfe003fff 64bit pref] | |
dnsserver # [ 0.311474] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f] | |
client # [ 0.332720] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df] | |
dnsserver # [ 0.312764] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff] | |
client # [ 0.334019] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff] | |
acme # [ 0.365136] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref] | |
webserver # [ 0.256915] pci 0000:00:03.0: reg 0x30: [mem 0xfeb40000-0xfeb7ffff pref] | |
webserver # [ 0.258980] pci 0000:00:04.0: [1af4:1005] type 00 class 0x00ff00 | |
acme # [ 0.366407] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref] | |
acme # [ 0.368251] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000 | |
webserver # [ 0.260598] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f] | |
dnsserver # [ 0.317493] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref] | |
client # [ 0.337741] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref] | |
webserver # [ 0.261914] pci 0000:00:04.0: reg 0x14: [mem 0xfebd2000-0xfebd2fff] | |
acme # [ 0.370330] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff] | |
dnsserver # [ 0.319880] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200 | |
client # [ 0.340314] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 | |
client # [ 0.341115] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 | |
dnsserver # [ 0.321473] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f] | |
client # [ 0.341878] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 | |
client # [ 0.342126] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 | |
client # [ 0.342857] ACPI: PCI: Interrupt link LNKS configured for IRQ 9 | |
acme # [ 0.372415] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref] | |
webserver # [ 0.265599] pci 0000:00:04.0: reg 0x20: [mem 0xfe004000-0xfe007fff 64bit pref] | |
client # [ 0.343287] iommu: Default domain type: Translated | |
dnsserver # [ 0.322764] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff] | |
client # [ 0.343826] iommu: DMA domain TLB invalidation policy: lazy mode | |
client # [ 0.344082] pci 0000:00:02.0: vgaarb: setting as boot VGA device | |
client # [ 0.344759] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none | |
acme # [ 0.375517] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000 | |
client # [ 0.345020] pci 0000:00:02.0: vgaarb: bridge control possible | |
webserver # [ 0.268037] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200 | |
client # [ 0.345666] vgaarb: loaded | |
client # [ 0.346298] NetLabel: Initializing | |
client # [ 0.346687] NetLabel: domain hash size = 128 | |
acme # [ 0.377145] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff] | |
client # [ 0.347018] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO | |
dnsserver # [ 0.326767] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref] | |
webserver # [ 0.269634] pci 0000:00:05.0: reg 0x10: [io 0xc080-0xc0bf] | |
client # [ 0.347660] NetLabel: unlabeled traffic allowed by default | |
client # [ 0.348019] PCI: Using ACPI for IRQ routing | |
acme # [ 0.378407] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff] | |
client # [ 0.348744] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 | |
webserver # [ 0.270915] pci 0000:00:05.0: reg 0x14: [mem 0xfebd3000-0xfebd3fff] | |
client # [ 0.349017] hpet0: 3 comparators, 64-bit 100.000000 MHz counter | |
dnsserver # [ 0.329547] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000 | |
client # [ 0.352070] clocksource: Switched to clocksource kvm-clock | |
dnsserver # [ 0.330772] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f] | |
acme # [ 0.383216] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref] | |
webserver # [ 0.274917] pci 0000:00:05.0: reg 0x20: [mem 0xfe008000-0xfe00bfff 64bit pref] | |
dnsserver # [ 0.333557] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff] | |
acme # [ 0.385528] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00 | |
webserver # [ 0.277711] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200 | |
acme # [ 0.387134] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df] | |
webserver # [ 0.278915] pci 0000:00:06.0: reg 0x10: [io 0xc160-0xc17f] | |
dnsserver # [ 0.336768] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref] | |
client # [ 0.362868] VFS: Disk quotas dquot_6.6.0 | |
client # [ 0.363381] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) | |
client # [ 0.364245] pnp: PnP ACPI init | |
acme # [ 0.388406] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff] | |
client # [ 0.364999] pnp: PnP ACPI: found 6 devices | |
webserver # [ 0.281749] pci 0000:00:06.0: reg 0x14: [mem 0xfebd4000-0xfebd4fff] | |
dnsserver # [ 0.339843] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000 | |
dnsserver # [ 0.341518] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf] | |
acme # [ 0.392408] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref] | |
webserver # [ 0.284916] pci 0000:00:06.0: reg 0x20: [mem 0xfe00c000-0xfe00ffff 64bit pref] | |
dnsserver # [ 0.342765] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff] | |
acme # [ 0.395378] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 | |
webserver # [ 0.287722] pci 0000:00:07.0: [1af4:1009] type 00 class 0x000200 | |
acme # [ 0.395517] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 | |
acme # [ 0.396517] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 | |
acme # [ 0.397316] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 | |
webserver # [ 0.289915] pci 0000:00:07.0: reg 0x10: [io 0xc180-0xc19f] | |
client # [ 0.376933] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns | |
acme # [ 0.397465] ACPI: PCI: Interrupt link LNKS configured for IRQ 9 | |
client # [ 0.377896] clocksource: Switched to clocksource acpi_pm | |
acme # [ 0.398439] iommu: Default domain type: Translated | |
client # [ 0.378535] NET: Registered PF_INET protocol family | |
acme # [ 0.399001] iommu: DMA domain TLB invalidation policy: lazy mode | |
webserver # [ 0.291670] pci 0000:00:07.0: reg 0x14: [mem 0xfebd5000-0xfebd5fff] | |
client # [ 0.379311] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) | |
dnsserver # [ 0.346517] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref] | |
acme # [ 0.399476] pci 0000:00:02.0: vgaarb: setting as boot VGA device | |
acme # [ 0.400145] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none | |
client # [ 0.381085] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear) | |
acme # [ 0.400407] pci 0000:00:02.0: vgaarb: bridge control possible | |
acme # [ 0.401060] vgaarb: loaded | |
dnsserver # [ 0.347769] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref] | |
client # [ 0.381957] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) | |
acme # [ 0.401712] NetLabel: Initializing | |
acme # [ 0.402111] NetLabel: domain hash size = 128 | |
client # [ 0.382759] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear) | |
acme # [ 0.402404] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO | |
dnsserver # [ 0.349651] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000 | |
client # [ 0.383586] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) | |
acme # [ 0.403071] NetLabel: unlabeled traffic allowed by default | |
client # [ 0.384382] TCP: Hash tables configured (established 8192 bind 8192) | |
acme # [ 0.403405] PCI: Using ACPI for IRQ routing | |
client # [ 0.385123] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear) | |
acme # [ 0.404173] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 | |
client # [ 0.385899] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) | |
acme # [ 0.404404] hpet0: 3 comparators, 64-bit 100.000000 MHz counter | |
dnsserver # [ 0.351723] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff] | |
client # [ 0.386596] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) | |
client # [ 0.387385] NET: Registered PF_UNIX/PF_LOCAL protocol family | |
client # [ 0.387997] NET: Registered PF_XDP protocol family | |
webserver # [ 0.294919] pci 0000:00:07.0: reg 0x20: [mem 0xfe010000-0xfe013fff 64bit pref] | |
client # [ 0.388545] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] | |
client # [ 0.389132] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] | |
client # [ 0.389685] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] | |
client # [ 0.390386] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window] | |
client # [ 0.391152] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window] | |
webserver # [ 0.298013] pci 0000:00:08.0: [1af4:1001] type 00 class 0x010000 | |
client # [ 0.391917] pci 0000:00:01.0: PIIX3: Enabling Passive Release | |
dnsserver # [ 0.353767] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref] | |
client # [ 0.392419] pci 0000:00:00.0: Limiting direct PCI/PCI transfers | |
client # [ 0.392928] pci 0000:00:01.0: Activating ISA DMA hang workarounds | |
webserver # [ 0.299695] pci 0000:00:08.0: reg 0x10: [io 0xc000-0xc07f] | |
dnsserver # [ 0.356847] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000 | |
webserver # [ 0.300914] pci 0000:00:08.0: reg 0x14: [mem 0xfebd6000-0xfebd6fff] | |
acme # [ 0.409482] clocksource: Switched to clocksource kvm-clock | |
dnsserver # [ 0.358765] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff] | |
dnsserver # [ 0.360536] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff] | |
webserver # [ 0.305915] pci 0000:00:08.0: reg 0x20: [mem 0xfe014000-0xfe017fff 64bit pref] | |
acme # [ 0.420836] VFS: Disk quotas dquot_6.6.0 | |
acme # [ 0.421346] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) | |
acme # [ 0.422201] pnp: PnP ACPI init | |
acme # [ 0.422938] pnp: PnP ACPI: found 6 devices | |
dnsserver # [ 0.364767] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref] | |
webserver # [ 0.308787] pci 0000:00:09.0: [1af4:1000] type 00 class 0x020000 | |
client # [ 0.408251] ACPI: \_SB_.LNKD: Enabled at IRQ 11 | |
webserver # [ 0.309915] pci 0000:00:09.0: reg 0x10: [io 0xc1a0-0xc1bf] | |
dnsserver # [ 0.367661] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00 | |
dnsserver # [ 0.368765] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df] | |
webserver # [ 0.311643] pci 0000:00:09.0: reg 0x14: [mem 0xfebd7000-0xfebd7fff] | |
dnsserver # [ 0.370485] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff] | |
acme # [ 0.434679] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns | |
webserver # [ 0.314916] pci 0000:00:09.0: reg 0x20: [mem 0xfe018000-0xfe01bfff 64bit pref] | |
acme # [ 0.435815] clocksource: Switched to clocksource acpi_pm | |
acme # [ 0.436540] NET: Registered PF_INET protocol family | |
webserver # [ 0.316621] pci 0000:00:09.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref] | |
acme # [ 0.437387] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) | |
webserver # [ 0.317990] pci 0000:00:0a.0: [1af4:1052] type 00 class 0x090000 | |
dnsserver # [ 0.373768] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref] | |
acme # [ 0.440025] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear) | |
acme # [ 0.441063] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) | |
acme # [ 0.441989] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear) | |
client # [ 0.423580] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 29091 usecs | |
client # [ 0.424283] PCI: CLS 0 bytes, default 64 | |
client # [ 0.424666] Trying to unpack rootfs image as initramfs... | |
dnsserver # [ 0.376785] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 | |
acme # [ 0.442955] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) | |
dnsserver # [ 0.377530] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 | |
acme # [ 0.444627] TCP: Hash tables configured (established 8192 bind 8192) | |
webserver # [ 0.321544] pci 0000:00:0a.0: reg 0x14: [mem 0xfebd8000-0xfebd8fff] | |
dnsserver # [ 0.377879] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 | |
acme # [ 0.445501] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear) | |
client # [ 0.428262] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
dnsserver # [ 0.378603] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 | |
acme # [ 0.446333] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.378826] ACPI: PCI: Interrupt link LNKS configured for IRQ 9 | |
acme # [ 0.447172] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) | |
client # [ 0.430514] Initialise system trusted keyrings | |
dnsserver # [ 0.379775] iommu: Default domain type: Translated | |
acme # [ 0.448068] NET: Registered PF_UNIX/PF_LOCAL protocol family | |
dnsserver # [ 0.380304] iommu: DMA domain TLB invalidation policy: lazy mode | |
acme # [ 0.448741] NET: Registered PF_XDP protocol family | |
dnsserver # [ 0.380825] pci 0000:00:02.0: vgaarb: setting as boot VGA device | |
webserver # [ 0.324915] pci 0000:00:0a.0: reg 0x20: [mem 0xfe01c000-0xfe01ffff 64bit pref] | |
acme # [ 0.449297] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] | |
dnsserver # [ 0.381466] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none | |
acme # [ 0.450010] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] | |
dnsserver # [ 0.381766] pci 0000:00:02.0: vgaarb: bridge control possible | |
dnsserver # [ 0.382385] vgaarb: loaded | |
acme # [ 0.450741] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] | |
dnsserver # [ 0.382984] NetLabel: Initializing | |
webserver # [ 0.327538] pci 0000:00:0b.0: [1af4:1003] type 00 class 0x078000 | |
dnsserver # [ 0.383763] NetLabel: domain hash size = 128 | |
acme # [ 0.451548] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window] | |
dnsserver # [ 0.384213] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO | |
acme # [ 0.453479] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window] | |
client # [ 0.436886] workingset: timestamp_bits=40 max_order=18 bucket_order=0 | |
dnsserver # [ 0.384783] NetLabel: unlabeled traffic allowed by default | |
dnsserver # [ 0.385406] PCI: Using ACPI for IRQ routing | |
acme # [ 0.454447] pci 0000:00:01.0: PIIX3: Enabling Passive Release | |
webserver # [ 0.328916] pci 0000:00:0b.0: reg 0x10: [io 0xc0c0-0xc0ff] | |
acme # [ 0.455255] pci 0000:00:00.0: Limiting direct PCI/PCI transfers | |
client # [ 0.438630] zbud: loaded | |
dnsserver # [ 0.386061] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 | |
client # [ 0.439062] Key type asymmetric registered | |
acme # [ 0.456060] pci 0000:00:01.0: Activating ISA DMA hang workarounds | |
dnsserver # [ 0.386649] hpet0: 3 comparators, 64-bit 100.000000 MHz counter | |
client # [ 0.439416] Asymmetric key parser 'x509' registered | |
webserver # [ 0.330644] pci 0000:00:0b.0: reg 0x14: [mem 0xfebd9000-0xfebd9fff] | |
client # [ 0.439858] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) | |
client # [ 0.440537] io scheduler mq-deadline registered | |
client # [ 0.440958] io scheduler kyber registered | |
client # [ 0.441587] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled | |
client # [ 0.442463] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A | |
dnsserver # [ 0.390829] clocksource: Switched to clocksource kvm-clock | |
client # [ 0.446647] ashmem: initialized | |
client # [ 0.446968] drop_monitor: Initializing network drop monitor service | |
client # [ 0.447676] NET: Registered PF_INET6 protocol family | |
webserver # [ 0.334706] pci 0000:00:0b.0: reg 0x20: [mem 0xfe020000-0xfe023fff 64bit pref] | |
webserver # [ 0.337012] pci 0000:00:0c.0: [1af4:1005] type 00 class 0x00ff00 | |
webserver # [ 0.338638] pci 0000:00:0c.0: reg 0x10: [io 0xc1c0-0xc1df] | |
webserver # [ 0.339916] pci 0000:00:0c.0: reg 0x14: [mem 0xfebda000-0xfebdafff] | |
dnsserver # [ 0.407434] VFS: Disk quotas dquot_6.6.0 | |
acme # [ 0.478036] ACPI: \_SB_.LNKD: Enabled at IRQ 11 | |
dnsserver # [ 0.407942] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) | |
dnsserver # [ 0.408771] pnp: PnP ACPI init | |
webserver # [ 0.343637] pci 0000:00:0c.0: reg 0x20: [mem 0xfe024000-0xfe027fff 64bit pref] | |
dnsserver # [ 0.409500] pnp: PnP ACPI: found 6 devices | |
webserver # [ 0.347298] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 | |
webserver # [ 0.348034] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 | |
webserver # [ 0.348819] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 | |
webserver # [ 0.349028] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 | |
webserver # [ 0.349765] ACPI: PCI: Interrupt link LNKS configured for IRQ 9 | |
webserver # [ 0.350201] iommu: Default domain type: Translated | |
webserver # [ 0.350780] iommu: DMA domain TLB invalidation policy: lazy mode | |
webserver # [ 0.350979] pci 0000:00:02.0: vgaarb: setting as boot VGA device | |
dnsserver # [ 0.421209] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns | |
webserver # [ 0.351652] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none | |
dnsserver # [ 0.422185] clocksource: Switched to clocksource acpi_pm | |
webserver # [ 0.351918] pci 0000:00:02.0: vgaarb: bridge control possible | |
webserver # [ 0.352556] vgaarb: loaded | |
dnsserver # [ 0.422850] NET: Registered PF_INET protocol family | |
webserver # [ 0.353207] NetLabel: Initializing | |
webserver # [ 0.353600] NetLabel: domain hash size = 128 | |
webserver # [ 0.353914] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO | |
webserver # [ 0.354718] NetLabel: unlabeled traffic allowed by default | |
webserver # [ 0.354914] PCI: Using ACPI for IRQ routing | |
dnsserver # [ 0.426054] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) | |
webserver # [ 0.355685] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 | |
webserver # [ 0.355913] hpet0: 3 comparators, 64-bit 100.000000 MHz counter | |
acme # [ 0.500117] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 42250 usecs | |
acme # [ 0.501160] PCI: CLS 0 bytes, default 64 | |
webserver # [ 0.358977] clocksource: Switched to clocksource kvm-clock | |
acme # [ 0.501730] Trying to unpack rootfs image as initramfs... | |
dnsserver # [ 0.431113] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear) | |
dnsserver # [ 0.432117] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) | |
dnsserver # [ 0.432980] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear) | |
dnsserver # [ 0.433892] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) | |
dnsserver # [ 0.434680] TCP: Hash tables configured (established 8192 bind 8192) | |
acme # [ 0.505182] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
dnsserver # [ 0.435402] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear) | |
dnsserver # [ 0.436208] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.436778] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) | |
dnsserver # [ 0.437384] NET: Registered PF_UNIX/PF_LOCAL protocol family | |
acme # [ 0.508033] Initialise system trusted keyrings | |
dnsserver # [ 0.438082] NET: Registered PF_XDP protocol family | |
dnsserver # [ 0.438606] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] | |
dnsserver # [ 0.439383] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] | |
dnsserver # [ 0.440124] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] | |
dnsserver # [ 0.440932] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window] | |
acme # [ 0.511492] workingset: timestamp_bits=40 max_order=18 bucket_order=0 | |
dnsserver # [ 0.441686] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window] | |
dnsserver # [ 0.442508] pci 0000:00:01.0: PIIX3: Enabling Passive Release | |
dnsserver # [ 0.443167] pci 0000:00:00.0: Limiting direct PCI/PCI transfers | |
acme # [ 0.514310] zbud: loaded | |
dnsserver # [ 0.443845] pci 0000:00:01.0: Activating ISA DMA hang workarounds | |
acme # [ 0.518450] Key type asymmetric registered | |
acme # [ 0.518983] Asymmetric key parser 'x509' registered | |
webserver # [ 0.376941] VFS: Disk quotas dquot_6.6.0 | |
acme # [ 0.519766] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) | |
webserver # [ 0.377447] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) | |
webserver # [ 0.378273] pnp: PnP ACPI init | |
webserver # [ 0.379012] pnp: PnP ACPI: found 6 devices | |
acme # [ 0.523741] io scheduler mq-deadline registered | |
acme # [ 0.524297] io scheduler kyber registered | |
acme # [ 0.525286] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled | |
acme # [ 0.526274] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A | |
dnsserver # [ 0.458971] ACPI: \_SB_.LNKD: Enabled at IRQ 11 | |
acme # [ 0.532549] ashmem: initialized | |
acme # [ 0.533042] drop_monitor: Initializing network drop monitor service | |
acme # [ 0.534632] NET: Registered PF_INET6 protocol family | |
webserver # [ 0.393696] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns | |
webserver # [ 0.394649] clocksource: Switched to clocksource acpi_pm | |
webserver # [ 0.395301] NET: Registered PF_INET protocol family | |
webserver # [ 0.396092] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear) | |
webserver # [ 0.397958] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear) | |
webserver # [ 0.398792] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) | |
webserver # [ 0.399660] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear) | |
webserver # [ 0.400593] TCP bind hash table entries: 8192 (order: 5, 131072 bytes, linear) | |
webserver # [ 0.401478] TCP: Hash tables configured (established 8192 bind 8192) | |
webserver # [ 0.402333] MPTCP token hash table entries: 1024 (order: 2, 24576 bytes, linear) | |
webserver # [ 0.403238] UDP hash table entries: 512 (order: 2, 16384 bytes, linear) | |
webserver # [ 0.404047] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear) | |
webserver # [ 0.404949] NET: Registered PF_UNIX/PF_LOCAL protocol family | |
webserver # [ 0.405612] NET: Registered PF_XDP protocol family | |
webserver # [ 0.406214] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] | |
webserver # [ 0.406944] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] | |
webserver # [ 0.407633] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] | |
webserver # [ 0.408463] pci_bus 0000:00: resource 7 [mem 0x40000000-0xfebfffff window] | |
dnsserver # [ 0.481053] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 35689 usecs | |
dnsserver # [ 0.481985] PCI: CLS 0 bytes, default 64 | |
webserver # [ 0.409273] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window] | |
dnsserver # [ 0.482492] Trying to unpack rootfs image as initramfs... | |
webserver # [ 0.410133] pci 0000:00:01.0: PIIX3: Enabling Passive Release | |
webserver # [ 0.410784] pci 0000:00:00.0: Limiting direct PCI/PCI transfers | |
webserver # [ 0.411515] pci 0000:00:01.0: Activating ISA DMA hang workarounds | |
client # [ 0.538495] Freeing initrd memory: 11976K | |
client # [ 0.539234] Segment Routing with IPv6 | |
client # [ 0.539580] In-situ OAM (IOAM) with IPv6 | |
dnsserver # [ 0.486032] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
client # [ 0.540097] IPI shorthand broadcast: enabled | |
client # [ 0.540480] sched_clock: Marking stable (444336024, 95690580)->(617858324, -77831720) | |
client # [ 0.541284] registered taskstats version 1 | |
client # [ 0.541659] Loading compiled-in X.509 certificates | |
client # [ 0.542113] zswap: loaded using pool lzo/zbud | |
client # [ 0.542593] Key type .fscrypt registered | |
client # [ 0.542941] Key type fscrypt-provisioning registered | |
dnsserver # [ 0.491299] Initialise system trusted keyrings | |
client # [ 0.544847] Freeing unused decrypted memory: 2036K | |
dnsserver # [ 0.491881] workingset: timestamp_bits=40 max_order=18 bucket_order=0 | |
client # [ 0.545605] Freeing unused kernel image (initmem) memory: 1920K | |
client # [ 0.547040] Write protecting the kernel read-only data: 22528k | |
dnsserver # [ 0.494264] zbud: loaded | |
client # [ 0.548124] Freeing unused kernel image (text/rodata gap) memory: 2040K | |
client # [ 0.548949] Freeing unused kernel image (rodata/data gap) memory: 876K | |
dnsserver # [ 0.496346] Key type asymmetric registered | |
client # [ 0.549547] Run /init as init process | |
dnsserver # [ 0.498204] Asymmetric key parser 'x509' registered | |
client # | |
client # <<< NixOS Stage 1 >>> | |
client # | |
dnsserver # [ 0.498753] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) | |
dnsserver # [ 0.504304] io scheduler mq-deadline registered | |
dnsserver # [ 0.504837] io scheduler kyber registered | |
dnsserver # [ 0.505818] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled | |
webserver # [ 0.433799] ACPI: \_SB_.LNKD: Enabled at IRQ 11 | |
dnsserver # [ 0.506601] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A | |
dnsserver # [ 0.511330] ashmem: initialized | |
dnsserver # [ 0.511738] drop_monitor: Initializing network drop monitor service | |
dnsserver # [ 0.512604] NET: Registered PF_INET6 protocol family | |
client # loading module virtio_balloon... | |
webserver # [ 0.456162] pci 0000:00:01.2: quirk_usb_early_handoff+0x0/0x730 took 42874 usecs | |
webserver # [ 0.457187] PCI: CLS 0 bytes, default 64 | |
webserver # [ 0.457718] Trying to unpack rootfs image as initramfs... | |
client # loading module virtio_console... | |
webserver # [ 0.461272] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2848df6a9de, max_idle_ns: 440795280912 ns | |
client # loading module virtio_rng... | |
webserver # [ 0.466724] Initialise system trusted keyrings | |
webserver # [ 0.467378] workingset: timestamp_bits=40 max_order=18 bucket_order=0 | |
client # loading module dm_mod... | |
webserver # [ 0.469770] zbud: loaded | |
webserver # [ 0.471203] Key type asymmetric registered | |
webserver # [ 0.471682] Asymmetric key parser 'x509' registered | |
webserver # [ 0.473970] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) | |
webserver # [ 0.476961] io scheduler mq-deadline registered | |
webserver # [ 0.477496] io scheduler kyber registered | |
client # [ 0.603482] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com | |
client # running udev... | |
webserver # [ 0.479048] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled | |
webserver # [ 0.480245] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A | |
webserver # [ 0.484569] ashmem: initialized | |
webserver # [ 0.485036] drop_monitor: Initializing network drop monitor service | |
webserver # [ 0.486095] NET: Registered PF_INET6 protocol family | |
client # Starting systemd-udevd version 252.4 | |
acme # [ 0.650277] Freeing initrd memory: 11976K | |
acme # [ 0.651236] Segment Routing with IPv6 | |
acme # [ 0.651667] In-situ OAM (IOAM) with IPv6 | |
acme # [ 0.652261] IPI shorthand broadcast: enabled | |
acme # [ 0.652750] sched_clock: Marking stable (507538415, 145187270)->(740119378, -87393693) | |
acme # [ 0.653796] registered taskstats version 1 | |
acme # [ 0.654295] Loading compiled-in X.509 certificates | |
acme # [ 0.654938] zswap: loaded using pool lzo/zbud | |
acme # [ 0.655618] Key type .fscrypt registered | |
acme # [ 0.656095] Key type fscrypt-provisioning registered | |
acme # [ 0.658848] Freeing unused decrypted memory: 2036K | |
acme # [ 0.659838] Freeing unused kernel image (initmem) memory: 1920K | |
acme # [ 0.660576] Write protecting the kernel read-only data: 22528k | |
acme # [ 0.662020] Freeing unused kernel image (text/rodata gap) memory: 2040K | |
acme # [ 0.663024] Freeing unused kernel image (rodata/data gap) memory: 876K | |
acme # [ 0.663743] Run /init as init process | |
acme # | |
acme # <<< NixOS Stage 1 >>> | |
acme # | |
client # [ 0.660496] rtc_cmos 00:05: RTC can wake from S4 | |
client # [ 0.666328] rtc_cmos 00:05: registered as rtc0 | |
client # [ 0.666786] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs | |
dnsserver # [ 0.617404] Freeing initrd memory: 11976K | |
dnsserver # [ 0.618343] Segment Routing with IPv6 | |
dnsserver # [ 0.618799] In-situ OAM (IOAM) with IPv6 | |
dnsserver # [ 0.619458] IPI shorthand broadcast: enabled | |
acme # loading module virtio_balloon... | |
dnsserver # [ 0.619976] sched_clock: Marking stable (486672634, 133280114)->(707157032, -87204284) | |
dnsserver # [ 0.620954] registered taskstats version 1 | |
dnsserver # [ 0.621422] Loading compiled-in X.509 certificates | |
dnsserver # [ 0.622022] zswap: loaded using pool lzo/zbud | |
dnsserver # [ 0.622650] Key type .fscrypt registered | |
dnsserver # [ 0.623108] Key type fscrypt-provisioning registered | |
dnsserver # [ 0.625879] Freeing unused decrypted memory: 2036K | |
dnsserver # [ 0.626841] Freeing unused kernel image (initmem) memory: 1920K | |
dnsserver # [ 0.627510] Write protecting the kernel read-only data: 22528k | |
dnsserver # [ 0.628951] Freeing unused kernel image (text/rodata gap) memory: 2040K | |
dnsserver # [ 0.630151] Freeing unused kernel image (rodata/data gap) memory: 876K | |
dnsserver # [ 0.630922] Run /init as init process | |
dnsserver # | |
dnsserver # <<< NixOS Stage 1 >>> | |
dnsserver # | |
client # [ 0.687221] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 | |
client # [ 0.688414] serio: i8042 KBD port at 0x60,0x64 irq 1 | |
client # [ 0.688861] serio: i8042 AUX port at 0x60,0x64 irq 12 | |
acme # loading module virtio_console... | |
acme # loading module virtio_rng... | |
acme # loading module dm_mod... | |
dnsserver # loading module virtio_balloon... | |
acme # [ 0.737046] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com | |
acme # running udev... | |
webserver # [ 0.596857] Freeing initrd memory: 11976K | |
webserver # [ 0.597802] Segment Routing with IPv6 | |
webserver # [ 0.598273] In-situ OAM (IOAM) with IPv6 | |
webserver # [ 0.598950] IPI shorthand broadcast: enabled | |
webserver # [ 0.599454] sched_clock: Marking stable (494906247, 104022626)->(684296070, -85367197) | |
webserver # [ 0.600499] registered taskstats version 1 | |
webserver # [ 0.601029] Loading compiled-in X.509 certificates | |
client # [ 0.727151] SCSI subsystem initialized | |
webserver # [ 0.601599] zswap: loaded using pool lzo/zbud | |
webserver # [ 0.602258] Key type .fscrypt registered | |
webserver # [ 0.602703] Key type fscrypt-provisioning registered | |
webserver # [ 0.605324] Freeing unused decrypted memory: 2036K | |
webserver # [ 0.606291] Freeing unused kernel image (initmem) memory: 1920K | |
webserver # [ 0.606995] Write protecting the kernel read-only data: 22528k | |
acme # Starting systemd-udevd version 252.4 | |
dnsserver # loading module virtio_console... | |
webserver # [ 0.608377] Freeing unused kernel image (text/rodata gap) memory: 2040K | |
client # [ 0.734634] ACPI: \_SB_.LNKC: Enabled at IRQ 10 | |
webserver # [ 0.609430] Freeing unused kernel image (rodata/data gap) memory: 876K | |
webserver # [ 0.610222] Run /init as init process | |
client # [ 0.736249] ACPI: bus type USB registered | |
client # [ 0.736715] usbcore: registered new interface driver usbfs | |
client # [ 0.737269] usbcore: registered new interface driver hub | |
client # [ 0.737757] usbcore: registered new device driver usb | |
webserver # | |
webserver # <<< NixOS Stage 1 >>> | |
webserver # | |
dnsserver # loading module virtio_rng... | |
dnsserver # loading module dm_mod... | |
client # [ 0.753148] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver | |
dnsserver # [ 0.704573] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com | |
dnsserver # running udev... | |
webserver # loading module virtio_balloon... | |
client # [ 0.767600] uhci_hcd: USB Universal Host Controller Interface driver | |
dnsserver # Starting systemd-udevd version 252.4 | |
webserver # loading module virtio_console... | |
client # [ 0.786039] scsi host0: ata_piix | |
webserver # loading module virtio_rng... | |
client # [ 0.790565] uhci_hcd 0000:00:01.2: UHCI Host Controller | |
client # [ 0.791039] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1 | |
client # [ 0.791707] uhci_hcd 0000:00:01.2: detected 2 ports | |
client # [ 0.792275] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100 | |
client # [ 0.792897] scsi host1: ata_piix | |
webserver # loading module dm_mod... | |
client # [ 0.795157] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14 | |
client # [ 0.795752] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15 | |
client # [ 0.799048] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15 | |
acme # [ 0.816842] rtc_cmos 00:05: RTC can wake from S4 | |
client # [ 0.799791] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1 | |
client # [ 0.800427] usb usb1: Product: UHCI Host Controller | |
client # [ 0.800871] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd | |
client # [ 0.801399] usb usb1: SerialNumber: 0000:00:01.2 | |
client # [ 0.807206] hub 1-0:1.0: USB hub found | |
client # [ 0.807563] hub 1-0:1.0: 2 ports detected | |
webserver # [ 0.681531] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com | |
webserver # running udev... | |
client # [ 0.813801] ACPI: \_SB_.LNKA: Enabled at IRQ 10 | |
acme # [ 0.835533] rtc_cmos 00:05: registered as rtc0 | |
acme # [ 0.836171] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs | |
webserver # Starting systemd-udevd version 252.4 | |
dnsserver # [ 0.775300] rtc_cmos 00:05: RTC can wake from S4 | |
client # [ 0.829488] ACPI: \_SB_.LNKB: Enabled at IRQ 11 | |
dnsserver # [ 0.780518] rtc_cmos 00:05: registered as rtc0 | |
acme # [ 0.851487] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 | |
dnsserver # [ 0.781859] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs | |
acme # [ 0.853092] serio: i8042 KBD port at 0x60,0x64 irq 1 | |
acme # [ 0.861423] serio: i8042 AUX port at 0x60,0x64 irq 12 | |
dnsserver # [ 0.812934] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 | |
dnsserver # [ 0.814500] serio: i8042 KBD port at 0x60,0x64 irq 1 | |
webserver # [ 0.749772] rtc_cmos 00:05: RTC can wake from S4 | |
dnsserver # [ 0.824790] serio: i8042 AUX port at 0x60,0x64 irq 12 | |
acme # [ 0.899816] SCSI subsystem initialized | |
webserver # [ 0.759369] rtc_cmos 00:05: registered as rtc0 | |
acme # [ 0.905624] ACPI: bus type USB registered | |
webserver # [ 0.766011] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs | |
acme # [ 0.911578] usbcore: registered new interface driver usbfs | |
webserver # [ 0.768884] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 | |
acme # [ 0.912326] usbcore: registered new interface driver hub | |
acme # [ 0.912982] usbcore: registered new device driver usb | |
acme # [ 0.923752] ACPI: \_SB_.LNKC: Enabled at IRQ 10 | |
webserver # [ 0.785619] serio: i8042 KBD port at 0x60,0x64 irq 1 | |
acme # [ 0.929974] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver | |
webserver # [ 0.793931] serio: i8042 AUX port at 0x60,0x64 irq 12 | |
dnsserver # [ 0.867739] SCSI subsystem initialized | |
dnsserver # [ 0.877987] ACPI: bus type USB registered | |
acme # [ 0.948463] uhci_hcd: USB Universal Host Controller Interface driver | |
dnsserver # [ 0.880880] usbcore: registered new interface driver usbfs | |
dnsserver # [ 0.883775] usbcore: registered new interface driver hub | |
dnsserver # [ 0.884400] usbcore: registered new device driver usb | |
dnsserver # [ 0.894716] ACPI: \_SB_.LNKC: Enabled at IRQ 10 | |
dnsserver # [ 0.900330] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver | |
client # [ 0.955655] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100 | |
client # [ 0.956937] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5 | |
acme # [ 0.975466] scsi host0: ata_piix | |
webserver # [ 0.833107] SCSI subsystem initialized | |
acme # [ 0.983476] scsi host1: ata_piix | |
acme # [ 0.983964] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14 | |
acme # [ 0.984777] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15 | |
dnsserver # [ 0.915416] uhci_hcd: USB Universal Host Controller Interface driver | |
webserver # [ 0.854143] ACPI: bus type USB registered | |
webserver # [ 0.854926] usbcore: registered new interface driver usbfs | |
webserver # [ 0.855653] usbcore: registered new interface driver hub | |
webserver # [ 0.856343] usbcore: registered new device driver usb | |
webserver # [ 0.858438] ACPI: \_SB_.LNKC: Enabled at IRQ 10 | |
acme # [ 1.001249] uhci_hcd 0000:00:01.2: UHCI Host Controller | |
acme # [ 1.001922] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1 | |
acme # [ 1.002854] uhci_hcd 0000:00:01.2: detected 2 ports | |
acme # [ 1.003630] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100 | |
acme # [ 1.004523] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15 | |
acme # [ 1.005571] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1 | |
acme # [ 1.006464] usb usb1: Product: UHCI Host Controller | |
acme # [ 1.007044] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd | |
acme # [ 1.007735] usb usb1: SerialNumber: 0000:00:01.2 | |
dnsserver # [ 0.939827] scsi host0: ata_piix | |
acme # [ 1.015756] hub 1-0:1.0: USB hub found | |
acme # [ 1.016240] hub 1-0:1.0: 2 ports detected | |
dnsserver # [ 0.947828] scsi host1: ata_piix | |
webserver # [ 0.875494] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver | |
dnsserver # [ 0.948278] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14 | |
dnsserver # [ 0.949036] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15 | |
client # [ 1.005279] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0 | |
client # [ 1.006672] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB) | |
webserver # [ 0.886666] uhci_hcd: USB Universal Host Controller Interface driver | |
acme # [ 1.032548] ACPI: \_SB_.LNKA: Enabled at IRQ 10 | |
dnsserver # [ 0.968672] uhci_hcd 0000:00:01.2: UHCI Host Controller | |
dnsserver # [ 0.969291] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1 | |
dnsserver # [ 0.970145] uhci_hcd 0000:00:01.2: detected 2 ports | |
dnsserver # [ 0.970926] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100 | |
client # [ 1.024398] 9pnet: Installing 9P2000 support | |
client # [ 1.029019] usb 1-1: new full-speed USB device number 2 using uhci_hcd | |
dnsserver # [ 0.978811] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15 | |
webserver # [ 0.906971] scsi host0: ata_piix | |
dnsserver # [ 0.979728] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1 | |
dnsserver # [ 0.980537] usb usb1: Product: UHCI Host Controller | |
dnsserver # [ 0.981116] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd | |
dnsserver # [ 0.981715] usb usb1: SerialNumber: 0000:00:01.2 | |
dnsserver # [ 0.982685] hub 1-0:1.0: USB hub found | |
dnsserver # [ 0.983781] hub 1-0:1.0: 2 ports detected | |
client # [ 1.038394] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray | |
client # [ 1.039047] cdrom: Uniform CD-ROM driver Revision: 3.20 | |
acme # [ 1.056267] ACPI: \_SB_.LNKB: Enabled at IRQ 11 | |
webserver # [ 0.914972] scsi host1: ata_piix | |
webserver # [ 0.915559] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc1e0 irq 14 | |
webserver # [ 0.916357] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc1e8 irq 15 | |
dnsserver # [ 0.999325] ACPI: \_SB_.LNKA: Enabled at IRQ 10 | |
webserver # [ 0.936212] uhci_hcd 0000:00:01.2: UHCI Host Controller | |
webserver # [ 0.936829] uhci_hcd 0000:00:01.2: new USB bus registered, assigned bus number 1 | |
webserver # [ 0.937692] uhci_hcd 0000:00:01.2: detected 2 ports | |
webserver # [ 0.938538] uhci_hcd 0000:00:01.2: irq 11, io base 0x0000c100 | |
webserver # [ 0.946092] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.15 | |
webserver # [ 0.947109] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1 | |
webserver # [ 0.947935] usb usb1: Product: UHCI Host Controller | |
webserver # [ 0.948529] usb usb1: Manufacturer: Linux 5.15.89 uhci_hcd | |
webserver # [ 0.949225] usb usb1: SerialNumber: 0000:00:01.2 | |
dnsserver # [ 1.023014] ACPI: \_SB_.LNKB: Enabled at IRQ 11 | |
webserver # [ 0.953350] hub 1-0:1.0: USB hub found | |
webserver # [ 0.953806] hub 1-0:1.0: 2 ports detected | |
webserver # [ 0.967732] ACPI: \_SB_.LNKA: Enabled at IRQ 10 | |
webserver # [ 0.991583] ACPI: \_SB_.LNKB: Enabled at IRQ 11 | |
acme # [ 1.145767] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100 | |
acme # [ 1.147440] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5 | |
dnsserver # [ 1.107102] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100 | |
dnsserver # [ 1.108788] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5 | |
client # [ 1.198265] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 | |
client # [ 1.199373] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 | |
client # [ 1.200469] usb 1-1: Product: QEMU USB Tablet | |
client # [ 1.201014] usb 1-1: Manufacturer: QEMU | |
client # [ 1.201558] usb 1-1: SerialNumber: 28754-0000:00:01.2-1 | |
webserver # [ 1.078250] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100 | |
webserver # [ 1.079915] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5 | |
client # [ 1.218020] hid: raw HID events driver (C) Jiri Kosina | |
acme # [ 1.241452] usb 1-1: new full-speed USB device number 2 using uhci_hcd | |
client # [ 1.227714] usbcore: registered new interface driver usbhid | |
client # [ 1.228470] usbhid: USB HID core driver | |
client # [ 1.231123] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2 | |
client # [ 1.235744] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0 | |
acme # [ 1.274361] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB) | |
acme # [ 1.276450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0 | |
dnsserver # [ 1.208766] usb 1-1: new full-speed USB device number 2 using uhci_hcd | |
client # kbd_mode: KDSKBMODE: Inappropriate ioctl for device | |
acme # [ 1.302952] 9pnet: Installing 9P2000 support | |
client # %Gstarting device mapper and LVM... | |
dnsserver # [ 1.240831] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0 | |
dnsserver # [ 1.243402] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB) | |
webserver # [ 1.172015] usb 1-1: new full-speed USB device number 2 using uhci_hcd | |
acme # [ 1.315811] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray | |
acme # [ 1.316561] cdrom: Uniform CD-ROM driver Revision: 3.20 | |
client # mke2fs 1.46.5 (30-Dec-2021) | |
client # Discarding device blocks: 0/262144 done | |
client # Creating filesystem with 262144 4k blocks and 65536 inodes | |
client # Filesystem UUID: ae35a90d-87a0-4c21-8b29-e6771a668bf8 | |
client # Superblock backups stored on blocks: | |
client # 32768, 98304, 163840, 229376 | |
client # | |
client # Allocating group tables: 0/8 done | |
client # Writing inode tables: 0/8 done | |
client # Creating journal (8192 blocks): done | |
client # Writing superblocks and filesystem accounting information: 0/8 done | |
client # | |
dnsserver # [ 1.278616] 9pnet: Installing 9P2000 support | |
client # checking /dev/vda... | |
client # fsck (busybox 1.35.0) | |
client # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda | |
webserver # [ 1.215630] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0 | |
client # /dev/vda: clean, 11/65536 files, 12955/262144 blocks | |
dnsserver # [ 1.290514] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray | |
webserver # [ 1.218089] virtio_blk virtio5: [vda] 2097152 512-byte logical blocks (1.07 GB/1.00 GiB) | |
dnsserver # [ 1.291363] cdrom: Uniform CD-ROM driver Revision: 3.20 | |
client # mounting /dev/vda on /... | |
webserver # [ 1.255051] 9pnet: Installing 9P2000 support | |
webserver # [ 1.260431] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray | |
webserver # [ 1.263222] cdrom: Uniform CD-ROM driver Revision: 3.20 | |
acme # [ 1.410983] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 | |
acme # [ 1.412118] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 | |
acme # [ 1.413034] usb 1-1: Product: QEMU USB Tablet | |
acme # [ 1.413513] usb 1-1: Manufacturer: QEMU | |
acme # [ 1.414081] usb 1-1: SerialNumber: 28754-0000:00:01.2-1 | |
client # [ 1.399657] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none. | |
client # mounting nix-store on /nix/.ro-store... | |
acme # [ 1.428751] hid: raw HID events driver (C) Jiri Kosina | |
client # [ 1.418729] FS-Cache: Loaded | |
client # [ 1.423299] 9p: Installing v9fs 9p2000 file system support | |
client # [ 1.423832] FS-Cache: Netfs '9p' registered for caching | |
acme # [ 1.445426] usbcore: registered new interface driver usbhid | |
dnsserver # [ 1.377226] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 | |
dnsserver # [ 1.378264] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 | |
acme # [ 1.448076] usbhid: USB HID core driver | |
dnsserver # [ 1.379158] usb 1-1: Product: QEMU USB Tablet | |
dnsserver # [ 1.379716] usb 1-1: Manufacturer: QEMU | |
dnsserver # [ 1.380195] usb 1-1: SerialNumber: 28754-0000:00:01.2-1 | |
client # mounting tmpfs on /nix/.rw-store... | |
acme # [ 1.451677] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2 | |
acme # [ 1.457974] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0 | |
client # mounting shared on /tmp/shared... | |
dnsserver # [ 1.394065] hid: raw HID events driver (C) Jiri Kosina | |
client # mounting xchg on /tmp/xchg... | |
dnsserver # [ 1.403548] usbcore: registered new interface driver usbhid | |
dnsserver # [ 1.404312] usbhid: USB HID core driver | |
client # mounting overlay filesystem on /nix/store... | |
dnsserver # [ 1.409040] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2 | |
dnsserver # [ 1.410589] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0 | |
webserver # [ 1.340866] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 | |
webserver # [ 1.344327] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 | |
webserver # [ 1.347268] usb 1-1: Product: QEMU USB Tablet | |
webserver # [ 1.349037] usb 1-1: Manufacturer: QEMU | |
webserver # [ 1.350931] usb 1-1: SerialNumber: 28754-0000:00:01.2-1 | |
webserver # [ 1.365683] hid: raw HID events driver (C) Jiri Kosina | |
webserver # [ 1.378487] usbcore: registered new interface driver usbhid | |
webserver # [ 1.380849] usbhid: USB HID core driver | |
webserver # [ 1.384619] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input2 | |
webserver # [ 1.391315] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:01.2-1/input0 | |
acme # kbd_mode: KDSKBMODE: Inappropriate ioctl for device | |
acme # %Gstarting device mapper and LVM... | |
client # | |
client # <<< NixOS Stage 2 >>> | |
client # | |
acme # mke2fs 1.46.5 (30-Dec-2021) | |
acme # Discarding device blocks: 0/262144 done | |
acme # Creating filesystem with 262144 4k blocks and 65536 inodes | |
dnsserver # kbd_mode: KDSKBMODE: Inappropriate ioctl for device | |
acme # Filesystem UUID: 4c99a643-7b5d-418b-b76e-4c63e85f4e3c | |
client # [ 1.599076] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
dnsserver # %Gstarting device mapper and LVM... | |
acme # Superblock backups stored on blocks: | |
client # [ 1.601942] booting system configuration /nix/store/w28qid4kn2h5f274cbxbjz183g9s3mk0-nixos-system-client-23.05pre-git | |
acme # 32768, 98304, 163840, 229376 | |
acme # | |
acme # Allocating group tables: 0/8 done | |
acme # Writing inode tables: 0/8 done | |
acme # Creating journal (8192 blocks): done | |
acme # Writing superblocks and filesystem accounting information: 0/8 done | |
acme # | |
acme # checking /dev/vda... | |
acme # fsck (busybox 1.35.0) | |
dnsserver # mke2fs 1.46.5 (30-Dec-2021) | |
acme # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda | |
dnsserver # Discarding device blocks: 0/262144 done | |
dnsserver # Creating filesystem with 262144 4k blocks and 65536 inodes | |
dnsserver # Filesystem UUID: a2845bfe-52a1-4110-91c3-1c92ecf9280c | |
dnsserver # Superblock backups stored on blocks: | |
dnsserver # 32768, 98304, 163840, 229376 | |
acme # /dev/vda: clean, 11/65536 files, 12955/262144 blocks | |
dnsserver # | |
acme # mounting /dev/vda on /... | |
dnsserver # Allocating group tables: 0/8 done | |
dnsserver # Writing inode tables: 0/8 done | |
dnsserver # Creating journal (8192 blocks): done | |
dnsserver # Writing superblocks and filesystem accounting information: 0/8 done | |
dnsserver # | |
webserver # kbd_mode: KDSKBMODE: Inappropriate ioctl for device | |
dnsserver # checking /dev/vda... | |
webserver # %Gstarting device mapper and LVM... | |
dnsserver # fsck (busybox 1.35.0) | |
dnsserver # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda | |
dnsserver # /dev/vda: clean, 11/65536 files, 12955/262144 blocks | |
dnsserver # mounting /dev/vda on /... | |
client # running activation script... | |
webserver # mke2fs 1.46.5 (30-Dec-2021) | |
webserver # Discarding device blocks: 0/262144 done | |
webserver # Creating filesystem with 262144 4k blocks and 65536 inodes | |
webserver # Filesystem UUID: fa1de44c-c86d-4138-9b58-3f60e46de848 | |
webserver # Superblock backups stored on blocks: | |
webserver # 32768, 98304, 163840, 229376 | |
webserver # | |
webserver # Allocating group tables: 0/8 done | |
webserver # Writing inode tables: 0/8 done | |
webserver # Creating journal (8192 blocks): done | |
webserver # Writing superblocks and filesystem accounting information: 0/8 done | |
webserver # | |
acme # [ 1.723480] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none. | |
webserver # checking /dev/vda... | |
webserver # fsck (busybox 1.35.0) | |
webserver # [fsck.ext4 (1) -- /mnt-root/] fsck.ext4 -a /dev/vda | |
webserver # /dev/vda: clean, 11/65536 files, 12955/262144 blocks | |
webserver # mounting /dev/vda on /... | |
acme # mounting nix-store on /nix/.ro-store... | |
acme # [ 1.751712] FS-Cache: Loaded | |
dnsserver # [ 1.682333] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none. | |
acme # [ 1.758522] 9p: Installing v9fs 9p2000 file system support | |
acme # [ 1.760976] FS-Cache: Netfs '9p' registered for caching | |
dnsserver # mounting nix-store on /nix/.ro-store... | |
acme # mounting tmpfs on /nix/.rw-store... | |
dnsserver # [ 1.705520] FS-Cache: Loaded | |
dnsserver # [ 1.711357] 9p: Installing v9fs 9p2000 file system support | |
dnsserver # [ 1.712079] FS-Cache: Netfs '9p' registered for caching | |
acme # mounting shared on /tmp/shared... | |
dnsserver # mounting tmpfs on /nix/.rw-store... | |
acme # mounting xchg on /tmp/xchg... | |
webserver # [ 1.660717] EXT4-fs (vda): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none. | |
dnsserver # mounting shared on /tmp/shared... | |
acme # mounting overlay filesystem on /nix/store... | |
webserver # mounting nix-store on /nix/.ro-store... | |
dnsserver # mounting xchg on /tmp/xchg... | |
dnsserver # mounting overlay filesystem on /nix/store... | |
webserver # [ 1.685833] FS-Cache: Loaded | |
webserver # [ 1.692215] 9p: Installing v9fs 9p2000 file system support | |
webserver # [ 1.694395] FS-Cache: Netfs '9p' registered for caching | |
webserver # mounting tmpfs on /nix/.rw-store... | |
webserver # mounting shared on /tmp/shared... | |
webserver # mounting xchg on /tmp/xchg... | |
webserver # mounting overlay filesystem on /nix/store... | |
acme # | |
acme # <<< NixOS Stage 2 >>> | |
acme # | |
dnsserver # | |
dnsserver # <<< NixOS Stage 2 >>> | |
dnsserver # | |
acme # [ 2.009817] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
dnsserver # [ 1.944695] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
acme # [ 2.015691] booting system configuration /nix/store/fhivd03v034pfaga4clmirshyn56cijx-nixos-system-acme-23.05pre-git | |
dnsserver # [ 1.947863] booting system configuration /nix/store/ginlw6jq0nm2cxjpci6553sh5bahj2vx-nixos-system-dnsserver-23.05pre-git | |
webserver # | |
webserver # <<< NixOS Stage 2 >>> | |
webserver # | |
client # setting up /etc... | |
webserver # [ 1.941402] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
dnsserver # running activation script... | |
webserver # [ 1.947125] booting system configuration /nix/store/dpicg1vsplswvqx8bwlbjgxihydzc51q-nixos-system-webserver-23.05pre-git | |
acme # running activation script... | |
webserver # running activation script... | |
dnsserver # setting up /etc... | |
acme # setting up /etc... | |
webserver # setting up /etc... | |
client # starting systemd... | |
client # [ 3.947647] systemd[1]: Inserted module 'autofs4' | |
client # [ 4.005122] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified) | |
client # [ 4.017537] systemd[1]: Detected virtualization kvm. | |
client # [ 4.019563] systemd[1]: Detected architecture x86-64. | |
client # [ 4.028010] systemd[1]: Initializing machine ID from random generator. | |
dnsserver # starting systemd... | |
client # [ 4.427215] systemd[1]: bpf-lsm: LSM BPF program attached | |
acme # starting systemd... | |
dnsserver # [ 4.461565] systemd[1]: Inserted module 'autofs4' | |
dnsserver # [ 4.528746] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified) | |
dnsserver # [ 4.540839] systemd[1]: Detected virtualization kvm. | |
dnsserver # [ 4.542768] systemd[1]: Detected architecture x86-64. | |
dnsserver # [ 4.556768] systemd[1]: Initializing machine ID from random generator. | |
acme # [ 4.771682] systemd[1]: Inserted module 'autofs4' | |
webserver # starting systemd... | |
acme # [ 4.830996] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified) | |
acme # [ 4.834532] systemd[1]: Detected virtualization kvm. | |
acme # [ 4.835122] systemd[1]: Detected architecture x86-64. | |
acme # [ 4.841595] systemd[1]: Initializing machine ID from random generator. | |
client # [ 5.005216] systemd[1]: Queued start job for default target Multi-User System. | |
client # [ 5.009026] systemd[1]: Created slice Slice /system/getty. | |
client # [ 5.010622] systemd[1]: Created slice Slice /system/modprobe. | |
client # [ 5.012115] systemd[1]: Created slice User and Session Slice. | |
client # [ 5.012960] systemd[1]: Started Dispatch Password Requests to Console Directory Watch. | |
webserver # [ 4.887098] systemd[1]: Inserted module 'autofs4' | |
client # [ 5.013999] systemd[1]: Started Forward Password Requests to Wall Directory Watch. | |
client # [ 5.015070] systemd[1]: Reached target Local Encrypted Volumes. | |
client # [ 5.015901] systemd[1]: Reached target Containers. | |
client # [ 5.016573] systemd[1]: Reached target Path Units. | |
client # [ 5.017273] systemd[1]: Reached target Remote File Systems. | |
client # [ 5.018043] systemd[1]: Reached target Slice Units. | |
client # [ 5.018718] systemd[1]: Reached target Swaps. | |
client # [ 5.022782] systemd[1]: Listening on Process Core Dump Socket. | |
client # [ 5.023986] systemd[1]: Listening on Journal Audit Socket. | |
client # [ 5.024764] systemd[1]: Listening on Journal Socket (/dev/log). | |
client # [ 5.025709] systemd[1]: Listening on Journal Socket. | |
client # [ 5.026954] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket. | |
client # [ 5.028881] systemd[1]: Listening on udev Control Socket. | |
client # [ 5.029865] systemd[1]: Listening on udev Kernel Socket. | |
client # [ 5.032152] systemd[1]: Mounting Huge Pages File System... | |
client # [ 5.034135] systemd[1]: Mounting POSIX Message Queue File System... | |
client # [ 5.037190] systemd[1]: Mounting Kernel Debug File System... | |
client # [ 5.045067] systemd[1]: Starting Create List of Static Device Nodes... | |
client # [ 5.048638] systemd[1]: Starting Load Kernel Module configfs... | |
client # [ 5.053352] systemd[1]: Starting Load Kernel Module drm... | |
client # [ 5.059176] systemd[1]: Starting Load Kernel Module efi_pstore... | |
client # [ 5.065518] systemd[1]: Starting Load Kernel Module fuse... | |
client # [ 5.076193] systemd[1]: Starting mount-pstore.service... | |
client # [ 5.077288] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 4.946209] systemd[1]: systemd 252.4 running in system mode (+PAM +AUDIT -SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK -XKBCOMMON +UTMP -SYSVINIT default-hierarchy=unified) | |
webserver # [ 4.958955] systemd[1]: Detected virtualization kvm. | |
webserver # [ 4.961110] systemd[1]: Detected architecture x86-64. | |
webserver # [ 4.968922] systemd[1]: Initializing machine ID from random generator. | |
client # [ 5.102679] systemd[1]: Starting Journal Service... | |
dnsserver # [ 5.054859] systemd[1]: bpf-lsm: LSM BPF program attached | |
client # [ 5.111796] systemd[1]: Starting Load Kernel Modules... | |
client # [ 5.130069] fuse: init (API version 7.34) | |
client # [ 5.131448] systemd[1]: Starting Remount Root and Kernel File Systems... | |
client # [ 5.158497] systemd[1]: Starting Coldplug All udev Devices... | |
client # [ 5.205158] systemd[1]: Mounted Huge Pages File System. | |
acme # [ 5.237590] systemd[1]: bpf-lsm: LSM BPF program attached | |
client # [ 5.218998] systemd[1]: Mounted POSIX Message Queue File System. | |
client # [ 5.232853] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
client # [ 5.238681] systemd[1]: Mounted Kernel Debug File System. | |
client # [ 5.257508] systemd[1]: Finished Create List of Static Device Nodes. | |
client # [ 5.271060] audit: type=1130 audit(1674330715.970:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.274276] systemd[1]: modprobe@configfs.service: Deactivated successfully. | |
client # [ 5.280230] systemd[1]: Finished Load Kernel Module configfs. | |
client # [ 5.287306] audit: type=1130 audit(1674330715.986:3): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.290549] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
client # [ 5.291391] audit: type=1131 audit(1674330715.989:4): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.297071] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. | |
client # [ 5.300910] systemd[1]: Finished Load Kernel Module efi_pstore. | |
client # [ 5.304106] systemd[1]: modprobe@fuse.service: Deactivated successfully. | |
client # [ 5.304944] audit: type=1130 audit(1674330716.000:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.313930] systemd[1]: Finished Load Kernel Module fuse. | |
client # [ 5.318376] audit: type=1131 audit(1674330716.000:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.328922] systemd[1]: Finished Remount Root and Kernel File Systems. | |
client # [ 5.339686] audit: type=1130 audit(1674330716.013:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.346732] systemd[1]: modprobe@drm.service: Deactivated successfully. | |
client # [ 5.354954] systemd[1]: Finished Load Kernel Module drm. | |
client # [ 5.358883] audit: type=1131 audit(1674330716.013:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.373542] tun: Universal TUN/TAP device driver, 1.6 | |
client # [ 5.387991] systemd[1]: Mounting FUSE Control File System... | |
client # [ 5.408930] audit: type=1130 audit(1674330716.034:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-remount-fs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.420209] loop: module loaded | |
client # [ 5.428041] systemd[1]: Mounting Kernel Configuration File System... | |
client # [ 5.445990] systemd[1]: Starting Load/Save Random Seed... | |
client # [ 5.450665] audit: type=1130 audit(1674330716.075:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # [ 5.361845] systemd-modules-load[463]: Inserted module 'bridge' | |
client # [ 5.461351] systemd[1]: Starting Create Static Device Nodes in /dev... | |
client # [ 5.368623] systemd-modules-load[463]: Inserted module 'macvlan'[ 5.465172] audit: type=1131 audit(1674330716.075:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
client # | |
client # [ 5.480701] systemd[1]: Started Journal Service. | |
client # [ 5.387481] systemd-modules-load[463]: Inserted module 'tap' | |
client # [ 5.396566] systemd-modules-load[463]: Inserted module 'tun' | |
webserver # [ 5.370086] systemd[1]: bpf-lsm: LSM BPF program attached | |
client # [ 5.400796] systemd-modules-load[463]: Inserted module 'loop' | |
client # [ 5.412193] systemd[1]: Finished Load Kernel Modules. | |
client # [ 5.444157] systemd[1]: Mounted FUSE Control File System. | |
client # [ 5.558590] systemd-journald[462]: Received client request to flush runtime journal. | |
dnsserver # [ 5.585099] systemd[1]: Queued start job for default target Multi-User System. | |
dnsserver # [ 5.590959] systemd[1]: Created slice Slice /system/getty. | |
dnsserver # [ 5.594052] systemd[1]: Created slice Slice /system/modprobe. | |
dnsserver # [ 5.597103] systemd[1]: Created slice User and Session Slice. | |
dnsserver # [ 5.599509] systemd[1]: Started Dispatch Password Requests to Console Directory Watch. | |
dnsserver # [ 5.602720] systemd[1]: Started Forward Password Requests to Wall Directory Watch. | |
dnsserver # [ 5.605842] systemd[1]: Reached target Local Encrypted Volumes. | |
dnsserver # [ 5.608216] systemd[1]: Reached target Containers. | |
dnsserver # [ 5.610249] systemd[1]: Reached target Path Units. | |
dnsserver # [ 5.612238] systemd[1]: Reached target Remote File Systems. | |
dnsserver # [ 5.614635] systemd[1]: Reached target Slice Units. | |
dnsserver # [ 5.616742] systemd[1]: Reached target Swaps. | |
dnsserver # [ 5.622440] systemd[1]: Listening on Process Core Dump Socket. | |
dnsserver # [ 5.625518] systemd[1]: Listening on Journal Audit Socket. | |
dnsserver # [ 5.629286] systemd[1]: Listening on Journal Socket (/dev/log). | |
dnsserver # [ 5.631960] systemd[1]: Listening on Journal Socket. | |
dnsserver # [ 5.634848] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket. | |
dnsserver # [ 5.639609] systemd[1]: Listening on udev Control Socket. | |
dnsserver # [ 5.642762] systemd[1]: Listening on udev Kernel Socket. | |
dnsserver # [ 5.646882] systemd[1]: Mounting Huge Pages File System... | |
dnsserver # [ 5.650986] systemd[1]: Mounting POSIX Message Queue File System... | |
dnsserver # [ 5.657796] systemd[1]: Mounting Kernel Debug File System... | |
dnsserver # [ 5.666392] systemd[1]: Starting Create List of Static Device Nodes... | |
dnsserver # [ 5.675204] systemd[1]: Starting Load Kernel Module configfs... | |
dnsserver # [ 5.682947] systemd[1]: Starting Load Kernel Module drm... | |
dnsserver # [ 5.690377] systemd[1]: Starting Load Kernel Module efi_pstore... | |
client # [ 5.648979] systemd[1]: Mounted Kernel Configuration File System. | |
acme # [ 5.768325] systemd[1]: Queued start job for default target Multi-User System. | |
acme # [ 5.772945] systemd[1]: Created slice Slice /system/getty. | |
acme # [ 5.775537] systemd[1]: Created slice Slice /system/modprobe. | |
dnsserver # [ 5.704937] systemd[1]: Starting Load Kernel Module fuse... | |
acme # [ 5.777590] systemd[1]: Created slice User and Session Slice. | |
acme # [ 5.778366] systemd[1]: Started Dispatch Password Requests to Console Directory Watch. | |
acme # [ 5.779360] systemd[1]: Started Forward Password Requests to Wall Directory Watch. | |
client # [ 5.666229] systemd[1]: Finished Load/Save Random Seed. | |
acme # [ 5.780353] systemd[1]: Reached target Local Encrypted Volumes. | |
acme # [ 5.781021] systemd[1]: Reached target Containers. | |
acme # [ 5.781920] systemd[1]: Reached target Path Units. | |
acme # [ 5.782605] systemd[1]: Reached target Remote File Systems. | |
acme # [ 5.783447] systemd[1]: Reached target Slice Units. | |
acme # [ 5.783971] systemd[1]: Reached target Swaps. | |
dnsserver # [ 5.713341] systemd[1]: Starting mount-pstore.service... | |
acme # [ 5.787491] systemd[1]: Listening on Process Core Dump Socket. | |
client # [ 5.672639] systemd[1]: Starting Firewall... | |
acme # [ 5.788813] systemd[1]: Listening on Journal Audit Socket. | |
acme # [ 5.789605] systemd[1]: Listening on Journal Socket (/dev/log). | |
acme # [ 5.790404] systemd[1]: Listening on Journal Socket. | |
dnsserver # [ 5.716360] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
acme # [ 5.791373] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket. | |
acme # [ 5.793257] systemd[1]: Listening on udev Control Socket. | |
acme # [ 5.794104] systemd[1]: Listening on udev Kernel Socket. | |
acme # [ 5.796017] systemd[1]: Mounting Huge Pages File System... | |
acme # [ 5.797696] systemd[1]: Mounting POSIX Message Queue File System... | |
acme # [ 5.799607] systemd[1]: Mounting Kernel Debug File System... | |
acme # [ 5.804616] systemd[1]: Starting Create List of Static Device Nodes... | |
acme # [ 5.814374] systemd[1]: Starting Load Kernel Module configfs... | |
client # [ 5.694535] systemd[1]: Starting Flush Journal to Persistent Storage... | |
acme # [ 5.818538] systemd[1]: Starting Load Kernel Module drm... | |
dnsserver # [ 5.749245] fuse: init (API version 7.34) | |
acme # [ 5.822367] systemd[1]: Starting Load Kernel Module efi_pstore... | |
acme # [ 5.829354] systemd[1]: Starting Load Kernel Module fuse... | |
dnsserver # [ 5.757631] systemd[1]: Starting Journal Service... | |
client # [ 5.709168] systemd[1]: Starting Apply Kernel Variables... | |
dnsserver # [ 5.774248] systemd[1]: Starting Load Kernel Modules... | |
acme # [ 5.847637] systemd[1]: Starting mount-pstore.service... | |
acme # [ 5.850468] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
dnsserver # [ 5.787993] systemd[1]: Starting Remount Root and Kernel File Systems... | |
acme # [ 5.868422] systemd[1]: Starting Journal Service... | |
client # [ 5.738366] systemd[1]: Finished Coldplug All udev Devices. | |
acme # [ 5.881813] systemd[1]: Starting Load Kernel Modules... | |
dnsserver # [ 5.820985] systemd[1]: Starting Coldplug All udev Devices... | |
acme # [ 5.894695] fuse: init (API version 7.34) | |
client # [ 5.772681] systemd[1]: Finished Create Static Device Nodes in /dev. | |
acme # [ 5.907775] systemd[1]: Starting Remount Root and Kernel File Systems... | |
client # [ 5.803763] systemd[1]: Reached target Preparation for Local File Systems. | |
client # [ 5.813175] systemd[1]: Reached target Local File Systems. | |
dnsserver # [ 5.862825] audit: type=1334 audit(1674330717.299:2): prog-id=61 op=LOAD | |
dnsserver # [ 5.866404] audit: type=1334 audit(1674330717.302:3): prog-id=0 op=UNLOAD | |
acme # [ 5.948547] systemd[1]: Starting Coldplug All udev Devices... | |
dnsserver # [ 5.882069] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
dnsserver # [ 5.893616] audit: type=1334 audit(1674330717.302:4): prog-id=0 op=UNLOAD | |
dnsserver # [ 5.895778] systemd[1]: Mounted Huge Pages File System. | |
acme # [ 5.970268] audit: type=1334 audit(1674330717.382:2): prog-id=58 op=LOAD | |
client # [ 5.845560] systemd[1]: Starting Rule-based Manager for Device Events and Files... | |
acme # [ 5.975260] audit: type=1334 audit(1674330717.386:3): prog-id=59 op=LOAD | |
dnsserver # [ 5.913486] systemd[1]: Mounted POSIX Message Queue File System. | |
acme # [ 5.985711] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
acme # [ 5.994552] audit: type=1334 audit(1674330717.390:4): prog-id=0 op=UNLOAD | |
dnsserver # [ 5.928835] systemd[1]: Mounted Kernel Debug File System. | |
client # [ 5.881563] systemd[1]: Finished Apply Kernel Variables. | |
acme # [ 6.004889] systemd[1]: Mounted Huge Pages File System. | |
acme # [ 6.012217] audit: type=1334 audit(1674330717.390:5): prog-id=0 op=UNLOAD | |
dnsserver # [ 5.943760] systemd[1]: Finished Create List of Static Device Nodes. | |
client # [ 5.901612] systemd-udevd[488]: Using default interface naming scheme 'v252'. | |
acme # [ 6.022557] systemd[1]: Mounted POSIX Message Queue File System. | |
client # [ 5.912809] systemd[1]: Finished Flush Journal to Persistent Storage. | |
acme # [ 6.032231] audit: type=1334 audit(1674330717.393:6): prog-id=60 op=LOAD | |
dnsserver # [ 5.955706] audit: type=1130 audit(1674330717.392:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
dnsserver # [ 5.966113] systemd[1]: modprobe@configfs.service: Deactivated successfully. | |
acme # [ 6.038496] systemd[1]: Mounted Kernel Debug File System. | |
acme # [ 6.044196] audit: type=1334 audit(1674330717.393:7): prog-id=61 op=LOAD | |
dnsserver # [ 5.972691] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. | |
acme # [ 6.054332] systemd[1]: Finished Create List of Static Device Nodes. | |
dnsserver # [ 5.985627] systemd[1]: Finished Load Kernel Module configfs. | |
acme # [ 6.060219] audit: type=1334 audit(1674330717.393:8): prog-id=0 op=UNLOAD | |
dnsserver # [ 5.994113] systemd[1]: modprobe@drm.service: Deactivated successfully. | |
client # [ 5.947406] systemd[1]: Starting Create Volatile Files and Directories... | |
acme # [ 6.071137] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. | |
dnsserver # [ 5.997645] audit: type=1130 audit(1674330717.430:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
acme # [ 6.078626] systemd[1]: modprobe@configfs.service: Deactivated successfully. | |
client # [ 5.962011] systemd[1]: Started Rule-based Manager for Device Events and Files. | |
acme # [ 6.083621] audit: type=1334 audit(1674330717.393:9): prog-id=0 op=UNLOAD | |
dnsserver # [ 6.016807] systemd[1]: Finished Load Kernel Module drm. | |
acme # [ 6.091580] systemd[1]: Finished Load Kernel Module configfs. | |
acme # [ 6.095277] audit: type=1130 audit(1674330717.489:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
dnsserver # [ 6.030956] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 5.960095] systemd[1]: Queued start job for default target Multi-User System. | |
webserver # [ 5.966109] systemd[1]: Created slice Slice /system/getty. | |
acme # [ 6.109759] systemd[1]: modprobe@drm.service: Deactivated successfully. | |
webserver # [ 5.968747] systemd[1]: Created slice Slice /system/modprobe. | |
dnsserver # [ 6.042450] tun: Universal TUN/TAP device driver, 1.6 | |
client # [ 6.000491] systemd[1]: Finished Create Volatile Files and Directories. | |
webserver # [ 5.972516] systemd[1]: Created slice User and Session Slice. | |
webserver # [ 5.974939] systemd[1]: Started Dispatch Password Requests to Console Directory Watch. | |
acme # [ 6.122689] systemd[1]: Finished Load Kernel Module drm. | |
webserver # [ 5.978843] systemd[1]: Started Forward Password Requests to Wall Directory Watch. | |
client # [ 6.008898] systemd[1]: Starting Rebuild Journal Catalog... | |
webserver # [ 5.982276] systemd[1]: Reached target Local Encrypted Volumes. | |
dnsserver # [ 6.048596] audit: type=1131 audit(1674330717.430:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 5.984995] systemd[1]: Reached target Containers. | |
acme # [ 6.129090] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 5.987049] systemd[1]: Reached target Path Units. | |
client # [ 6.017588] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer... | |
dnsserver # [ 6.060610] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 5.989258] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 5.991368] systemd[1]: Reached target Slice Units. | |
webserver # [ 5.993571] systemd[1]: Reached target Swaps. | |
client # [ 6.025497] systemd[1]: Starting Record System Boot/Shutdown in UTMP... | |
dnsserver # [ 6.068101] systemd[1]: modprobe@fuse.service: Deactivated successfully. | |
client # [ 6.028476] systemd[1]: Finished Record System Boot/Shutdown in UTMP. | |
client # [ 6.032885] systemd[1]: Finished Rebuild Journal Catalog. | |
acme # [ 6.139273] audit: type=1130 audit(1674330717.521:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 6.004534] systemd[1]: Listening on Process Core Dump Socket. | |
client # [ 6.037556] systemd[1]: Starting Update is Completed... | |
webserver # [ 6.007669] systemd[1]: Listening on Journal Audit Socket. | |
dnsserver # [ 6.082639] systemd[1]: Finished Load Kernel Module fuse. | |
webserver # [ 6.010264] systemd[1]: Listening on Journal Socket (/dev/log). | |
client # [ 6.042231] systemd[1]: Finished Update is Completed. | |
dnsserver # [ 6.085328] loop: module loaded | |
acme # [ 6.155659] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 6.012852] systemd[1]: Listening on Journal Socket. | |
webserver # [ 6.015625] systemd[1]: Listening on Userspace Out-Of-Memory (OOM) Killer Socket. | |
acme # [ 6.160036] tun: Universal TUN/TAP device driver, 1.6 | |
dnsserver # [ 6.092921] systemd[1]: Started Journal Service. | |
webserver # [ 6.020185] systemd[1]: Listening on udev Control Socket. | |
webserver # [ 6.023046] systemd[1]: Listening on udev Kernel Socket. | |
acme # [ 6.165733] systemd[1]: modprobe@fuse.service: Deactivated successfully. | |
webserver # [ 6.027314] systemd[1]: Mounting Huge Pages File System... | |
dnsserver # [ 6.096284] audit: type=1130 audit(1674330717.463:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 6.032192] systemd[1]: Mounting POSIX Message Queue File System... | |
dnsserver # [ 5.977829] systemd-modules-load[464]: Inserted module 'bridge' | |
acme # [ 6.180321] systemd[1]: Finished Load Kernel Module fuse. | |
webserver # [ 6.041442] systemd[1]: Mounting Kernel Debug File System... | |
acme # [ 6.189321] loop: module loaded | |
dnsserver # [ 5.981388] systemd-modules-load[464]: Inserted module 'macvlan' | |
client # [ 6.075553] systemd-oomd[519]: Swap is currently not detected; memory pressure usage will be degraded | |
webserver # [ 6.050205] systemd[1]: Starting Create List of Static Device Nodes... | |
acme # [ 6.194833] systemd[1]: Finished Remount Root and Kernel File Systems. | |
webserver # [ 6.056858] systemd[1]: Starting Load Kernel Module configfs... | |
client # [ 6.083679] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer. | |
webserver # [ 6.063173] systemd[1]: Starting Load Kernel Module drm... | |
dnsserver # [ 5.995976] systemd-modules-load[464]: Inserted module 'tap' | |
acme # [ 6.214427] systemd[1]: Started Journal Service. | |
dnsserver # [ 6.008008] systemd-modules-load[464]: Inserted module 'tun'[ 6.146656] audit: type=1131 audit(1674330717.463:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 6.080059] systemd[1]: Starting Load Kernel Module efi_pstore... | |
dnsserver # | |
acme # [ 6.079329] systemd-modules-load[464]: Inserted module 'bridge' | |
dnsserver # [ 6.026092] systemd-modules-load[464]: Inserted module 'loop' | |
webserver # [ 6.090223] systemd[1]: Starting Load Kernel Module fuse... | |
acme # [ 6.089168] systemd-modules-load[464]: Inserted module 'macvlan' | |
dnsserver # [ 6.037020] systemd[1]: Finished Load Kernel Modules. | |
acme # [ 6.101799] systemd-modules-load[464]: Inserted module 'tap' | |
dnsserver # [ 6.179552] audit: type=1130 audit(1674330717.504:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 6.115979] systemd[1]: Starting mount-pstore.service... | |
acme # [ 6.110719] systemd-modules-load[464]: Inserted module 'tun' | |
dnsserver # [ 6.060049] systemd[1]: Finished Remount Root and Kernel File Systems. | |
acme # [ 6.120033] systemd-modules-load[464]: Inserted module 'loop' | |
webserver # [ 6.127052] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
dnsserver # [ 6.204014] audit: type=1131 audit(1674330717.504:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
acme # [ 6.133967] systemd[1]: Finished Load Kernel Modules. | |
webserver # [ 6.153287] systemd[1]: Starting Journal Service... | |
dnsserver # [ 6.088335] systemd[1]: Mounting FUSE Control File System... | |
acme # [ 6.157816] systemd[1]: Mounting FUSE Control File System... | |
webserver # [ 6.175445] fuse: init (API version 7.34) | |
webserver # [ 6.178019] systemd[1]: Starting Load Kernel Modules... | |
dnsserver # [ 6.254446] systemd-journald[463]: Received client request to flush runtime journal. | |
acme # [ 6.335745] systemd-journald[463]: Received client request to flush runtime journal. | |
webserver # [ 6.200997] systemd[1]: Starting Remount Root and Kernel File Systems... | |
client # [ 6.257088] systemd[1]: Found device /dev/ttyS0. | |
webserver # [ 6.239006] systemd[1]: Starting Coldplug All udev Devices... | |
client # [ 6.271580] systemd-udevd[514]: Network interface NamePolicy= disabled on kernel command line. | |
client # [ 6.283244] systemd[1]: Found device /dev/hvc0. | |
client # [ 6.291354] systemd-udevd[515]: Network interface NamePolicy= disabled on kernel command line. | |
webserver # [ 6.299950] systemd[1]: Mounted Huge Pages File System. | |
acme # [ 6.330495] systemd[1]: Mounting Kernel Configuration File System... | |
webserver # [ 6.352712] EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: none. | |
acme # [ 6.359546] systemd[1]: Starting Firewall... | |
webserver # [ 6.366526] systemd[1]: Mounted POSIX Message Queue File System. | |
webserver # [ 6.370109] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. | |
acme # [ 6.370415] systemd[1]: Starting Flush Journal to Persistent Storage... | |
webserver # [ 6.383058] systemd[1]: Mounted Kernel Debug File System. | |
dnsserver # [ 6.315345] systemd[1]: Mounting Kernel Configuration File System... | |
dnsserver # [ 6.328747] systemd[1]: Starting Firewall... | |
webserver # [ 6.393101] systemd[1]: Finished Create List of Static Device Nodes. | |
dnsserver # [ 6.333983] systemd[1]: Starting Flush Journal to Persistent Storage... | |
webserver # [ 6.402351] audit: type=1130 audit(1674330717.855:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
acme # [ 6.399772] systemd[1]: Starting Load/Save Random Seed... | |
dnsserver # [ 6.350950] systemd[1]: Starting Load/Save Random Seed... | |
webserver # [ 6.413152] systemd[1]: modprobe@configfs.service: Deactivated successfully. | |
webserver # [ 6.420822] systemd[1]: Finished Load Kernel Module configfs. | |
acme # [ 6.416482] systemd[1]: Starting Apply Kernel Variables... | |
webserver # [ 6.424209] systemd[1]: modprobe@drm.service: Deactivated successfully. | |
acme # [ 6.426055] systemd[1]: Starting Create Static Device Nodes in /dev... | |
dnsserver # [ 6.366041] systemd[1]: Starting Apply Kernel Variables... | |
webserver # [ 6.426335] audit: type=1130 audit(1674330717.877:3): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
acme # [ 6.431720] systemd[1]: Finished Coldplug All udev Devices. | |
webserver # [ 6.444131] systemd[1]: Finished Load Kernel Module drm. | |
acme # [ 6.439731] systemd[1]: Mounted FUSE Control File System. | |
client # [ 6.473934] systemd[1]: Found device Virtio network device. | |
dnsserver # [ 6.384212] systemd[1]: Starting Create Static Device Nodes in /dev... | |
webserver # [ 6.448718] tun: Universal TUN/TAP device driver, 1.6 | |
acme # [ 6.450434] systemd[1]: Mounted Kernel Configuration File System. | |
webserver # [ 6.455477] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 6.461778] systemd[1]: Finished Load Kernel Module efi_pstore. | |
dnsserver # [ 6.401845] systemd[1]: Finished Coldplug All udev Devices. | |
webserver # [ 6.469011] audit: type=1131 audit(1674330717.877:4): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@configfs comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
acme # [ 6.479856] systemd[1]: Finished Load/Save Random Seed. | |
webserver # [ 6.484606] systemd[1]: modprobe@fuse.service: Deactivated successfully. | |
webserver # [ 6.489124] loop: module loaded | |
acme # [ 6.494612] systemd[1]: Finished Apply Kernel Variables. | |
webserver # [ 6.499128] systemd[1]: Finished Load Kernel Module fuse. | |
dnsserver # [ 6.440682] systemd[1]: Mounted FUSE Control File System. | |
acme # [ 6.507152] systemd[1]: Finished Flush Journal to Persistent Storage. | |
webserver # [ 6.513759] audit: type=1130 audit(1674330717.908:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 6.522027] systemd[1]: Finished Load Kernel Modules. | |
acme # [ 6.519467] systemd[1]: Finished Create Static Device Nodes in /dev. | |
dnsserver # [ 6.457227] systemd[1]: Mounted Kernel Configuration File System. | |
webserver # [ 6.535807] systemd[1]: Finished Remount Root and Kernel File Systems. | |
acme # [ 6.541602] systemd[1]: Reached target Preparation for Local File Systems. | |
webserver # [ 6.554724] audit: type=1131 audit(1674330717.908:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@drm comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
dnsserver # [ 6.489590] systemd[1]: Finished Load/Save Random Seed. | |
webserver # [ 6.449844] systemd-modules-load[464]: Inserted module 'bridge'[ 6.567422] systemd[1]: Mounting FUSE Control File System... | |
webserver # | |
webserver # [ 6.473400] systemd-modules-load[464]: Inserted module 'macvlan' | |
acme # [ 6.584638] systemd[1]: Reached target Local File Systems. | |
dnsserver # [ 6.524870] systemd[1]: Finished Apply Kernel Variables. | |
webserver # [ 6.489385] systemd-modules-load[464]: Inserted module 'tap'[ 6.596919] systemd[1]: Mounting Kernel Configuration File System... | |
webserver # [ 6.600698] audit: type=1130 audit(1674330717.937:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # | |
webserver # [ 6.508557] systemd-modules-load[464]: Inserted module 'tun' | |
webserver # [ 6.515394] systemd-modules-load[464]: Inserted module 'loop' | |
dnsserver # [ 6.544697] systemd[1]: Finished Create Static Device Nodes in /dev. | |
webserver # [ 6.626062] systemd[1]: Starting Firewall... | |
client # [ 6.654460] systemd-udevd[515]: event_source: Failed to get device name: No such file or directory | |
webserver # [ 6.630026] systemd[1]: Starting Load/Save Random Seed... | |
webserver # [ 6.631969] audit: type=1131 audit(1674330717.937:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@efi_pstore comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
webserver # [ 6.640134] systemd[1]: Starting Apply Kernel Variables... | |
acme # [ 6.633925] systemd[1]: Starting Create Volatile Files and Directories... | |
webserver # [ 6.641863] audit: type=1130 audit(1674330717.961:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
dnsserver # [ 6.590467] systemd[1]: Reached target Preparation for Local File Systems. | |
dnsserver # [ 6.599707] systemd[1]: Reached target Local File Systems. | |
webserver # [ 6.660589] systemd[1]: Starting Create Static Device Nodes in /dev... | |
acme # [ 6.649569] systemd[1]: Starting Rule-based Manager for Device Events and Files... | |
dnsserver # [ 6.607746] systemd[1]: Starting Rule-based Manager for Device Events and Files... | |
webserver # [ 6.669995] audit: type=1131 audit(1674330717.961:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=modprobe@fuse comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
acme # [ 6.664416] systemd[1]: Finished Create Volatile Files and Directories. | |
dnsserver # [ 6.613398] systemd[1]: Finished Flush Journal to Persistent Storage. | |
dnsserver # [ 6.617626] systemd[1]: Starting Create Volatile Files and Directories... | |
webserver # [ 6.688118] systemd[1]: Started Journal Service. | |
dnsserver # [ 6.624974] systemd-udevd[492]: Using default interface naming scheme 'v252'. | |
dnsserver # [ 6.630752] systemd[1]: Finished Create Volatile Files and Directories. | |
acme # [ 6.680802] systemd[1]: Starting Rebuild Journal Catalog... | |
webserver # [ 6.698426] audit: type=1130 audit(1674330717.985:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-modules-load comm="systemd" exe="/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' | |
dnsserver # [ 6.646582] systemd[1]: Starting Rebuild Journal Catalog... | |
acme # [ 6.700523] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer... | |
dnsserver # [ 6.649778] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer... | |
webserver # [ 6.621709] systemd[1]: Finished Coldplug All udev Devices. | |
dnsserver # [ 6.658783] systemd[1]: Starting Record System Boot/Shutdown in UTMP... | |
client # [ 6.852226] mousedev: PS/2 mouse device common for all mice | |
acme # [ 6.729897] systemd[1]: Starting Record System Boot/Shutdown in UTMP... | |
dnsserver # [ 6.670828] systemd[1]: Started Rule-based Manager for Device Events and Files. | |
webserver # [ 6.636215] systemd[1]: Mounted FUSE Control File System. | |
dnsserver # [ 6.690333] systemd[1]: Finished Record System Boot/Shutdown in UTMP. | |
acme # [ 6.752181] systemd-udevd[497]: Using default interface naming scheme 'v252'. | |
webserver # [ 6.655847] systemd[1]: Mounted Kernel Configuration File System. | |
dnsserver # [ 6.704978] systemd[1]: Finished Rebuild Journal Catalog. | |
webserver # [ 6.667415] systemd[1]: Finished Load/Save Random Seed. | |
dnsserver # [ 6.720603] systemd[1]: Starting Update is Completed... | |
acme # [ 6.774578] systemd[1]: Finished Record System Boot/Shutdown in UTMP. | |
webserver # [ 6.684155] systemd[1]: Finished Apply Kernel Variables. | |
dnsserver # [ 6.733359] systemd[1]: Finished Update is Completed. | |
acme # [ 6.792981] systemd[1]: Finished Rebuild Journal Catalog. | |
webserver # [ 6.695060] systemd[1]: Finished Create Static Device Nodes in /dev. | |
webserver # [ 6.811117] systemd-journald[463]: Received client request to flush runtime journal. | |
client # [ 6.940850] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3 | |
acme # [ 6.814152] systemd[1]: Starting Update is Completed... | |
dnsserver # [ 6.776278] systemd-oomd[510]: Swap is currently not detected; memory pressure usage will be degraded | |
acme # [ 6.829931] systemd[1]: Finished Update is Completed. | |
dnsserver # [ 6.778602] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer. | |
acme # [ 6.842601] systemd[1]: Started Rule-based Manager for Device Events and Files. | |
client # [ 6.885558] systemd[1]: Finished Firewall. | |
client # [ 6.986845] ACPI: button: Power Button [PWRF] | |
acme # [ 6.858689] systemd-oomd[510]: Swap is currently not detected; memory pressure usage will be degraded | |
acme # [ 6.869201] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer. | |
client # [ 7.018570] parport_pc 00:03: reported by Plug and Play ACPI | |
client # [ 7.036961] Floppy drive(s): fd0 is 2.88M AMI BIOS | |
client # [ 7.056724] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)] | |
client # [ 7.066241] FDC 0 is a S82078B | |
client # [ 7.071621] Linux agpgart interface v0.103 | |
client # [ 7.086444] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 | |
client # [ 7.107996] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4 | |
client # [ 7.023361] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[468]: Persistent Storage backend was not registered in time. | |
client # [ 7.026252] systemd[1]: Finished mount-pstore.service. | |
client # [ 7.027579] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
dnsserver # [ 6.963216] systemd-udevd[514]: Network interface NamePolicy= disabled on kernel command line. | |
client # connecting to host... | |
client # [ 7.064798] systemd[1]: Reached target System Initialization. | |
dnsserver # [ 6.985584] systemd-udevd[516]: Network interface NamePolicy= disabled on kernel command line. | |
dnsserver # [ 6.994656] systemd[1]: Found device /dev/hvc0. | |
webserver # [ 6.936740] systemd[1]: Reached target Preparation for Local File Systems. | |
dnsserver # [ 7.001938] systemd[1]: Found device /dev/ttyS0. | |
webserver # [ 6.960483] systemd[1]: Reached target Local File Systems. | |
acme # [ 7.066372] systemd-udevd[524]: Network interface NamePolicy= disabled on kernel command line. | |
webserver # [ 6.968352] systemd[1]: Starting Flush Journal to Persistent Storage... | |
acme # [ 7.072012] systemd-udevd[529]: Network interface NamePolicy= disabled on kernel command line. | |
acme # [ 7.087930] systemd[1]: Found device /dev/ttyS0. | |
acme # [ 7.095281] systemd[1]: Found device /dev/hvc0. | |
webserver # [ 6.994609] systemd[1]: Starting Rule-based Manager for Device Events and Files... | |
client # [ 7.234380] 8021q: 802.1Q VLAN Support v1.8 | |
client # [ 7.154571] systemd[1]: Started logrotate.timer. | |
webserver # [ 7.038779] systemd-udevd[490]: Using default interface naming scheme 'v252'. | |
client # [ 7.190930] dhcpcd[637]: dhcpcd-9.4.1 starting | |
webserver # [ 7.075349] systemd[1]: Started Rule-based Manager for Device Events and Files. | |
webserver # [ 7.080324] systemd[1]: Finished Flush Journal to Persistent Storage. | |
client # [ 7.201995] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[636]: No rules | |
webserver # [ 7.089824] systemd[1]: Starting Create Volatile Files and Directories... | |
webserver # [ 7.100219] systemd[1]: Finished Create Volatile Files and Directories. | |
webserver # [ 7.106079] systemd[1]: Starting Rebuild Journal Catalog... | |
client # [ 7.230883] systemd[1]: Started Daily Cleanup of Temporary Directories. | |
webserver # [ 7.123541] systemd[1]: Starting Userspace Out-Of-Memory (OOM) Killer... | |
client # [ 7.254288] dhcpcd[647]: dev: loaded udev | |
client # sh: cannot set terminal process group (-1): Inappropriate ioctl for device | |
acme # [ 7.234375] systemd[1]: Found device Virtio network device. | |
dnsserver # [ 7.177385] systemd[1]: Found device Virtio network device. | |
webserver # [ 7.135874] systemd[1]: Starting Record System Boot/Shutdown in UTMP... | |
client # sh: no job control in this shell | |
webserver # [ 7.139440] systemd[1]: Finished Record System Boot/Shutdown in UTMP. | |
webserver # [ 7.146316] systemd[1]: Finished Rebuild Journal Catalog. | |
client # [ 7.272616] systemd[1]: Reached target Timer Units. | |
webserver # [ 7.150344] systemd[1]: Starting Update is Completed... | |
webserver # [ 7.156664] systemd[1]: Finished Update is Completed. | |
client # [ 7.291763] nscd[655]: 655 monitoring file `/etc/passwd` (1) | |
client # [ 7.317557] logrotate[643]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
acme # [ 7.325342] systemd-udevd[529]: event_source: Failed to get device name: No such file or directory | |
client # [ 7.354947] logrotate[643]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf | |
webserver # [ 7.257401] systemd-oomd[534]: Swap is currently not detected; memory pressure usage will be degraded | |
client # [ 7.384903] logrotate[643]: note: 'monthly' overrides previously specified 'weekly' | |
dnsserver # [ 7.311362] systemd-udevd[518]: event_source: Failed to get device name: No such file or directory | |
webserver # [ 7.268370] systemd[1]: Started Userspace Out-Of-Memory (OOM) Killer. | |
client # [ 7.402884] logrotate[643]: Reading state from file: /var/lib/logrotate.status | |
dnsserver # [ 7.469882] mousedev: PS/2 mouse device common for all mice | |
client # [ 7.426371] logrotate[643]: state file /var/lib/logrotate.status does not exist | |
acme # [ 7.552278] mousedev: PS/2 mouse device common for all mice | |
client # [ 7.440833] logrotate[643]: Allocating hash table for state file, size 64 entries | |
client # [ 7.452604] logrotate[643]: Handling 2 logs | |
client # [ 7.453248] logrotate[643]: rotating pattern: "/var/log/btmp" monthly (1 rotations)[ 7.551777] cryptd: max_cpu_qlen set to 1000 | |
client # | |
client # [ 7.459787] logrotate[643]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
client # [ 7.465985] logrotate[643]: considering log /var/log/btmp | |
client # [ 7.470447] logrotate[643]: Creating new state | |
client # [ 7.471027] logrotate[643]: Now: 2023-01-21 19:51 | |
client # [ 7.477565] logrotate[643]: Last rotated at 2023-01-21 19:00 | |
client # [ 7.478238] logrotate[643]: log does not need rotating (log has already been rotated) | |
client # [ 7.486112] logrotate[643]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
webserver # [ 7.372072] systemd[1]: Found device /dev/hvc0. | |
client # [ 7.491597] logrotate[643]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
client # [ 7.508379] logrotate[643]: considering log /var/log/wtmp | |
client # [ 7.509033] logrotate[643]: Creating new state | |
client # [ 7.511603] logrotate[643]: Now: 2023-01-21 19:51 | |
dnsserver # [ 7.554737] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3 | |
webserver # [ 7.375541] systemd-udevd[515]: Network interface NamePolicy= disabled on kernel command line. | |
webserver # [ 7.381162] systemd[1]: Found device /dev/ttyS0. | |
dnsserver # [ 7.560086] ACPI: button: Power Button [PWRF] | |
client # [ 7.512175] logrotate[643]: Last rotated at 2023-01-21 19:00 | |
client # [ 7.520968] logrotate[643]: log does not need rotating (log has already been rotated) | |
acme # [ 7.637835] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3 | |
client # [ 7.530669] systemd[1]: Listening on D-Bus System Message Bus Socket. | |
client # [ 7.534599] nscd[655]: 655 monitoring directory `/etc` (2) | |
client # [ 7.544432] systemd[1]: Listening on Nix Daemon Socket. | |
acme # [ 7.667188] ACPI: button: Power Button [PWRF] | |
webserver # [ 7.421808] systemd-udevd[517]: Network interface NamePolicy= disabled on kernel command line. | |
client # [ 7.545160] nscd[655]: 655 monitoring file `/etc/group` (3) | |
client # [ 7.568228] systemd[1]: Reached target Socket Units. | |
client # [ 7.576685] nscd[655]: 655 monitoring directory `/etc` (2) | |
dnsserver # [ 7.490202] systemd[1]: Finished Firewall. | |
dnsserver # [ 7.630382] parport_pc 00:03: reported by Plug and Play ACPI | |
client # [ 7.586682] systemd[1]: Reached target Basic System. | |
client # [ 7.687864] cfg80211: Loading compiled-in X.509 certificates for regulatory database | |
dnsserver # [ 7.635330] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)] | |
dnsserver # [ 7.638703] Floppy drive(s): fd0 is 2.88M AMI BIOS | |
client # [ 7.595742] nscd[655]: 655 monitoring file `/etc/hosts` (4)[ 7.696931] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6 | |
client # [ 7.698172] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5 | |
client # | |
dnsserver # [ 7.650814] FDC 0 is a S82078B | |
dnsserver # [ 7.654095] Linux agpgart interface v0.103 | |
client # [ 7.607925] dbus-daemon[667]: dbus[667]: Unknown username "systemd-timesync" in message bus configuration file | |
client # [ 7.620676] systemd[1]: Starting Kernel Auditing... | |
dnsserver # [ 7.683391] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4 | |
client # [ 7.639043] nscd[655]: 655 monitoring directory `/etc` (2) | |
dnsserver # [ 7.687259] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 | |
client # [ 7.645217] systemd[1]: Started backdoor.service. | |
client # [ 7.648749] nscd[655]: 655 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory | |
client # [ 7.663190] systemd[1]: Starting DHCP Client... | |
acme # [ 7.779219] parport_pc 00:03: reported by Plug and Play ACPI | |
client # [ 7.669074] nscd[655]: 655 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory[ 7.769295] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' | |
acme # [ 7.787852] Floppy drive(s): fd0 is 2.88M AMI BIOS | |
client # [ 7.773280] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 | |
client # [ 7.778349] 8021q: adding VLAN 0 to HW filter on device eth1 | |
dnsserver # [ 7.728493] cryptd: max_cpu_qlen set to 1000 | |
client # [ 7.781000] cfg80211: failed to load regulatory.db | |
acme # [ 7.801467] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)] | |
client # | |
acme # [ 7.665148] systemd[1]: Finished Firewall. | |
acme # [ 7.813443] FDC 0 is a S82078B | |
dnsserver # [ 7.748039] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6 | |
dnsserver # [ 7.748991] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5 | |
client # [ 7.700741] systemd[1]: Starting Logrotate configuration check... | |
client # [ 7.713019] nscd[655]: 655 monitoring file `/etc/services` (5) | |
dnsserver # [ 7.779927] AVX2 version of gcm_enc/dec engaged. | |
webserver # [ 7.602711] systemd[1]: Found device Virtio network device. | |
acme # [ 7.849221] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 | |
client # [ 7.730968] network-addresses-eth1-start[707]: adding address 192.168.1.2/24... done | |
dnsserver # [ 7.789687] AES CTR mode by8 optimization enabled | |
acme # [ 7.861850] Linux agpgart interface v0.103 | |
client # [ 7.747158] systemd[1]: Starting Name Service Cache Daemon... | |
client # [ 7.759478] nscd[655]: 655 monitoring directory `/etc` (2) | |
client # [ 7.771262] systemd[1]: Started Reset console on configuration changes. | |
acme # [ 7.897564] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4 | |
client # [ 7.784824] nscd[655]: 655 monitoring file `/etc/netgroup` (6) | |
dnsserver # [ 7.837795] ppdev: user-space parallel port driver | |
client # [ 7.891973] 8021q: adding VLAN 0 to HW filter on device eth0 | |
client # [ 7.799213] systemd[1]: Starting resolvconf update...[ 7.896790] AVX2 version of gcm_enc/dec engaged. | |
client # | |
client # [ 7.809307] nscd[655]: 655 monitoring directory `/etc` (2) | |
client # [ 7.821772] systemd[1]: Finished Kernel Auditing. | |
client # [ 7.832632] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7) | |
client # [ 7.841806] systemd[1]: Finished Logrotate configuration check. | |
acme # [ 7.960765] cryptd: max_cpu_qlen set to 1000 | |
client # [ 7.945481] AES CTR mode by8 optimization enabled | |
client # [ 7.852290] nscd[655]: 655 monitoring directory `/etc` (2) | |
dnsserver # [ 7.768412] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[468]: Persistent Storage backend was not registered in time. | |
client # [ 7.857063] systemd[1]: Started Name Service Cache Daemon. | |
acme # [ 7.978981] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6 | |
client # [ 7.867265] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 7.782889] systemd[1]: Finished mount-pstore.service. | |
acme # [ 7.840118] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[469]: Persistent Storage backend was not registered in time.[ 7.992297] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5 | |
client # [ 7.871880] systemd[1]: Reached target Host and Network Name Lookups. | |
acme # | |
webserver # [ 7.751412] systemd-udevd[515]: event_source: Failed to get device name: No such file or directory | |
client # [ 7.884276] nscd[655]: 655 monitoring directory `/etc` (2) | |
client # [ 7.890822] systemd[1]: Reached target User and Group Name Lookups. | |
acme # [ 7.856886] systemd[1]: Finished mount-pstore.service. | |
dnsserver # [ 7.803533] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
dnsserver # connecting to host... | |
client # [ 7.902838] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 7.820384] systemd[1]: Reached target System Initialization. | |
client # [ 7.908495] systemd[1]: Starting D-Bus System Message Bus... | |
client # [ 7.916926] nscd[655]: 655 monitoring directory `/etc` (2) | |
webserver # [ 7.891715] mousedev: PS/2 mouse device common for all mice | |
client # [ 7.923996] systemd[1]: Starting User Login Management... | |
acme # [ 7.870051] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
acme # connecting to host... | |
client # [ 7.934419] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7) | |
client # [ 7.949889] systemd[1]: Started D-Bus System Message Bus. | |
dnsserver # [ 7.863546] dhcpcd[665]: dhcpcd-9.4.1 starting | |
dnsserver # [ 8.011188] 8021q: 802.1Q VLAN Support v1.8 | |
client # [ 7.962018] nscd[655]: 655 monitoring directory `/etc` (2) | |
acme # [ 7.935696] systemd[1]: Reached target System Initialization. | |
acme # [ 7.943121] dhcpcd[646]: dhcpcd-9.4.1 starting | |
client # [ 7.971814] systemd[1]: Stopped target Host and Network Name Lookups. | |
acme # [ 7.956096] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[645]: No rules[ 8.102706] 8021q: 802.1Q VLAN Support v1.8 | |
acme # | |
client # [ 7.990616] nscd[655]: 655 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver: connected to guest root shell | |
acme # [ 7.967342] systemd[1]: Started logrotate.timer. | |
client # [ 8.008825] systemd[1]: Stopping Host and Network Name Lookups... | |
client # [ 8.016897] nscd[655]: 655 monitoring directory `/etc` (2) | |
client # [ 8.024924] systemd[1]: Stopped target User and Group Name Lookups. | |
client # [ 8.029727] nscd[710]: 710 monitoring file `/etc/passwd` (1) | |
client # [ 8.032253] systemd[1]: Stopping User and Group Name Lookups... | |
client # [ 8.041842] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.047448] systemd[1]: Stopping Name Service Cache Daemon... | |
client # [ 8.053114] nscd[710]: 710 monitoring file `/etc/group` (3) | |
client # [ 8.054885] systemd[1]: nscd.service: Deactivated successfully. | |
client # [ 8.057953] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.060949] systemd[1]: Stopped Name Service Cache Daemon. | |
client # [ 8.064196] nscd[710]: 710 monitoring file `/etc/hosts` (4) | |
client # [ 8.066243] systemd[1]: Starting Name Service Cache Daemon... | |
client # [ 8.070106] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.072557] systemd[1]: Finished resolvconf update. | |
client # [ 8.074839] nscd[710]: 710 monitoring file `/etc/resolv.conf` (5) | |
client # [ 8.080815] systemd[1]: Reached target Preparation for Network. | |
client # [ 8.082971] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.085238] systemd[1]: Reached target All Network Interfaces (deprecated). | |
client # [ 8.092663] nscd[710]: 710 monitoring file `/etc/services` (6) | |
client # [ 8.096491] systemd[1]: Starting Address configuration of eth1... | |
client # [ 8.099184] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.100038] systemd[1]: Started Name Service Cache Daemon. | |
client # [ 8.102472] nscd[710]: 710 monitoring file `/etc/netgroup` (7) | |
client # [ 8.103125] systemd[1]: Reached target Host and Network Name Lookups. | |
client # [ 8.106226] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.107754] systemd[1]: Reached target User and Group Name Lookups. | |
client # [ 8.108569] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 8.110702] systemd-logind[670]: New seat seat0. | |
client # [ 8.113033] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.114064] systemd[1]: Started User Login Management. | |
client # [ 8.115550] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 8.116280] systemd[1]: Finished Address configuration of eth1. | |
client # [ 8.120960] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.121622] systemd[1]: Starting Networking Setup... | |
client # [ 8.122267] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 8.124571] systemd[1]: Stopped target Host and Network Name Lookups. | |
client # [ 8.126436] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.127149] systemd[1]: Stopping Host and Network Name Lookups... | |
client # [ 8.129804] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 8.131533] systemd[1]: Stopped target User and Group Name Lookups. | |
client # [ 8.133523] nscd[710]: 710 monitoring directory `/etc` (2) | |
client # [ 8.134236] systemd[1]: Stopping User and Group Name Lookups... | |
client # [ 8.136590] nscd[710]: 710 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 7.875388] systemd[1]: Finished Firewall. | |
webserver # [ 7.983324] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3 | |
webserver # [ 7.992673] ACPI: button: Power Button [PWRF] | |
webserver # [ 8.029077] parport_pc 00:03: reported by Plug and Play ACPI | |
webserver # [ 8.035713] parport0: PC-style at 0x378, irq 7 [PCSPP(,...)] | |
webserver # [ 8.041832] Floppy drive(s): fd0 is 2.88M AMI BIOS | |
webserver # [ 8.054392] FDC 0 is a S82078B | |
webserver # [ 8.092322] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 | |
webserver # [ 8.107308] Linux agpgart interface v0.103 | |
acme # [ 7.988952] dhcpcd[654]: dev: loaded udev | |
acme # [ 8.015145] systemd[1]: Started Daily Cleanup of Temporary Directories. | |
acme # [ 8.078578] nscd[664]: 664 monitoring file `/etc/passwd` (1) | |
acme # [ 8.096180] systemd[1]: Reached target Timer Units. | |
dnsserver # [ 7.909130] systemd[1]: Started logrotate.timer. | |
dnsserver # [ 7.950891] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[666]: No rules | |
dnsserver # [ 8.012019] dhcpcd[672]: dev: loaded udev | |
dnsserver # [ 8.018961] systemd[1]: Started Daily Cleanup of Temporary Directories.[ 8.162066] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console | |
dnsserver # | |
dnsserver # [ 8.037287] logrotate[667]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
dnsserver: (connecting took 8.48 seconds) | |
(finished: waiting for the VM to finish booting, in 8.62 seconds) | |
client # [ 8.138672] systemd[1]: Stopping Name Service Cache Daemon... | |
dnsserver # sh: cannot set terminal process group (-1): Inappropriate ioctl for device | |
client # [ 8.140600] nscd[710]: 710 monitoring directory `/etc` (2) | |
acme # [ 8.107363] logrotate[649]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
client # [ 8.142316] systemd[1]: nscd.service: Deactivated successfully. | |
dnsserver # sh: no job control in this shell | |
client # [ 8.144241] dhcpcd[647]: eth0: waiting for carrier | |
client # [ 8.146646] systemd[1]: Stopped Name Service Cache Daemon. | |
client # [ 8.149833] dhcpcd[647]: eth0: carrier acquired | |
acme # sh: cannot set terminal process group (-1): Inappropriate ioctl for device | |
client # [ 8.154957] systemd[1]: Starting Name Service Cache Daemon... | |
client # [ 8.160841] dhcpcd[647]: DUID 00:01:00:01:2b:5e:fe:de:52:54:00:12:34:56 | |
dnsserver # [ 8.056122] logrotate[667]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf | |
client # [ 8.166829] systemd[1]: Finished Networking Setup. | |
client # [ 8.172775] dhcpcd[647]: eth0: IAID 00:12:34:56 | |
acme # [ 8.121557] logrotate[649]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf | |
acme # sh: no job control in this shell | |
webserver # [ 8.149226] input: QEMU Virtio Keyboard as /devices/pci0000:00/0000:00:0a.0/virtio7/input/input4 | |
client # [ 8.178661] systemd[1]: Starting Extra networking commands.... | |
client # [ 8.186371] dhcpcd[647]: eth0: adding address fe80::5054:ff:fe12:3456 | |
webserver # [ 8.171616] cryptd: max_cpu_qlen set to 1000 | |
client # [ 8.198611] systemd[1]: Finished Extra networking commands..[ 8.298292] NET: Registered PF_PACKET protocol family | |
client # | |
acme # [ 8.154905] logrotate[649]: note: 'monthly' overrides previously specified 'weekly' | |
client # [ 8.208432] nscd[710]: 710 monitored file `/etc/resolv.conf` was written to | |
acme # [ 8.179652] logrotate[649]: Reading state from file: /var/lib/logrotate.status | |
acme # [ 8.187446] logrotate[649]: state file /var/lib/logrotate.status does not exist | |
dnsserver # [ 8.262623] Console: switching to colour dummy device 80x25 | |
client # [ 8.217593] systemd[1]: Reached target Network. | |
acme # [ 8.191968] logrotate[649]: Allocating hash table for state file, size 64 entries | |
webserver # [ 8.201538] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input6 | |
client # [ 8.227995] nscd[800]: 800 monitoring file `/etc/passwd` (1) | |
webserver # [ 8.206019] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input5 | |
acme # [ 8.199710] logrotate[649]: Handling 2 logs | |
client # [ 8.236084] systemd[1]: Started Name Service Cache Daemon. | |
client # [ 8.338618] ppdev: user-space parallel port driver | |
client # [ 8.246253] nscd[800]: 800 monitoring directory `/etc` (2) | |
acme # [ 8.211758] logrotate[649]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
client # [ 8.251676] systemd[1]: Reached target Host and Network Name Lookups. | |
client # [ 8.262384] nscd[800]: 800 monitoring file `/etc/group` (3) | |
client # [ 8.271601] systemd[1]: Reached target User and Group Name Lookups. | |
webserver # [ 8.249214] AVX2 version of gcm_enc/dec engaged. | |
acme # [ 8.224841] logrotate[649]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
client # [ 8.280786] nscd[800]: 800 monitoring directory `/etc` (2) | |
client # [ 8.289517] systemd[1]: Starting Permit User Sessions... | |
webserver # [ 8.264963] AES CTR mode by8 optimization enabled | |
client # [ 8.296938] nscd[800]: 800 monitoring file `/etc/hosts` (4) | |
acme # [ 8.258388] logrotate[649]: considering log /var/log/btmp | |
dnsserver # [ 8.085610] logrotate[667]: note: 'monthly' overrides previously specified 'weekly' | |
client # [ 8.306866] systemd[1]: Finished Permit User Sessions. | |
acme # [ 8.276437] logrotate[649]: Creating new state | |
client # [ 8.318785] nscd[800]: 800 monitoring directory `/etc` (2) | |
dnsserver # [ 8.226785] logrotate[667]: Reading state from file: /var/lib/logrotate.status[ 8.369955] [drm] Found bochs VGA, ID 0xb0c5. | |
dnsserver # [ 8.372079] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000. | |
client # [ 8.327581] systemd[1]: Started Getty on tty1. | |
acme # [ 8.289019] logrotate[649]: Now: 2023-01-21 19:51 | |
client # [ 8.334564] nscd[800]: 800 monitoring file `/etc/resolv.conf` (5) | |
webserver # [ 8.204401] sgvmj3isr64xwslwa4a69qik2x5rzcdh-mount-pstore.sh[469]: Persistent Storage backend was not registered in time. | |
client # [ 8.341602] systemd[1]: Reached target Login Prompts. | |
dnsserver # | |
acme # [ 8.306638] logrotate[649]: Last rotated at 2023-01-21 19:00 | |
acme # [ 8.468773] AVX2 version of gcm_enc/dec engaged. | |
client # [ 8.351719] nscd[800]: 800 monitoring directory `/etc` (2) | |
webserver # [ 8.218124] systemd[1]: Finished mount-pstore.service. | |
dnsserver # [ 8.257979] logrotate[667]: state file /var/lib/logrotate.status does not exist | |
acme # [ 8.331346] logrotate[649]: log does not need rotating (log has already been rotated) | |
client # [ 8.358851] systemd-logind[670]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard) | |
acme # [ 8.336526] logrotate[649]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
client # [ 8.371629] nscd[800]: 800 monitoring file `/etc/services` (6) | |
acme # [ 8.343713] logrotate[649]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
acme # [ 8.352472] logrotate[649]: considering log /var/log/wtmp | |
client # [ 8.380140] systemd-logind[670]: Watching system buttons on /dev/input/event2 (Power Button)[ 8.483880] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console | |
acme # [ 8.353092] logrotate[649]: Creating new state | |
client # | |
acme # [ 8.359526] logrotate[649]: Now: 2023-01-21 19:51 | |
dnsserver # [ 8.280684] logrotate[667]: Allocating hash table for state file, size 64 entries | |
client # [ 8.392897] nscd[800]: 800 monitoring directory `/etc` (2) | |
webserver # [ 8.244151] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # connecting to host... | |
(finished: waiting for unit pebble-challtestsrv.service, in 8.89 seconds) | |
acme # [ 8.360143] logrotate[649]: Last rotated at 2023-01-21 19:00 | |
client: waiting for unit default.target | |
client # [ 8.399738] systemd-logind[670]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard) | |
client # [ 8.410261] nscd[800]: 800 monitoring file `/etc/netgroup` (7) | |
client: waiting for the VM to finish booting | |
acme # [ 8.373058] logrotate[649]: log does not need rotating (log has already been rotated) | |
acme # [ 8.378988] nscd[664]: 664 monitoring directory `/etc` (2) | |
client: connected to guest root shell | |
dnsserver # [ 8.309573] logrotate[667]: Handling 2 logs | |
client: (connecting took 0.00 seconds) | |
(finished: waiting for the VM to finish booting, in 0.00 seconds) | |
dnsserver # [ 8.320849] logrotate[667]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
acme # [ 8.383132] systemd[1]: Listening on D-Bus System Message Bus Socket. | |
acme # [ 8.393734] nscd[664]: 664 monitoring file `/etc/group` (3) | |
acme # [ 8.407460] systemd[1]: Listening on Nix Daemon Socket. | |
client # [ 8.420118] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. | |
dnsserver # [ 8.327286] logrotate[667]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 8.297138] systemd[1]: Reached target System Initialization. | |
acme # [ 8.408597] pebble[661]: Pebble 2023/01/21 19:51:59 Starting Pebble ACME server | |
dnsserver # [ 8.353666] logrotate[667]: considering log /var/log/btmp | |
client # [ 8.443588] nscd[800]: 800 monitoring directory `/etc` (2) | |
acme # [ 8.418909] pebble[661]: Pebble 2023/01/21 19:51:59 Setting OCSP responder URL for issued certificates to "http://acme.test:4002"[ 8.568006] AES CTR mode by8 optimization enabled | |
dnsserver # [ 8.498337] [drm] Found EDID data blob. | |
webserver # [ 8.320167] dhcpcd[655]: dhcpcd-9.4.1 starting[ 8.426746] 8021q: 802.1Q VLAN Support v1.8 | |
acme # | |
dnsserver # [ 8.367660] logrotate[667]: Creating new state | |
acme # [ 8.574515] cfg80211: Loading compiled-in X.509 certificates for regulatory database | |
webserver # | |
client # [ 8.455069] systemd[1]: Stopped target Host and Network Name Lookups. | |
dnsserver # [ 8.371405] logrotate[667]: Now: 2023-01-21 19:51 | |
acme # [ 8.433193] nscd[664]: 664 monitoring directory `/etc` (2) | |
acme # [ 8.448748] systemd[1]: Reached target Socket Units. | |
dnsserver # [ 8.393241] logrotate[667]: Last rotated at 2023-01-21 19:00 | |
dnsserver # [ 8.544941] cfg80211: Loading compiled-in X.509 certificates for regulatory database | |
webserver # [ 8.359102] 5riy0743w43f2fljnp9rflm64nnvdfka-audit-disable[653]: No rules | |
client # [ 8.604042] Console: switching to colour dummy device 80x25 | |
acme # [ 8.468092] nscd[664]: 664 monitoring file `/etc/hosts` (4) | |
dnsserver # [ 8.416743] logrotate[667]: log does not need rotating (log has already been rotated) | |
webserver # [ 8.385132] systemd[1]: Started logrotate.timer. | |
dnsserver # [ 8.434739] logrotate[667]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
client # [ 8.471612] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 8.489026] systemd[1]: Reached target Basic System. | |
dnsserver # [ 8.579344] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0 | |
client # [ 8.542862] systemd[1]: Stopping Host and Network Name Lookups...[ 8.640785] [drm] Found bochs VGA, ID 0xb0c5. | |
client # [ 8.642592] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000. | |
client # | |
client # [ 8.551397] nscd[800]: 800 monitoring directory `/etc` (2) | |
webserver # [ 8.418517] dhcpcd[669]: dev: loaded udev | |
client # [ 8.555638] systemd[1]: Stopped target User and Group Name Lookups. | |
acme # [ 8.525331] nscd[664]: 664 monitoring directory `/etc` (2) | |
client # [ 8.562104] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 8.679427] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' | |
acme # [ 8.681703] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 | |
webserver # [ 8.421341] systemd[1]: Started Daily Cleanup of Temporary Directories. | |
acme # [ 8.683649] cfg80211: failed to load regulatory.db | |
client # [ 8.569881] systemd[1]: Stopping User and Group Name Lookups... | |
dnsserver # [ 8.461322] logrotate[667]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
client # [ 8.576598] nscd[800]: 800 monitoring directory `/etc` (2) | |
webserver # [ 8.445268] nscd[680]: 680 monitoring file `/etc/passwd` (1) | |
acme # [ 8.555734] systemd[1]: Starting Kernel Auditing... | |
webserver # sh: cannot set terminal process group (-1): Inappropriate ioctl for device | |
client # [ 8.582741] systemd[1]: Stopping Name Service Cache Daemon... | |
webserver # sh: no job control in this shell | |
acme # [ 8.710918] 8021q: adding VLAN 0 to HW filter on device eth1 | |
dnsserver # [ 8.496951] logrotate[667]: considering log /var/log/wtmp | |
acme # [ 8.568467] dbus-daemon[682]: dbus[682]: Unknown username "systemd-timesync" in message bus configuration file | |
client # [ 8.597920] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 8.582550] nscd[664]: 664 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory | |
acme # [ 8.588926] systemd[1]: Started backdoor.service. | |
dnsserver # [ 8.519941] logrotate[667]: Creating new state | |
client # [ 8.614521] systemd[1]: nscd.service: Deactivated successfully.[ 8.722572] [drm] Found EDID data blob. | |
client # | |
webserver # [ 8.461453] logrotate[660]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
client # [ 8.631229] nscd[800]: 800 monitoring directory `/etc` (2) | |
dnsserver # [ 8.537426] logrotate[667]: Now: 2023-01-21 19:51[ 8.677552] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' | |
acme # [ 8.596656] nscd[664]: 664 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory | |
dnsserver # [ 8.682366] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 | |
webserver # [ 8.502812] logrotate[660]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf | |
dnsserver # | |
acme # [ 8.612436] systemd[1]: Starting DHCP Client... | |
dnsserver # [ 8.690032] cfg80211: failed to load regulatory.db | |
client # [ 8.635513] dhcpcd[637]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found. | |
webserver # [ 8.511856] logrotate[660]: note: 'monthly' overrides previously specified 'weekly' | |
webserver # [ 8.519101] logrotate[660]: Reading state from file: /var/lib/logrotate.status | |
client # [ 8.652909] dhcpcd[637]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found.[ 8.752084] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0 | |
dnsserver # [ 8.560470] logrotate[667]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 8.525231] logrotate[660]: state file /var/lib/logrotate.status does not exist | |
client # | |
acme # [ 8.621879] nscd[664]: 664 monitoring file `/etc/services` (5) | |
webserver # [ 8.531965] logrotate[660]: Allocating hash table for state file, size 64 entries | |
dnsserver # [ 8.571451] logrotate[667]: log does not need rotating (log has already been rotated) | |
webserver # [ 8.538151] logrotate[660]: Handling 2 logs | |
dnsserver # [ 8.718335] 8021q: adding VLAN 0 to HW filter on device eth1 | |
client # [ 8.662760] dhcpcd[637]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found. | |
acme # [ 8.634091] systemd[1]: Starting Logrotate configuration check... | |
webserver # [ 8.545147] logrotate[660]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
client # [ 8.678987] systemd[1]: Stopped Name Service Cache Daemon. | |
acme # [ 8.802548] 8021q: adding VLAN 0 to HW filter on device eth0 | |
dnsserver # [ 8.595749] nscd[684]: 684 monitoring file `/etc/passwd` (1) | |
webserver # [ 8.555042] logrotate[660]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 8.563025] logrotate[660]: considering log /var/log/btmp | |
webserver # [ 8.563750] logrotate[660]: Creating new state | |
dnsserver # [ 8.608798] systemd[1]: Reached target Timer Units. | |
acme # [ 8.662808] network-addresses-eth1-start[727]: adding address 192.168.1.1/24... done | |
webserver # [ 8.571813] logrotate[660]: Now: 2023-01-21 19:51 | |
webserver # [ 8.577770] logrotate[660]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 8.584574] logrotate[660]: log does not need rotating (log has already been rotated) | |
acme # [ 8.680656] nscd[664]: 664 monitoring directory `/etc` (2) | |
webserver # [ 8.590213] logrotate[660]: rotating pattern: "/var/log/wtmp" monthly (1 rotations)[ 8.696823] ppdev: user-space parallel port driver | |
dnsserver # [ 8.630022] nscd[684]: 684 monitoring directory `/etc` (2) | |
webserver # | |
acme # [ 8.693386] systemd[1]: Starting Name Service Cache Daemon... | |
dnsserver # [ 8.638991] systemd[1]: Listening on D-Bus System Message Bus Socket. | |
webserver # [ 8.596993] logrotate[660]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 8.612157] logrotate[660]: considering log /var/log/wtmp | |
acme # [ 8.707345] nscd[664]: 664 monitoring file `/etc/netgroup` (6) | |
webserver # [ 8.612785] logrotate[660]: Creating new state | |
webserver # [ 8.617302] logrotate[660]: Now: 2023-01-21 19:51 | |
acme # [ 8.717769] systemd[1]: Started Pebble ACME server. | |
webserver # [ 8.623133] logrotate[660]: Last rotated at 2023-01-21 19:00 | |
dnsserver # [ 8.806889] 8021q: adding VLAN 0 to HW filter on device eth0 | |
acme # [ 8.728262] nscd[664]: 664 monitoring directory `/etc` (2) | |
webserver # [ 8.627598] logrotate[660]: log does not need rotating (log has already been rotated) | |
acme # [ 8.735717] systemd[1]: Started Reset console on configuration changes. | |
dnsserver # [ 8.676970] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating HTTP-01 challenge server on :5002 | |
acme # [ 8.746928] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7) | |
webserver # [ 8.646334] systemd[1]: Reached target Timer Units. | |
acme # [ 8.757750] systemd[1]: Starting resolvconf update... | |
dnsserver # [ 8.695745] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating HTTPS HTTP-01 challenge server on :5003 | |
acme # [ 8.765854] nscd[664]: 664 monitoring directory `/etc` (2) | |
acme # [ 8.780466] systemd[1]: Finished Kernel Auditing. | |
webserver # [ 8.659566] nscd[680]: 680 monitoring directory `/etc` (2) | |
acme # [ 8.786709] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7) | |
acme # [ 8.794739] systemd[1]: Finished Logrotate configuration check. | |
acme # [ 8.798451] nscd[664]: 664 monitoring directory `/etc` (2) | |
acme # [ 8.800769] systemd[1]: Started Name Service Cache Daemon. | |
acme # [ 8.806664] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7) | |
webserver # [ 8.692442] systemd[1]: Listening on D-Bus System Message Bus Socket. | |
acme # [ 8.809523] systemd[1]: Reached target Host and Network Name Lookups. | |
acme # [ 8.812010] nscd[664]: 664 monitoring directory `/etc` (2) | |
acme # [ 8.816103] systemd[1]: Reached target User and Group Name Lookups. | |
acme # [ 8.819635] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7) | |
webserver # [ 8.711165] nscd[680]: 680 monitoring file `/etc/group` (3) | |
acme # [ 8.823602] systemd[1]: Starting D-Bus System Message Bus... | |
acme # [ 8.827505] nscd[664]: 664 monitoring directory `/etc` (2) | |
acme # [ 8.828563] systemd[1]: Starting User Login Management... | |
acme # [ 8.833433] nscd[664]: 664 monitoring file `/etc/nsswitch.conf` (7) | |
acme # [ 8.834070] systemd[1]: Started D-Bus System Message Bus. | |
webserver # [ 8.728548] systemd[1]: Listening on Nix Daemon Socket. | |
acme # [ 8.841831] nscd[664]: 664 monitoring directory `/etc` (2) | |
acme # [ 8.845781] systemd[1]: Stopped target Host and Network Name Lookups. | |
acme # [ 8.857847] nscd[725]: 725 monitoring file `/etc/passwd` (1) | |
webserver # [ 8.746372] nscd[680]: 680 monitoring directory `/etc` (2) | |
acme # [ 8.861984] systemd[1]: Stopping Host and Network Name Lookups... | |
acme # [ 8.869009] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 8.872963] systemd[1]: Stopped target User and Group Name Lookups. | |
client # [ 8.779579] fbcon: bochs-drmdrmfb (fb0) is primary device | |
acme # [ 8.878517] nscd[725]: 725 monitoring file `/etc/group` (3) | |
acme # [ 8.879068] systemd[1]: Stopping User and Group Name Lookups... | |
acme # [ 8.884632] nscd[725]: 725 monitoring directory `/etc` (2) | |
webserver # [ 8.776800] systemd[1]: Reached target Socket Units.[ 8.886262] cfg80211: Loading compiled-in X.509 certificates for regulatory database | |
webserver # | |
acme # [ 8.885128] systemd[1]: Stopping Name Service Cache Daemon...[ 9.036591] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console | |
acme # | |
acme # [ 8.894184] nscd[725]: 725 monitoring file `/etc/hosts` (4) | |
webserver # [ 8.793651] nscd[680]: 680 monitoring file `/etc/hosts` (4) | |
acme # [ 8.900008] systemd[1]: nscd.service: Deactivated successfully. | |
acme # [ 8.906335] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 8.914062] systemd[1]: Stopped Name Service Cache Daemon. | |
webserver # [ 8.808338] dbus-daemon[698]: dbus[698]: Unknown username "systemd-timesync" in message bus configuration file[ 8.924323] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console | |
webserver # | |
acme # [ 8.919902] nscd[725]: 725 monitoring file `/etc/resolv.conf` (5) | |
webserver # [ 8.835250] systemd[1]: Reached target Basic System.[ 8.942700] 8021q: adding VLAN 0 to HW filter on device eth1 | |
webserver # | |
webserver # [ 8.850443] nscd[680]: 680 monitoring directory `/etc` (2) | |
webserver # [ 8.865315] systemd[1]: Starting Kernel Auditing... | |
dnsserver # [ 8.841639] fbcon: bochs-drmdrmfb (fb0) is primary device | |
webserver # [ 8.871860] nscd[680]: 680 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory[ 8.980005] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' | |
webserver # [ 8.986154] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 | |
acme # [ 9.089682] NET: Registered PF_PACKET protocol family | |
webserver # | |
client # [ 8.999114] Console: switching to colour frame buffer device 160x50 | |
client # [ 9.135696] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device | |
acme # [ 9.134883] Console: switching to colour dummy device 80x25 | |
client # [ 8.749952] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.050229] systemd[1]: Starting Name Service Cache Daemon... | |
webserver # [ 8.996028] cfg80211: failed to load regulatory.db | |
client # [ 9.056998] nscd[800]: 800 monitoring directory `/etc` (2) | |
acme # [ 8.928591] systemd[1]: Starting Name Service Cache Daemon... | |
acme # [ 9.031082] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 9.034058] systemd[1]: Finished resolvconf update. | |
client # [ 9.062805] systemd[1]: Started Name Service Cache Daemon. | |
acme # [ 9.034860] nscd[725]: 725 monitoring file `/etc/services` (6) | |
acme # [ 9.037508] systemd[1]: Reached target Preparation for Network. | |
client # [ 9.067810] nscd[800]: 800 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 9.041303] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 9.042040] systemd[1]: Reached target All Network Interfaces (deprecated).[ 9.188178] [drm] Found bochs VGA, ID 0xb0c5. | |
acme # [ 9.188738] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000. | |
client # [ 9.073860] systemd[1]: Started DHCP Client. | |
acme # | |
acme # [ 9.049334] nscd[725]: 725 monitoring file `/etc/netgroup` (7) | |
client # [ 9.078809] nscd[800]: 800 monitoring directory `/etc` (2) | |
acme # [ 9.050091] systemd[1]: Starting Address configuration of eth1... | |
acme # [ 9.054494] nscd[725]: 725 monitoring directory `/etc` (2) | |
client # [ 9.084910] systemd[1]: Reached target Network is Online. | |
acme # [ 9.055175] systemd[1]: Started Name Service Cache Daemon. | |
client # [ 9.090025] dhcpcd[647]: eth0: soliciting a DHCP lease | |
acme # [ 9.060779] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.095881] systemd[1]: Reached target Multi-User System. | |
acme # [ 9.064891] systemd[1]: Reached target Host and Network Name Lookups. | |
webserver # [ 9.030124] Console: switching to colour dummy device 80x25 | |
client # [ 9.100981] dhcpcd[647]: eth0: offered 10.0.2.15 from 10.0.2.2 | |
acme # [ 9.068962] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 9.071448] systemd[1]: Reached target User and Group Name Lookups. | |
acme # [ 9.074349] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.106254] systemd[1]: Reached target Host and Network Name Lookups. | |
acme # [ 9.080466] systemd-logind[685]: New seat seat0. | |
acme # [ 9.082799] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 9.085544] systemd[1]: Started User Login Management. | |
client # [ 9.113695] dhcpcd[647]: eth0: leased 10.0.2.15 for 86400 seconds | |
acme # [ 9.232441] [drm] Found EDID data blob. | |
acme # [ 9.089888] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.119701] systemd[1]: Reached target User and Group Name Lookups. | |
acme # [ 9.239112] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0 | |
dnsserver # [ 9.041975] Console: switching to colour frame buffer device 160x50 | |
acme # [ 9.095501] systemd[1]: Finished Address configuration of eth1. | |
client # [ 9.125695] dhcpcd[647]: eth0: adding route to 10.0.2.0/24 | |
dnsserver # [ 9.170448] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device | |
acme # [ 9.099327] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 9.100057] systemd[1]: Starting Networking Setup... | |
acme # [ 9.104495] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.130810] systemd[1]: Startup finished in 3.794s (kernel) + 4.844s (userspace) = 8.639s. | |
dnsserver # [ 8.781250] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating TCP and UDP DNS-01 challenge server on :53 | |
client # [ 9.138522] dhcpcd[647]: eth0: adding default route via 10.0.2.2 | |
acme # [ 9.108353] systemd-logind[685]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard) | |
acme # [ 9.113157] nscd[725]: 725 monitoring directory `/etc` (2) | |
acme # [ 9.116487] systemd[1]: Stopped target Host and Network Name Lookups. | |
webserver # [ 8.913633] systemd[1]: Started backdoor.service. | |
client # [ 9.144699] nscd[800]: 800 monitored file `/etc/resolv.conf` was written to | |
acme # [ 9.119383] nscd[725]: 725 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.150894] nscd[875]: 875 monitoring file `/etc/passwd` (1)[ 9.248837] kvm: Nested Virtualization enabled | |
acme # [ 9.120136] systemd[1]: Stopping Host and Network Name Lookups... | |
webserver # [ 9.016316] nscd[680]: 680 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory[ 9.124750] [drm] Found bochs VGA, ID 0xb0c5. | |
client # [ 9.250804] SVM: kvm: Nested Paging enabled | |
client # | |
acme # [ 9.125523] nscd[725]: 725 monitoring directory `/etc` (2) | |
webserver # [ 9.126394] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebd0000. | |
client # [ 9.157652] nscd[875]: 875 monitoring directory `/etc` (2) | |
webserver # | |
client # [ 9.160793] nscd[875]: 875 monitoring file `/etc/group` (3) | |
acme # [ 9.130127] systemd[1]: Stopped target User and Group Name Lookups. | |
acme # [ 9.133654] dhcpcd[654]: eth0: waiting for carrier | |
webserver # [ 9.027680] network-addresses-eth1-start[732]: adding address 192.168.1.4/24... done | |
client # [ 9.165434] nscd[875]: 875 monitoring directory `/etc` (2) | |
client # [ 9.171087] nscd[875]: 875 monitoring file `/etc/hosts` (4) | |
webserver # [ 9.037022] systemd[1]: Starting DHCP Client... | |
client # [ 9.175853] nscd[875]: 875 monitoring directory `/etc` (2) | |
webserver # [ 9.045505] nscd[680]: 680 monitoring file `/etc/services` (5) | |
client # [ 9.183463] nscd[875]: 875 monitoring file `/etc/resolv.conf` (5) | |
client # [ 9.188756] nscd[875]: 875 monitoring directory `/etc` (2) | |
client # [ 9.192954] nscd[875]: 875 monitoring file `/etc/services` (6) | |
webserver # [ 9.056458] systemd[1]: Starting Logrotate configuration check... | |
client # [ 9.199520] nscd[875]: 875 monitoring directory `/etc` (2) | |
client # [ 9.204131] nscd[875]: 875 monitoring file `/etc/netgroup` (7) | |
webserver # [ 9.064315] nscd[680]: 680 monitoring directory `/etc` (2) | |
client # [ 9.208490] nscd[875]: 875 monitoring directory `/etc` (2) | |
client # [ 9.216286] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.076516] systemd[1]: Starting Name Service Cache Daemon... | |
client # [ 9.222007] nscd[875]: 875 monitoring directory `/etc` (2) | |
client # [ 9.225817] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.091411] nscd[680]: 680 monitoring file `/etc/netgroup` (6) | |
client # [ 9.232984] nscd[875]: 875 monitoring directory `/etc` (2)[ 9.331141] EDAC MC: Ver: 3.0.0 | |
client # | |
client # [ 9.237683] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.243133] nscd[875]: 875 monitoring directory `/etc` (2) | |
webserver # [ 9.104259] systemd[1]: Started Reset console on configuration changes. | |
client # [ 9.248094] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8) | |
client # [ 9.255515] nscd[875]: 875 monitoring directory `/etc` (2) | |
webserver # [ 9.123824] nscd[680]: 680 monitoring directory `/etc` (2)[ 9.231261] [drm] Found EDID data blob. | |
webserver # | |
webserver # [ 9.139089] systemd[1]: Starting resolvconf update... | |
dnsserver # [ 9.053282] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Creating TLS-ALPN-01 challenge server on :5001 | |
dnsserver # [ 9.202224] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Answering A queries with 192.168.1.4 by default | |
webserver # [ 9.155137] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.212553] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Starting challenge servers | |
dnsserver # [ 9.215038] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:51:59 Starting management server on :8055 | |
dnsserver # [ 9.218750] nscd[684]: 684 monitoring file `/etc/group` (3) | |
dnsserver # [ 9.223414] systemd[1]: Listening on Nix Daemon Socket. | |
webserver # [ 9.176113] systemd[1]: Finished Kernel Auditing. | |
dnsserver # [ 9.228687] nscd[684]: 684 monitoring directory `/etc` (2) | |
webserver # [ 9.192090] nscd[680]: 680 monitoring directory `/etc` (2) | |
dnsserver # [ 9.234217] systemd[1]: Reached target Socket Units. | |
dnsserver # [ 9.372266] kvm: Nested Virtualization enabled | |
dnsserver # [ 9.374123] SVM: kvm: Nested Paging enabled | |
dnsserver # [ 9.243127] nscd[684]: 684 monitoring file `/etc/hosts` (4) | |
dnsserver # [ 9.248027] systemd[1]: Reached target Basic System. | |
webserver # [ 9.203658] systemd[1]: Finished Logrotate configuration check. | |
webserver # [ 9.315278] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0 | |
dnsserver # [ 9.252238] dbus-daemon[703]: dbus[703]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # [ 9.216860] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.263418] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.267953] systemd[1]: Starting Kernel Auditing... | |
webserver # [ 9.226975] systemd[1]: Started Name Service Cache Daemon. | |
dnsserver # [ 9.272459] nscd[684]: 684 disabled inotify-based monitoring for file `/etc/resolv.conf': No such file or directory | |
dnsserver # [ 9.281595] systemd[1]: Started backdoor.service. | |
dnsserver # [ 9.286663] nscd[684]: 684 stat failed for file `/etc/resolv.conf'; will try again later: No such file or directory | |
webserver # [ 9.239562] nscd[680]: 680 monitoring directory `/etc` (2) | |
client # [ 9.261271] nscd[875]: 875 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 9.292776] systemd[1]: Starting DHCP Client... | |
webserver # [ 9.248514] systemd[1]: Reached target Host and Network Name Lookups. | |
client # [ 9.388518] nscd[875]: 875 monitoring directory `/etc` (2) | |
client # [ 9.392833] dhcpcd[647]: eth0: soliciting an IPv6 router | |
webserver # [ 9.255073] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.301951] network-addresses-eth1-start[745]: adding address 192.168.1.3/24... done | |
client # [ 9.396969] dhcpcd[647]: eth0: Router Advertisement from fe80::2 | |
webserver # [ 9.262595] systemd[1]: Reached target User and Group Name Lookups. | |
client # [ 9.400421] dhcpcd[647]: eth0: adding address fec0::5054:ff:fe12:3456/64 | |
dnsserver # [ 9.309162] nscd[684]: 684 monitoring file `/etc/services` (5)[ 9.446736] EDAC MC: Ver: 3.0.0 | |
dnsserver # | |
client # [ 9.404006] dhcpcd[647]: eth0: adding route to fec0::/64 | |
client # [ 9.406855] dhcpcd[647]: eth0: adding default route via fe80::2 | |
webserver # [ 9.269538] nscd[680]: 680 monitoring directory `/etc` (2) | |
dnsserver # [ 9.315922] systemd[1]: Starting Logrotate configuration check... | |
webserver # [ 9.276415] systemd[1]: Starting D-Bus System Message Bus... | |
dnsserver # [ 9.321442] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.325836] systemd[1]: Starting Name Service Cache Daemon... | |
webserver # [ 9.281501] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.334007] nscd[684]: 684 monitoring file `/etc/netgroup` (6) | |
dnsserver # [ 9.338253] systemd[1]: Started Pebble ACME challenge test server. | |
dnsserver # [ 9.344245] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.347749] systemd[1]: Started Reset console on configuration changes. | |
dnsserver # [ 9.351759] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.355137] systemd[1]: Starting resolvconf update... | |
dnsserver # [ 9.358640] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.362764] systemd[1]: Finished Kernel Auditing. | |
dnsserver # [ 9.365535] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.369282] systemd[1]: Finished Logrotate configuration check. | |
dnsserver # [ 9.374905] nscd[684]: 684 monitoring directory `/etc` (2) | |
webserver # [ 9.390852] fbcon: bochs-drmdrmfb (fb0) is primary device | |
dnsserver # [ 9.508436] systemd[1]: Started Name Service Cache Daemon. | |
dnsserver # [ 9.513093] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.517289] systemd[1]: Reached target Host and Network Name Lookups. | |
dnsserver # [ 9.521282] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.528291] systemd[1]: Reached target User and Group Name Lookups. | |
dnsserver # [ 9.535601] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.539614] systemd[1]: Starting D-Bus System Message Bus... | |
dnsserver # [ 9.543695] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.546888] systemd[1]: Starting User Login Management... | |
dnsserver # [ 9.549833] nscd[684]: 684 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.553044] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. | |
dnsserver # [ 9.557523] nscd[684]: 684 monitoring directory `/etc` (2) | |
dnsserver # [ 9.560538] systemd[1]: Started D-Bus System Message Bus. | |
dnsserver # [ 9.564725] nscd[748]: 748 monitoring file `/etc/passwd` (1) | |
dnsserver # [ 9.568601] systemd[1]: Stopped target Host and Network Name Lookups. | |
dnsserver # [ 9.572634] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.576618] systemd[1]: Stopping Host and Network Name Lookups... | |
dnsserver # [ 9.580305] nscd[748]: 748 monitoring file `/etc/group` (3) | |
dnsserver # [ 9.583771] systemd[1]: Stopped target User and Group Name Lookups. | |
dnsserver # [ 9.587877] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.593898] systemd[1]: Stopping User and Group Name Lookups... | |
dnsserver # [ 9.600152] nscd[748]: 748 monitoring file `/etc/hosts` (4) | |
dnsserver # [ 9.603452] systemd[1]: Stopping Name Service Cache Daemon... | |
dnsserver # [ 9.607178] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.611613] systemd[1]: nscd.service: Deactivated successfully. | |
dnsserver # [ 9.615188] nscd[748]: 748 monitoring file `/etc/resolv.conf` (5) | |
dnsserver # [ 9.618927] systemd[1]: Stopped Name Service Cache Daemon. | |
dnsserver # [ 9.622417] nscd[748]: 748 monitoring directory `/etc` (2) | |
webserver # [ 9.552131] Console: switching to colour frame buffer device 160x50 | |
webserver # [ 9.685648] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device | |
dnsserver # [ 9.626116] systemd[1]: Starting Name Service Cache Daemon... | |
dnsserver # [ 9.629427] nscd[748]: 748 monitoring file `/etc/services` (6) | |
webserver # [ 9.359026] systemd[1]: Starting User Login Management... | |
dnsserver # [ 9.633565] systemd[1]: Finished resolvconf update. | |
dnsserver # [ 9.636760] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.640789] systemd[1]: Reached target Preparation for Network. | |
dnsserver # [ 9.645310] nscd[748]: 748 monitoring file `/etc/netgroup` (7) | |
webserver # [ 9.589670] nscd[680]: 680 monitoring directory `/etc` (2) | |
dnsserver # [ 9.649652] systemd[1]: Reached target All Network Interfaces (deprecated). | |
dnsserver # [ 9.653741] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.657344] systemd[1]: Starting Address configuration of eth1... | |
dnsserver # [ 9.661056] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 9.665639] systemd-logind[706]: Watching system buttons on /dev/input/event2 (Power Button) | |
dnsserver # [ 9.676605] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.681643] systemd-logind[706]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard) | |
acme # [ 9.280642] fbcon: bochs-drmdrmfb (fb0) is primary device | |
dnsserver # [ 9.687312] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 9.691217] systemd-logind[706]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard) | |
dnsserver # [ 9.696355] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.703094] systemd-logind[706]: New seat seat0. | |
dnsserver # [ 9.706299] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 9.710106] systemd[1]: Started User Login Management. | |
dnsserver # [ 9.713529] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.716905] systemd[1]: Started Name Service Cache Daemon. | |
dnsserver # [ 9.720402] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 9.723607] systemd[1]: Reached target Host and Network Name Lookups. | |
dnsserver # [ 9.727281] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.730778] systemd[1]: Reached target User and Group Name Lookups. | |
dnsserver # [ 9.734613] nscd[748]: 748 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 9.738164] systemd[1]: Finished Address configuration of eth1. | |
dnsserver # [ 9.741415] nscd[748]: 748 monitoring directory `/etc` (2) | |
dnsserver # [ 9.744785] systemd[1]: Starting Networking Setup... | |
dnsserver # [ 9.748252] dhcpcd[672]: eth0: waiting for carrier | |
dnsserver # [ 9.751147] systemd[1]: Finished Networking Setup. | |
dnsserver # [ 9.756322] dhcpcd[672]: eth0: carrier acquired | |
dnsserver # [ 9.764069] systemd[1]: Starting Extra networking commands.... | |
dnsserver # [ 9.768162] dhcpcd[672]: DUID 00:01:00:01:2b:5e:fe:e0:52:54:00:12:34:56 | |
webserver # [ 9.607126] systemd[1]: Started D-Bus System Message Bus. | |
dnsserver # [ 9.771403] systemd[1]: Finished Extra networking commands.. | |
dnsserver # [ 9.774440] dhcpcd[672]: eth0: IAID 00:12:34:56 | |
dnsserver # [ 9.777207] systemd[1]: Reached target Network. | |
webserver # [ 9.732660] nscd[680]: 680 monitoring file `/etc/nsswitch.conf` (7) | |
dnsserver # [ 9.780093] dhcpcd[672]: eth0: adding address fe80::5054:ff:fe12:3456 | |
dnsserver # [ 9.787901] systemd[1]: Starting Permit User Sessions... | |
dnsserver # [ 9.791125] dhcpcd[672]: eth0: soliciting an IPv6 router | |
dnsserver # [ 9.794161] systemd[1]: Finished Permit User Sessions. | |
webserver # [ 9.749030] systemd[1]: Stopped target Host and Network Name Lookups. | |
dnsserver # [ 9.797300] systemd[1]: Started Getty on tty1. | |
dnsserver # [ 9.799318] systemd[1]: Reached target Login Prompts. | |
webserver # [ 9.754538] nscd[680]: 680 monitoring directory `/etc` (2) | |
webserver # [ 9.759838] systemd[1]: Stopping Host and Network Name Lookups... | |
acme # [ 9.514089] ppdev: user-space parallel port driver | |
webserver # [ 9.765177] nscd[734]: 734 monitoring file `/etc/passwd` (1) | |
acme # [ 9.885647] Console: switching to colour frame buffer device 160x50 | |
webserver # [ 9.770241] systemd[1]: Stopped target User and Group Name Lookups. | |
webserver # [ 9.775708] nscd[734]: 734 monitoring directory `/etc` (2)[ 9.882149] kvm: Nested Virtualization enabled | |
acme # [ 10.025086] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device | |
webserver # [ 9.884202] SVM: kvm: Nested Paging enabled | |
webserver # | |
webserver # [ 9.782760] systemd[1]: Stopping User and Group Name Lookups... | |
webserver # [ 9.785368] nscd[734]: 734 monitoring file `/etc/group` (3) | |
acme # [ 9.138886] systemd[1]: Stopping User and Group Name Lookups... | |
webserver # [ 9.790122] systemd[1]: Stopping Name Service Cache Daemon... | |
webserver # [ 9.794643] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.803008] systemd[1]: nscd.service: Deactivated successfully. | |
webserver # [ 9.807673] nscd[734]: 734 monitoring file `/etc/hosts` (4) | |
webserver # [ 9.817151] systemd[1]: Stopped Name Service Cache Daemon. | |
webserver # [ 9.821739] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.826954] systemd[1]: Starting Name Service Cache Daemon... | |
webserver # [ 9.829796] nscd[734]: 734 monitoring file `/etc/resolv.conf` (5) | |
webserver # [ 9.836815] systemd[1]: Finished resolvconf update. | |
webserver # [ 9.843317] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.845140] systemd[1]: Reached target Preparation for Network. | |
webserver # [ 9.847202] nscd[734]: 734 monitoring file `/etc/services` (6) | |
webserver # [ 9.847952] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 9.848809] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.851765] systemd[1]: Starting Address configuration of eth1... | |
webserver # [ 9.852565] nscd[734]: 734 monitoring file `/etc/netgroup` (7) | |
webserver # [ 9.854173] systemd[1]: Started Name Service Cache Daemon. | |
webserver # [ 9.854837] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.858442] systemd[1]: Reached target Host and Network Name Lookups. | |
webserver # [ 9.859308] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.964434] EDAC MC: Ver: 3.0.0 | |
webserver # [ 9.861875] systemd[1]: Reached target User and Group Name Lookups. | |
webserver # [ 9.862749] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.864205] systemd-logind[704]: Watching system buttons on /dev/input/event2 (Power Button) | |
webserver # [ 9.866701] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.875017] systemd-logind[704]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard) | |
webserver # [ 9.877360] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.879081] systemd-logind[704]: New seat seat0. | |
webserver # [ 9.881761] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.882672] systemd[1]: Started User Login Management. | |
webserver # [ 9.885250] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.887243] systemd[1]: Finished Address configuration of eth1. | |
(finished: waiting for unit default.target, in 1.61 seconds) | |
dnsserver # [ 9.930779] dhcpcd[672]: eth0: Router Advertisement from fe80::2 | |
dnsserver # [ 9.931519] dhcpcd[672]: eth0: adding address fec0::5054:ff:fe12:3456/64 | |
dnsserver # [ 9.932886] dhcpcd[672]: eth0: adding route to fec0::/64 | |
dnsserver # [ 9.933472] dhcpcd[672]: eth0: adding default route via fe80::2 | |
webserver # [ 9.889464] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.890374] systemd[1]: Starting Networking Setup... | |
client: must succeed: curl --data '{"host": "acme.test", "addresses": ["192.168.1.1"]}' http://192.168.1.3:8055/add-a | |
webserver # [ 9.890818] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.893242] systemd[1]: Stopped target Host and Network Name Lookups. | |
webserver # [ 9.901288] nscd[734]: 734 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 9.904830] systemd[1]: Stopping Host and Network Name Lookups... | |
webserver # [ 9.910378] nscd[734]: 734 monitoring directory `/etc` (2) | |
webserver # [ 9.913381] systemd[1]: Stopped target User and Group Name Lookups. | |
webserver # [ 9.919981] nscd[734]: 734 monitored file `/etc/resolv.conf` was written to | |
webserver # [ 9.922057] systemd[1]: Stopping User and Group Name Lookups... | |
webserver # [ 9.925046] nscd[809]: 809 monitoring file `/etc/passwd` (1) | |
webserver # [ 9.925775] systemd[1]: Stopping Name Service Cache Daemon... | |
webserver # [ 9.928190] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 9.928917] systemd[1]: nscd.service: Deactivated successfully. | |
webserver # [ 9.931443] nscd[809]: 809 monitoring file `/etc/group` (3) | |
webserver # [ 9.932449] systemd[1]: Stopped Name Service Cache Daemon. | |
webserver # [ 9.934685] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 9.936208] systemd[1]: Starting Name Service Cache Daemon... | |
webserver # [ 9.936978] nscd[809]: 809 monitoring file `/etc/hosts` (4) | |
webserver # [ 9.937693] systemd[1]: Finished Networking Setup. | |
webserver # [ 9.940246] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 9.941535] systemd[1]: Starting Extra networking commands.... | |
acme # [ 10.076139] kvm: Nested Virtualization enabled | |
webserver # [ 9.945098] nscd[809]: 809 monitoring file `/etc/resolv.conf` (5) | |
webserver # [ 9.948612] systemd[1]: Finished Extra networking commands.. | |
webserver # [ 9.951241] nscd[809]: 809 monitoring directory `/etc` (2) | |
client # % Total % Received % Xferd Average Speed Time Time Time Current | |
client # Dload Upload Total Spent Left Speed | |
acme # [ 10.076142] SVM: kvm: Nested Paging enabled | |
acme # [ 10.120485] EDAC MC: Ver: 3.0.0 | |
webserver # [ 9.957687] systemd[1]: Reached target Network. | |
acme # [ 9.894643] dhcpcd[654]: eth0: carrier acquired | |
acme # [ 10.183193] systemd[1]: Stopping Name Service Cache Daemon... | |
webserver # [ 10.081119] nscd[809]: 809 monitoring file `/etc/services` (6) | |
webserver # [ 10.095423] systemd[1]: Started Name Service Cache Daemon. | |
webserver # [ 10.096160] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 10.096967] systemd[1]: Reached target Host and Network Name Lookups. | |
webserver # [ 10.097602] nscd[809]: 809 monitoring file `/etc/netgroup` (7) | |
webserver # [ 10.098351] systemd[1]: Reached target User and Group Name Lookups. | |
webserver # [ 10.099036] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 10.099989] systemd[1]: Starting Permit User Sessions... | |
webserver # [ 10.100719] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 10.101804] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. | |
dnsserver # [ 10.146593] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:52:01 Added response for DNS A queries to "acme.test" : 192.168.1.1 | |
webserver # [ 10.103357] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 10.104766] systemd[1]: Finished Permit User Sessions. | |
webserver # [ 10.105611] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 10.106237] systemd[1]: Started Getty on tty1. | |
webserver # [ 10.106864] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 10.110429] systemd[1]: Reached target Login Prompts. | |
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 51 0 0 100 51 0 928 --:--:-- --:--:-- --:--:-- 944 | |
webserver # [ 10.115686] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 10.121989] systemd-logind[704]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard) | |
acme # [ 10.184129] dhcpcd[646]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found. | |
(finished: must succeed: curl --data '{"host": "acme.test", "addresses": ["192.168.1.1"]}' http://192.168.1.3:8055/add-a, in 0.24 seconds) | |
webserver # [ 10.126546] nscd[809]: 809 monitoring directory `/etc` (2) | |
acme: waiting for unit network-online.target | |
acme: waiting for the VM to finish booting | |
acme: connected to guest root shell | |
acme: (connecting took 0.00 seconds) | |
(finished: waiting for the VM to finish booting, in 0.00 seconds) | |
webserver # [ 10.137681] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 10.140802] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 10.143622] nscd[809]: 809 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 10.145712] nscd[809]: 809 monitoring directory `/etc` (2) | |
webserver # [ 10.254796] 8021q: adding VLAN 0 to HW filter on device eth0 | |
webserver # [ 10.154998] dhcpcd[669]: eth0: waiting for carrier | |
webserver # [ 10.156100] dhcpcd[669]: eth0: carrier acquired | |
webserver # [ 10.175919] dhcpcd[669]: DUID 00:01:00:01:2b:5e:fe:e1:52:54:00:12:34:56 | |
webserver # [ 10.177125] dhcpcd[669]: eth0: IAID 00:12:34:56 | |
webserver # [ 10.179199] dhcpcd[669]: eth0: adding address fe80::5054:ff:fe12:3456 | |
(finished: waiting for unit network-online.target, in 0.08 seconds) | |
acme: waiting for unit pebble.service | |
(finished: waiting for unit pebble.service, in 0.07 seconds) | |
client # % Total % Received % Xferd Average Speed Time Time Time Current | |
client # Dload Upload Total Spent Left Speed | |
dnsserver # [ 10.443910] dhcpcd[672]: eth0: soliciting a DHCP lease | |
webserver # [ 10.408251] dhcpcd[669]: eth0: soliciting an IPv6 router | |
acme # [ 10.226908] dhcpcd[646]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found. | |
dnsserver # [ 10.599621] NET: Registered PF_PACKET protocol family | |
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 | |
acme # [ 10.521312] dhcpcd[646]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found. | |
dnsserver # [ 10.473361] dhcpcd[672]: eth0: offered 10.0.2.15 from 10.0.2.2 | |
client # curl: (7) Failed to connect to acme.test port 15000 after 88 ms: Couldn't connect to server | |
dnsserver # [ 10.474774] dhcpcd[672]: eth0: leased 10.0.2.15 for 86400 seconds | |
dnsserver # [ 10.477187] dhcpcd[672]: eth0: adding route to 10.0.2.0/24 | |
dnsserver # [ 10.479850] dhcpcd[672]: eth0: adding default route via 10.0.2.2 | |
acme # [ 10.536881] dhcpcd[654]: DUID 00:01:00:01:2b:5e:fe:e0:52:54:00:12:34:56 | |
acme # [ 10.543567] systemd[1]: nscd.service: Deactivated successfully. | |
acme # [ 10.554436] dhcpcd[654]: eth0: IAID 00:12:34:56 | |
acme # [ 10.561746] systemd[1]: Stopped Name Service Cache Daemon. | |
acme # [ 10.569623] dhcpcd[654]: eth0: adding address fe80::5054:ff:fe12:3456 | |
acme # [ 10.578947] systemd[1]: Starting Name Service Cache Daemon... | |
acme # [ 10.589277] nscd[725]: 725 monitored file `/etc/resolv.conf` was written to | |
acme # [ 10.600644] systemd[1]: Finished Networking Setup. | |
client # % Total % Received % Xferd Average Speed Time Time Time Current | |
acme # [ 10.608899] dhcpcd[654]: eth0: soliciting a DHCP lease | |
client # Dload Upload Total Spent Left Speed | |
acme # [ 10.616884] systemd[1]: Starting Extra networking commands.... | |
acme # [ 10.628024] nscd[819]: 819 monitoring file `/etc/passwd` (1) | |
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 | |
client # curl: (7) Failed to connect to acme.test port 15000 after 33 ms: Couldn't connect to server | |
Retrying in 1s, 1/20 | |
acme # [ 10.634705] systemd[1]: Started Name Service Cache Daemon. | |
dnsserver # [ 10.619336] nscd[748]: 748 monitored file `/etc/resolv.conf` was written to | |
dnsserver # [ 10.655030] systemd[1]: Stopped target Host and Network Name Lookups. | |
dnsserver # [ 10.656144] systemd[1]: Stopping Host and Network Name Lookups... | |
dnsserver # [ 10.658296] systemd[1]: Stopped target User and Group Name Lookups. | |
dnsserver # [ 10.660961] systemd[1]: Stopping User and Group Name Lookups... | |
dnsserver # [ 10.667736] systemd[1]: Stopping Name Service Cache Daemon... | |
dnsserver # [ 10.670536] systemd[1]: nscd.service: Deactivated successfully. | |
dnsserver # [ 10.672833] systemd[1]: Stopped Name Service Cache Daemon. | |
dnsserver # [ 10.696252] systemd[1]: Starting Name Service Cache Daemon... | |
dnsserver # [ 10.725791] nscd[885]: 885 monitoring file `/etc/passwd` (1) | |
dnsserver # [ 10.726610] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.727354] nscd[885]: 885 monitoring file `/etc/group` (3) | |
dnsserver # [ 10.736573] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.739717] nscd[885]: 885 monitoring file `/etc/hosts` (4) | |
acme # [ 10.675075] nscd[819]: 819 monitoring directory `/etc` (2) | |
dnsserver # [ 10.743380] nscd[885]: 885 monitoring directory `/etc` (2) | |
acme # [ 10.803683] systemd[1]: Finished Extra networking commands.. | |
acme # [ 10.811837] pebble[661]: Pebble 2023/01/21 19:52:02 Generated new root issuer CN=Pebble Root CA 07ebd3 with serial 56fb9f2dd31365a2 and SKI 8010d1aa2f6806513a801ee9fe5f390419f4b92f | |
dnsserver # [ 10.755103] nscd[885]: 885 monitoring file `/etc/resolv.conf` (5) | |
acme # [ 10.817564] pebble[661]: Pebble 2023/01/21 19:52:02 Generated new intermediate issuer CN=Pebble Intermediate CA 4d6099 with serial 3462b3190514c669 and SKI f06013f4b50a9e6b4feaf93edb5a47620393ac93 | |
acme # [ 10.820351] pebble[661]: Pebble 2023/01/21 19:52:02 Generated issuance chain: Pebble Root CA 07ebd3 -> Pebble Intermediate CA 4d6099 | |
dnsserver # [ 10.763093] nscd[885]: 885 monitoring directory `/etc` (2) | |
acme # [ 10.822870] pebble[661]: Pebble 2023/01/21 19:52:02 Using certificate validity period of 157766400 seconds | |
acme # [ 10.825424] pebble[661]: Pebble 2023/01/21 19:52:02 Using system DNS resolver for ACME challenges | |
acme # [ 10.826911] pebble[661]: Pebble 2023/01/21 19:52:02 Disabling random VA sleeps | |
dnsserver # [ 10.768376] systemd[1]: Started Name Service Cache Daemon. | |
acme # [ 10.828642] pebble[661]: Pebble 2023/01/21 19:52:02 Configured to reject 5% of good nonces | |
acme # [ 10.830178] pebble[661]: Pebble 2023/01/21 19:52:02 Configured to attempt authz reuse for each identifier 50% of the time | |
acme # [ 10.831950] pebble[661]: Pebble 2023/01/21 19:52:02 Configured to show 3 orders per page | |
acme # [ 10.833725] pebble[661]: Pebble 2023/01/21 19:52:02 Management interface listening on: 0.0.0.0:15000 | |
dnsserver # [ 10.775174] dhcpcd[665]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found. | |
acme # [ 10.836797] pebble[661]: Pebble 2023/01/21 19:52:02 Root CA certificate available at: https://0.0.0.0:15000/roots/0 | |
acme # [ 10.838739] pebble[661]: Pebble 2023/01/21 19:52:02 Listening on: 0.0.0.0:443 | |
acme # [ 10.840841] pebble[661]: Pebble 2023/01/21 19:52:02 ACME directory available at: https://0.0.0.0:443/dir | |
dnsserver # [ 10.780363] dhcpcd[665]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found. | |
acme # [ 10.842905] nscd[819]: 819 monitoring file `/etc/group` (3) | |
acme # [ 10.844674] systemd[1]: Reached target Network. | |
acme # [ 10.846891] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.848464] systemd[1]: Reached target Host and Network Name Lookups. | |
acme # [ 10.850362] nscd[819]: 819 monitoring file `/etc/hosts` (4) | |
acme # [ 10.851900] systemd[1]: Reached target User and Group Name Lookups. | |
acme # [ 10.853526] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.855430] systemd[1]: Starting Permit User Sessions... | |
acme # [ 10.857726] nscd[819]: 819 monitoring file `/etc/resolv.conf` (5) | |
acme # [ 10.859877] systemd-logind[685]: Watching system buttons on /dev/input/event2 (Power Button) | |
acme # [ 10.862311] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.863588] systemd[1]: Finished Permit User Sessions. | |
acme # [ 10.865527] nscd[819]: 819 monitoring file `/etc/services` (6) | |
acme # [ 10.867294] systemd[1]: Started Getty on tty1. | |
acme # [ 10.869289] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.870504] systemd[1]: Reached target Login Prompts. | |
acme # [ 10.872026] nscd[819]: 819 monitoring file `/etc/netgroup` (7) | |
acme # [ 10.873790] systemd[1]: Stopped target Host and Network Name Lookups. | |
acme # [ 10.875796] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.877125] systemd[1]: Stopping Host and Network Name Lookups... | |
acme # [ 10.879698] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 10.881869] systemd[1]: Stopped target User and Group Name Lookups. | |
acme # [ 10.883813] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.885442] systemd[1]: Stopping User and Group Name Lookups... | |
acme # [ 10.887628] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 10.889388] systemd[1]: Stopping Name Service Cache Daemon... | |
acme # [ 10.892982] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.897130] systemd[1]: nscd.service: Deactivated successfully. | |
acme # [ 10.901051] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 10.903729] systemd[1]: Stopped Name Service Cache Daemon. | |
acme # [ 10.905630] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.907385] systemd[1]: Starting Name Service Cache Daemon... | |
webserver # [ 10.806627] dhcpcd[669]: eth0: soliciting a DHCP lease | |
acme # [ 10.909385] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 10.911481] systemd[1]: Started Name Service Cache Daemon. | |
acme # [ 10.913943] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.915395] systemd[1]: Reached target Host and Network Name Lookups. | |
acme # [ 10.917443] nscd[819]: 819 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 10.918922] systemd[1]: Reached target User and Group Name Lookups. | |
acme # [ 10.920747] nscd[819]: 819 monitoring directory `/etc` (2) | |
acme # [ 10.922835] systemd[1]: Started DHCP Client. | |
acme # [ 10.924993] dhcpcd[654]: eth0: offered 10.0.2.15 from 10.0.2.2 | |
acme # [ 10.926969] systemd[1]: Reached target Network is Online. | |
webserver # [ 10.930327] NET: Registered PF_PACKET protocol family | |
acme # [ 10.929390] dhcpcd[654]: eth0: leased 10.0.2.15 for 86400 seconds | |
acme # [ 10.931174] systemd[1]: Reached target Multi-User System. | |
webserver # [ 10.831258] dhcpcd[669]: eth0: offered 10.0.2.15 from 10.0.2.2 | |
acme # [ 10.932868] dhcpcd[654]: eth0: adding route to 10.0.2.0/24 | |
webserver # [ 10.832483] dhcpcd[669]: eth0: leased 10.0.2.15 for 86400 seconds | |
acme # [ 10.934522] systemd[1]: Startup finished in 4.558s (kernel) + 4.754s (userspace) = 9.312s. | |
webserver # [ 10.834308] dhcpcd[669]: eth0: adding route to 10.0.2.0/24 | |
acme # [ 10.936948] dhcpcd[654]: eth0: adding default route via 10.0.2.2 | |
webserver # [ 10.835680] dhcpcd[669]: eth0: adding default route via 10.0.2.2 | |
acme # [ 10.938661] systemd-logind[685]: Watching system buttons on /dev/input/event3 (QEMU Virtio Keyboard) | |
acme # [ 10.941484] nscd[819]: 819 monitored file `/etc/resolv.conf` was written to | |
acme # [ 10.943680] systemd[1]: Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. | |
acme # [ 10.948646] nscd[884]: 884 monitoring file `/etc/passwd` (1) | |
acme # [ 10.953597] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 10.956032] nscd[884]: 884 monitoring file `/etc/group` (3) | |
acme # [ 10.958030] nscd[884]: 884 monitoring directory `/etc` (2) | |
dnsserver # [ 10.786153] dhcpcd[665]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found. | |
acme # [ 10.964729] nscd[884]: 884 monitoring file `/etc/hosts` (4) | |
dnsserver # [ 10.906767] nscd[885]: 885 monitoring file `/etc/services` (6) | |
dnsserver # [ 10.907857] systemd[1]: Started DHCP Client. | |
dnsserver # [ 10.908799] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.909794] systemd[1]: Reached target Network is Online. | |
acme # [ 10.968265] nscd[884]: 884 monitoring directory `/etc` (2) | |
dnsserver # [ 10.910997] nscd[885]: 885 monitoring file `/etc/netgroup` (7) | |
dnsserver # [ 10.912045] systemd[1]: Reached target Multi-User System. | |
acme # [ 10.970301] nscd[884]: 884 monitoring file `/etc/resolv.conf` (5) | |
dnsserver # [ 10.913093] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.914047] systemd[1]: Reached target Host and Network Name Lookups. | |
dnsserver # [ 10.915184] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 10.916140] systemd[1]: Reached target User and Group Name Lookups. | |
dnsserver # [ 10.917629] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.919009] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 10.920234] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.921481] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 10.922901] nscd[885]: 885 monitoring directory `/etc` (2) | |
acme # [ 10.979081] nscd[884]: 884 monitoring directory `/etc` (2) | |
dnsserver # [ 10.923958] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8) | |
dnsserver # [ 10.925203] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.926404] nscd[885]: 885 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 10.985366] nscd[884]: 884 monitoring file `/etc/services` (6) | |
dnsserver # [ 10.927761] nscd[885]: 885 monitoring directory `/etc` (2) | |
dnsserver # [ 10.931830] systemd[1]: Startup finished in 4.235s (kernel) + 6.696s (userspace) = 10.931s. | |
acme # [ 10.993540] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.001197] nscd[884]: 884 monitoring file `/etc/netgroup` (7) | |
acme # [ 11.013020] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.015487] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 11.018315] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.019683] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 11.021705] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.022920] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 11.024679] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.026426] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 11.028557] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.030130] nscd[884]: 884 monitoring file `/etc/nsswitch.conf` (8) | |
acme # [ 11.032016] nscd[884]: 884 monitoring directory `/etc` (2) | |
acme # [ 11.033978] dhcpcd[654]: eth0: soliciting an IPv6 router | |
acme # [ 11.035029] dhcpcd[654]: eth0: Router Advertisement from fe80::2 | |
acme # [ 11.036645] dhcpcd[654]: eth0: adding address fec0::5054:ff:fe12:3456/64 | |
acme # [ 11.038469] dhcpcd[654]: eth0: adding route to fec0::/64 | |
acme # [ 11.039964] dhcpcd[654]: eth0: adding default route via fe80::2 | |
dnsserver # [ 10.986174] systemd-udevd[825]: vtcon0: Process '/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd-vconsole-setup' failed with exit code 1. | |
webserver # [ 10.946046] nscd[809]: 809 monitored file `/etc/resolv.conf` was written to | |
webserver # [ 10.988749] systemd[1]: Stopped target Host and Network Name Lookups. | |
webserver # [ 10.990527] systemd[1]: Stopping Host and Network Name Lookups... | |
webserver # [ 10.992395] systemd[1]: Stopped target User and Group Name Lookups. | |
webserver # [ 10.996756] systemd[1]: Stopping User and Group Name Lookups... | |
webserver # [ 11.009541] systemd[1]: Stopping Name Service Cache Daemon... | |
webserver # [ 11.011671] systemd[1]: nscd.service: Deactivated successfully. | |
webserver # [ 11.012882] systemd[1]: Stopped Name Service Cache Daemon. | |
webserver # [ 11.035089] systemd[1]: Starting Name Service Cache Daemon... | |
webserver # [ 11.066099] nscd[901]: 901 monitoring file `/etc/passwd` (1) | |
webserver # [ 11.069528] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.072674] nscd[901]: 901 monitoring file `/etc/group` (3) | |
webserver # [ 11.074786] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.077199] nscd[901]: 901 monitoring file `/etc/hosts` (4) | |
webserver # [ 11.080366] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.089242] nscd[901]: 901 monitoring file `/etc/resolv.conf` (5) | |
webserver # [ 11.092445] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.101601] nscd[901]: 901 monitoring file `/etc/services` (6) | |
webserver # [ 11.107542] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.116988] nscd[901]: 901 monitoring file `/etc/netgroup` (7) | |
webserver # [ 11.141954] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.149352] systemd[1]: Started Name Service Cache Daemon. | |
webserver # [ 11.156695] dhcpcd[655]: Failed to reload-or-try-restart ntpd.service: Unit ntpd.service not found. | |
webserver # [ 11.290227] dhcpcd[655]: Failed to reload-or-try-restart openntpd.service: Unit openntpd.service not found. | |
webserver # [ 11.295230] dhcpcd[655]: Failed to reload-or-try-restart chronyd.service: Unit chronyd.service not found. | |
webserver # [ 11.299875] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 11.303601] systemd[1]: Reached target Host and Network Name Lookups. | |
webserver # [ 11.308570] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.311710] systemd[1]: Reached target User and Group Name Lookups. | |
webserver # [ 11.315484] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 11.319128] systemd[1]: Started DHCP Client. | |
webserver # [ 11.322014] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.325326] systemd[1]: Reached target Network is Online. | |
webserver # [ 11.328464] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 11.331820] systemd[1]: Reached target Multi-User System. | |
webserver # [ 11.335208] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.338212] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 11.341752] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.344627] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 11.348178] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 11.352953] dhcpcd[669]: eth0: Router Advertisement from fe80::2 | |
webserver # [ 11.358536] dhcpcd[669]: eth0: adding address fec0::5054:ff:fe12:3456/64 | |
webserver # [ 11.365269] systemd[1]: Startup finished in 4.707s (kernel) + 6.649s (userspace) = 11.357s. | |
webserver # [ 11.372081] dhcpcd[669]: eth0: adding route to fec0::/64 | |
webserver # [ 11.379376] dhcpcd[669]: eth0: adding default route via fe80::2 | |
webserver # [ 11.438938] systemd-udevd[833]: vtcon0: Process '/nix/store/cgjjaqvxpq1z1a9bnxjvszjzvm93razf-systemd-252.4/lib/systemd/systemd-vconsole-setup' failed with exit code 1. | |
client # % Total % Received % Xferd Average Speed Time Time Time Current | |
client # Dload Upload Total Spent Left Speed | |
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 1151 100 1151 0 0 6706 0 --:--:-- --:--:-- --:--:-- 6730 | |
client # % Total % Received % Xferd Average Speed Time Time Time Current | |
client # Dload Upload Total Spent Left Speed | |
client # 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 1675 100 1675 0 0 13923 0 --:--:-- --:--:-- --:--:-- 13842 | |
subtest: Can request certificate with Lego's built in web server | |
webserver: waiting for the VM to finish booting | |
webserver: connected to guest root shell | |
webserver: (connecting took 0.00 seconds) | |
(finished: waiting for the VM to finish booting, in 0.00 seconds) | |
webserver: must succeed: /run/current-system/specialisation/http01lego/bin/switch-to-configuration test | |
webserver # [ 13.048499] nixos[925]: switching to system configuration /nix/store/y10gwmz1k6zbz8r6mpqfh2ybchnzk34j-nixos-system-webserver-23.05pre-git | |
webserver # [ 13.077934] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 13.084674] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 13.092102] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 13.361408] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 13.370421] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 13.376072] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 13.385870] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 13.389328] nscd[901]: 901 monitoring file `/etc/group` (9) | |
webserver # [ 13.392464] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 13.397317] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 13.406206] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 13.409738] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (8) | |
webserver # [ 13.413307] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 13.416202] nscd[901]: 901 monitoring file `/etc/passwd` (10) | |
webserver # [ 13.419253] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 13.563685] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 13.576820] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 13.583201] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 13.588022] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 13.592650] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 13.597359] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 13.602804] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 13.608633] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 14.180988] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # reloading the following units: dbus.service | |
webserver # [ 15.104492] systemd[1]: Reloading D-Bus System Message Bus... | |
webserver # [ 15.122209] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # [ 15.149371] dbus-daemon[698]: [system] Reloaded configuration | |
webserver # [ 15.151369] dbus-send[1076]: method return time=1674330726.709061 sender=org.freedesktop.DBus -> destination=:1.6 serial=3 reply_serial=2 | |
webserver # [ 15.158141] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # [ 15.184685] dbus-daemon[698]: [system] Reloaded configuration | |
webserver # [ 15.188196] systemd[1]: Reloaded D-Bus System Message Bus. | |
webserver # [ 15.226836] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 15.229424] systemd[1]: Reached target Local File Systems. | |
webserver # [ 15.248227] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 15.261193] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 15.268791] systemd[1]: Starting Generate self-signed certificate authority... | |
webserver # [ 15.338063] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 15.343666] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 15.351853] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 15.371519] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 15.372558] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 15.375217] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 15.381271] systemd[1]: Started Renew ACME Certificate for http.example.test. | |
webserver # [ 16.166068] systemd[1]: acme-selfsigned-ca.service: Deactivated successfully. | |
webserver # [ 16.166791] systemd[1]: Finished Generate self-signed certificate authority. | |
webserver # [ 16.171199] systemd[1]: Starting Generate self-signed certificate for http.example.test... | |
webserver # [ 16.520207] systemd[1]: acme-selfsigned-http.example.test.service: Deactivated successfully. | |
webserver # [ 16.521191] systemd[1]: Finished Generate self-signed certificate for http.example.test. | |
webserver # [ 16.526436] systemd[1]: Starting Renew ACME certificate for http.example.test... | |
webserver # [ 16.571158] acme-http.example.test-start[1104]: + set -euo pipefail | |
webserver # [ 16.572009] acme-http.example.test-start[1104]: + echo 78c80081fedd8a7ae50d | |
webserver # [ 16.572844] acme-http.example.test-start[1104]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 16.580829] acme-http.example.test-start[1104]: + lego --accept-tos --path . -d http.example.test --email hostmaster@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir run | |
webserver # [ 17.503700] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 No key found for account hostmaster@example.test. Generating a P256 key. | |
webserver # [ 17.505136] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key | |
acme # [ 17.685017] pebble[661]: Pebble 2023/01/21 19:52:09 GET /dir -> calling handler() | |
webserver # [ 17.590190] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] acme: Registering account for hostmaster@example.test | |
acme # [ 17.694253] pebble[661]: Pebble 2023/01/21 19:52:09 HEAD /nonce-plz -> calling handler() | |
webserver # [ 17.598660] acme-http.example.test-start[1106]: !!!! HEADS UP !!!! | |
webserver # [ 17.599476] acme-http.example.test-start[1106]: Your account credentials have been saved in your Let's Encrypt | |
webserver # [ 17.600495] acme-http.example.test-start[1106]: configuration directory at "accounts". | |
acme # [ 17.699967] pebble[661]: Pebble 2023/01/21 19:52:09 POST /sign-me-up -> calling handler() | |
webserver # [ 17.601380] acme-http.example.test-start[1106]: You should make a secure backup of this folder now. This | |
webserver # [ 17.603011] acme-http.example.test-start[1106]: configuration directory will also contain certificates and | |
webserver # [ 17.604010] acme-http.example.test-start[1106]: private keys obtained from Let's Encrypt so making regular | |
webserver # [ 17.605021] acme-http.example.test-start[1106]: backups of this folder is ideal. | |
acme # [ 17.703452] pebble[661]: Pebble 2023/01/21 19:52:09 There are now 1 accounts in memory | |
webserver # [ 17.605913] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 17.708462] pebble[661]: Pebble 2023/01/21 19:52:09 POST /order-plz -> calling handler() | |
acme # [ 17.711861] pebble[661]: Pebble 2023/01/21 19:52:09 There are now 1 authorizations in the db | |
acme # [ 17.715379] pebble[661]: Pebble 2023/01/21 19:52:09 Added order "hxO180qwPwdUZzCBMMIiyZPIhaJLCNVYgFC90gOVsKg" to the db | |
acme # [ 17.719703] pebble[661]: Pebble 2023/01/21 19:52:09 There are now 1 orders in the db | |
webserver # [ 17.669040] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] AuthURL: https://acme.test/authZ/XW_SmPqZTY3nMoDqYjS35K563lw-SlAFzJ08Qogqr-g | |
acme # [ 17.769723] pebble[661]: Pebble 2023/01/21 19:52:09 POST /authZ/ -> calling handler() | |
webserver # [ 17.670808] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 17.672404] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: use http-01 solver | |
webserver # [ 17.673419] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 17.773653] pebble[661]: Pebble 2023/01/21 19:52:09 POST /chalZ/ -> calling handler() | |
webserver # [ 17.674633] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/chalZ/TW9Xt08Fw8vXP4nW_0PwAgtqQvPSQlaXwtzatT5j2Wk :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: yBYD09rjTA04JgbfFuVpIQ | |
acme # [ 17.992762] pebble[661]: Pebble 2023/01/21 19:52:09 POST /chalZ/ -> calling handler() | |
acme # [ 17.993820] pebble[661]: Pebble 2023/01/21 19:52:09 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"http.example.test"}, Challenge:(*core.Challenge)(0xc0001b81e0), Account:(*core.Account)(0xc0001c8f00)} | |
acme # [ 18.004093] pebble[661]: Pebble 2023/01/21 19:52:09 Starting 3 validations. | |
acme # [ 18.007431] pebble[661]: Pebble 2023/01/21 19:52:09 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/egTcA7y42P1MAXgdmXEyJ4x6iCYnQxwOBElD2FRri-c | |
acme # [ 18.014134] pebble[661]: Pebble 2023/01/21 19:52:09 POST /authZ/ -> calling handler() | |
acme # [ 18.017940] pebble[661]: Pebble 2023/01/21 19:52:09 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/egTcA7y42P1MAXgdmXEyJ4x6iCYnQxwOBElD2FRri-c | |
acme # [ 18.024407] pebble[661]: Pebble 2023/01/21 19:52:09 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/egTcA7y42P1MAXgdmXEyJ4x6iCYnQxwOBElD2FRri-c | |
webserver # [ 17.933482] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] Served key authentication | |
webserver # [ 17.935052] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] Served key authentication | |
acme # [ 18.035352] pebble[661]: Pebble 2023/01/21 19:52:09 authz XW_SmPqZTY3nMoDqYjS35K563lw-SlAFzJ08Qogqr-g set VALID by completed challenge TW9Xt08Fw8vXP4nW_0PwAgtqQvPSQlaXwtzatT5j2Wk | |
webserver # [ 17.936192] acme-http.example.test-start[1106]: 2023/01/21 19:52:09 [INFO] [http.example.test] Served key authentication | |
acme # [ 24.458911] pebble[661]: Pebble 2023/01/21 19:52:16 POST /authZ/ -> calling handler() | |
webserver # [ 24.357664] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] [http.example.test] The server validated our request | |
webserver # [ 24.363497] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] [http.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 24.468593] pebble[661]: Pebble 2023/01/21 19:52:16 POST /finalize-order/ -> calling handler() | |
webserver # [ 24.369732] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 24.474584] pebble[661]: Pebble 2023/01/21 19:52:16 Order hxO180qwPwdUZzCBMMIiyZPIhaJLCNVYgFC90gOVsKg is fully authorized. Processing finalization | |
acme # [ 24.481349] pebble[661]: Pebble 2023/01/21 19:52:16 Issued certificate serial 53eabe15fc944d1f for order hxO180qwPwdUZzCBMMIiyZPIhaJLCNVYgFC90gOVsKg | |
webserver # [ 24.382056] acme-http.example.test-start[1106]: 2023/01/21 19:52:15 [INFO] [http.example.test] Server responded with a certificate. | |
acme # [ 24.486896] pebble[661]: Pebble 2023/01/21 19:52:16 POST /my-order/ -> calling handler() | |
webserver # [ 24.388492] acme-http.example.test-start[1104]: + mv domainhash.txt certificates/ | |
acme # [ 24.491025] pebble[661]: Pebble 2023/01/21 19:52:16 POST /certZ/ -> calling handler() | |
webserver # [ 24.395370] acme-http.example.test-start[1104]: + chown acme:acme certificates/domainhash.txt certificates/http.example.test.crt certificates/http.example.test.issuer.crt certificates/http.example.test.json certificates/http.example.test.key | |
webserver # [ 24.408945] acme-http.example.test-start[1104]: + cmp -s certificates/http.example.test.crt out/fullchain.pem | |
webserver # [ 24.415263] acme-http.example.test-start[1104]: + touch out/renewed | |
webserver # [ 24.426232] acme-http.example.test-start[1104]: + echo Installing new certificate | |
webserver # [ 24.429480] acme-http.example.test-start[1104]: Installing new certificate | |
webserver # [ 24.432431] acme-http.example.test-start[1104]: + cp -vp certificates/http.example.test.crt out/fullchain.pem | |
webserver # [ 24.441644] acme-http.example.test-start[1117]: 'certificates/http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 24.446249] acme-http.example.test-start[1104]: + cp -vp certificates/http.example.test.key out/key.pem | |
webserver # [ 24.454731] acme-http.example.test-start[1118]: 'certificates/http.example.test.key' -> 'out/key.pem' | |
webserver # [ 24.459072] acme-http.example.test-start[1104]: + cp -vp certificates/http.example.test.issuer.crt out/chain.pem | |
webserver # [ 24.468060] acme-http.example.test-start[1119]: 'certificates/http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 24.472552] acme-http.example.test-start[1104]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 24.481553] acme-http.example.test-start[1104]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 24.491076] acme-http.example.test-start[1104]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 24.529972] systemd[1]: acme-http.example.test.service: Deactivated successfully. | |
webserver # [ 24.530992] systemd[1]: Finished Renew ACME certificate for http.example.test. | |
webserver # [ 24.531815] systemd[1]: acme-http.example.test.service: Consumed 278ms CPU time, received 13.8K IP traffic, sent 10.0K IP traffic. | |
webserver # [ 24.539103] systemd[1]: Reached target acme-finished-http.example.test.target. | |
webserver # the following new units were started: acme-finished-http.example.test.target, acme-fixperms.service, acme-http.example.test.timer | |
webserver # [ 24.601834] nixos[925]: finished switching to system configuration /nix/store/y10gwmz1k6zbz8r6mpqfh2ybchnzk34j-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /run/current-system/specialisation/http01lego/bin/switch-to-configuration test, in 12.57 seconds) | |
webserver: waiting for unit acme-finished-http.example.test.target | |
(finished: waiting for unit acme-finished-http.example.test.target, in 0.06 seconds) | |
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout | |
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.06 seconds) | |
First subject in fullchain.pem: subject=cn = http.example.test | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem, in 0.07 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem, in 0.09 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
(finished: subtest: Can request certificate with Lego's built in web server, in 12.95 seconds) | |
subtest: Can renew certificates when they expire | |
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.03 seconds) | |
webserver: must succeed: /tmp/specialisation/renew/bin/switch-to-configuration test | |
webserver # [ 25.800351] nixos[1155]: switching to system configuration /nix/store/2n12rr72yd45ggxvqxa94b7pfw68avwy-nixos-system-webserver-23.05pre-git | |
webserver # [ 25.825647] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 25.830379] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 25.833787] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 26.088647] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 26.096202] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 26.100220] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (12) | |
webserver # [ 26.101031] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 26.101644] nscd[901]: 901 monitoring file `/etc/group` (15) | |
webserver # [ 26.102544] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 26.105973] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 26.108973] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 26.112191] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (12) | |
webserver # [ 26.113083] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 26.118117] nscd[901]: 901 monitoring file `/etc/passwd` (16) | |
webserver # [ 26.118826] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 26.254314] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 26.262258] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 26.263424] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 26.264864] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 26.267316] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 26.269515] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 26.273195] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 26.276941] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 26.743709] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # [ 27.291112] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 27.293463] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem). | |
webserver # [ 27.300293] systemd[1]: Starting Renew ACME certificate for http.example.test... | |
webserver # [ 27.322918] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 27.325133] systemd[1]: Reached target Local File Systems. | |
webserver # [ 27.346386] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 27.348225] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 27.353289] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 27.368232] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 27.369126] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 27.371607] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 27.374633] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 27.378132] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem). | |
webserver # [ 27.399872] acme-http.example.test-start[1301]: + set -euo pipefail | |
webserver # [ 27.400797] acme-http.example.test-start[1301]: + echo 78c80081fedd8a7ae50d | |
webserver # [ 27.401797] acme-http.example.test-start[1301]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 27.405775] acme-http.example.test-start[1304]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 27.413595] acme-http.example.test-start[1301]: + '[' -e certificates/http.example.test.key -a -e certificates/http.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 27.415660] acme-http.example.test-start[1301]: + lego --accept-tos --path . -d http.example.test --email hostmaster@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir renew --no-random-sleep --days 9999 | |
acme # [ 27.588819] pebble[661]: Pebble 2023/01/21 19:52:19 GET /dir -> calling handler() | |
webserver # [ 27.490836] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Trying renewal with 43823 hours remaining | |
webserver # [ 27.492346] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 27.596025] pebble[661]: Pebble 2023/01/21 19:52:19 HEAD /nonce-plz -> calling handler() | |
acme # [ 27.597933] pebble[661]: Pebble 2023/01/21 19:52:19 POST /order-plz -> calling handler() | |
acme # [ 27.599569] pebble[661]: Pebble 2023/01/21 19:52:19 There are now 2 authorizations in the db | |
acme # [ 27.600988] pebble[661]: Pebble 2023/01/21 19:52:19 Added order "_zGOXhozvwdTDaR7X6u2ZcWtazJWtYXgJezhDpcNt2g" to the db | |
acme # [ 27.602162] pebble[661]: Pebble 2023/01/21 19:52:19 There are now 2 orders in the db | |
acme # [ 27.659295] pebble[661]: Pebble 2023/01/21 19:52:19 POST /authZ/ -> calling handler() | |
webserver # [ 27.557970] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] AuthURL: https://acme.test/authZ/EfwANeoAjAURPLJ7F2FzeOH7zsBAJ4QvtpeG9o3-CFg | |
webserver # [ 27.559990] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 27.561792] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: use http-01 solver | |
webserver # [ 27.562931] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 27.664012] pebble[661]: Pebble 2023/01/21 19:52:19 POST /chalZ/ -> calling handler() | |
acme # [ 27.666057] pebble[661]: Pebble 2023/01/21 19:52:19 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"http.example.test"}, Challenge:(*core.Challenge)(0xc0001b8aa0), Account:(*core.Account)(0xc0001c8f00)} | |
acme # [ 27.669886] pebble[661]: Pebble 2023/01/21 19:52:19 Starting 3 validations. | |
webserver # [ 27.571464] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] Served key authentication | |
webserver # [ 27.572682] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] Served key authentication | |
acme # [ 27.671988] pebble[661]: Pebble 2023/01/21 19:52:19 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/kghmQEmMv9ROXQ7oX_ckQM_MAIi_n2hSEr4vpYnZ48g | |
webserver # [ 27.578086] acme-http.example.test-start[1305]: 2023/01/21 19:52:19 [INFO] [http.example.test] Served key authentication | |
acme # [ 27.680276] pebble[661]: Pebble 2023/01/21 19:52:19 POST /authZ/ -> calling handler() | |
acme # [ 27.683373] pebble[661]: Pebble 2023/01/21 19:52:19 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/kghmQEmMv9ROXQ7oX_ckQM_MAIi_n2hSEr4vpYnZ48g | |
acme # [ 27.689032] pebble[661]: Pebble 2023/01/21 19:52:19 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/kghmQEmMv9ROXQ7oX_ckQM_MAIi_n2hSEr4vpYnZ48g | |
acme # [ 27.690644] pebble[661]: Pebble 2023/01/21 19:52:19 authz EfwANeoAjAURPLJ7F2FzeOH7zsBAJ4QvtpeG9o3-CFg set VALID by completed challenge RYilEPjXXxp-f-LIcAlwBf5R3BwWiBoIBc48nMWjc-U | |
webserver # [ 33.444266] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] [http.example.test] The server validated our request | |
acme # [ 33.545549] pebble[661]: Pebble 2023/01/21 19:52:25 POST /authZ/ -> calling handler() | |
webserver # [ 33.446164] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] [http.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 33.449516] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 33.553105] pebble[661]: Pebble 2023/01/21 19:52:25 POST /finalize-order/ -> calling handler() | |
acme # [ 33.559027] pebble[661]: Pebble 2023/01/21 19:52:25 Order _zGOXhozvwdTDaR7X6u2ZcWtazJWtYXgJezhDpcNt2g is fully authorized. Processing finalization | |
webserver # [ 33.464442] acme-http.example.test-start[1305]: 2023/01/21 19:52:25 [INFO] [http.example.test] Server responded with a certificate. | |
acme # [ 33.565715] pebble[661]: Pebble 2023/01/21 19:52:25 Issued certificate serial 6ad48ec2b291fc0c for order _zGOXhozvwdTDaR7X6u2ZcWtazJWtYXgJezhDpcNt2g | |
webserver # [ 33.470333] acme-http.example.test-start[1301]: + mv domainhash.txt certificates/ | |
acme # [ 33.570985] pebble[661]: Pebble 2023/01/21 19:52:25 POST /my-order/ -> calling handler() | |
acme # [ 33.574995] pebble[661]: Pebble 2023/01/21 19:52:25 POST /certZ/ -> calling handler() | |
webserver # [ 33.476325] acme-http.example.test-start[1301]: + chown acme:acme certificates/domainhash.txt certificates/http.example.test.crt certificates/http.example.test.issuer.crt certificates/http.example.test.json certificates/http.example.test.key | |
webserver # [ 33.483757] acme-http.example.test-start[1301]: + cmp -s certificates/http.example.test.crt out/fullchain.pem | |
webserver # [ 33.487504] acme-http.example.test-start[1301]: + touch out/renewed | |
webserver # [ 33.492987] acme-http.example.test-start[1301]: + echo Installing new certificate | |
webserver # [ 33.493854] acme-http.example.test-start[1301]: Installing new certificate | |
webserver # [ 33.494660] acme-http.example.test-start[1301]: + cp -vp certificates/http.example.test.crt out/fullchain.pem | |
webserver # [ 33.499953] acme-http.example.test-start[1316]: 'certificates/http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 33.501667] acme-http.example.test-start[1301]: + cp -vp certificates/http.example.test.key out/key.pem | |
webserver # [ 33.506520] acme-http.example.test-start[1317]: 'certificates/http.example.test.key' -> 'out/key.pem' | |
webserver # [ 33.508299] acme-http.example.test-start[1301]: + cp -vp certificates/http.example.test.issuer.crt out/chain.pem | |
webserver # [ 33.513142] acme-http.example.test-start[1318]: 'certificates/http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 33.514953] acme-http.example.test-start[1301]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 33.520156] acme-http.example.test-start[1301]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 33.525529] acme-http.example.test-start[1301]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 33.557083] systemd[1]: acme-http.example.test.service: Deactivated successfully. | |
webserver # [ 33.557975] systemd[1]: Finished Renew ACME certificate for http.example.test. | |
webserver # [ 33.558728] systemd[1]: acme-http.example.test.service: Consumed 150ms CPU time, received 12.7K IP traffic, sent 8.5K IP traffic. | |
webserver # [ 33.629931] nixos[1155]: finished switching to system configuration /nix/store/2n12rr72yd45ggxvqxa94b7pfw68avwy-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/renew/bin/switch-to-configuration test, in 8.68 seconds) | |
webserver: waiting for unit acme-finished-http.example.test.target | |
(finished: waiting for unit acme-finished-http.example.test.target, in 0.06 seconds) | |
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout | |
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.03 seconds) | |
First subject in fullchain.pem: subject=cn = http.example.test | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem, in 0.09 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem, in 0.08 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.02 seconds) | |
(finished: subtest: Can renew certificates when they expire, in 9.03 seconds) | |
subtest: Handles email change correctly | |
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.02 seconds) | |
webserver: must succeed: /tmp/specialisation/accountchange/bin/switch-to-configuration test | |
webserver # [ 34.903249] nixos[1356]: switching to system configuration /nix/store/a3215x68bg25ns835r5xlpn7ysw9aji1-nixos-system-webserver-23.05pre-git | |
webserver # [ 34.925480] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 34.929868] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 34.933334] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 35.165230] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 35.170182] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 35.174165] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (18) | |
webserver # [ 35.175056] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 35.175723] nscd[901]: 901 monitoring file `/etc/group` (21) | |
webserver # [ 35.176448] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 35.181971] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 35.184112] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 35.187879] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (18) | |
webserver # [ 35.188746] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 35.189675] nscd[901]: 901 monitoring file `/etc/passwd` (22) | |
webserver # [ 35.194656] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 35.314178] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 35.321451] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 35.322368] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 35.323512] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 35.324287] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 35.325277] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 35.326875] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 35.333113] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 35.699764] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # [ 36.305304] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 36.308012] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem). | |
webserver # [ 36.318508] systemd[1]: Starting Renew ACME certificate for http.example.test... | |
webserver # [ 36.352836] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 36.353551] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 36.356636] systemd[1]: Generate self-signed certificate for http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/http.example.test/key.pem). | |
webserver # [ 36.360604] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 36.364766] systemd[1]: Reached target Local File Systems. | |
webserver # [ 36.373504] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 36.379641] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 36.394152] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 36.395060] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 36.397435] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 36.429291] acme-http.example.test-start[1502]: + set -euo pipefail | |
webserver # [ 36.430249] acme-http.example.test-start[1502]: + echo 78c80081fedd8a7ae50d | |
webserver # [ 36.431262] acme-http.example.test-start[1502]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 36.435378] acme-http.example.test-start[1505]: ++ find accounts -name admin@example.test.key | |
webserver # [ 36.441337] acme-http.example.test-start[1502]: + '[' -e certificates/http.example.test.key -a -e certificates/http.example.test.crt -a -n '' ']' | |
webserver # [ 36.442577] acme-http.example.test-start[1502]: + lego --accept-tos --path . -d http.example.test --email admin@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir run | |
webserver # [ 36.471638] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 No key found for account admin@example.test. Generating a P256 key. | |
webserver # [ 36.473075] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 Saved key to accounts/acme.test/admin@example.test/keys/admin@example.test.key | |
acme # [ 36.624551] pebble[661]: Pebble 2023/01/21 19:52:28 GET /dir -> calling handler() | |
webserver # [ 36.526303] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] acme: Registering account for admin@example.test | |
acme # [ 36.629908] pebble[661]: Pebble 2023/01/21 19:52:28 HEAD /nonce-plz -> calling handler() | |
webserver # [ 36.532701] acme-http.example.test-start[1506]: !!!! HEADS UP !!!! | |
webserver # [ 36.533492] acme-http.example.test-start[1506]: Your account credentials have been saved in your Let's Encrypt | |
acme # [ 36.633966] pebble[661]: Pebble 2023/01/21 19:52:28 POST /sign-me-up -> calling handler() | |
webserver # [ 36.534470] acme-http.example.test-start[1506]: configuration directory at "accounts". | |
acme # [ 36.636319] pebble[661]: Pebble 2023/01/21 19:52:28 There are now 2 accounts in memory | |
webserver # [ 36.535287] acme-http.example.test-start[1506]: You should make a secure backup of this folder now. This | |
webserver # [ 36.536585] acme-http.example.test-start[1506]: configuration directory will also contain certificates and | |
webserver # [ 36.537360] acme-http.example.test-start[1506]: private keys obtained from Let's Encrypt so making regular | |
acme # [ 36.639380] pebble[661]: Pebble 2023/01/21 19:52:28 POST /order-plz -> calling handler() | |
webserver # [ 36.538467] acme-http.example.test-start[1506]: backups of this folder is ideal. | |
acme # [ 36.640271] pebble[661]: Pebble 2023/01/21 19:52:28 There are now 3 authorizations in the db | |
webserver # [ 36.539304] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 36.641171] pebble[661]: Pebble 2023/01/21 19:52:28 Added order "t2cg0lVssG9UFFvR8u98hxtFT0HuFHCYAEAnnICQNYA" to the db | |
acme # [ 36.642297] pebble[661]: Pebble 2023/01/21 19:52:28 There are now 3 orders in the db | |
webserver # [ 36.597675] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] AuthURL: https://acme.test/authZ/YsbW5RvVTHVaNLwwq4zvDJw2T8CQyX1pmEGwSXlT5l4 | |
webserver # [ 36.599212] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 36.601102] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: use http-01 solver | |
acme # [ 36.698290] pebble[661]: Pebble 2023/01/21 19:52:28 POST /authZ/ -> calling handler() | |
webserver # [ 36.602293] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 36.706425] pebble[661]: Pebble 2023/01/21 19:52:28 POST /chalZ/ -> calling handler() | |
webserver # [ 36.612802] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] Served key authentication | |
webserver # [ 36.614133] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] Served key authentication | |
webserver # [ 36.615269] acme-http.example.test-start[1506]: 2023/01/21 19:52:28 [INFO] [http.example.test] Served key authentication | |
acme # [ 36.714920] pebble[661]: Pebble 2023/01/21 19:52:28 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"http.example.test"}, Challenge:(*core.Challenge)(0xc0001b9220), Account:(*core.Account)(0xc0002efce0)} | |
acme # [ 36.720845] pebble[661]: Pebble 2023/01/21 19:52:28 Starting 3 validations. | |
acme # [ 36.721685] pebble[661]: Pebble 2023/01/21 19:52:28 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/YnjEWcQQBEmcVWOTQs5p_m4VWGJ_RnfjlqbLGzHt_ic | |
acme # [ 36.723361] pebble[661]: Pebble 2023/01/21 19:52:28 POST /authZ/ -> calling handler() | |
acme # [ 36.724289] pebble[661]: Pebble 2023/01/21 19:52:28 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/YnjEWcQQBEmcVWOTQs5p_m4VWGJ_RnfjlqbLGzHt_ic | |
acme # [ 36.725934] pebble[661]: Pebble 2023/01/21 19:52:28 Attempting to validate w/ HTTP: http://http.example.test:80/.well-known/acme-challenge/YnjEWcQQBEmcVWOTQs5p_m4VWGJ_RnfjlqbLGzHt_ic | |
acme # [ 36.727640] pebble[661]: Pebble 2023/01/21 19:52:28 authz YsbW5RvVTHVaNLwwq4zvDJw2T8CQyX1pmEGwSXlT5l4 set VALID by completed challenge 8vknoUp7PbuXvxcRukBZkn2sjBPz76_1pm_dmkvRH5c | |
acme # [ 40.965691] pebble[661]: Pebble 2023/01/21 19:52:32 POST /authZ/ -> calling handler() | |
webserver # [ 40.864330] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] [http.example.test] The server validated our request | |
acme # [ 40.968281] pebble[661]: Pebble 2023/01/21 19:52:32 POST /finalize-order/ -> calling handler() | |
webserver # [ 40.866574] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] [http.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 40.868839] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 40.969188] pebble[661]: Pebble 2023/01/21 19:52:32 Order t2cg0lVssG9UFFvR8u98hxtFT0HuFHCYAEAnnICQNYA is fully authorized. Processing finalization | |
acme # [ 40.975241] pebble[661]: Pebble 2023/01/21 19:52:32 Issued certificate serial 3c85c77aadb91006 for order t2cg0lVssG9UFFvR8u98hxtFT0HuFHCYAEAnnICQNYA | |
acme # [ 40.977939] pebble[661]: Pebble 2023/01/21 19:52:32 POST /my-order/ -> calling handler() | |
acme # [ 40.981299] pebble[661]: Pebble 2023/01/21 19:52:32 POST /certZ/ -> calling handler() | |
webserver # [ 40.882965] acme-http.example.test-start[1506]: 2023/01/21 19:52:32 [INFO] [http.example.test] Server responded with a certificate. | |
webserver # [ 40.886378] acme-http.example.test-start[1502]: + mv domainhash.txt certificates/ | |
webserver # [ 40.895397] acme-http.example.test-start[1502]: + chown acme:acme certificates/domainhash.txt certificates/http.example.test.crt certificates/http.example.test.issuer.crt certificates/http.example.test.json certificates/http.example.test.key | |
webserver # [ 40.902503] acme-http.example.test-start[1502]: + cmp -s certificates/http.example.test.crt out/fullchain.pem | |
webserver # [ 40.905846] acme-http.example.test-start[1502]: + touch out/renewed | |
webserver # [ 40.911221] acme-http.example.test-start[1502]: + echo Installing new certificate | |
webserver # [ 40.912262] acme-http.example.test-start[1502]: Installing new certificate | |
webserver # [ 40.913155] acme-http.example.test-start[1502]: + cp -vp certificates/http.example.test.crt out/fullchain.pem | |
webserver # [ 40.918232] acme-http.example.test-start[1517]: 'certificates/http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 40.919935] acme-http.example.test-start[1502]: + cp -vp certificates/http.example.test.key out/key.pem | |
webserver # [ 40.924403] acme-http.example.test-start[1518]: 'certificates/http.example.test.key' -> 'out/key.pem' | |
webserver # [ 40.926035] acme-http.example.test-start[1502]: + cp -vp certificates/http.example.test.issuer.crt out/chain.pem | |
webserver # [ 40.930838] acme-http.example.test-start[1519]: 'certificates/http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 40.932329] acme-http.example.test-start[1502]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 40.937830] acme-http.example.test-start[1502]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 40.943590] acme-http.example.test-start[1502]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 40.972152] systemd[1]: acme-http.example.test.service: Deactivated successfully. | |
webserver # [ 40.973071] systemd[1]: Finished Renew ACME certificate for http.example.test. | |
webserver # [ 40.973788] systemd[1]: acme-http.example.test.service: Consumed 163ms CPU time, received 13.4K IP traffic, sent 9.2K IP traffic. | |
webserver # [ 41.030809] nixos[1356]: finished switching to system configuration /nix/store/a3215x68bg25ns835r5xlpn7ysw9aji1-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/accountchange/bin/switch-to-configuration test, in 7.04 seconds) | |
webserver: waiting for unit acme-finished-http.example.test.target | |
(finished: waiting for unit acme-finished-http.example.test.target, in 0.06 seconds) | |
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout | |
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/http.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.02 seconds) | |
First subject in fullchain.pem: subject=cn = http.example.test | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/cert.pem, in 0.07 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/http.example.test/fullchain.pem, in 0.08 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem | |
(finished: must succeed: sha256sum /var/lib/acme/http.example.test/cert.pem, in 0.02 seconds) | |
(finished: subtest: Handles email change correctly, in 7.36 seconds) | |
webserver: must succeed: /tmp/specialisation/general/bin/switch-to-configuration test | |
webserver # [ 42.183417] nixos[1554]: switching to system configuration /nix/store/azqqk7z70crb86bg6h4bmv50p9afhkb7-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-finished-http.example.test.target, acme-fixperms.service, acme-http.example.test.timer, logrotate-checkconf.service | |
webserver # [ 42.210858] systemd[1]: Stopped target acme-finished-http.example.test.target. | |
webserver # [ 42.214363] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 42.216046] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 42.220561] systemd[1]: acme-http.example.test.timer: Deactivated successfully. | |
webserver # [ 42.222440] systemd[1]: Stopped Renew ACME Certificate for http.example.test. | |
webserver # [ 42.227031] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 42.231769] systemd[1]: logrotate-checkconf.service: Deactivated successfully. | |
webserver # [ 42.233872] systemd[1]: Stopped Logrotate configuration check. | |
webserver # [ 42.237438] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 42.240468] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 42.442344] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 42.449112] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 42.452773] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (24) | |
webserver # [ 42.453425] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 42.453949] nscd[901]: 901 monitoring file `/etc/group` (27) | |
webserver # [ 42.454484] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 42.457176] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 42.459854] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 42.462754] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (24) | |
webserver # [ 42.463777] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 42.464644] nscd[901]: 901 monitoring file `/etc/passwd` (28) | |
webserver # [ 42.470062] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 42.610728] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 42.618757] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 42.620313] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 42.622212] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 42.624471] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 42.627699] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 42.629692] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 42.634417] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 43.205082] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # reloading the following units: dbus.service | |
webserver # [ 43.981120] systemd[1]: Reloading D-Bus System Message Bus... | |
webserver # [ 43.998286] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # [ 44.028682] dbus-daemon[698]: [system] Reloaded configuration | |
webserver # [ 44.034171] dbus-send[1702]: method return time=1674330755.589722 sender=org.freedesktop.DBus -> destination=:1.17 serial=3 reply_serial=2 | |
webserver # [ 44.043397] systemd[1]: Reloaded D-Bus System Message Bus. | |
webserver # [ 44.048816] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service | |
webserver # [ 44.077509] dbus-daemon[698]: [system] Reloaded configuration | |
webserver # [ 44.098716] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 44.129225] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 44.139693] systemd[1]: Reached target Local File Systems. | |
webserver # [ 44.151487] systemd[1]: Starting Logrotate configuration check... | |
webserver # [ 44.157771] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 44.175202] logrotate[1707]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
webserver # [ 44.187490] logrotate[1707]: reading config file /nix/store/fi6rzfpmn186wn8a0xqn62xiwkb7cqfw-logrotate.conf | |
webserver # [ 44.191739] logrotate[1707]: note: 'monthly' overrides previously specified 'weekly' | |
webserver # [ 44.198637] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 44.199473] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 44.203267] systemd[1]: Starting Generate self-signed certificate for a.example.test... | |
webserver # [ 44.208178] systemd[1]: Starting Generate self-signed certificate for b.example.test... | |
webserver # [ 44.213615] systemd[1]: Starting Generate self-signed certificate for c.example.test... | |
webserver # [ 44.220255] logrotate[1707]: Reading state from file: /var/lib/logrotate.status | |
webserver # [ 44.221151] logrotate[1707]: state file /var/lib/logrotate.status does not exist | |
webserver # [ 44.221984] logrotate[1707]: Allocating hash table for state file, size 64 entries | |
webserver # [ 44.222975] logrotate[1707]: Handling 3 logs | |
webserver # [ 44.223751] logrotate[1707]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
webserver # [ 44.224792] logrotate[1707]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 44.229430] logrotate[1707]: considering log /var/log/btmp | |
webserver # [ 44.232139] logrotate[1707]: Creating new state | |
webserver # [ 44.232648] logrotate[1707]: Now: 2023-01-21 19:52 | |
webserver # [ 44.233702] logrotate[1707]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 44.234613] logrotate[1707]: log does not need rotating (log has already been rotated) | |
webserver # [ 44.235847] logrotate[1707]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
webserver # [ 44.254370] logrotate[1707]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 44.261325] logrotate[1707]: considering log /var/log/wtmp | |
webserver # [ 44.266750] logrotate[1707]: Creating new state | |
webserver # [ 44.268801] logrotate[1707]: Now: 2023-01-21 19:52 | |
webserver # [ 44.271396] logrotate[1707]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 44.280323] logrotate[1707]: log does not need rotating (log has already been rotated) | |
webserver # [ 44.287175] logrotate[1707]: rotating pattern: "/var/log/nginx/*.log" weekly (26 rotations) | |
webserver # [ 44.292752] logrotate[1707]: empty log files are not rotated, old logs are removed | |
webserver # [ 44.297296] logrotate[1707]: switching euid from 0 to 60 and egid from 0 to 60 (pid 1707) | |
webserver # [ 44.305434] logrotate[1707]: considering log /var/log/nginx/*.log | |
webserver # [ 44.310673] logrotate[1707]: log /var/log/nginx/*.log does not exist -- skipping | |
webserver # [ 44.313306] logrotate[1707]: Creating new state | |
webserver # [ 44.313819] logrotate[1707]: switching euid from 60 to 0 and egid from 60 to 0 (pid 1707) | |
webserver # [ 44.324228] systemd[1]: Finished Logrotate configuration check. | |
webserver # [ 44.332036] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 44.338165] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 44.342971] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 44.347103] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 44.350964] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 44.356241] systemd[1]: Started Renew ACME Certificate for a.example.test. | |
webserver # [ 44.360106] systemd[1]: Started Renew ACME Certificate for b.example.test. | |
webserver # [ 44.360877] systemd[1]: Started Renew ACME Certificate for c.example.test. | |
webserver # [ 44.924314] systemd[1]: acme-selfsigned-c.example.test.service: Deactivated successfully. | |
webserver # [ 44.925107] systemd[1]: Finished Generate self-signed certificate for c.example.test. | |
webserver # [ 45.142600] systemd[1]: acme-selfsigned-b.example.test.service: Deactivated successfully. | |
webserver # [ 45.143745] systemd[1]: Finished Generate self-signed certificate for b.example.test. | |
webserver # [ 45.164560] systemd[1]: acme-selfsigned-a.example.test.service: Deactivated successfully. | |
webserver # [ 45.165666] systemd[1]: Finished Generate self-signed certificate for a.example.test. | |
webserver # [ 45.176811] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 45.496477] nginx-pre-start[1746]: nginx: the configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf syntax is ok | |
webserver # [ 45.498260] nginx-pre-start[1746]: nginx: configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf test is successful | |
webserver # [ 45.536215] systemd[1]: Started Nginx Web Server. | |
webserver # [ 45.548253] systemd[1]: Starting Renew ACME certificate for a.example.test... | |
webserver # [ 45.672332] acme-a.example.test-start[1748]: + set -euo pipefail | |
webserver # [ 45.673790] acme-a.example.test-start[1749]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 45.681036] acme-a.example.test-start[1749]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 45.687925] acme-a.example.test-start[1748]: + echo 9c8503f9419119933b04 | |
webserver # [ 45.689325] acme-a.example.test-start[1748]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 45.692963] acme-a.example.test-start[1748]: + lego --accept-tos --path . -d a.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
webserver # [ 45.742584] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: using the "epoll" event method | |
webserver # [ 45.743714] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: nginx/1.22.1 | |
webserver # [ 45.744965] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: built by gcc 11.3.0 (GCC) | |
webserver # [ 45.745869] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: OS: Linux 5.15.89 | |
webserver # [ 45.747202] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 45.748841] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: start worker processes | |
webserver # [ 45.750611] nginx[1747]: 2023/01/21 19:52:37 [notice] 1747#1747: start worker process 1757 | |
acme # [ 45.912555] pebble[661]: Pebble 2023/01/21 19:52:37 GET /dir -> calling handler() | |
webserver # [ 45.815404] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 45.919389] pebble[661]: Pebble 2023/01/21 19:52:37 HEAD /nonce-plz -> calling handler() | |
acme # [ 45.924190] pebble[661]: Pebble 2023/01/21 19:52:37 POST /order-plz -> calling handler() | |
acme # [ 45.927601] pebble[661]: Pebble 2023/01/21 19:52:37 There are now 4 authorizations in the db | |
acme # [ 45.931118] pebble[661]: Pebble 2023/01/21 19:52:37 Added order "qegQHmPSueQdENGAyLfbu7yLOUVXPHu2OYfY8RSIL9I" to the db | |
acme # [ 45.935625] pebble[661]: Pebble 2023/01/21 19:52:37 There are now 4 orders in the db | |
webserver # [ 45.881862] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] AuthURL: https://acme.test/authZ/_HvrWt4cvhzSVrkB-hEsbZQZPXGJJ45EMcrZxcqZGGE | |
webserver # [ 45.883642] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 45.982723] pebble[661]: Pebble 2023/01/21 19:52:37 POST /authZ/ -> calling handler() | |
webserver # [ 45.886850] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: use http-01 solver | |
webserver # [ 45.888687] acme-a.example.test-start[1752]: 2023/01/21 19:52:37 [INFO] [a.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 45.993788] pebble[661]: Pebble 2023/01/21 19:52:37 POST /chalZ/ -> calling handler() | |
acme # [ 46.000938] pebble[661]: Pebble 2023/01/21 19:52:37 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"a.example.test"}, Challenge:(*core.Challenge)(0xc0001b85a0), Account:(*core.Account)(0xc0001c8f00)} | |
acme # [ 46.010864] pebble[661]: Pebble 2023/01/21 19:52:37 Starting 3 validations. | |
acme # [ 46.015061] pebble[661]: Pebble 2023/01/21 19:52:37 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/rQGgp33AJvIeMkRNhi8iIFc4Bh-_-afZKhuB_MPs2yA | |
acme # [ 46.021345] pebble[661]: Pebble 2023/01/21 19:52:37 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/rQGgp33AJvIeMkRNhi8iIFc4Bh-_-afZKhuB_MPs2yA | |
acme # [ 46.027722] pebble[661]: Pebble 2023/01/21 19:52:37 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/rQGgp33AJvIeMkRNhi8iIFc4Bh-_-afZKhuB_MPs2yA | |
acme # [ 46.034256] pebble[661]: Pebble 2023/01/21 19:52:37 POST /authZ/ -> calling handler() | |
acme # [ 46.037559] pebble[661]: Pebble 2023/01/21 19:52:37 authz _HvrWt4cvhzSVrkB-hEsbZQZPXGJJ45EMcrZxcqZGGE set VALID by completed challenge kP6wLFkl4grkDrYtbR0--YaXy-KoHmABfrVJA7Pjny0 | |
acme # [ 52.074995] pebble[661]: Pebble 2023/01/21 19:52:43 POST /authZ/ -> calling handler() | |
webserver # [ 51.974122] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] [a.example.test] The server validated our request | |
webserver # [ 51.979984] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] [a.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 52.084294] pebble[661]: Pebble 2023/01/21 19:52:43 POST /finalize-order/ -> calling handler() | |
webserver # [ 51.986621] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 52.091143] pebble[661]: Pebble 2023/01/21 19:52:43 Order qegQHmPSueQdENGAyLfbu7yLOUVXPHu2OYfY8RSIL9I is fully authorized. Processing finalization | |
webserver # [ 51.997971] acme-a.example.test-start[1752]: 2023/01/21 19:52:43 [INFO] [a.example.test] Server responded with a certificate. | |
acme # [ 52.097428] pebble[661]: Pebble 2023/01/21 19:52:43 Issued certificate serial 345b91e3874984d3 for order qegQHmPSueQdENGAyLfbu7yLOUVXPHu2OYfY8RSIL9I | |
webserver # [ 52.001218] acme-a.example.test-start[1748]: + mv domainhash.txt certificates/ | |
acme # [ 52.103303] pebble[661]: Pebble 2023/01/21 19:52:43 POST /my-order/ -> calling handler() | |
acme # [ 52.106458] pebble[661]: Pebble 2023/01/21 19:52:43 POST /certZ/ -> calling handler() | |
webserver # [ 52.008611] acme-a.example.test-start[1748]: + chown acme:nginx certificates/a.example.test.crt certificates/a.example.test.issuer.crt certificates/a.example.test.json certificates/a.example.test.key certificates/domainhash.txt | |
webserver # [ 52.016683] acme-a.example.test-start[1748]: + cmp -s certificates/a.example.test.crt out/fullchain.pem | |
webserver # [ 52.020581] acme-a.example.test-start[1748]: + touch out/renewed | |
webserver # [ 52.026666] acme-a.example.test-start[1748]: + echo Installing new certificate | |
webserver # [ 52.027764] acme-a.example.test-start[1748]: Installing new certificate | |
webserver # [ 52.028532] acme-a.example.test-start[1748]: + cp -vp certificates/a.example.test.crt out/fullchain.pem | |
webserver # [ 52.034507] acme-a.example.test-start[1762]: 'certificates/a.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 52.036574] acme-a.example.test-start[1748]: + cp -vp certificates/a.example.test.key out/key.pem | |
webserver # [ 52.041851] acme-a.example.test-start[1763]: 'certificates/a.example.test.key' -> 'out/key.pem' | |
webserver # [ 52.043947] acme-a.example.test-start[1748]: + cp -vp certificates/a.example.test.issuer.crt out/chain.pem | |
webserver # [ 52.049056] acme-a.example.test-start[1764]: 'certificates/a.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 52.050821] acme-a.example.test-start[1748]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 52.057145] acme-a.example.test-start[1748]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 52.063415] acme-a.example.test-start[1748]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 52.098635] systemd[1]: acme-a.example.test.service: Deactivated successfully. | |
webserver # [ 52.099609] systemd[1]: Finished Renew ACME certificate for a.example.test. | |
webserver # [ 52.102444] systemd[1]: acme-a.example.test.service: Consumed 190ms CPU time, received 11.2K IP traffic, sent 7.0K IP traffic. | |
webserver # [ 52.106214] systemd[1]: Reached target acme-account-d590213ed52603e9128d.target. | |
webserver # [ 52.110826] systemd[1]: Starting Renew ACME certificate for b.example.test... | |
webserver # [ 52.116441] systemd[1]: Starting Renew ACME certificate for c.example.test... | |
webserver # [ 52.240733] acme-b.example.test-start[1772]: + set -euo pipefail | |
webserver # [ 52.242596] acme-b.example.test-start[1774]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 52.244938] acme-c.example.test-start[1773]: + set -euo pipefail | |
webserver # [ 52.246555] acme-c.example.test-start[1775]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 52.256137] acme-b.example.test-start[1774]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 52.257581] acme-c.example.test-start[1775]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 52.266706] acme-b.example.test-start[1772]: + echo 0fe0254e2c124c865860 | |
webserver # [ 52.267674] acme-b.example.test-start[1772]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 52.269922] acme-c.example.test-start[1773]: + echo ced4ccfc78dd04ff3014 | |
webserver # [ 52.273018] acme-c.example.test-start[1773]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 52.275328] acme-c.example.test-start[1773]: + lego --accept-tos --path . -d c.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
webserver # [ 52.286097] acme-b.example.test-start[1772]: + lego --accept-tos --path . -d b.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
acme # [ 52.530784] pebble[661]: Pebble 2023/01/21 19:52:44 GET /dir -> calling handler() | |
webserver # [ 52.436789] acme-b.example.test-start[1780]: 2023/01/21 19:52:43 [INFO] [b.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 52.538199] pebble[661]: Pebble 2023/01/21 19:52:44 GET /dir -> calling handler() | |
webserver # [ 52.439492] acme-c.example.test-start[1781]: 2023/01/21 19:52:43 [INFO] [c.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 52.541698] pebble[661]: Pebble 2023/01/21 19:52:44 HEAD /nonce-plz -> calling handler() | |
acme # [ 52.546339] pebble[661]: Pebble 2023/01/21 19:52:44 POST /order-plz -> calling handler() | |
acme # [ 52.550722] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 5 authorizations in the db | |
acme # [ 52.554058] pebble[661]: Pebble 2023/01/21 19:52:44 Added order "c-642suO1aktXr4AAPEbU1552mv1e7mKdAPpIm1rBzQ" to the db | |
acme # [ 52.558199] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 5 orders in the db | |
acme # [ 52.561326] pebble[661]: Pebble 2023/01/21 19:52:44 HEAD /nonce-plz -> calling handler() | |
acme # [ 52.564562] pebble[661]: Pebble 2023/01/21 19:52:44 POST /order-plz -> calling handler() | |
acme # [ 52.567780] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 6 authorizations in the db | |
acme # [ 52.571156] pebble[661]: Pebble 2023/01/21 19:52:44 Added order "I7IO4F6DPgxA9CpCj_pO2hIZRalhM_NoEj5nF4h80xY" to the db | |
acme # [ 52.575669] pebble[661]: Pebble 2023/01/21 19:52:44 There are now 6 orders in the db | |
webserver # [ 52.502620] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] AuthURL: https://acme.test/authZ/xmHXMD0IstpgGhmVTIt9e7AsjA8Teiw_GSYWSlH3VHc | |
webserver # [ 52.504205] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 52.506165] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] acme: use http-01 solver | |
acme # [ 52.603396] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler() | |
webserver # [ 52.507738] acme-b.example.test-start[1780]: 2023/01/21 19:52:44 [INFO] [b.example.test] acme: Trying to solve HTTP-01 | |
webserver # [ 52.510644] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] AuthURL: https://acme.test/authZ/O38eH0V5tOJB7m_x-qV-OEuDPPnZifmHxtuaHeiiPoE | |
webserver # [ 52.512147] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 52.513367] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] acme: use http-01 solver | |
webserver # [ 52.515215] acme-c.example.test-start[1781]: 2023/01/21 19:52:44 [INFO] [c.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 52.611473] pebble[661]: Pebble 2023/01/21 19:52:44 POST /chalZ/ -> calling handler() | |
acme # [ 52.620463] pebble[661]: Pebble 2023/01/21 19:52:44 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"b.example.test"}, Challenge:(*core.Challenge)(0xc0001b8fa0), Account:(*core.Account)(0xc0001c8f00)} | |
acme # [ 52.630073] pebble[661]: Pebble 2023/01/21 19:52:44 Starting 3 validations. | |
acme # [ 52.630876] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://b.example.test:80/.well-known/acme-challenge/9yq7FQjYYW4T2C_BSQA5a1Dbpg3rhLYeAPg75rHhqAU | |
acme # [ 52.632429] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://b.example.test:80/.well-known/acme-challenge/9yq7FQjYYW4T2C_BSQA5a1Dbpg3rhLYeAPg75rHhqAU | |
acme # [ 52.634015] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://b.example.test:80/.well-known/acme-challenge/9yq7FQjYYW4T2C_BSQA5a1Dbpg3rhLYeAPg75rHhqAU | |
acme # [ 52.635599] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler() | |
acme # [ 52.636462] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler() | |
acme # [ 52.637366] pebble[661]: Pebble 2023/01/21 19:52:44 POST /chalZ/ -> calling handler() | |
acme # [ 52.638198] pebble[661]: Pebble 2023/01/21 19:52:44 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"c.example.test"}, Challenge:(*core.Challenge)(0xc0001b9540), Account:(*core.Account)(0xc0001c8f00)} | |
acme # [ 52.640465] pebble[661]: Pebble 2023/01/21 19:52:44 Starting 3 validations. | |
acme # [ 52.641248] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://c.example.test:80/.well-known/acme-challenge/MBoRr4R8y7MhnttV5nKkt3Am5AD_9IfEh5bjcizGq2E | |
acme # [ 52.642816] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://c.example.test:80/.well-known/acme-challenge/MBoRr4R8y7MhnttV5nKkt3Am5AD_9IfEh5bjcizGq2E | |
acme # [ 52.644358] pebble[661]: Pebble 2023/01/21 19:52:44 Attempting to validate w/ HTTP: http://c.example.test:80/.well-known/acme-challenge/MBoRr4R8y7MhnttV5nKkt3Am5AD_9IfEh5bjcizGq2E | |
acme # [ 52.645897] pebble[661]: Pebble 2023/01/21 19:52:44 POST /authZ/ -> calling handler() | |
acme # [ 52.646761] pebble[661]: Pebble 2023/01/21 19:52:44 authz O38eH0V5tOJB7m_x-qV-OEuDPPnZifmHxtuaHeiiPoE set VALID by completed challenge aBE7VjARGYrXubikilfGofm0L9puGfXpSnh-d9jHh60 | |
acme # [ 52.648357] pebble[661]: Pebble 2023/01/21 19:52:44 authz xmHXMD0IstpgGhmVTIt9e7AsjA8Teiw_GSYWSlH3VHc set VALID by completed challenge NYBfZ3H6A6ESMwxojXsVMUNuQRW6Qef4njwvwIptm2I | |
webserver # [ 55.864258] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] [c.example.test] The server validated our request | |
webserver # [ 55.865408] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] [c.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 55.867786] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 55.964659] pebble[661]: Pebble 2023/01/21 19:52:47 POST /authZ/ -> calling handler() | |
acme # [ 55.971306] pebble[661]: Pebble 2023/01/21 19:52:47 POST /finalize-order/ -> calling handler() | |
acme # [ 55.976774] pebble[661]: Pebble 2023/01/21 19:52:47 Order I7IO4F6DPgxA9CpCj_pO2hIZRalhM_NoEj5nF4h80xY is fully authorized. Processing finalization | |
acme # [ 55.983444] pebble[661]: Pebble 2023/01/21 19:52:47 Issued certificate serial 7ef7415a2ee0a88a for order I7IO4F6DPgxA9CpCj_pO2hIZRalhM_NoEj5nF4h80xY | |
webserver # [ 55.883976] acme-c.example.test-start[1781]: 2023/01/21 19:52:47 [INFO] [c.example.test] Server responded with a certificate. | |
acme # [ 55.988057] pebble[661]: Pebble 2023/01/21 19:52:47 POST /my-order/ -> calling handler() | |
acme # [ 55.989212] pebble[661]: Pebble 2023/01/21 19:52:47 POST /certZ/ -> calling handler() | |
webserver # [ 55.888715] acme-c.example.test-start[1773]: + mv domainhash.txt certificates/ | |
webserver # [ 55.895170] acme-c.example.test-start[1773]: + chown acme:nginx certificates/c.example.test.crt certificates/c.example.test.issuer.crt certificates/c.example.test.json certificates/c.example.test.key certificates/domainhash.txt | |
webserver # [ 55.903383] acme-c.example.test-start[1773]: + cmp -s certificates/c.example.test.crt out/fullchain.pem | |
webserver # [ 55.907051] acme-c.example.test-start[1773]: + touch out/renewed | |
webserver # [ 55.912728] acme-c.example.test-start[1773]: + echo Installing new certificate | |
webserver # [ 55.913652] acme-c.example.test-start[1773]: Installing new certificate | |
webserver # [ 55.914597] acme-c.example.test-start[1773]: + cp -vp certificates/c.example.test.crt out/fullchain.pem | |
webserver # [ 55.920236] acme-c.example.test-start[1794]: 'certificates/c.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 55.922248] acme-c.example.test-start[1773]: + cp -vp certificates/c.example.test.key out/key.pem | |
webserver # [ 55.928198] acme-c.example.test-start[1795]: 'certificates/c.example.test.key' -> 'out/key.pem' | |
webserver # [ 55.930113] acme-c.example.test-start[1773]: + cp -vp certificates/c.example.test.issuer.crt out/chain.pem | |
webserver # [ 55.935498] acme-c.example.test-start[1796]: 'certificates/c.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 55.937153] acme-c.example.test-start[1773]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 55.942639] acme-c.example.test-start[1773]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 55.948652] acme-c.example.test-start[1773]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 55.982551] systemd[1]: acme-c.example.test.service: Deactivated successfully. | |
webserver # [ 55.983545] systemd[1]: Finished Renew ACME certificate for c.example.test. | |
webserver # [ 55.986532] systemd[1]: acme-c.example.test.service: Consumed 185ms CPU time, received 11.2K IP traffic, sent 7.1K IP traffic. | |
webserver # [ 57.315628] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] [b.example.test] The server validated our request | |
webserver # [ 57.317538] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] [b.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 57.416022] pebble[661]: Pebble 2023/01/21 19:52:48 POST /authZ/ -> calling handler() | |
webserver # [ 57.318871] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 57.421363] pebble[661]: Pebble 2023/01/21 19:52:48 POST /finalize-order/ -> calling handler() | |
acme # [ 57.423729] pebble[661]: Pebble 2023/01/21 19:52:48 Order c-642suO1aktXr4AAPEbU1552mv1e7mKdAPpIm1rBzQ is fully authorized. Processing finalization | |
acme # [ 57.425591] pebble[661]: Pebble 2023/01/21 19:52:48 Issued certificate serial 4c9e17bc4bbeeeea for order c-642suO1aktXr4AAPEbU1552mv1e7mKdAPpIm1rBzQ | |
acme # [ 57.428044] pebble[661]: Pebble 2023/01/21 19:52:48 POST /my-order/ -> calling handler() | |
acme # [ 57.429258] pebble[661]: Pebble 2023/01/21 19:52:48 POST /certZ/ -> calling handler() | |
webserver # [ 57.329110] acme-b.example.test-start[1780]: 2023/01/21 19:52:48 [INFO] [b.example.test] Server responded with a certificate. | |
webserver # [ 57.331353] acme-b.example.test-start[1772]: + mv domainhash.txt certificates/ | |
webserver # [ 57.337364] acme-b.example.test-start[1772]: + chown acme:nginx certificates/b.example.test.crt certificates/b.example.test.issuer.crt certificates/b.example.test.json certificates/b.example.test.key certificates/domainhash.txt | |
webserver # [ 57.345033] acme-b.example.test-start[1772]: + cmp -s certificates/b.example.test.crt out/fullchain.pem | |
webserver # [ 57.348453] acme-b.example.test-start[1772]: + touch out/renewed | |
webserver # [ 57.353540] acme-b.example.test-start[1772]: + echo Installing new certificate | |
webserver # [ 57.355192] acme-b.example.test-start[1772]: Installing new certificate | |
webserver # [ 57.356064] acme-b.example.test-start[1772]: + cp -vp certificates/b.example.test.crt out/fullchain.pem | |
webserver # [ 57.361287] acme-b.example.test-start[1808]: 'certificates/b.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 57.363327] acme-b.example.test-start[1772]: + cp -vp certificates/b.example.test.key out/key.pem | |
webserver # [ 57.368438] acme-b.example.test-start[1809]: 'certificates/b.example.test.key' -> 'out/key.pem' | |
webserver # [ 57.370335] acme-b.example.test-start[1772]: + cp -vp certificates/b.example.test.issuer.crt out/chain.pem | |
webserver # [ 57.375179] acme-b.example.test-start[1810]: 'certificates/b.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 57.377414] acme-b.example.test-start[1772]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 57.382467] acme-b.example.test-start[1772]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 57.388147] acme-b.example.test-start[1772]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 57.423739] systemd[1]: acme-b.example.test.service: Deactivated successfully. | |
webserver # [ 57.424687] systemd[1]: Finished Renew ACME certificate for b.example.test. | |
webserver # [ 57.426267] systemd[1]: acme-b.example.test.service: Consumed 182ms CPU time, received 11.2K IP traffic, sent 7.1K IP traffic. | |
webserver # [ 57.430489] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 57.480312] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 57.581494] nginx[1820]: nginx: the configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf syntax is ok | |
webserver # [ 57.583028] nginx[1820]: nginx: configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf test is successful | |
webserver # [ 57.642228] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: signal 1 (SIGHUP) received from 1821, reconfiguring | |
webserver # [ 57.643423] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: reconfiguring | |
webserver # [ 57.654185] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 57.659990] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 57.661461] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 57.665364] systemd[1]: Reached target acme-finished-a.example.test.target. | |
webserver # [ 57.667713] systemd[1]: Reached target acme-finished-b.example.test.target. | |
webserver # [ 57.677604] systemd[1]: Reached target acme-finished-c.example.test.target. | |
webserver # [ 57.718080] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: using the "epoll" event method | |
webserver # [ 57.722661] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: start worker processes | |
webserver # [ 57.723588] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: start worker process 1823 | |
webserver # the following new units were started: acme-a.example.test.timer, acme-account-d590213ed52603e9128d.target, acme-b.example.test.timer, acme-c.example.test.timer, acme-finished-a.example.test.target, acme-finished-b.example.test.target, acme-finished-c.example.test.target, nginx.service | |
webserver # [ 57.769777] nixos[1554]: finished switching to system configuration /nix/store/azqqk7z70crb86bg6h4bmv50p9afhkb7-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/general/bin/switch-to-configuration test, in 16.46 seconds) | |
subtest: Can request certificate with HTTP-01 challenge | |
webserver: waiting for unit acme-finished-a.example.test.target | |
webserver # [ 57.826151] nginx[1757]: 2023/01/21 19:52:49 [notice] 1757#1757: gracefully shutting down | |
webserver # [ 57.827099] nginx[1757]: 2023/01/21 19:52:49 [notice] 1757#1757: exiting | |
webserver # [ 57.827818] nginx[1757]: 2023/01/21 19:52:49 [notice] 1757#1757: exit | |
webserver # [ 57.831871] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: signal 17 (SIGCHLD) received from 1757 | |
webserver # [ 57.833099] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: worker process 1757 exited with code 0 | |
webserver # [ 57.834994] nginx[1747]: 2023/01/21 19:52:49 [notice] 1747#1747: signal 29 (SIGIO) received | |
(finished: waiting for unit acme-finished-a.example.test.target, in 0.08 seconds) | |
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout | |
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.03 seconds) | |
First subject in fullchain.pem: subject=cn = a.example.test | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem, in 0.11 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem, in 0.10 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: waiting for unit nginx.service | |
(finished: waiting for unit nginx.service, in 0.06 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1 | |
webserver # [ 58.251860] nginx[1823]: 2023/01/21 19:52:49 [info] 1823#1823: *10 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1, in 0.08 seconds) | |
(finished: subtest: Can request certificate with HTTP-01 challenge, in 0.46 seconds) | |
subtest: Runs 1 cert for account creation before others | |
webserver: waiting for unit acme-finished-b.example.test.target | |
(finished: waiting for unit acme-finished-b.example.test.target, in 0.06 seconds) | |
webserver: waiting for unit acme-finished-c.example.test.target | |
(finished: waiting for unit acme-finished-c.example.test.target, in 0.06 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername b.example.test -connect b.example.test:443 < /dev/null 2>&1 | |
webserver # [ 58.411604] nginx[1823]: 2023/01/21 19:52:49 [info] 1823#1823: *11 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername b.example.test -connect b.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername c.example.test -connect c.example.test:443 < /dev/null 2>&1 | |
webserver # [ 58.439285] nginx[1823]: 2023/01/21 19:52:49 [info] 1823#1823: *12 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername c.example.test -connect c.example.test:443 < /dev/null 2>&1, in 0.02 seconds) | |
(finished: subtest: Runs 1 cert for account creation before others, in 0.18 seconds) | |
subtest: Certificates and accounts have safe + valid permissions | |
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5 | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5, in 0.03 seconds) | |
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/.lego/a.example.test/**/a.example.test* | tee /dev/stderr | grep '600 acme nginx' | wc -l) -eq 4 | |
webserver # 600 acme nginx | |
webserver # 600 acme nginx | |
webserver # 600 acme nginx | |
webserver # 600 acme nginx | |
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/.lego/a.example.test/**/a.example.test* | tee /dev/stderr | grep '600 acme nginx' | wc -l) -eq 4, in 0.03 seconds) | |
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test | tee /dev/stderr | grep '750 acme nginx' | wc -l) -eq 1 | |
webserver # 750 acme nginx | |
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test | tee /dev/stderr | grep '750 acme nginx' | wc -l) -eq 1, in 0.02 seconds) | |
webserver: must succeed: test $(find /var/lib/acme/accounts -type f -exec stat -L -c '%a %U %G' {} \; | tee /dev/stderr | grep -v '600 acme nginx' | wc -l) -eq 0 | |
webserver # find: ‘/var/lib/acme/accounts’: No such file or directory | |
(finished: must succeed: test $(find /var/lib/acme/accounts -type f -exec stat -L -c '%a %U %G' {} \; | tee /dev/stderr | grep -v '600 acme nginx' | wc -l) -eq 0, in 0.03 seconds) | |
(finished: subtest: Certificates and accounts have safe + valid permissions, in 0.11 seconds) | |
subtest: Can generate valid selfsigned certs | |
webserver: must succeed: systemctl clean acme-a.example.test.service --what=state | |
webserver # [ 58.599056] systemd[1]: acme-a.example.test.service: Deactivated successfully. | |
webserver # [ 58.600513] systemd[1]: acme-a.example.test.service: Consumed 1ms CPU time, no IO, received 11.2K IP traffic, sent 7.0K IP traffic. | |
(finished: must succeed: systemctl clean acme-a.example.test.service --what=state, in 0.06 seconds) | |
webserver: must succeed: systemctl start acme-selfsigned-a.example.test.service | |
webserver # [ 58.641397] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 58.649846] systemd[1]: Starting Generate self-signed certificate for a.example.test... | |
webserver # [ 59.192600] systemd[1]: acme-selfsigned-a.example.test.service: Deactivated successfully. | |
webserver # [ 59.193707] systemd[1]: Finished Generate self-signed certificate for a.example.test. | |
(finished: must succeed: systemctl start acme-selfsigned-a.example.test.service, in 0.60 seconds) | |
webserver: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout | |
(finished: must succeed: openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/a.example.test/fullchain.pem | openssl pkcs7 -print_certs -noout, in 0.03 seconds) | |
First subject in fullchain.pem: subject=cn = a.example.test | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/cert.pem, in 0.10 seconds) | |
cert.pem issuer: CN = minica root ca 26429f | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/a.example.test/fullchain.pem, in 0.10 seconds) | |
fullchain.pem issuer: CN = minica root ca 26429f | |
webserver: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5 | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
webserver # 640 acme nginx | |
(finished: must succeed: test $(stat -L -c '%a %U %G' /var/lib/acme/a.example.test/*.pem | tee /dev/stderr | grep '640 acme nginx' | wc -l) -eq 5, in 0.04 seconds) | |
webserver: must succeed: systemctl start nginx-config-reload.service | |
webserver # [ 59.520832] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 59.578372] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 59.681306] nginx[1929]: nginx: the configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf syntax is ok | |
webserver # [ 59.682728] nginx[1929]: nginx: configuration file /nix/store/93pi629dfy3biicbfv3gf3h4l8sg5xij-nginx.conf test is successful | |
webserver # [ 59.741994] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: signal 1 (SIGHUP) received from 1930, reconfiguring | |
webserver # [ 59.743171] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: reconfiguring | |
webserver # [ 59.753691] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 59.758967] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 59.762470] systemd[1]: Finished nginx-config-reload.service. | |
(finished: must succeed: systemctl start nginx-config-reload.service, in 0.29 seconds) | |
(finished: subtest: Can generate valid selfsigned certs, in 1.22 seconds) | |
subtest: Correctly implements OCSP stapling | |
webserver # [ 59.811014] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: using the "epoll" event method | |
webserver # [ 59.812480] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: start worker processes | |
webserver # [ 59.814727] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: start worker process 1939 | |
webserver: must succeed: /tmp/specialisation/ocsp-stapling/bin/switch-to-configuration test | |
webserver # [ 59.917487] nginx[1823]: 2023/01/21 19:52:51 [notice] 1823#1823: gracefully shutting down | |
webserver # [ 59.918504] nginx[1823]: 2023/01/21 19:52:51 [notice] 1823#1823: exiting | |
webserver # [ 59.919320] nginx[1823]: 2023/01/21 19:52:51 [notice] 1823#1823: exit | |
webserver # [ 59.921750] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: signal 17 (SIGCHLD) received from 1823 | |
webserver # [ 59.922830] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: worker process 1823 exited with code 0 | |
webserver # [ 59.924614] nginx[1747]: 2023/01/21 19:52:51 [notice] 1747#1747: signal 29 (SIGIO) received | |
webserver # [ 60.626260] nixos[1940]: switching to system configuration /nix/store/9cxh8qddxwmnby00v8vb5i4nlfp3p3jj-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-b.example.test.timer, acme-c.example.test.timer, acme-finished-b.example.test.target, acme-finished-c.example.test.target, acme-fixperms.service | |
webserver # [ 60.649637] systemd[1]: acme-b.example.test.timer: Deactivated successfully. | |
webserver # [ 60.651210] systemd[1]: Stopped Renew ACME Certificate for b.example.test. | |
webserver # [ 60.654470] systemd[1]: acme-c.example.test.timer: Deactivated successfully. | |
webserver # [ 60.655779] systemd[1]: Stopped Renew ACME Certificate for c.example.test. | |
webserver # [ 60.659291] systemd[1]: Stopped target acme-finished-b.example.test.target. | |
webserver # [ 60.662336] systemd[1]: Stopped target acme-finished-c.example.test.target. | |
webserver # [ 60.665488] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 60.668311] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 60.672789] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 60.676920] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 60.681360] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 60.936550] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 60.944098] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 60.948439] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (30) | |
webserver # [ 60.949255] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 60.949927] nscd[901]: 901 monitoring file `/etc/group` (33) | |
webserver # [ 60.950611] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 60.954956] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 60.956755] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 60.960072] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (30) | |
webserver # [ 60.960854] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 60.963792] nscd[901]: 901 monitoring file `/etc/passwd` (34) | |
webserver # [ 60.968159] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 61.102798] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 61.111522] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 61.113274] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 61.114305] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 61.116413] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 61.118598] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 61.120560] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 61.124605] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 61.710718] systemd[1]: Reloading. | |
webserver # [ 62.250834] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed. | |
webserver # setting up tmpfiles | |
webserver # restarting the following units: acme-a.example.test.timer, nginx.service | |
webserver # [ 62.413042] systemd[1]: acme-a.example.test.timer: Deactivated successfully. | |
webserver # [ 62.417883] systemd[1]: Stopped Renew ACME Certificate for a.example.test. | |
webserver # [ 62.421828] systemd[1]: Stopping Renew ACME Certificate for a.example.test... | |
webserver # [ 62.429780] systemd[1]: Started Renew ACME Certificate for a.example.test. | |
webserver # [ 62.436242] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 62.440964] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 62.443792] nginx[1939]: 2023/01/21 19:52:53 [notice] 1939#1939: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 62.449389] nginx[1939]: 2023/01/21 19:52:53 [notice] 1939#1939: exiting | |
webserver # [ 62.452655] nginx[1939]: 2023/01/21 19:52:53 [notice] 1939#1939: exit | |
webserver # [ 62.456220] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: signal 17 (SIGCHLD) received from 1939 | |
webserver # [ 62.470198] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: worker process 1939 exited with code 0 | |
webserver # [ 62.487026] nginx[1747]: 2023/01/21 19:52:53 [notice] 1747#1747: exit | |
webserver # [ 62.493449] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 62.498962] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 62.503348] systemd[1]: nginx.service: Consumed 531ms CPU time, read 0B from disk, written 8.0K to disk, received 6.9K IP traffic, sent 13.5K IP traffic. | |
webserver # [ 62.513429] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 62.598559] nginx-pre-start[2091]: nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/var/lib/acme/a.example.test/fullchain.pem" | |
webserver # [ 62.606568] nginx-pre-start[2091]: nginx: the configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf syntax is ok | |
webserver # [ 62.611336] nginx-pre-start[2091]: nginx: configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf test is successful | |
webserver # [ 62.629188] systemd[1]: Started Nginx Web Server. | |
webserver # starting the following units: acme-fixperms.service | |
webserver # [ 62.681790] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 62.686354] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 62.720109] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 62.759726] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 62.778932] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 62.783714] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 62.800085] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 62.811240] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 62.817815] systemd[1]: Reached target Local File Systems. | |
webserver # [ 62.822778] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 62.825154] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 62.828253] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 62.836343] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 62.848415] systemd[1]: Generate self-signed certificate for a.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/a.example.test/key.pem). | |
webserver # [ 62.853253] systemd[1]: Starting Renew ACME certificate for a.example.test... | |
webserver # [ 62.896878] nginx[2092]: nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/var/lib/acme/a.example.test/fullchain.pem" | |
webserver # [ 62.901117] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: using the "epoll" event method | |
webserver # [ 62.902192] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: nginx/1.22.1 | |
webserver # [ 62.903802] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: built by gcc 11.3.0 (GCC) | |
webserver # [ 62.904698] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: OS: Linux 5.15.89 | |
webserver # [ 62.906117] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 62.908087] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: start worker processes | |
webserver # [ 62.909978] nginx[2092]: 2023/01/21 19:52:54 [notice] 2092#2092: start worker process 2101 | |
webserver # [ 62.939619] acme-a.example.test-start[2100]: + set -euo pipefail | |
webserver # [ 62.941201] acme-a.example.test-start[2102]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 62.948482] acme-a.example.test-start[2102]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 62.957817] acme-a.example.test-start[2100]: + echo 9c8503f9419119933b04 | |
webserver # [ 62.958996] acme-a.example.test-start[2100]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 62.963388] acme-a.example.test-start[2100]: + lego --accept-tos --path . -d a.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run --must-staple | |
webserver # [ 63.003970] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 No key found for account hostmaster@example.test. Generating a P256 key. | |
webserver # [ 63.011737] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key | |
acme # [ 63.167138] pebble[661]: Pebble 2023/01/21 19:52:54 GET /dir -> calling handler() | |
webserver # [ 63.069363] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] acme: Registering account for hostmaster@example.test | |
acme # [ 63.176511] pebble[661]: Pebble 2023/01/21 19:52:54 HEAD /nonce-plz -> calling handler() | |
webserver # [ 63.080830] acme-a.example.test-start[2105]: !!!! HEADS UP !!!! | |
acme # [ 63.181401] pebble[661]: Pebble 2023/01/21 19:52:54 POST /sign-me-up -> calling handler() | |
acme # [ 63.185976] pebble[661]: Pebble 2023/01/21 19:52:54 There are now 3 accounts in memory | |
webserver # [ 63.083732] acme-a.example.test-start[2105]: Your account credentials have been saved in your Let's Encrypt | |
webserver # [ 63.087987] acme-a.example.test-start[2105]: configuration directory at "accounts". | |
acme # [ 63.189589] pebble[661]: Pebble 2023/01/21 19:52:54 POST /order-plz -> calling handler() | |
webserver # [ 63.091466] acme-a.example.test-start[2105]: You should make a secure backup of this folder now. This | |
webserver # [ 63.095109] acme-a.example.test-start[2105]: configuration directory will also contain certificates and | |
webserver # [ 63.098730] acme-a.example.test-start[2105]: private keys obtained from Let's Encrypt so making regular | |
webserver # [ 63.102492] acme-a.example.test-start[2105]: backups of this folder is ideal. | |
webserver # [ 63.105405] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: Obtaining bundled SAN certificate | |
webserver # [ 63.110085] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/order-plz :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: TTnERG4RDgc5x8bX3HjEfw | |
acme # [ 63.356085] pebble[661]: Pebble 2023/01/21 19:52:54 POST /order-plz -> calling handler() | |
acme # [ 63.357086] pebble[661]: Pebble 2023/01/21 19:52:54 There are now 7 authorizations in the db | |
acme # [ 63.358057] pebble[661]: Pebble 2023/01/21 19:52:54 Added order "sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4" to the db | |
acme # [ 63.359201] pebble[661]: Pebble 2023/01/21 19:52:54 There are now 7 orders in the db | |
acme # [ 63.414551] pebble[661]: Pebble 2023/01/21 19:52:54 POST /authZ/ -> calling handler() | |
acme # [ 63.419532] pebble[661]: Pebble 2023/01/21 19:52:54 POST /chalZ/ -> calling handler() | |
webserver # [ 63.314330] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] AuthURL: https://acme.test/authZ/D4tDWxfKHWtAWpcRkvTcNzHGTr_YNwG0vQUBojb5m-8 | |
acme # [ 63.420936] pebble[661]: Pebble 2023/01/21 19:52:54 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"a.example.test"}, Challenge:(*core.Challenge)(0xc0000003c0), Account:(*core.Account)(0xc0002a2d80)} | |
webserver # [ 63.320877] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 63.424067] pebble[661]: Pebble 2023/01/21 19:52:54 Starting 3 validations. | |
webserver # [ 63.324099] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: use http-01 solver | |
acme # [ 63.425842] pebble[661]: Pebble 2023/01/21 19:52:54 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/ckzEn362rjxKfwwcIp1SLmxRt96jBRPW3JMy5I0qKII | |
webserver # [ 63.325227] acme-a.example.test-start[2105]: 2023/01/21 19:52:54 [INFO] [a.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 63.427253] pebble[661]: Pebble 2023/01/21 19:52:54 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/ckzEn362rjxKfwwcIp1SLmxRt96jBRPW3JMy5I0qKII | |
acme # [ 63.428636] pebble[661]: Pebble 2023/01/21 19:52:54 Attempting to validate w/ HTTP: http://a.example.test:80/.well-known/acme-challenge/ckzEn362rjxKfwwcIp1SLmxRt96jBRPW3JMy5I0qKII | |
acme # [ 63.430041] pebble[661]: Pebble 2023/01/21 19:52:54 POST /authZ/ -> calling handler() | |
acme # [ 63.430787] pebble[661]: Pebble 2023/01/21 19:52:54 authz D4tDWxfKHWtAWpcRkvTcNzHGTr_YNwG0vQUBojb5m-8 set VALID by completed challenge -dSMn1t-N21NRc66J75CFssfSJyeWTVTOs5JoequOoI | |
acme # [ 69.101793] pebble[661]: Pebble 2023/01/21 19:53:00 POST /authZ/ -> calling handler() | |
webserver # [ 69.001278] acme-a.example.test-start[2105]: 2023/01/21 19:53:00 [INFO] [a.example.test] The server validated our request | |
webserver # [ 69.005150] acme-a.example.test-start[2105]: 2023/01/21 19:53:00 [INFO] [a.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 69.008221] acme-a.example.test-start[2105]: 2023/01/21 19:53:00 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 69.110975] pebble[661]: Pebble 2023/01/21 19:53:00 POST /finalize-order/ -> calling handler() | |
acme # [ 69.118139] pebble[661]: Pebble 2023/01/21 19:53:00 Order sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4 is fully authorized. Processing finalization | |
acme # [ 69.124736] pebble[661]: Pebble 2023/01/21 19:53:00 POST /my-order/ -> calling handler() | |
acme # [ 69.128106] pebble[661]: Pebble 2023/01/21 19:53:00 Issued certificate serial 576b7037abc343ab for order sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4 | |
acme # [ 69.620876] pebble[661]: Pebble 2023/01/21 19:53:01 POST /my-order/ -> calling handler() | |
webserver # [ 69.519397] acme-a.example.test-start[2105]: 2023/01/21 19:53:01 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/my-order/sG8nS_xpgx9Lb140GHpGqB7F7cb2pzEiKf0er7ZjBA4 :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: gMdggXzrrkLA0T6lTtKi4g | |
acme # [ 69.915489] pebble[661]: Pebble 2023/01/21 19:53:01 POST /my-order/ -> calling handler() | |
acme # [ 69.917436] pebble[661]: Pebble 2023/01/21 19:53:01 POST /certZ/ -> calling handler() | |
webserver # [ 69.818050] acme-a.example.test-start[2105]: 2023/01/21 19:53:01 [INFO] [a.example.test] Server responded with a certificate. | |
webserver # [ 69.821587] acme-a.example.test-start[2100]: + mv domainhash.txt certificates/ | |
webserver # [ 69.829734] acme-a.example.test-start[2100]: + chown acme:nginx certificates/a.example.test.crt certificates/a.example.test.issuer.crt certificates/a.example.test.json certificates/a.example.test.key certificates/domainhash.txt | |
webserver # [ 69.838851] acme-a.example.test-start[2100]: + cmp -s certificates/a.example.test.crt out/fullchain.pem | |
webserver # [ 69.843158] acme-a.example.test-start[2100]: + touch out/renewed | |
webserver # [ 69.849080] acme-a.example.test-start[2100]: + echo Installing new certificate | |
webserver # [ 69.850018] acme-a.example.test-start[2100]: Installing new certificate | |
webserver # [ 69.850840] acme-a.example.test-start[2100]: + cp -vp certificates/a.example.test.crt out/fullchain.pem | |
webserver # [ 69.860840] acme-a.example.test-start[2114]: 'certificates/a.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 69.865513] acme-a.example.test-start[2100]: + cp -vp certificates/a.example.test.key out/key.pem | |
webserver # [ 69.873577] acme-a.example.test-start[2115]: 'certificates/a.example.test.key' -> 'out/key.pem' | |
webserver # [ 69.877583] acme-a.example.test-start[2100]: + cp -vp certificates/a.example.test.issuer.crt out/chain.pem | |
webserver # [ 69.885474] acme-a.example.test-start[2116]: 'certificates/a.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 69.889682] acme-a.example.test-start[2100]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 69.897993] acme-a.example.test-start[2100]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 69.907533] acme-a.example.test-start[2100]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 69.947810] systemd[1]: acme-a.example.test.service: Deactivated successfully. | |
webserver # [ 69.948730] systemd[1]: Finished Renew ACME certificate for a.example.test. | |
webserver # [ 69.950104] systemd[1]: acme-a.example.test.service: Consumed 183ms CPU time, received 13.5K IP traffic, sent 10.0K IP traffic. | |
webserver # [ 69.955072] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 70.010704] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 70.118164] nginx[2126]: nginx: the configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf syntax is ok | |
webserver # [ 70.119603] nginx[2126]: nginx: configuration file /nix/store/y7c2b7q2g9v0zj250k2k598gbk7iar46-nginx.conf test is successful | |
webserver # [ 70.173736] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: signal 1 (SIGHUP) received from 2127, reconfiguring | |
webserver # [ 70.175458] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: reconfiguring | |
webserver # [ 70.186274] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 70.192526] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 70.195750] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 70.221398] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: using the "epoll" event method | |
webserver # [ 70.222459] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: start worker processes | |
webserver # [ 70.224038] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: start worker process 2129 | |
webserver # [ 70.261954] nixos[1940]: finished switching to system configuration /nix/store/9cxh8qddxwmnby00v8vb5i4nlfp3p3jj-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/ocsp-stapling/bin/switch-to-configuration test, in 10.46 seconds) | |
webserver: waiting for unit acme-finished-a.example.test.target | |
webserver # [ 70.327792] nginx[2101]: 2023/01/21 19:53:01 [notice] 2101#2101: gracefully shutting down | |
webserver # [ 70.328663] nginx[2101]: 2023/01/21 19:53:01 [notice] 2101#2101: exiting | |
webserver # [ 70.329332] nginx[2101]: 2023/01/21 19:53:01 [notice] 2101#2101: exit | |
webserver # [ 70.334826] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: signal 17 (SIGCHLD) received from 2101 | |
webserver # [ 70.336085] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: worker process 2101 exited with code 0 | |
webserver # [ 70.337086] nginx[2092]: 2023/01/21 19:53:01 [notice] 2092#2092: signal 29 (SIGIO) received | |
(finished: waiting for unit acme-finished-a.example.test.target, in 0.08 seconds) | |
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -ocsp_uri | |
client # depth=2 CN = Pebble Root CA 07ebd3 | |
client # verify return:1 | |
client # depth=1 CN = Pebble Intermediate CA 4d6099 | |
client # verify return:1 | |
client # depth=0 CN = a.example.test | |
client # verify return:1 | |
client # DONE | |
webserver # [ 70.428062] nginx[2129]: 2023/01/21 19:53:01 [info] 2129#2129: *4 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -ocsp_uri, in 0.14 seconds) | |
OCSP Responder URL: http://acme.test:4002 | |
(finished: subtest: Correctly implements OCSP stapling, in 10.72 seconds) | |
subtest: Can request certificate with HTTP-01 using lego's internal web server | |
webserver: must succeed: /tmp/specialisation/lego-server/bin/switch-to-configuration test | |
webserver # [ 71.381408] nixos[2142]: switching to system configuration /nix/store/ygv4c7n2raf4z061xqsq8dllmpcdr1rq-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-a.example.test.timer, acme-finished-a.example.test.target, acme-fixperms.service | |
webserver # [ 71.410329] systemd[1]: acme-a.example.test.timer: Deactivated successfully. | |
webserver # [ 71.411766] systemd[1]: Stopped Renew ACME Certificate for a.example.test. | |
webserver # [ 71.414655] systemd[1]: Stopped target acme-finished-a.example.test.target. | |
webserver # [ 71.417245] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 71.418312] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 71.422222] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 71.426317] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 71.429190] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 71.651698] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 71.659141] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 71.663362] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (36) | |
webserver # [ 71.664227] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 71.664822] nscd[901]: 901 monitoring file `/etc/group` (39) | |
webserver # [ 71.665359] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 71.668101] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 71.669789] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 71.672967] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (36) | |
webserver # [ 71.673568] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 71.674272] nscd[901]: 901 monitoring file `/etc/passwd` (40) | |
webserver # [ 71.674804] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 71.803083] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 71.812420] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 71.813446] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 71.815165] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 71.816238] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 71.818346] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 71.820111] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 71.821850] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 72.335796] systemd[1]: Reloading. | |
webserver # [ 72.941709] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed. | |
webserver # setting up tmpfiles | |
webserver # restarting the following units: nginx.service | |
webserver # [ 73.108583] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 73.109771] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 73.113997] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 73.118590] nginx[2129]: 2023/01/21 19:53:04 [notice] 2129#2129: exiting | |
webserver # [ 73.122781] nginx[2129]: 2023/01/21 19:53:04 [notice] 2129#2129: exit | |
webserver # [ 73.126582] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 73.132475] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: signal 17 (SIGCHLD) received from 2129 | |
webserver # [ 73.141365] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: worker process 2129 exited with code 0 | |
webserver # [ 73.143171] nginx[2092]: 2023/01/21 19:53:04 [notice] 2092#2092: exit | |
webserver # [ 73.143749] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 73.145058] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 73.146272] systemd[1]: nginx.service: Consumed 304ms CPU time, received 2.3K IP traffic, sent 4.5K IP traffic. | |
webserver # [ 73.164660] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 73.169668] systemd[1]: Starting Generate self-signed certificate for lego.example.test... | |
webserver # [ 73.397520] systemd[1]: acme-selfsigned-lego.example.test.service: Deactivated successfully. | |
webserver # [ 73.398440] systemd[1]: Finished Generate self-signed certificate for lego.example.test. | |
webserver # [ 73.405280] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 73.500198] nginx-pre-start[2308]: nginx: the configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf syntax is ok | |
webserver # [ 73.501961] nginx-pre-start[2308]: nginx: configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf test is successful | |
webserver # [ 73.510159] systemd[1]: Started Nginx Web Server. | |
webserver # starting the following units: acme-fixperms.service | |
webserver # [ 73.540467] systemd[1]: Starting Renew ACME certificate for lego.example.test... | |
webserver # [ 73.569304] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 73.572131] systemd[1]: Generate self-signed certificate for lego.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/lego.example.test/key.pem). | |
webserver # [ 73.599985] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 73.604765] systemd[1]: Reached target Local File Systems. | |
webserver # [ 73.625642] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 73.629781] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 73.631738] systemd[1]: Generate self-signed certificate for lego.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/lego.example.test/key.pem). | |
webserver # [ 73.657548] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 73.670047] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 73.685216] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 73.686780] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 73.689570] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 73.694097] systemd[1]: Started Renew ACME Certificate for lego.example.test. | |
webserver # [ 73.757370] acme-lego.example.test-start[2311]: + set -euo pipefail | |
webserver # [ 73.758835] acme-lego.example.test-start[2311]: + echo c6418a03e1c517eb4b15 | |
webserver # [ 73.759693] acme-lego.example.test-start[2311]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 73.767257] acme-lego.example.test-start[2311]: + lego --accept-tos --path . -d lego.example.test --email hostmaster@example.test --key-type ec256 --http --http.port :80 --server https://acme.test/dir run | |
webserver # [ 73.807739] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: using the "epoll" event method | |
webserver # [ 73.808679] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: nginx/1.22.1 | |
webserver # [ 73.809698] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: built by gcc 11.3.0 (GCC) | |
webserver # [ 73.810510] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: OS: Linux 5.15.89 | |
webserver # [ 73.811658] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 73.812702] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: start worker processes | |
webserver # [ 73.813698] nginx[2309]: 2023/01/21 19:53:05 [notice] 2309#2309: start worker process 2320 | |
acme # [ 73.967993] pebble[661]: Pebble 2023/01/21 19:53:05 GET /dir -> calling handler() | |
webserver # [ 73.870917] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 73.974881] pebble[661]: Pebble 2023/01/21 19:53:05 HEAD /nonce-plz -> calling handler() | |
acme # [ 73.979267] pebble[661]: Pebble 2023/01/21 19:53:05 POST /order-plz -> calling handler() | |
acme # [ 73.982401] pebble[661]: Pebble 2023/01/21 19:53:05 There are now 8 authorizations in the db | |
acme # [ 73.985635] pebble[661]: Pebble 2023/01/21 19:53:05 Added order "4KReZbmlaElx_xQpFbgvQjx5K_7H0kvkFLIHc8Hv7G0" to the db | |
acme # [ 73.989624] pebble[661]: Pebble 2023/01/21 19:53:05 There are now 8 orders in the db | |
acme # [ 74.037574] pebble[661]: Pebble 2023/01/21 19:53:05 POST /authZ/ -> calling handler() | |
webserver # [ 73.936377] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] AuthURL: https://acme.test/authZ/00Q7iaATZuXyP0aFUZp9Yhj4AgHRu0_qtMBopOsifiw | |
webserver # [ 73.938191] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 73.940151] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: use http-01 solver | |
webserver # [ 73.942100] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 74.046532] pebble[661]: Pebble 2023/01/21 19:53:05 POST /chalZ/ -> calling handler() | |
acme # [ 74.048152] pebble[661]: Pebble 2023/01/21 19:53:05 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"lego.example.test"}, Challenge:(*core.Challenge)(0xc000246280), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 74.051886] pebble[661]: Pebble 2023/01/21 19:53:05 Starting 3 validations. | |
webserver # [ 73.950636] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] Served key authentication | |
webserver # [ 73.952087] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] Served key authentication | |
acme # [ 74.053529] pebble[661]: Pebble 2023/01/21 19:53:05 Attempting to validate w/ HTTP: http://lego.example.test:80/.well-known/acme-challenge/xMZGNRFKAiIwroQT28KWbK8OJwnJTf4Ei2J5YKu0ePQ | |
webserver # [ 73.953293] acme-lego.example.test-start[2315]: 2023/01/21 19:53:05 [INFO] [lego.example.test] Served key authentication | |
acme # [ 74.055485] pebble[661]: Pebble 2023/01/21 19:53:05 Attempting to validate w/ HTTP: http://lego.example.test:80/.well-known/acme-challenge/xMZGNRFKAiIwroQT28KWbK8OJwnJTf4Ei2J5YKu0ePQ | |
acme # [ 74.057123] pebble[661]: Pebble 2023/01/21 19:53:05 Attempting to validate w/ HTTP: http://lego.example.test:80/.well-known/acme-challenge/xMZGNRFKAiIwroQT28KWbK8OJwnJTf4Ei2J5YKu0ePQ | |
acme # [ 74.058714] pebble[661]: Pebble 2023/01/21 19:53:05 POST /authZ/ -> calling handler() | |
acme # [ 74.059595] pebble[661]: Pebble 2023/01/21 19:53:05 authz 00Q7iaATZuXyP0aFUZp9Yhj4AgHRu0_qtMBopOsifiw set VALID by completed challenge UYSefqkb5iea-TGST_8ge6y7RkSeT89cvLQL7pMHObQ | |
webserver # [ 77.804029] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] [lego.example.test] The server validated our request | |
webserver # [ 77.805298] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] [lego.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 77.808662] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 77.904337] pebble[661]: Pebble 2023/01/21 19:53:09 POST /authZ/ -> calling handler() | |
acme # [ 77.911881] pebble[661]: Pebble 2023/01/21 19:53:09 POST /finalize-order/ -> calling handler() | |
acme # [ 77.917988] pebble[661]: Pebble 2023/01/21 19:53:09 Order 4KReZbmlaElx_xQpFbgvQjx5K_7H0kvkFLIHc8Hv7G0 is fully authorized. Processing finalization | |
acme # [ 77.925018] pebble[661]: Pebble 2023/01/21 19:53:09 Issued certificate serial 35f3447b906f0e92 for order 4KReZbmlaElx_xQpFbgvQjx5K_7H0kvkFLIHc8Hv7G0 | |
webserver # [ 77.826184] acme-lego.example.test-start[2315]: 2023/01/21 19:53:09 [INFO] [lego.example.test] Server responded with a certificate. | |
acme # [ 77.930653] pebble[661]: Pebble 2023/01/21 19:53:09 POST /my-order/ -> calling handler() | |
webserver # [ 77.832355] acme-lego.example.test-start[2311]: + mv domainhash.txt certificates/ | |
acme # [ 77.934774] pebble[661]: Pebble 2023/01/21 19:53:09 POST /certZ/ -> calling handler() | |
webserver # [ 77.841842] acme-lego.example.test-start[2311]: + chown root:nginx certificates/domainhash.txt certificates/lego.example.test.crt certificates/lego.example.test.issuer.crt certificates/lego.example.test.json certificates/lego.example.test.key | |
webserver # [ 77.856839] acme-lego.example.test-start[2311]: + cmp -s certificates/lego.example.test.crt out/fullchain.pem | |
webserver # [ 77.870369] acme-lego.example.test-start[2311]: + touch out/renewed | |
webserver # [ 77.878746] acme-lego.example.test-start[2311]: + echo Installing new certificate | |
webserver # [ 77.882396] acme-lego.example.test-start[2311]: Installing new certificate | |
webserver # [ 77.885578] acme-lego.example.test-start[2311]: + cp -vp certificates/lego.example.test.crt out/fullchain.pem | |
webserver # [ 77.891834] acme-lego.example.test-start[2325]: 'certificates/lego.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 77.893405] acme-lego.example.test-start[2311]: + cp -vp certificates/lego.example.test.key out/key.pem | |
webserver # [ 77.899633] acme-lego.example.test-start[2326]: 'certificates/lego.example.test.key' -> 'out/key.pem' | |
webserver # [ 77.901424] acme-lego.example.test-start[2311]: + cp -vp certificates/lego.example.test.issuer.crt out/chain.pem | |
webserver # [ 77.906150] acme-lego.example.test-start[2327]: 'certificates/lego.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 77.907652] acme-lego.example.test-start[2311]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 77.913374] acme-lego.example.test-start[2311]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 77.918689] acme-lego.example.test-start[2311]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 77.951149] systemd[1]: acme-lego.example.test.service: Deactivated successfully. | |
webserver # [ 77.952222] systemd[1]: Finished Renew ACME certificate for lego.example.test. | |
webserver # [ 77.954362] systemd[1]: acme-lego.example.test.service: Consumed 174ms CPU time, received 12.6K IP traffic, sent 8.5K IP traffic. | |
webserver # [ 77.957550] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 78.008576] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 78.107450] nginx[2337]: nginx: the configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf syntax is ok | |
webserver # [ 78.108924] nginx[2337]: nginx: configuration file /nix/store/kf74fglyj4y3zbjvlxw1l8s56fda5shm-nginx.conf test is successful | |
webserver # [ 78.153530] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: signal 1 (SIGHUP) received from 2338, reconfiguring | |
webserver # [ 78.154821] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: reconfiguring | |
webserver # [ 78.165778] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 78.169715] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 78.174567] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 78.178051] systemd[1]: Reached target acme-finished-lego.example.test.target. | |
webserver # [ 78.206022] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: using the "epoll" event method | |
webserver # [ 78.206961] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: start worker processes | |
webserver # [ 78.208030] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: start worker process 2340 | |
webserver # the following new units were started: acme-finished-lego.example.test.target, acme-lego.example.test.timer | |
webserver # [ 78.234506] nixos[2142]: finished switching to system configuration /nix/store/ygv4c7n2raf4z061xqsq8dllmpcdr1rq-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/lego-server/bin/switch-to-configuration test, in 7.70 seconds) | |
webserver: waiting for unit acme-finished-lego.example.test.target | |
webserver # [ 78.310147] nginx[2320]: 2023/01/21 19:53:09 [notice] 2320#2320: gracefully shutting down | |
webserver # [ 78.310864] nginx[2320]: 2023/01/21 19:53:09 [notice] 2320#2320: exiting | |
webserver # [ 78.311472] nginx[2320]: 2023/01/21 19:53:09 [notice] 2320#2320: exit | |
(finished: waiting for unit acme-finished-lego.example.test.target, in 0.06 seconds) | |
webserver: waiting for unit nginx.service | |
webserver # [ 78.315629] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: signal 17 (SIGCHLD) received from 2320 | |
webserver # [ 78.316645] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: worker process 2320 exited with code 0 | |
webserver # [ 78.318087] nginx[2309]: 2023/01/21 19:53:09 [notice] 2309#2309: signal 29 (SIGIO) received | |
(finished: waiting for unit nginx.service, in 0.06 seconds) | |
webserver: must succeed: echo HENLO && systemctl cat nginx.service | |
(finished: must succeed: echo HENLO && systemctl cat nginx.service, in 0.05 seconds) | |
webserver: must succeed: test "$(stat -c '%U' /var/lib/acme/* | uniq)" = "root" | |
(finished: must succeed: test "$(stat -c '%U' /var/lib/acme/* | uniq)" = "root", in 0.02 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1 | |
webserver # [ 78.485592] nginx[2340]: 2023/01/21 19:53:10 [info] 2340#2340: *1 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername lego.example.test -connect lego.example.test:443 < /dev/null 2>&1 | |
webserver # [ 78.519095] nginx[2340]: 2023/01/21 19:53:10 [info] 2340#2340: *2 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername lego.example.test -connect lego.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
(finished: subtest: Can request certificate with HTTP-01 using lego's internal web server, in 8.03 seconds) | |
subtest: Can request certificate with HTTP-01 when nginx startup is delayed | |
webserver # [ 78.575922] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 78.577192] nginx[2340]: 2023/01/21 19:53:10 [notice] 2340#2340: exiting | |
webserver # [ 78.578022] nginx[2340]: 2023/01/21 19:53:10 [notice] 2340#2340: exit | |
webserver # [ 78.580213] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 78.584724] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: signal 17 (SIGCHLD) received from 2340 | |
webserver # [ 78.587225] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: worker process 2340 exited with code 0 | |
webserver # [ 78.589362] nginx[2309]: 2023/01/21 19:53:10 [notice] 2309#2309: exit | |
webserver # [ 78.602054] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 78.606227] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 78.607622] systemd[1]: nginx.service: Consumed 287ms CPU time, no IO, received 1.7K IP traffic, sent 5.6K IP traffic. | |
webserver: must succeed: /tmp/specialisation/slow-startup/bin/switch-to-configuration test | |
webserver # [ 79.571728] nixos[2374]: switching to system configuration /nix/store/21y5phzx5g5wi0i85jbj1k1418hl0mn8-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-finished-lego.example.test.target, acme-fixperms.service, acme-lego.example.test.timer | |
webserver # [ 79.599959] systemd[1]: Stopped target acme-finished-lego.example.test.target. | |
webserver # [ 79.603199] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 79.604691] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 79.610167] systemd[1]: acme-lego.example.test.timer: Deactivated successfully. | |
webserver # [ 79.611824] systemd[1]: Stopped Renew ACME Certificate for lego.example.test. | |
webserver # [ 79.616678] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 79.622569] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 79.626505] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 79.898264] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 79.906148] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 79.911345] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (42) | |
webserver # [ 79.912524] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 79.913175] nscd[901]: 901 monitoring file `/etc/group` (45) | |
webserver # [ 79.913824] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 79.919780] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 79.921381] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 79.924113] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (42) | |
webserver # [ 79.926746] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 79.934848] nscd[901]: 901 monitoring file `/etc/passwd` (46) | |
webserver # [ 79.938452] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 80.082301] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 80.093980] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 80.095766] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 80.097755] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 80.100613] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 80.103450] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 80.109263] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 80.113772] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 80.707355] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # starting the following units: acme-fixperms.service | |
webserver # [ 81.495708] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 81.497285] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 81.572790] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 81.576641] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 81.581769] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 81.582790] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 81.585819] systemd[1]: Reached target Local File Systems. | |
webserver # [ 81.612632] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 81.616734] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 81.618554] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 81.621595] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 81.624805] systemd[1]: Started Renew ACME Certificate for a.example.test. | |
webserver # [ 81.627186] systemd[1]: Started Renew ACME Certificate for slow.example.test. | |
webserver # [ 81.634487] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 81.654104] systemd[1]: Generate self-signed certificate for a.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/a.example.test/key.pem). | |
webserver # [ 81.677531] systemd[1]: Starting Generate self-signed certificate for slow.example.test... | |
webserver # [ 81.685767] systemd[1]: Starting my-slow-service.service... | |
webserver # [ 81.845380] systemd[1]: acme-selfsigned-slow.example.test.service: Deactivated successfully. | |
webserver # [ 81.855595] systemd[1]: Finished Generate self-signed certificate for slow.example.test. | |
webserver # [ 86.680138] systemd[1]: Started my-slow-service.service. | |
webserver # [ 86.691783] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 86.904947] nginx-pre-start[2546]: nginx: the configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf syntax is ok | |
webserver # [ 86.914804] nginx-pre-start[2546]: nginx: configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf test is successful | |
webserver # [ 86.938265] systemd[1]: Started Nginx Web Server. | |
webserver # [ 86.959275] systemd[1]: Starting Renew ACME certificate for a.example.test... | |
webserver # [ 87.099245] acme-a.example.test-start[2548]: + set -euo pipefail | |
webserver # [ 87.109916] acme-a.example.test-start[2549]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 87.148318] acme-a.example.test-start[2549]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 87.153995] acme-a.example.test-start[2548]: + echo 9c8503f9419119933b04 | |
webserver # [ 87.156624] acme-a.example.test-start[2548]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 87.164056] acme-a.example.test-start[2548]: + lego --accept-tos --path . -d a.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
webserver # [ 87.234675] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: using the "epoll" event method | |
webserver # [ 87.241054] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: nginx/1.22.1 | |
webserver # [ 87.242313] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: built by gcc 11.3.0 (GCC) | |
webserver # [ 87.245277] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: OS: Linux 5.15.89 | |
webserver # [ 87.246013] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 87.248987] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: start worker processes | |
webserver # [ 87.249727] nginx[2547]: 2023/01/21 19:53:18 [notice] 2547#2547: start worker process 2556 | |
acme # [ 87.488885] pebble[661]: Pebble 2023/01/21 19:53:19 GET /dir -> calling handler() | |
webserver # [ 87.397791] acme-a.example.test-start[2552]: 2023/01/21 19:53:18 [INFO] [a.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 87.504652] pebble[661]: Pebble 2023/01/21 19:53:19 HEAD /nonce-plz -> calling handler() | |
acme # [ 87.506949] pebble[661]: Pebble 2023/01/21 19:53:19 POST /order-plz -> calling handler() | |
acme # [ 87.508598] pebble[661]: Pebble 2023/01/21 19:53:19 Added order "PeL1mktipXXKmpKxJH1T0F8kWHLvodkGwT14aJ1878g" to the db | |
acme # [ 87.511037] pebble[661]: Pebble 2023/01/21 19:53:19 There are now 9 orders in the db | |
webserver # [ 87.513560] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] AuthURL: https://acme.test/authZ/D4tDWxfKHWtAWpcRkvTcNzHGTr_YNwG0vQUBojb5m-8 | |
webserver # [ 87.516235] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] acme: authorization already valid; skipping challenge | |
acme # [ 87.614338] pebble[661]: Pebble 2023/01/21 19:53:19 POST /authZ/ -> calling handler() | |
webserver # [ 87.517538] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 87.519097] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 87.619542] pebble[661]: Pebble 2023/01/21 19:53:19 POST /finalize-order/ -> calling handler() | |
acme # [ 87.622431] pebble[661]: Pebble 2023/01/21 19:53:19 Order PeL1mktipXXKmpKxJH1T0F8kWHLvodkGwT14aJ1878g is fully authorized. Processing finalization | |
acme # [ 87.623985] pebble[661]: Pebble 2023/01/21 19:53:19 Issued certificate serial 2c01454e542b2fdf for order PeL1mktipXXKmpKxJH1T0F8kWHLvodkGwT14aJ1878g | |
acme # [ 87.626632] pebble[661]: Pebble 2023/01/21 19:53:19 POST /my-order/ -> calling handler() | |
acme # [ 87.627796] pebble[661]: Pebble 2023/01/21 19:53:19 POST /certZ/ -> calling handler() | |
webserver # [ 87.527464] acme-a.example.test-start[2552]: 2023/01/21 19:53:19 [INFO] [a.example.test] Server responded with a certificate. | |
webserver # [ 87.530874] acme-a.example.test-start[2548]: + mv domainhash.txt certificates/ | |
webserver # [ 87.541036] acme-a.example.test-start[2548]: + chown acme:nginx certificates/a.example.test.crt certificates/a.example.test.issuer.crt certificates/a.example.test.json certificates/a.example.test.key certificates/domainhash.txt | |
webserver # [ 87.553497] acme-a.example.test-start[2548]: + cmp -s certificates/a.example.test.crt out/fullchain.pem | |
webserver # [ 87.560151] acme-a.example.test-start[2548]: + touch out/renewed | |
webserver # [ 87.571284] acme-a.example.test-start[2548]: + echo Installing new certificate | |
webserver # [ 87.572847] acme-a.example.test-start[2548]: Installing new certificate | |
webserver # [ 87.574219] acme-a.example.test-start[2548]: + cp -vp certificates/a.example.test.crt out/fullchain.pem | |
webserver # [ 87.588524] acme-a.example.test-start[2562]: 'certificates/a.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 87.594585] acme-a.example.test-start[2548]: + cp -vp certificates/a.example.test.key out/key.pem | |
webserver # [ 87.609880] acme-a.example.test-start[2563]: 'certificates/a.example.test.key' -> 'out/key.pem' | |
webserver # [ 87.612094] acme-a.example.test-start[2548]: + cp -vp certificates/a.example.test.issuer.crt out/chain.pem | |
webserver # [ 87.618363] acme-a.example.test-start[2564]: 'certificates/a.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 87.620227] acme-a.example.test-start[2548]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 87.629402] acme-a.example.test-start[2548]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 87.636408] acme-a.example.test-start[2548]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 87.675499] systemd[1]: acme-a.example.test.service: Deactivated successfully. | |
webserver # [ 87.676698] systemd[1]: Finished Renew ACME certificate for a.example.test. | |
webserver # [ 87.683155] systemd[1]: acme-a.example.test.service: Consumed 174ms CPU time, received 8.3K IP traffic, sent 5.0K IP traffic. | |
webserver # [ 87.693725] systemd[1]: Starting Renew ACME certificate for slow.example.test... | |
webserver # [ 87.787934] acme-slow.example.test-start[2572]: + set -euo pipefail | |
webserver # [ 87.789491] acme-slow.example.test-start[2573]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 87.796780] acme-slow.example.test-start[2573]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 87.805219] acme-slow.example.test-start[2572]: + echo 5e47a70b1338fcb3915d | |
webserver # [ 87.806376] acme-slow.example.test-start[2572]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 87.810541] acme-slow.example.test-start[2572]: + lego --accept-tos --path . -d slow.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
acme # [ 88.000880] pebble[661]: Pebble 2023/01/21 19:53:19 GET /dir -> calling handler() | |
webserver # [ 87.904034] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 88.008292] pebble[661]: Pebble 2023/01/21 19:53:19 HEAD /nonce-plz -> calling handler() | |
acme # [ 88.013649] pebble[661]: Pebble 2023/01/21 19:53:19 POST /order-plz -> calling handler() | |
acme # [ 88.016921] pebble[661]: Pebble 2023/01/21 19:53:19 There are now 9 authorizations in the db | |
acme # [ 88.020434] pebble[661]: Pebble 2023/01/21 19:53:19 Added order "lEp6KFiJVx-ejr-U35cXHnGH7UglGx0PdH_JjfX3Ktw" to the db | |
acme # [ 88.024729] pebble[661]: Pebble 2023/01/21 19:53:19 There are now 10 orders in the db | |
webserver # [ 87.970921] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] AuthURL: https://acme.test/authZ/xQEFn2V8kCXdJGBS_GLkEdl7USChJazUvTgJNdOQUuQ | |
acme # [ 88.072309] pebble[661]: Pebble 2023/01/21 19:53:19 POST /authZ/ -> calling handler() | |
webserver # [ 87.972597] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 87.974914] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: use http-01 solver | |
webserver # [ 87.976132] acme-slow.example.test-start[2576]: 2023/01/21 19:53:19 [INFO] [slow.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 88.080302] pebble[661]: Pebble 2023/01/21 19:53:19 POST /chalZ/ -> calling handler() | |
acme # [ 88.090471] pebble[661]: Pebble 2023/01/21 19:53:19 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"slow.example.test"}, Challenge:(*core.Challenge)(0xc000246dc0), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 88.100918] pebble[661]: Pebble 2023/01/21 19:53:19 Starting 3 validations. | |
acme # [ 88.103794] pebble[661]: Pebble 2023/01/21 19:53:19 Attempting to validate w/ HTTP: http://slow.example.test:80/.well-known/acme-challenge/MwVQKihG_APDWqpjiINdDHqRS0RjHBm5n49373n8r64 | |
acme # [ 88.110254] pebble[661]: Pebble 2023/01/21 19:53:19 Attempting to validate w/ HTTP: http://slow.example.test:80/.well-known/acme-challenge/MwVQKihG_APDWqpjiINdDHqRS0RjHBm5n49373n8r64 | |
acme # [ 88.116625] pebble[661]: Pebble 2023/01/21 19:53:19 Attempting to validate w/ HTTP: http://slow.example.test:80/.well-known/acme-challenge/MwVQKihG_APDWqpjiINdDHqRS0RjHBm5n49373n8r64 | |
acme # [ 88.122965] pebble[661]: Pebble 2023/01/21 19:53:19 POST /authZ/ -> calling handler() | |
acme # [ 88.126548] pebble[661]: Pebble 2023/01/21 19:53:19 authz xQEFn2V8kCXdJGBS_GLkEdl7USChJazUvTgJNdOQUuQ set VALID by completed challenge wW3vxfhP6pqF9sgJ9pi-xkJUYtnvtzkpQUJnPkiXJIo | |
webserver # [ 94.309250] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] [slow.example.test] The server validated our request | |
webserver # [ 94.310768] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] [slow.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 94.314134] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 94.410123] pebble[661]: Pebble 2023/01/21 19:53:25 POST /authZ/ -> calling handler() | |
acme # [ 94.418446] pebble[661]: Pebble 2023/01/21 19:53:25 POST /finalize-order/ -> calling handler() | |
acme # [ 94.424270] pebble[661]: Pebble 2023/01/21 19:53:25 Order lEp6KFiJVx-ejr-U35cXHnGH7UglGx0PdH_JjfX3Ktw is fully authorized. Processing finalization | |
acme # [ 94.430912] pebble[661]: Pebble 2023/01/21 19:53:25 Issued certificate serial 4c0f732864428c5a for order lEp6KFiJVx-ejr-U35cXHnGH7UglGx0PdH_JjfX3Ktw | |
webserver # [ 94.330975] acme-slow.example.test-start[2576]: 2023/01/21 19:53:25 [INFO] [slow.example.test] Server responded with a certificate. | |
acme # [ 94.436346] pebble[661]: Pebble 2023/01/21 19:53:25 POST /my-order/ -> calling handler() | |
acme # [ 94.440117] pebble[661]: Pebble 2023/01/21 19:53:25 POST /certZ/ -> calling handler() | |
webserver # [ 94.338567] acme-slow.example.test-start[2572]: + mv domainhash.txt certificates/ | |
webserver # [ 94.347605] acme-slow.example.test-start[2572]: + chown acme:nginx certificates/domainhash.txt certificates/slow.example.test.crt certificates/slow.example.test.issuer.crt certificates/slow.example.test.json certificates/slow.example.test.key | |
webserver # [ 94.362547] acme-slow.example.test-start[2572]: + cmp -s certificates/slow.example.test.crt out/fullchain.pem | |
webserver # [ 94.369651] acme-slow.example.test-start[2572]: + touch out/renewed | |
webserver # [ 94.377675] acme-slow.example.test-start[2572]: + echo Installing new certificate | |
webserver # [ 94.381686] acme-slow.example.test-start[2572]: Installing new certificate | |
webserver # [ 94.385027] acme-slow.example.test-start[2572]: + cp -vp certificates/slow.example.test.crt out/fullchain.pem | |
webserver # [ 94.393213] acme-slow.example.test-start[2585]: 'certificates/slow.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 94.398326] acme-slow.example.test-start[2572]: + cp -vp certificates/slow.example.test.key out/key.pem | |
webserver # [ 94.406441] acme-slow.example.test-start[2586]: 'certificates/slow.example.test.key' -> 'out/key.pem' | |
webserver # [ 94.411765] acme-slow.example.test-start[2572]: + cp -vp certificates/slow.example.test.issuer.crt out/chain.pem | |
webserver # [ 94.421255] acme-slow.example.test-start[2587]: 'certificates/slow.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 94.426507] acme-slow.example.test-start[2572]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 94.434934] acme-slow.example.test-start[2572]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 94.443913] acme-slow.example.test-start[2572]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 94.483185] systemd[1]: acme-slow.example.test.service: Deactivated successfully. | |
webserver # [ 94.490726] systemd[1]: Finished Renew ACME certificate for slow.example.test. | |
webserver # [ 94.499328] systemd[1]: acme-slow.example.test.service: Consumed 182ms CPU time, received 11.2K IP traffic, sent 7.1K IP traffic. | |
webserver # [ 94.505672] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 94.556917] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 94.661531] nginx[2597]: nginx: the configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf syntax is ok | |
webserver # [ 94.663016] nginx[2597]: nginx: configuration file /nix/store/p1xd58ji62vbnw02rvmpkicsskwqn61w-nginx.conf test is successful | |
webserver # [ 94.724844] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: signal 1 (SIGHUP) received from 2598, reconfiguring | |
webserver # [ 94.728985] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: reconfiguring | |
webserver # [ 94.737589] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 94.744292] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 94.746786] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 94.751403] systemd[1]: Reached target acme-finished-a.example.test.target. | |
webserver # [ 94.753792] systemd[1]: Reached target acme-finished-slow.example.test.target. | |
webserver # [ 94.797179] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: using the "epoll" event method | |
webserver # [ 94.798549] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: start worker processes | |
webserver # [ 94.800223] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: start worker process 2600 | |
webserver # the following new units were started: acme-a.example.test.timer, acme-finished-a.example.test.target, acme-finished-slow.example.test.target, acme-slow.example.test.timer, my-slow-service.service, nginx.service | |
webserver # [ 94.840513] nixos[2374]: finished switching to system configuration /nix/store/21y5phzx5g5wi0i85jbj1k1418hl0mn8-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/slow-startup/bin/switch-to-configuration test, in 16.20 seconds) | |
webserver: waiting for unit acme-finished-slow.example.test.target | |
webserver # [ 94.903151] nginx[2556]: 2023/01/21 19:53:26 [notice] 2556#2556: gracefully shutting down | |
webserver # [ 94.907325] nginx[2556]: 2023/01/21 19:53:26 [notice] 2556#2556: exiting | |
webserver # [ 94.915548] nginx[2556]: 2023/01/21 19:53:26 [notice] 2556#2556: exit | |
webserver # [ 94.919776] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: signal 17 (SIGCHLD) received from 2556 | |
webserver # [ 94.924697] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: worker process 2556 exited with code 0 | |
webserver # [ 94.928625] nginx[2547]: 2023/01/21 19:53:26 [notice] 2547#2547: signal 29 (SIGIO) received | |
(finished: waiting for unit acme-finished-slow.example.test.target, in 0.09 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/cert.pem, in 0.11 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/slow.example.test/fullchain.pem, in 0.11 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: waiting for unit nginx.service | |
(finished: waiting for unit nginx.service, in 0.06 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername slow.example.test -connect slow.example.test:443 < /dev/null 2>&1 | |
webserver # [ 95.268679] nginx[2600]: 2023/01/21 19:53:26 [info] 2600#2600: *4 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername slow.example.test -connect slow.example.test:443 < /dev/null 2>&1, in 0.05 seconds) | |
(finished: subtest: Can request certificate with HTTP-01 when nginx startup is delayed, in 16.76 seconds) | |
subtest: Works with caddy | |
webserver: must succeed: /tmp/specialisation/caddy/bin/switch-to-configuration test | |
webserver # [ 96.176759] nixos[2623]: switching to system configuration /nix/store/pxaaz1za0y1brmzh58ykk9f4k83xd1xv-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-a.example.test.timer, acme-finished-a.example.test.target, acme-finished-slow.example.test.target, acme-fixperms.service, acme-slow.example.test.timer, logrotate-checkconf.service, my-slow-service.service, nginx.service, systemd-sysctl.service | |
webserver # [ 96.211930] systemd[1]: acme-a.example.test.timer: Deactivated successfully. | |
webserver # [ 96.213435] systemd[1]: Stopped Renew ACME Certificate for a.example.test. | |
webserver # [ 96.216858] systemd[1]: Stopped target acme-finished-a.example.test.target. | |
webserver # [ 96.220198] systemd[1]: Stopped target acme-finished-slow.example.test.target. | |
webserver # [ 96.223204] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 96.224959] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 96.230528] systemd[1]: acme-slow.example.test.timer: Deactivated successfully. | |
webserver # [ 96.232442] systemd[1]: Stopped Renew ACME Certificate for slow.example.test. | |
webserver # [ 96.236635] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 96.241689] systemd[1]: logrotate-checkconf.service: Deactivated successfully. | |
webserver # [ 96.244155] systemd[1]: Stopped Logrotate configuration check. | |
webserver # [ 96.252955] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 96.256812] systemd[1]: Stopping my-slow-service.service... | |
webserver # [ 96.260338] systemd[1]: my-slow-service.service: Deactivated successfully. | |
webserver # [ 96.261581] systemd[1]: Stopped my-slow-service.service. | |
webserver # [ 96.270186] systemd[1]: Stopped target Remote File Systems. | |
webserver # [ 96.273036] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 96.274091] nginx[2600]: 2023/01/21 19:53:27 [notice] 2600#2600: exiting | |
webserver # [ 96.274736] nginx[2600]: 2023/01/21 19:53:27 [notice] 2600#2600: exit | |
webserver # [ 96.276249] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 96.276860] systemd[1]: systemd-sysctl.service: Deactivated successfully. | |
webserver # [ 96.284989] systemd[1]: Stopped Apply Kernel Variables. | |
webserver # [ 96.285739] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: signal 17 (SIGCHLD) received from 2600 | |
webserver # [ 96.289369] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: worker process 2600 exited with code 0 | |
webserver # [ 96.296512] nginx[2547]: 2023/01/21 19:53:27 [notice] 2547#2547: exit | |
webserver # [ 96.299170] systemd[1]: run-credentials-systemd\x2dsysctl.service.mount: Deactivated successfully. | |
webserver # [ 96.305808] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 96.307934] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 96.309032] systemd[1]: nginx.service: Consumed 356ms CPU time, no IO, received 2.3K IP traffic, sent 4.5K IP traffic. | |
webserver # activating the configuration... | |
webserver # removing group ‘nginx’ | |
webserver # [ 96.522965] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 96.531180] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 96.535150] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (48) | |
webserver # [ 96.535984] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 96.536654] nscd[901]: 901 monitoring file `/etc/group` (51) | |
webserver # removing user ‘nginx’ | |
webserver # [ 96.539190] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 96.543191] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 96.545403] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 96.548461] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (48) | |
webserver # [ 96.552716] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 96.554157] nscd[901]: 901 monitoring file `/etc/passwd` (52) | |
webserver # [ 96.554779] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 96.678182] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 96.685863] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 96.687294] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 96.688517] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 96.690466] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 96.693631] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 96.697399] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 96.704264] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 97.185469] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service, systemd-sysctl.service | |
webserver # [ 97.813093] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 97.813976] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 97.884360] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 97.886883] systemd[1]: Reached target Local File Systems. | |
webserver # [ 97.903517] systemd[1]: Starting Logrotate configuration check... | |
webserver # [ 97.916859] logrotate[2773]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
webserver # [ 97.919930] logrotate[2773]: reading config file /nix/store/6kbagm2bca9j1zr6s9hc91670anwjamz-logrotate.conf | |
webserver # [ 97.921726] logrotate[2773]: note: 'monthly' overrides previously specified 'weekly' | |
webserver # [ 97.929561] logrotate[2773]: Reading state from file: /var/lib/logrotate.status | |
webserver # [ 97.932367] logrotate[2773]: state file /var/lib/logrotate.status does not exist | |
webserver # [ 97.937879] logrotate[2773]: Allocating hash table for state file, size 64 entries | |
webserver # [ 97.942209] logrotate[2773]: Handling 2 logs | |
webserver # [ 97.942814] logrotate[2773]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
webserver # [ 97.946750] logrotate[2773]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 97.954297] logrotate[2773]: considering log /var/log/btmp | |
webserver # [ 97.958072] logrotate[2773]: Creating new state | |
webserver # [ 97.958705] logrotate[2773]: Now: 2023-01-21 19:53 | |
webserver # [ 97.963979] logrotate[2773]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 97.970994] logrotate[2773]: log does not need rotating (log has already been rotated) | |
webserver # [ 97.977040] logrotate[2773]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
webserver # [ 97.981641] logrotate[2773]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 97.989212] logrotate[2773]: considering log /var/log/wtmp | |
webserver # [ 97.990637] logrotate[2773]: Creating new state | |
webserver # [ 97.993141] logrotate[2773]: Now: 2023-01-21 19:53 | |
webserver # [ 97.996410] logrotate[2773]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 97.998433] logrotate[2773]: log does not need rotating (log has already been rotated) | |
webserver # [ 98.002559] systemd[1]: Finished Logrotate configuration check. | |
webserver # [ 98.011109] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 98.013283] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 98.020714] systemd[1]: Starting Apply Kernel Variables... | |
webserver # [ 98.025461] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 98.029871] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 98.036590] systemd[1]: Starting Generate self-signed certificate for example.test... | |
webserver # [ 98.040306] systemd[1]: Finished Apply Kernel Variables. | |
webserver # [ 98.041064] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 98.056937] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 98.058332] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 98.060783] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 98.067244] systemd[1]: Started Renew ACME Certificate for example.test. | |
webserver # [ 98.307560] systemd[1]: acme-selfsigned-example.test.service: Deactivated successfully. | |
webserver # [ 98.308752] systemd[1]: Finished Generate self-signed certificate for example.test. | |
webserver # [ 98.321027] systemd[1]: Starting Caddy... | |
webserver # [ 99.570578] caddy[2791]: {"level":"info","ts":1674330811.1285412,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 99.597257] caddy[2791]: Valid configuration | |
webserver # [ 99.653314] caddy[2796]: {"level":"info","ts":1674330811.211298,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 99.683144] systemd[1]: Started Caddy. | |
webserver # [ 99.691406] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 99.783309] acme-example.test-start[2804]: + set -euo pipefail | |
webserver # [ 99.786867] acme-example.test-start[2804]: + echo f296e6482529fca9f20a | |
webserver # [ 99.789874] acme-example.test-start[2804]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 99.796634] acme-example.test-start[2804]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir run | |
acme # [ 99.990344] pebble[661]: Pebble 2023/01/21 19:53:31 GET /dir -> calling handler() | |
webserver # [ 99.893133] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 99.997293] pebble[661]: Pebble 2023/01/21 19:53:31 HEAD /nonce-plz -> calling handler() | |
acme # [ 100.002302] pebble[661]: Pebble 2023/01/21 19:53:31 POST /order-plz -> calling handler() | |
acme # [ 100.005683] pebble[661]: Pebble 2023/01/21 19:53:31 There are now 10 authorizations in the db | |
acme # [ 100.009183] pebble[661]: Pebble 2023/01/21 19:53:31 Added order "IK3xMDfsSs-MLgqN7B_bBPcBfZrH9k3dkzwdsm3v46U" to the db | |
acme # [ 100.013548] pebble[661]: Pebble 2023/01/21 19:53:31 There are now 11 orders in the db | |
acme # [ 100.059956] pebble[661]: Pebble 2023/01/21 19:53:31 POST /authZ/ -> calling handler() | |
webserver # [ 99.958340] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/authZ/z0znXovRPadSL-OjEFkopTzzSLuqJ3kBWWdu0LrfLCc :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: pdO7jvDyTM3nl9tvMrP_hg | |
webserver # [ 100.193771] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] AuthURL: https://acme.test/authZ/z0znXovRPadSL-OjEFkopTzzSLuqJ3kBWWdu0LrfLCc | |
acme # [ 100.295176] pebble[661]: Pebble 2023/01/21 19:53:31 POST /authZ/ -> calling handler() | |
webserver # [ 100.195725] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] acme: use dns-01 solver | |
webserver # [ 100.197342] acme-example.test-start[2806]: 2023/01/21 19:53:31 [INFO] [*.example.test] acme: Preparing to solve DNS-01 | |
webserver # [ 100.252663] caddy[2796]: {"level":"error","ts":1674330811.8108575,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"a.exmaple.test","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error"} | |
webserver # [ 100.255678] caddy[2796]: {"level":"error","ts":1674330811.8109186,"logger":"tls.obtain","msg":"will retry","error":"[a.exmaple.test] Obtain: registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error","attempt":1,"retrying_in":60,"elapsed":0.535585668,"max_duration":2592000} | |
dnsserver # [ 110.283460] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:53:41 Added DNS-01 TXT challenge for Host "_acme-challenge.example.test." - Value "ABxQxyPTmOfHINex26k4OFPNgbknWPRw3C0U2qXLLKk" | |
webserver # [ 110.246033] acme-example.test-start[2806]: 2023/01/21 19:53:41 [INFO] [_acme-challenge.example.test.] dns-hook.sh present _acme-challenge.example.test. ABxQxyPTmOfHINex26k4OFPNgbknWPRw3C0U2qXLLKk | |
webserver # [ 110.247815] acme-example.test-start[2806]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 110.249078] acme-example.test-start[2806]: Dload Upload Total Spent Left Speed | |
webserver # [ 110.250508] acme-example.test-start[2806]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 97 0 0 100 97 0 14415 --:--:-- --:--:-- --:--:-- 16166 | |
webserver # [ 110.252648] acme-example.test-start[2806]: 2023/01/21 19:53:41 [INFO] [*.example.test] acme: Trying to solve DNS-01 | |
webserver # [ 120.252963] acme-example.test-start[2806]: 2023/01/21 19:53:51 [INFO] [*.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53] | |
webserver # [ 121.259446] acme-example.test-start[2806]: 2023/01/21 19:53:52 [INFO] Wait for propagation [timeout: 1s, interval: 1s] | |
acme # [ 121.366391] pebble[661]: Pebble 2023/01/21 19:53:52 POST /chalZ/ -> calling handler() | |
acme # [ 121.372690] pebble[661]: Pebble 2023/01/21 19:53:52 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"example.test"}, Challenge:(*core.Challenge)(0xc000247540), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 121.381124] pebble[661]: Pebble 2023/01/21 19:53:52 Starting 3 validations. | |
acme # [ 121.384406] pebble[661]: Pebble 2023/01/21 19:53:52 POST /authZ/ -> calling handler() | |
acme # [ 121.387710] pebble[661]: Pebble 2023/01/21 19:53:52 authz z0znXovRPadSL-OjEFkopTzzSLuqJ3kBWWdu0LrfLCc set VALID by completed challenge w2h5FDwMUpPD9A-2dwdYv8mYnX46xEJdd5aRtzb09iE | |
acme # [ 125.933498] pebble[661]: Pebble 2023/01/21 19:53:57 POST /authZ/ -> calling handler() | |
webserver # [ 125.832676] acme-example.test-start[2806]: 2023/01/21 19:53:57 [INFO] [*.example.test] The server validated our request | |
webserver # [ 125.837434] acme-example.test-start[2806]: 2023/01/21 19:53:57 [INFO] [*.example.test] acme: Cleaning DNS-01 challenge | |
dnsserver # [ 135.909344] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:54:07 Removed DNS-01 TXT challenge for Host "_acme-challenge.example.test." | |
webserver # [ 135.871668] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] [_acme-challenge.example.test.] dns-hook.sh cleanup _acme-challenge.example.test. ABxQxyPTmOfHINex26k4OFPNgbknWPRw3C0U2qXLLKk | |
webserver # [ 135.874011] acme-example.test-start[2806]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 135.875974] acme-example.test-start[2806]: Dload Upload Total Spent Left Speed | |
acme # [ 135.979264] pebble[661]: Pebble 2023/01/21 19:54:07 POST /finalize-order/ -> calling handler() | |
webserver # [ 135.877260] acme-example.test-start[2806]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 41 0 0 100 41 0 6471 --:--:-- --:--:-- --:--:-- 6833 | |
webserver # [ 135.879093] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] [*.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 135.881092] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 135.980273] pebble[661]: Pebble 2023/01/21 19:54:07 Order IK3xMDfsSs-MLgqN7B_bBPcBfZrH9k3dkzwdsm3v46U is fully authorized. Processing finalization | |
acme # [ 135.985984] pebble[661]: Pebble 2023/01/21 19:54:07 Issued certificate serial 717678717ab2a76a for order IK3xMDfsSs-MLgqN7B_bBPcBfZrH9k3dkzwdsm3v46U | |
acme # [ 135.987519] pebble[661]: Pebble 2023/01/21 19:54:07 POST /my-order/ -> calling handler() | |
acme # [ 135.990149] pebble[661]: Pebble 2023/01/21 19:54:07 POST /certZ/ -> calling handler() | |
webserver # [ 135.892449] acme-example.test-start[2806]: 2023/01/21 19:54:07 [INFO] [*.example.test] Server responded with a certificate. | |
webserver # [ 135.894838] acme-example.test-start[2804]: + mv domainhash.txt certificates/ | |
webserver # [ 135.900018] acme-example.test-start[2804]: + chown acme:caddy certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 135.906481] acme-example.test-start[2804]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 135.909759] acme-example.test-start[2804]: + touch out/renewed | |
webserver # [ 135.914474] acme-example.test-start[2804]: + echo Installing new certificate | |
webserver # [ 135.915596] acme-example.test-start[2804]: Installing new certificate | |
webserver # [ 135.916742] acme-example.test-start[2804]: + cp -vp certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 135.921019] acme-example.test-start[2819]: 'certificates/_.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 135.922619] acme-example.test-start[2804]: + cp -vp certificates/_.example.test.key out/key.pem | |
webserver # [ 135.927049] acme-example.test-start[2820]: 'certificates/_.example.test.key' -> 'out/key.pem' | |
webserver # [ 135.929120] acme-example.test-start[2804]: + cp -vp certificates/_.example.test.issuer.crt out/chain.pem | |
webserver # [ 135.932713] acme-example.test-start[2821]: 'certificates/_.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 135.934602] acme-example.test-start[2804]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 135.938716] acme-example.test-start[2804]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 135.943405] acme-example.test-start[2804]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 135.989174] systemd[1]: Reloading Caddy... | |
webserver # [ 136.001292] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 136.002927] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 136.005052] systemd[1]: acme-example.test.service: Consumed 242ms CPU time, received 12.2K IP traffic, sent 9.6K IP traffic. | |
webserver # [ 136.009840] systemd[1]: Reached target acme-finished-example.test.target. | |
webserver # [ 136.039358] caddy[2828]: {"level":"info","ts":1674330847.5973384,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 136.060414] caddy[2796]: {"level":"error","ts":1674330847.6185493,"logger":"tls","msg":"job failed","error":"a.exmaple.test: obtaining certificate: context canceled"} | |
webserver # [ 136.066011] systemd[1]: Reloaded Caddy. | |
webserver # the following new units were started: acme-example.test.timer, acme-finished-example.test.target, caddy.service | |
webserver # [ 136.117633] nixos[2623]: finished switching to system configuration /nix/store/pxaaz1za0y1brmzh58ykk9f4k83xd1xv-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/caddy/bin/switch-to-configuration test, in 40.81 seconds) | |
webserver: waiting for unit acme-finished-example.test.target | |
(finished: waiting for unit acme-finished-example.test.target, in 0.06 seconds) | |
webserver: waiting for unit caddy.service | |
(finished: waiting for unit caddy.service, in 0.05 seconds) | |
webserver: must succeed: systemctl restart caddy.service | |
webserver # [ 136.275617] systemd[1]: Stopping Caddy... | |
webserver # [ 136.279525] systemd[1]: caddy.service: Deactivated successfully. | |
webserver # [ 136.280521] systemd[1]: Stopped Caddy. | |
webserver # [ 136.281062] systemd[1]: caddy.service: Consumed 288ms CPU time, read 0B from disk, written 40.0K to disk, received 4.2K IP traffic, sent 4.3K IP traffic. | |
webserver # [ 136.288727] systemd[1]: Starting Caddy... | |
webserver # [ 136.336431] caddy[2850]: {"level":"info","ts":1674330847.8944345,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 136.344547] caddy[2850]: Valid configuration | |
webserver # [ 136.390455] caddy[2855]: {"level":"info","ts":1674330847.9484727,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 136.399581] systemd[1]: Started Caddy. | |
(finished: must succeed: systemctl restart caddy.service, in 0.16 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
(finished: subtest: Works with caddy, in 41.16 seconds) | |
subtest: security.acme changes reflect on caddy | |
webserver: must succeed: /tmp/specialisation/caddy-change-acme-conf/bin/switch-to-configuration test | |
webserver # [ 136.919588] caddy[2855]: {"level":"error","ts":1674330848.4778376,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"a.exmaple.test","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error"} | |
webserver # [ 136.924347] caddy[2855]: {"level":"error","ts":1674330848.4819188,"logger":"tls.obtain","msg":"will retry","error":"[a.exmaple.test] Obtain: registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error","attempt":1,"retrying_in":60,"elapsed":0.51991105,"max_duration":2592000} | |
webserver # [ 137.251329] nixos[2868]: switching to system configuration /nix/store/931vyxxfbz7pvbiyfd39ajl0n6y4mfxd-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-account-d590213ed52603e9128d.target | |
webserver # [ 137.272992] systemd[1]: Stopped target acme-account-d590213ed52603e9128d.target. | |
webserver # [ 137.275509] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 137.279622] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 137.282151] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 137.493875] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 137.498112] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 137.501580] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (54) | |
webserver # [ 137.502253] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 137.502953] nscd[901]: 901 monitoring file `/etc/group` (57) | |
webserver # [ 137.503486] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 137.507953] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 137.515050] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 137.518551] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (54) | |
webserver # [ 137.519625] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 137.524380] nscd[901]: 901 monitoring file `/etc/passwd` (58) | |
webserver # [ 137.525765] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 137.648784] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 137.657117] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 137.658365] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 137.659829] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 137.661355] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 137.664279] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 137.667215] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 137.670167] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 138.148435] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # [ 138.797597] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 138.800100] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 138.810736] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 138.860759] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 138.861709] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 138.863363] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 138.870248] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 138.878257] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 138.884289] systemd[1]: Reached target Local File Systems. | |
webserver # [ 138.888329] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 138.902958] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 138.904642] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 138.906340] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 138.945968] acme-example.test-start[3015]: + set -euo pipefail | |
webserver # [ 138.946958] acme-example.test-start[3015]: + echo f296e6482529fca9f20a | |
webserver # [ 138.947959] acme-example.test-start[3015]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 138.951601] acme-example.test-start[3015]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec384 --dns exec --dns.disable-cp --server https://acme.test/dir run | |
webserver # [ 138.984027] acme-example.test-start[3018]: 2023/01/21 19:54:10 No key found for account hostmaster@example.test. Generating a P384 key. | |
webserver # [ 138.996367] acme-example.test-start[3018]: 2023/01/21 19:54:10 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key | |
acme # [ 139.146839] pebble[661]: Pebble 2023/01/21 19:54:10 GET /dir -> calling handler() | |
webserver # [ 139.049096] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] acme: Registering account for hostmaster@example.test | |
acme # [ 139.152910] pebble[661]: Pebble 2023/01/21 19:54:10 HEAD /nonce-plz -> calling handler() | |
acme # [ 139.159764] pebble[661]: Pebble 2023/01/21 19:54:10 POST /sign-me-up -> calling handler() | |
acme # [ 139.173390] pebble[661]: Pebble 2023/01/21 19:54:10 There are now 4 accounts in memory | |
webserver # [ 139.077426] acme-example.test-start[3018]: !!!! HEADS UP !!!! | |
webserver # [ 139.078224] acme-example.test-start[3018]: Your account credentials have been saved in your Let's Encrypt | |
webserver # [ 139.079288] acme-example.test-start[3018]: configuration directory at "accounts". | |
webserver # [ 139.080172] acme-example.test-start[3018]: You should make a secure backup of this folder now. This | |
webserver # [ 139.082976] acme-example.test-start[3018]: configuration directory will also contain certificates and | |
webserver # [ 139.084658] acme-example.test-start[3018]: private keys obtained from Let's Encrypt so making regular | |
webserver # [ 139.085696] acme-example.test-start[3018]: backups of this folder is ideal. | |
webserver # [ 139.086558] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 139.189299] pebble[661]: Pebble 2023/01/21 19:54:10 POST /order-plz -> calling handler() | |
acme # [ 139.192782] pebble[661]: Pebble 2023/01/21 19:54:10 There are now 11 authorizations in the db | |
acme # [ 139.196587] pebble[661]: Pebble 2023/01/21 19:54:10 Added order "ykVQCCU0UI1JhxBNrlwrAC7Gj0uyoH4UYHaNrLpuE2M" to the db | |
acme # [ 139.201055] pebble[661]: Pebble 2023/01/21 19:54:10 There are now 12 orders in the db | |
acme # [ 139.259290] pebble[661]: Pebble 2023/01/21 19:54:10 POST /authZ/ -> calling handler() | |
webserver # [ 139.162920] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] AuthURL: https://acme.test/authZ/rBAOY0To2lF-L20FkA4icvxq7z7KB9i1HDllGvwhiCI | |
webserver # [ 139.164813] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] acme: use dns-01 solver | |
webserver # [ 139.165883] acme-example.test-start[3018]: 2023/01/21 19:54:10 [INFO] [*.example.test] acme: Preparing to solve DNS-01 | |
webserver # [ 149.205978] acme-example.test-start[3018]: 2023/01/21 19:54:20 [INFO] [_acme-challenge.example.test.] dns-hook.sh present _acme-challenge.example.test. j5vOW8bPT8w2m7ym1ERr-rvI2XTw_ejqnemLZUiRy8Q | |
dnsserver # [ 149.244635] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:54:20 Added DNS-01 TXT challenge for Host "_acme-challenge.example.test." - Value "j5vOW8bPT8w2m7ym1ERr-rvI2XTw_ejqnemLZUiRy8Q" | |
webserver # [ 149.207823] acme-example.test-start[3018]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 149.209642] acme-example.test-start[3018]: Dload Upload Total Spent Left Speed | |
webserver # [ 149.211340] acme-example.test-start[3018]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 97 0 0 100 97 0 14292 --:--:-- --:--:-- --:--:-- 16166 | |
webserver # [ 149.213193] acme-example.test-start[3018]: 2023/01/21 19:54:20 [INFO] [*.example.test] acme: Trying to solve DNS-01 | |
webserver # [ 159.214246] acme-example.test-start[3018]: 2023/01/21 19:54:30 [INFO] [*.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53] | |
webserver # [ 160.214956] acme-example.test-start[3018]: 2023/01/21 19:54:31 [INFO] Wait for propagation [timeout: 1s, interval: 1s] | |
acme # [ 160.323949] pebble[661]: Pebble 2023/01/21 19:54:31 POST /chalZ/ -> calling handler() | |
acme # [ 160.331285] pebble[661]: Pebble 2023/01/21 19:54:31 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"example.test"}, Challenge:(*core.Challenge)(0xc0002460a0), Account:(*core.Account)(0xc0004494a0)} | |
acme # [ 160.345728] pebble[661]: Pebble 2023/01/21 19:54:31 Starting 3 validations. | |
acme # [ 160.349196] pebble[661]: Pebble 2023/01/21 19:54:31 POST /authZ/ -> calling handler() | |
acme # [ 160.352531] pebble[661]: Pebble 2023/01/21 19:54:31 authz rBAOY0To2lF-L20FkA4icvxq7z7KB9i1HDllGvwhiCI set VALID by completed challenge GGJ96mC0hhK9j2xUaOTaGTAz7lC45Q_2pgRE4okHK7w | |
acme # [ 163.826546] pebble[661]: Pebble 2023/01/21 19:54:35 POST /authZ/ -> calling handler() | |
webserver # [ 163.730241] acme-example.test-start[3018]: 2023/01/21 19:54:35 [INFO] [*.example.test] The server validated our request | |
webserver # [ 163.735504] acme-example.test-start[3018]: 2023/01/21 19:54:35 [INFO] [*.example.test] acme: Cleaning DNS-01 challenge | |
dnsserver # [ 173.811576] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:54:45 Removed DNS-01 TXT challenge for Host "_acme-challenge.example.test." | |
webserver # [ 173.774007] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] [_acme-challenge.example.test.] dns-hook.sh cleanup _acme-challenge.example.test. j5vOW8bPT8w2m7ym1ERr-rvI2XTw_ejqnemLZUiRy8Q | |
webserver # [ 173.775758] acme-example.test-start[3018]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 173.777089] acme-example.test-start[3018]: Dload Upload Total Spent Left Speed | |
webserver # [ 173.780245] acme-example.test-start[3018]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 41 0 0 100 41 0 6074 --:--:-- --:--:-- --:--:-- 6833 | |
webserver # [ 173.783333] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] [*.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 173.886277] pebble[661]: Pebble 2023/01/21 19:54:45 POST /finalize-order/ -> calling handler() | |
webserver # [ 173.794045] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 173.894036] pebble[661]: Pebble 2023/01/21 19:54:45 Order ykVQCCU0UI1JhxBNrlwrAC7Gj0uyoH4UYHaNrLpuE2M is fully authorized. Processing finalization | |
acme # [ 173.903397] pebble[661]: Pebble 2023/01/21 19:54:45 Issued certificate serial 31a51921b9d23aad for order ykVQCCU0UI1JhxBNrlwrAC7Gj0uyoH4UYHaNrLpuE2M | |
acme # [ 173.912000] pebble[661]: Pebble 2023/01/21 19:54:45 POST /my-order/ -> calling handler() | |
acme # [ 173.919644] pebble[661]: Pebble 2023/01/21 19:54:45 POST /certZ/ -> calling handler() | |
webserver # [ 173.822835] acme-example.test-start[3018]: 2023/01/21 19:54:45 [INFO] [*.example.test] Server responded with a certificate. | |
webserver # [ 173.828323] acme-example.test-start[3015]: + mv domainhash.txt certificates/ | |
webserver # [ 173.835647] acme-example.test-start[3015]: + chown acme:caddy certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 173.845024] acme-example.test-start[3015]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 173.849755] acme-example.test-start[3015]: + touch out/renewed | |
webserver # [ 173.856931] acme-example.test-start[3015]: + echo Installing new certificate | |
webserver # [ 173.857854] acme-example.test-start[3015]: Installing new certificate | |
webserver # [ 173.858667] acme-example.test-start[3015]: + cp -vp certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 173.864562] acme-example.test-start[3031]: 'certificates/_.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 173.866492] acme-example.test-start[3015]: + cp -vp certificates/_.example.test.key out/key.pem | |
webserver # [ 173.871589] acme-example.test-start[3032]: 'certificates/_.example.test.key' -> 'out/key.pem' | |
webserver # [ 173.873385] acme-example.test-start[3015]: + cp -vp certificates/_.example.test.issuer.crt out/chain.pem | |
webserver # [ 173.878198] acme-example.test-start[3033]: 'certificates/_.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 173.879883] acme-example.test-start[3015]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 173.885153] acme-example.test-start[3015]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 173.891484] acme-example.test-start[3015]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 173.945046] systemd[1]: Reloading Caddy... | |
webserver # [ 173.957776] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 173.959343] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 173.961852] systemd[1]: acme-example.test.service: Consumed 257ms CPU time, received 12.5K IP traffic, sent 10.2K IP traffic. | |
webserver # [ 173.994365] caddy[3040]: {"level":"info","ts":1674330885.5524197,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 174.017267] systemd[1]: Reloaded Caddy. | |
webserver # [ 174.021161] caddy[2855]: {"level":"error","ts":1674330885.5791254,"logger":"tls","msg":"job failed","error":"a.exmaple.test: obtaining certificate: context canceled"} | |
webserver # [ 174.091155] nixos[2868]: finished switching to system configuration /nix/store/931vyxxfbz7pvbiyfd39ajl0n6y4mfxd-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/caddy-change-acme-conf/bin/switch-to-configuration test, in 37.62 seconds) | |
webserver: waiting for unit acme-finished-example.test.target | |
(finished: waiting for unit acme-finished-example.test.target, in 0.06 seconds) | |
webserver: waiting for unit caddy.service | |
(finished: waiting for unit caddy.service, in 0.06 seconds) | |
webserver: must succeed: systemctl restart caddy.service | |
webserver # [ 174.278604] systemd[1]: Stopping Caddy... | |
webserver # [ 174.282197] systemd[1]: caddy.service: Deactivated successfully. | |
webserver # [ 174.283582] systemd[1]: Stopped Caddy. | |
webserver # [ 174.284530] systemd[1]: caddy.service: Consumed 157ms CPU time, read 0B from disk, written 32.0K to disk, received 5.2K IP traffic, sent 6.8K IP traffic. | |
webserver # [ 174.298305] systemd[1]: Starting Caddy... | |
webserver # [ 174.348859] caddy[3062]: {"level":"info","ts":1674330885.906802,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 174.366515] caddy[3062]: Valid configuration | |
webserver # [ 174.417436] caddy[3067]: {"level":"info","ts":1674330885.975439,"msg":"using provided configuration","config_file":"/nix/store/qhmqfsfrl16d7v2vz09rqnd5b2llr6av-Caddyfile-formatted/Caddyfile","config_adapter":""} | |
webserver # [ 174.436949] systemd[1]: Started Caddy. | |
(finished: must succeed: systemctl restart caddy.service, in 0.21 seconds) | |
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key | |
client # depth=2 CN = Pebble Root CA 07ebd3 | |
client # verify return:1 | |
client # depth=1 CN = Pebble Intermediate CA 4d6099 | |
client # verify return:1 | |
client # depth=0 CN = *.example.test | |
client # verify return:1 | |
client # DONE | |
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername a.example.test -connect a.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key, in 0.14 seconds) | |
Key type: Public-Key: (384 bit) | |
(finished: subtest: security.acme changes reflect on caddy, in 38.15 seconds) | |
subtest: Works with nginx | |
webserver: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test | |
webserver # [ 174.961031] caddy[3067]: {"level":"error","ts":1674330886.5192947,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"a.exmaple.test","issuer":"acme-v02.api.letsencrypt.org-directory","error":"registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error"} | |
webserver # [ 174.965796] caddy[3067]: {"level":"error","ts":1674330886.5233324,"logger":"tls.obtain","msg":"will retry","error":"[a.exmaple.test] Obtain: registering account [] with server: provisioning client: performing request: Get \"https://acme-v02.api.letsencrypt.org/directory\": remote error: tls: internal error","attempt":1,"retrying_in":60,"elapsed":0.520930174,"max_duration":2592000} | |
webserver # [ 175.400596] nixos[3080]: switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-fixperms.service, caddy.service, logrotate-checkconf.service, systemd-sysctl.service | |
webserver # [ 175.424233] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 175.425803] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 175.435062] systemd[1]: Stopping Caddy... | |
webserver # [ 175.438083] systemd[1]: caddy.service: Deactivated successfully. | |
webserver # [ 175.439532] systemd[1]: Stopped Caddy. | |
webserver # [ 175.441118] systemd[1]: caddy.service: Consumed 132ms CPU time, received 3.3K IP traffic, sent 4.9K IP traffic. | |
webserver # [ 175.450934] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 175.454137] systemd[1]: logrotate-checkconf.service: Deactivated successfully. | |
webserver # [ 175.456187] systemd[1]: Stopped Logrotate configuration check. | |
webserver # [ 175.465137] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 175.466794] systemd[1]: Stopped target Remote File Systems. | |
webserver # [ 175.470744] systemd[1]: systemd-sysctl.service: Deactivated successfully. | |
webserver # [ 175.472284] systemd[1]: Stopped Apply Kernel Variables. | |
webserver # [ 175.475132] systemd[1]: run-credentials-systemd\x2dsysctl.service.mount: Deactivated successfully. | |
webserver # activating the configuration... | |
webserver # removing group ‘caddy’ | |
webserver # [ 175.719184] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 175.724096] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 175.730179] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (60) | |
webserver # removing user ‘caddy’ | |
webserver # [ 175.741069] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 175.741768] nscd[901]: 901 monitoring file `/etc/group` (63) | |
webserver # [ 175.742576] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 175.743978] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 175.745498] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 175.751692] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (60) | |
webserver # [ 175.753178] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 175.753839] nscd[901]: 901 monitoring file `/etc/passwd` (64) | |
webserver # [ 175.754817] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 175.868573] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 175.876135] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 175.877300] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 175.878734] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 175.883443] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 175.885512] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 175.887540] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 175.891767] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 176.376124] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # restarting the following units: acme-example.test.timer | |
webserver # [ 177.006453] systemd[1]: acme-example.test.timer: Deactivated successfully. | |
webserver # [ 177.007766] systemd[1]: Stopped Renew ACME Certificate for example.test. | |
webserver # [ 177.008880] systemd[1]: Stopping Renew ACME Certificate for example.test... | |
webserver # [ 177.010185] systemd[1]: Started Renew ACME Certificate for example.test. | |
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service, systemd-sysctl.service | |
webserver # [ 177.046921] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 177.048150] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 177.079193] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 177.082128] systemd[1]: Reached target Local File Systems. | |
webserver # [ 177.118217] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 177.124907] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 177.126486] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 177.130044] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 177.132971] systemd[1]: Starting Apply Kernel Variables... | |
webserver # [ 177.150536] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 177.152528] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 177.155560] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 177.166177] systemd[1]: Finished Apply Kernel Variables. | |
webserver # [ 177.168565] systemd[1]: Started Renew ACME Certificate for nginx-dns.example.test. | |
webserver # [ 177.170302] systemd[1]: Started Renew ACME Certificate for nginx-http.example.test. | |
webserver # [ 177.171879] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 177.174034] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 177.179368] systemd[1]: Starting Generate self-signed certificate for nginx-dns.example.test... | |
webserver # [ 177.182732] systemd[1]: Starting Generate self-signed certificate for nginx-http.example.test... | |
webserver # [ 177.187322] systemd[1]: Starting Logrotate configuration check... | |
webserver # [ 177.199858] logrotate[3244]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
webserver # [ 177.201716] logrotate[3244]: reading config file /nix/store/fi6rzfpmn186wn8a0xqn62xiwkb7cqfw-logrotate.conf | |
webserver # [ 177.207029] logrotate[3244]: note: 'monthly' overrides previously specified 'weekly' | |
webserver # [ 177.210379] logrotate[3244]: Reading state from file: /var/lib/logrotate.status | |
webserver # [ 177.216663] logrotate[3244]: state file /var/lib/logrotate.status does not exist | |
webserver # [ 177.219093] logrotate[3244]: Allocating hash table for state file, size 64 entries | |
webserver # [ 177.219912] logrotate[3244]: Handling 3 logs | |
webserver # [ 177.222460] logrotate[3244]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
webserver # [ 177.227116] logrotate[3244]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 177.231089] logrotate[3244]: considering log /var/log/btmp | |
webserver # [ 177.231711] logrotate[3244]: Creating new state | |
webserver # [ 177.234061] logrotate[3244]: Now: 2023-01-21 19:54 | |
webserver # [ 177.234641] logrotate[3244]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 177.238051] logrotate[3244]: log does not need rotating (log has already been rotated) | |
webserver # [ 177.238729] logrotate[3244]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
webserver # [ 177.242107] logrotate[3244]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 177.246087] logrotate[3244]: considering log /var/log/wtmp | |
webserver # [ 177.246750] logrotate[3244]: Creating new state | |
webserver # [ 177.250088] logrotate[3244]: Now: 2023-01-21 19:54 | |
webserver # [ 177.250695] logrotate[3244]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 177.254077] logrotate[3244]: log does not need rotating (log has already been rotated) | |
webserver # [ 177.256951] logrotate[3244]: rotating pattern: "/var/log/nginx/*.log" weekly (26 rotations) | |
webserver # [ 177.257808] logrotate[3244]: empty log files are not rotated, old logs are removed | |
webserver # [ 177.261059] logrotate[3244]: switching euid from 0 to 60 and egid from 0 to 60 (pid 3244) | |
webserver # [ 177.261737] logrotate[3244]: considering log /var/log/nginx/access.log | |
webserver # [ 177.265078] logrotate[3244]: Creating new state | |
webserver # [ 177.265503] logrotate[3244]: Now: 2023-01-21 19:54 | |
webserver # [ 177.267966] logrotate[3244]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 177.268482] logrotate[3244]: log does not need rotating (log has already been rotated) | |
webserver # [ 177.272147] logrotate[3244]: considering log /var/log/nginx/error.log | |
webserver # [ 177.272726] logrotate[3244]: Creating new state | |
webserver # [ 177.274789] logrotate[3244]: Now: 2023-01-21 19:54 | |
webserver # [ 177.275537] logrotate[3244]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 177.276473] logrotate[3244]: log does not need rotating (log has already been rotated) | |
webserver # [ 177.286976] logrotate[3244]: switching euid from 60 to 0 and egid from 60 to 0 (pid 3244) | |
webserver # [ 177.288184] systemd[1]: Finished Logrotate configuration check. | |
webserver # [ 177.479869] systemd[1]: acme-selfsigned-nginx-dns.example.test.service: Deactivated successfully. | |
webserver # [ 177.483112] systemd[1]: Finished Generate self-signed certificate for nginx-dns.example.test. | |
webserver # [ 177.571025] systemd[1]: acme-selfsigned-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 177.572101] systemd[1]: Finished Generate self-signed certificate for nginx-http.example.test. | |
webserver # [ 177.577866] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 177.685035] nginx-pre-start[3270]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 177.686685] nginx-pre-start[3270]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 177.695374] systemd[1]: Started Nginx Web Server. | |
webserver # [ 177.711614] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 177.816232] acme-example.test-start[3272]: + set -euo pipefail | |
webserver # [ 177.817409] acme-example.test-start[3272]: + echo f296e6482529fca9f20a | |
webserver # [ 177.818362] acme-example.test-start[3272]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 177.823037] acme-example.test-start[3274]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 177.832123] acme-example.test-start[3272]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 177.834625] acme-example.test-start[3272]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 177.878309] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: using the "epoll" event method | |
webserver # [ 177.879392] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: nginx/1.22.1 | |
webserver # [ 177.880098] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: built by gcc 11.3.0 (GCC) | |
webserver # [ 177.880950] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: OS: Linux 5.15.89 | |
webserver # [ 177.881576] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 177.884080] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: start worker processes | |
webserver # [ 177.884783] nginx[3271]: 2023/01/21 19:54:49 [notice] 3271#3271: start worker process 3280 | |
acme # [ 178.035552] pebble[661]: Pebble 2023/01/21 19:54:49 GET /dir -> calling handler() | |
webserver # [ 177.937777] acme-example.test-start[3275]: 2023/01/21 19:54:49 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 177.941949] acme-example.test-start[3272]: + mv domainhash.txt certificates/ | |
webserver # [ 177.948238] acme-example.test-start[3272]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 177.956684] acme-example.test-start[3272]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 177.960974] acme-example.test-start[3272]: + touch out/renewed | |
webserver # [ 177.966866] acme-example.test-start[3272]: + echo Installing new certificate | |
webserver # [ 177.967762] acme-example.test-start[3272]: Installing new certificate | |
webserver # [ 177.968603] acme-example.test-start[3272]: + cp -vp certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 177.974272] acme-example.test-start[3285]: 'certificates/_.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 177.976041] acme-example.test-start[3272]: + cp -vp certificates/_.example.test.key out/key.pem | |
webserver # [ 177.981113] acme-example.test-start[3286]: 'certificates/_.example.test.key' -> 'out/key.pem' | |
webserver # [ 177.982784] acme-example.test-start[3272]: + cp -vp certificates/_.example.test.issuer.crt out/chain.pem | |
webserver # [ 177.991040] acme-example.test-start[3287]: 'certificates/_.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 177.995327] acme-example.test-start[3272]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 178.003234] acme-example.test-start[3272]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 178.011780] acme-example.test-start[3272]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 178.051545] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 178.058529] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 178.064933] systemd[1]: acme-example.test.service: Consumed 159ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 178.075646] systemd[1]: Reached target acme-account-d590213ed52603e9128d.target. | |
webserver # [ 178.093443] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test... | |
webserver # [ 178.103464] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test... | |
webserver # [ 178.199875] acme-nginx-http.example.test-start[3296]: + set -euo pipefail | |
webserver # [ 178.203715] acme-nginx-http.example.test-start[3297]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 178.211944] acme-nginx-dns.example.test-start[3295]: + set -euo pipefail | |
webserver # [ 178.221242] acme-nginx-dns.example.test-start[3295]: + echo 59d0420c322ea19728a7 | |
webserver # [ 178.233077] acme-nginx-dns.example.test-start[3295]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 178.247280] acme-nginx-dns.example.test-start[3295]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test run | |
webserver # [ 178.272428] acme-nginx-http.example.test-start[3297]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 178.286426] acme-nginx-http.example.test-start[3296]: + echo 197b6592b1395f3f8747 | |
webserver # [ 178.291744] acme-nginx-http.example.test-start[3296]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 178.306366] acme-nginx-http.example.test-start[3296]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run | |
acme # [ 178.499138] pebble[661]: Pebble 2023/01/21 19:54:50 GET /dir -> calling handler() | |
acme # [ 178.512391] pebble[661]: Pebble 2023/01/21 19:54:50 HEAD /nonce-plz -> calling handler() | |
acme # [ 178.515077] pebble[661]: Pebble 2023/01/21 19:54:50 GET /dir -> calling handler() | |
webserver # [ 178.403951] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:49 [INFO] [nginx-dns.example.test, nginx-dns-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 178.518681] pebble[661]: Pebble 2023/01/21 19:54:50 POST /order-plz -> calling handler() | |
acme # [ 178.520296] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 12 authorizations in the db | |
acme # [ 178.521420] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 13 authorizations in the db | |
webserver # [ 178.418790] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:49 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 178.522316] pebble[661]: Pebble 2023/01/21 19:54:50 Added order "EhyJpjsXW49vBtEE05wW0Noi4wXbktY7m2GKZJbuySs" to the db | |
acme # [ 178.524301] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 13 orders in the db | |
acme # [ 178.526524] pebble[661]: Pebble 2023/01/21 19:54:50 HEAD /nonce-plz -> calling handler() | |
acme # [ 178.527475] pebble[661]: Pebble 2023/01/21 19:54:50 POST /order-plz -> calling handler() | |
acme # [ 178.528371] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 14 authorizations in the db | |
acme # [ 178.529316] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 15 authorizations in the db | |
acme # [ 178.530275] pebble[661]: Pebble 2023/01/21 19:54:50 Added order "iBLUcJx2b6YKkEFzJXc3HGdnaCcOG7f3tenmx2q_OSg" to the db | |
acme # [ 178.531443] pebble[661]: Pebble 2023/01/21 19:54:50 There are now 14 orders in the db | |
acme # [ 178.582305] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler() | |
acme # [ 178.587433] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler() | |
acme # [ 178.637821] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler() | |
webserver # [ 178.537125] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] AuthURL: https://acme.test/authZ/LN4YzltycfKJT4EPpMHs803KIZj-EP1ezUlY_DvLy-w | |
acme # [ 178.642725] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler() | |
webserver # [ 178.540286] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] AuthURL: https://acme.test/authZ/FKNrVvzfmFMf1U7rWM9cBlPTpHsY4Sq70XMJr1dtAVY | |
acme # [ 178.650412] pebble[661]: Pebble 2023/01/21 19:54:50 POST /chalZ/ -> calling handler() | |
webserver # [ 178.548183] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 178.553306] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: Could not find solver for: http-01 | |
webserver # [ 178.557808] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: use dns-01 solver | |
webserver # [ 178.561945] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 178.567288] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] acme: Could not find solver for: http-01 | |
webserver # [ 178.572461] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns-alias.example.test] acme: use dns-01 solver | |
webserver # [ 178.577038] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:54:50 [INFO] [nginx-dns.example.test] acme: Preparing to solve DNS-01 | |
webserver # [ 178.581731] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/dOUWidS-gsh2zzCbsxDKOwZiTu94OuGZyN3r_x5C6i4 | |
webserver # [ 178.588034] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/pPLJa6Jo-cT0jPGljYJL-ixdY1mQHKFnfXVnETXxjms | |
webserver # [ 178.594452] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 178.599684] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] acme: use http-01 solver | |
webserver # [ 178.604326] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 178.609399] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http.example.test] acme: use http-01 solver | |
webserver # [ 178.613820] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] [nginx-http-alias.example.test] acme: Trying to solve HTTP-01 | |
webserver # [ 178.618652] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:50 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/chalZ/6tcrczrbLuKwmabb6jRjcDm5xtNScA10uWClzSo6f1U :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: kx_3frR8LuKl6j828Hjn4Q | |
acme # [ 178.878100] pebble[661]: Pebble 2023/01/21 19:54:50 POST /chalZ/ -> calling handler() | |
acme # [ 178.881487] pebble[661]: Pebble 2023/01/21 19:54:50 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000246d20), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 178.886205] pebble[661]: Pebble 2023/01/21 19:54:50 Starting 3 validations. | |
acme # [ 178.889327] pebble[661]: Pebble 2023/01/21 19:54:50 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/bNMLJmUa_dip3tlKLi02_XKfsn3p71MZlvLVutUkV88 | |
acme # [ 178.896379] pebble[661]: Pebble 2023/01/21 19:54:50 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/bNMLJmUa_dip3tlKLi02_XKfsn3p71MZlvLVutUkV88 | |
acme # [ 178.903339] pebble[661]: Pebble 2023/01/21 19:54:50 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/bNMLJmUa_dip3tlKLi02_XKfsn3p71MZlvLVutUkV88 | |
acme # [ 178.910347] pebble[661]: Pebble 2023/01/21 19:54:50 POST /authZ/ -> calling handler() | |
acme # [ 178.913648] pebble[661]: Pebble 2023/01/21 19:54:50 authz dOUWidS-gsh2zzCbsxDKOwZiTu94OuGZyN3r_x5C6i4 set VALID by completed challenge 6tcrczrbLuKwmabb6jRjcDm5xtNScA10uWClzSo6f1U | |
acme # [ 184.222418] pebble[661]: Pebble 2023/01/21 19:54:55 POST /authZ/ -> calling handler() | |
webserver # [ 184.121549] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:55 [INFO] [nginx-http-alias.example.test] The server validated our request | |
webserver # [ 184.127532] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:55 [INFO] [nginx-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 184.231361] pebble[661]: Pebble 2023/01/21 19:54:55 POST /chalZ/ -> calling handler() | |
acme # [ 184.237959] pebble[661]: Pebble 2023/01/21 19:54:55 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http.example.test"}, Challenge:(*core.Challenge)(0xc0002470e0), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 184.247833] pebble[661]: Pebble 2023/01/21 19:54:55 Starting 3 validations. | |
acme # [ 184.251124] pebble[661]: Pebble 2023/01/21 19:54:55 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/2F5QCn6aIxOjBE4lby8HotutapbD0PeLFOmUdUua8C8 | |
acme # [ 184.257181] pebble[661]: Pebble 2023/01/21 19:54:55 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/2F5QCn6aIxOjBE4lby8HotutapbD0PeLFOmUdUua8C8 | |
acme # [ 184.263286] pebble[661]: Pebble 2023/01/21 19:54:55 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/2F5QCn6aIxOjBE4lby8HotutapbD0PeLFOmUdUua8C8 | |
acme # [ 184.269195] pebble[661]: Pebble 2023/01/21 19:54:55 POST /authZ/ -> calling handler() | |
acme # [ 184.272127] pebble[661]: Pebble 2023/01/21 19:54:55 authz pPLJa6Jo-cT0jPGljYJL-ixdY1mQHKFnfXVnETXxjms set VALID by completed challenge pbNg28Bzw8ok27Fv8Zm2kkHvkUkRRIDnAeEA_KXDKSs | |
webserver # [ 187.287788] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] [nginx-http.example.test] The server validated our request | |
webserver # [ 187.290109] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 187.388417] pebble[661]: Pebble 2023/01/21 19:54:58 POST /authZ/ -> calling handler() | |
webserver # [ 187.291812] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 187.393582] pebble[661]: Pebble 2023/01/21 19:54:58 POST /finalize-order/ -> calling handler() | |
acme # [ 187.396401] pebble[661]: Pebble 2023/01/21 19:54:58 Order iBLUcJx2b6YKkEFzJXc3HGdnaCcOG7f3tenmx2q_OSg is fully authorized. Processing finalization | |
acme # [ 187.399389] pebble[661]: Pebble 2023/01/21 19:54:58 Issued certificate serial 3ff80e8b93998376 for order iBLUcJx2b6YKkEFzJXc3HGdnaCcOG7f3tenmx2q_OSg | |
acme # [ 187.401679] pebble[661]: Pebble 2023/01/21 19:54:58 POST /my-order/ -> calling handler() | |
acme # [ 187.402668] pebble[661]: Pebble 2023/01/21 19:54:58 POST /certZ/ -> calling handler() | |
webserver # [ 187.301971] acme-nginx-http.example.test-start[3306]: 2023/01/21 19:54:58 [INFO] [nginx-http.example.test] Server responded with a certificate. | |
webserver # [ 187.305458] acme-nginx-http.example.test-start[3296]: + mv domainhash.txt certificates/ | |
webserver # [ 187.311313] acme-nginx-http.example.test-start[3296]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key | |
webserver # [ 187.318848] acme-nginx-http.example.test-start[3296]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 187.322508] acme-nginx-http.example.test-start[3296]: + touch out/renewed | |
webserver # [ 187.327410] acme-nginx-http.example.test-start[3296]: + echo Installing new certificate | |
webserver # [ 187.328731] acme-nginx-http.example.test-start[3296]: Installing new certificate | |
webserver # [ 187.330153] acme-nginx-http.example.test-start[3296]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 187.337008] acme-nginx-http.example.test-start[3315]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 187.339072] acme-nginx-http.example.test-start[3296]: + cp -vp certificates/nginx-http.example.test.key out/key.pem | |
webserver # [ 187.342943] acme-nginx-http.example.test-start[3316]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 187.345219] acme-nginx-http.example.test-start[3296]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 187.349756] acme-nginx-http.example.test-start[3317]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 187.352090] acme-nginx-http.example.test-start[3296]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 187.356478] acme-nginx-http.example.test-start[3296]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 187.361583] acme-nginx-http.example.test-start[3296]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 187.388237] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 187.389319] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test. | |
webserver # [ 187.390723] systemd[1]: acme-nginx-http.example.test.service: Consumed 176ms CPU time, received 16.0K IP traffic, sent 10.8K IP traffic. | |
dnsserver # [ 188.614713] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:55:00 Added DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns.example.test." - Value "sEomZCNggHCCrpD1Oh8Gr5SEEHTzaLBIxinJoH5yCdo" | |
webserver # [ 188.578172] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:00 [INFO] [_acme-challenge.nginx-dns.example.test.] dns-hook.sh present _acme-challenge.nginx-dns.example.test. sEomZCNggHCCrpD1Oh8Gr5SEEHTzaLBIxinJoH5yCdo | |
webserver # [ 188.580156] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 188.581754] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed | |
webserver # [ 188.583380] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 107 0 0 100 107 0 16288 --:--:-- --:--:-- --:--:-- 17833 | |
webserver # [ 188.585208] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:00 [INFO] [nginx-dns.example.test] acme: Trying to solve DNS-01 | |
webserver # [ 198.584432] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:10 [INFO] [nginx-dns.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53] | |
webserver # [ 199.586700] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:11 [INFO] Wait for propagation [timeout: 1s, interval: 1s] | |
acme # [ 199.695312] pebble[661]: Pebble 2023/01/21 19:55:11 POST /chalZ/ -> calling handler() | |
acme # [ 199.702139] pebble[661]: Pebble 2023/01/21 19:55:11 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-dns.example.test"}, Challenge:(*core.Challenge)(0xc000246b40), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 199.710901] pebble[661]: Pebble 2023/01/21 19:55:11 Starting 3 validations. | |
acme # [ 199.713692] pebble[661]: Pebble 2023/01/21 19:55:11 POST /authZ/ -> calling handler() | |
acme # [ 199.716917] pebble[661]: Pebble 2023/01/21 19:55:11 authz LN4YzltycfKJT4EPpMHs803KIZj-EP1ezUlY_DvLy-w set VALID by completed challenge kJqJLal4EvpjRMu5OY7yOw9p6sxuS1xhDbIbCZ9alqQ | |
acme # [ 204.725568] pebble[661]: Pebble 2023/01/21 19:55:16 POST /authZ/ -> calling handler() | |
webserver # [ 204.624368] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:16 [INFO] [nginx-dns.example.test] The server validated our request | |
webserver # [ 204.630562] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:16 [INFO] [nginx-dns.example.test] acme: Cleaning DNS-01 challenge | |
dnsserver # [ 214.709986] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:55:26 Removed DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns.example.test." | |
webserver # [ 214.673193] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:26 [INFO] [_acme-challenge.nginx-dns.example.test.] dns-hook.sh cleanup _acme-challenge.nginx-dns.example.test. sEomZCNggHCCrpD1Oh8Gr5SEEHTzaLBIxinJoH5yCdo | |
webserver # [ 214.675308] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 214.676759] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed | |
webserver # [ 214.678056] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 51 0 0 100 51 0 7195 --:--:-- --:--:-- --:--:-- 7285 | |
webserver # [ 214.679978] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:26 [INFO] sequence: wait for 1s | |
webserver # [ 215.677437] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:27 [INFO] [nginx-dns-alias.example.test] acme: Preparing to solve DNS-01 | |
dnsserver # [ 225.753741] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:55:37 Added DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns-alias.example.test." - Value "d4l1m19ZutQOCJc6QY_eqajrpHmdrbvyThGHGEeAlnw" | |
webserver # [ 225.715487] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:37 [INFO] [_acme-challenge.nginx-dns-alias.example.test.] dns-hook.sh present _acme-challenge.nginx-dns-alias.example.test. d4l1m19ZutQOCJc6QY_eqajrpHmdrbvyThGHGEeAlnw | |
webserver # [ 225.724292] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 225.729479] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed | |
webserver # [ 225.734253] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 113 0 0 100 113 0 18056 --:--:-- --:--:-- --:--:-- 18833 | |
webserver # [ 225.741657] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:37 [INFO] [nginx-dns-alias.example.test] acme: Trying to solve DNS-01 | |
webserver # [ 235.725240] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:47 [INFO] [nginx-dns-alias.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53] | |
webserver # [ 236.726413] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:48 [INFO] Wait for propagation [timeout: 1s, interval: 1s] | |
acme # [ 236.834276] pebble[661]: Pebble 2023/01/21 19:55:48 POST /chalZ/ -> calling handler() | |
webserver # [ 236.732810] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:48 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/chalZ/bM0WGwIn88QU_Nsuq2D3YheQPPddgWMIwFZzBdpQ4Sc :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: 1CF_se6fMF0jFNGbGAjzAA | |
acme # [ 237.011302] pebble[661]: Pebble 2023/01/21 19:55:48 POST /chalZ/ -> calling handler() | |
acme # [ 237.012543] pebble[661]: Pebble 2023/01/21 19:55:48 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-dns-alias.example.test"}, Challenge:(*core.Challenge)(0xc000246960), Account:(*core.Account)(0xc0002a2d80)} | |
acme # [ 237.016483] pebble[661]: Pebble 2023/01/21 19:55:48 Starting 3 validations. | |
acme # [ 237.017399] pebble[661]: Pebble 2023/01/21 19:55:48 POST /authZ/ -> calling handler() | |
acme # [ 237.018326] pebble[661]: Pebble 2023/01/21 19:55:48 authz FKNrVvzfmFMf1U7rWM9cBlPTpHsY4Sq70XMJr1dtAVY set VALID by completed challenge bM0WGwIn88QU_Nsuq2D3YheQPPddgWMIwFZzBdpQ4Sc | |
acme # [ 244.439934] pebble[661]: Pebble 2023/01/21 19:55:55 POST /authZ/ -> calling handler() | |
webserver # [ 244.338809] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:55 [INFO] [nginx-dns-alias.example.test] The server validated our request | |
webserver # [ 244.344780] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:55:55 [INFO] [nginx-dns-alias.example.test] acme: Cleaning DNS-01 challenge | |
webserver # [ 254.375929] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:05 [INFO] [_acme-challenge.nginx-dns-alias.example.test.] dns-hook.sh cleanup _acme-challenge.nginx-dns-alias.example.test. d4l1m19ZutQOCJc6QY_eqajrpHmdrbvyThGHGEeAlnw | |
dnsserver # [ 254.415420] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:56:05 Removed DNS-01 TXT challenge for Host "_acme-challenge.nginx-dns-alias.example.test." | |
webserver # [ 254.378267] acme-nginx-dns.example.test-start[3300]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 254.380075] acme-nginx-dns.example.test-start[3300]: Dload Upload Total Spent Left Speed | |
webserver # [ 254.381292] acme-nginx-dns.example.test-start[3300]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 57 0 0 100 57 0 8897 --:--:-- --:--:-- --:--:-- 9500 | |
webserver # [ 254.383121] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:05 [INFO] [nginx-dns.example.test, nginx-dns-alias.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 254.386306] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:05 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 254.483166] pebble[661]: Pebble 2023/01/21 19:56:06 POST /finalize-order/ -> calling handler() | |
acme # [ 254.491371] pebble[661]: Pebble 2023/01/21 19:56:06 Order EhyJpjsXW49vBtEE05wW0Noi4wXbktY7m2GKZJbuySs is fully authorized. Processing finalization | |
acme # [ 254.498163] pebble[661]: Pebble 2023/01/21 19:56:06 POST /my-order/ -> calling handler() | |
acme # [ 254.501553] pebble[661]: Pebble 2023/01/21 19:56:06 Issued certificate serial 06121ada1a7c75b1 for order EhyJpjsXW49vBtEE05wW0Noi4wXbktY7m2GKZJbuySs | |
acme # [ 255.000682] pebble[661]: Pebble 2023/01/21 19:56:06 POST /my-order/ -> calling handler() | |
acme # [ 255.004449] pebble[661]: Pebble 2023/01/21 19:56:06 POST /certZ/ -> calling handler() | |
webserver # [ 254.903651] acme-nginx-dns.example.test-start[3300]: 2023/01/21 19:56:06 [INFO] [nginx-dns.example.test] Server responded with a certificate. | |
webserver # [ 254.912728] acme-nginx-dns.example.test-start[3295]: + mv domainhash.txt certificates/ | |
webserver # [ 254.920744] acme-nginx-dns.example.test-start[3295]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key | |
webserver # [ 254.935770] acme-nginx-dns.example.test-start[3295]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem | |
webserver # [ 254.942987] acme-nginx-dns.example.test-start[3295]: + touch out/renewed | |
webserver # [ 254.950625] acme-nginx-dns.example.test-start[3295]: + echo Installing new certificate | |
webserver # [ 254.954782] acme-nginx-dns.example.test-start[3295]: Installing new certificate | |
webserver # [ 254.959055] acme-nginx-dns.example.test-start[3295]: + cp -vp certificates/nginx-dns.example.test.crt out/fullchain.pem | |
webserver # [ 254.966582] acme-nginx-dns.example.test-start[3342]: 'certificates/nginx-dns.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 254.972504] acme-nginx-dns.example.test-start[3295]: + cp -vp certificates/nginx-dns.example.test.key out/key.pem | |
webserver # [ 254.979108] acme-nginx-dns.example.test-start[3343]: 'certificates/nginx-dns.example.test.key' -> 'out/key.pem' | |
webserver # [ 254.984633] acme-nginx-dns.example.test-start[3295]: + cp -vp certificates/nginx-dns.example.test.issuer.crt out/chain.pem | |
webserver # [ 254.992296] acme-nginx-dns.example.test-start[3344]: 'certificates/nginx-dns.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 254.998356] acme-nginx-dns.example.test-start[3295]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 255.005232] acme-nginx-dns.example.test-start[3295]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 255.013402] acme-nginx-dns.example.test-start[3295]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 255.050426] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully. | |
webserver # [ 255.058675] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test. | |
webserver # [ 255.067069] systemd[1]: acme-nginx-dns.example.test.service: Consumed 279ms CPU time, received 19.8K IP traffic, sent 15.4K IP traffic. | |
webserver # [ 255.074273] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 255.117833] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 255.217116] nginx[3354]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 255.223619] nginx[3354]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 255.283471] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: signal 1 (SIGHUP) received from 3355, reconfiguring | |
webserver # [ 255.293504] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: reconfiguring | |
webserver # [ 255.321103] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 255.328408] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 255.339175] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 255.351419] systemd[1]: Reached target acme-finished-nginx-dns.example.test.target. | |
webserver # [ 255.360438] systemd[1]: Reached target acme-finished-nginx-http.example.test.target. | |
webserver # [ 255.375975] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: using the "epoll" event method | |
webserver # [ 255.382955] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: start worker processes | |
webserver # [ 255.390359] nginx[3271]: 2023/01/21 19:56:06 [notice] 3271#3271: start worker process 3357 | |
webserver # the following new units were started: acme-account-d590213ed52603e9128d.target, acme-finished-nginx-dns.example.test.target, acme-finished-nginx-http.example.test.target, acme-nginx-dns.example.test.timer, acme-nginx-http.example.test.timer, nginx.service | |
webserver # [ 255.428987] nixos[3080]: finished switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test, in 80.83 seconds) | |
webserver: waiting for unit acme-finished-nginx-http.example.test.target | |
webserver # [ 255.483941] nginx[3280]: 2023/01/21 19:56:07 [notice] 3280#3280: gracefully shutting down | |
webserver # [ 255.488040] nginx[3280]: 2023/01/21 19:56:07 [notice] 3280#3280: exiting | |
webserver # [ 255.492969] nginx[3280]: 2023/01/21 19:56:07 [notice] 3280#3280: exit | |
webserver # [ 255.497104] nginx[3271]: 2023/01/21 19:56:07 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3280 | |
webserver # [ 255.501979] nginx[3271]: 2023/01/21 19:56:07 [notice] 3271#3271: worker process 3280 exited with code 0 | |
webserver # [ 255.506839] nginx[3271]: 2023/01/21 19:56:07 [notice] 3271#3271: signal 29 (SIGIO) received | |
(finished: waiting for unit acme-finished-nginx-http.example.test.target, in 0.09 seconds) | |
webserver: waiting for unit acme-finished-nginx-dns.example.test.target | |
(finished: waiting for unit acme-finished-nginx-dns.example.test.target, in 0.06 seconds) | |
webserver: waiting for unit nginx.service | |
(finished: waiting for unit nginx.service, in 0.07 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem, in 0.11 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem, in 0.10 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/cert.pem, in 0.11 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-dns.example.test/fullchain.pem, in 0.11 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1 | |
webserver # [ 256.143539] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *7 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http-alias.example.test -connect nginx-http-alias.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http-alias.example.test -connect nginx-http-alias.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns.example.test -connect nginx-dns.example.test:443 < /dev/null 2>&1 | |
webserver # [ 256.190395] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *8 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns.example.test -connect nginx-dns.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns-alias.example.test -connect nginx-dns-alias.example.test:443 < /dev/null 2>&1 | |
webserver # [ 256.225282] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *9 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-dns-alias.example.test -connect nginx-dns-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard.example.test -connect nginx-wildcard.example.test:443 < /dev/null 2>&1 | |
webserver # [ 256.259312] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *10 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
webserver # [ 256.293395] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *11 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard.example.test -connect nginx-wildcard.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard-alias.example.test -connect nginx-wildcard-alias.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-wildcard-alias.example.test -connect nginx-wildcard-alias.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
(finished: subtest: Works with nginx, in 81.75 seconds) | |
subtest: Can reload nginx when timer triggers renewal | |
webserver: must succeed: systemctl clean acme-nginx-http.example.test.service --what=state | |
webserver # [ 256.331426] nginx[3357]: 2023/01/21 19:56:07 [info] 3357#3357: *12 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
webserver # [ 256.394985] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 256.399803] systemd[1]: acme-nginx-http.example.test.service: Consumed 1ms CPU time, no IO, received 16.0K IP traffic, sent 10.8K IP traffic. | |
(finished: must succeed: systemctl clean acme-nginx-http.example.test.service --what=state, in 0.08 seconds) | |
webserver: must succeed: systemctl start acme-selfsigned-nginx-http.example.test.service | |
webserver # [ 256.451781] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 256.466170] systemd[1]: Starting Generate self-signed certificate for nginx-http.example.test... | |
webserver # [ 256.748705] systemd[1]: acme-selfsigned-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 256.758434] systemd[1]: Finished Generate self-signed certificate for nginx-http.example.test. | |
(finished: must succeed: systemctl start acme-selfsigned-nginx-http.example.test.service, in 0.36 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem, in 0.11 seconds) | |
cert.pem issuer: CN = minica root ca 26429f | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem, in 0.10 seconds) | |
fullchain.pem issuer: CN = minica root ca 26429f | |
webserver: must succeed: systemctl start nginx-config-reload.service | |
webserver # [ 257.019288] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 257.077174] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 257.182824] nginx[3415]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 257.188348] nginx[3415]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 257.250349] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: signal 1 (SIGHUP) received from 3416, reconfiguring | |
webserver # [ 257.259444] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: reconfiguring | |
webserver # [ 257.282152] systemd[1]: Reloaded Nginx Web Server. | |
(finished: must succeed: systemctl start nginx-config-reload.service, in 0.31 seconds) | |
webserver: must succeed: systemctl start test-renew-nginx.target | |
webserver # [ 257.287961] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 257.299447] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 257.325960] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: using the "epoll" event method | |
webserver # [ 257.330627] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: start worker processes | |
webserver # [ 257.337774] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: start worker process 3420 | |
webserver # [ 257.343989] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 257.350669] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem). | |
webserver # [ 257.365229] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test... | |
webserver # [ 257.411739] acme-nginx-http.example.test-start[3422]: + set -euo pipefail | |
webserver # [ 257.412848] acme-nginx-http.example.test-start[3423]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 257.418030] acme-nginx-http.example.test-start[3423]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 257.423624] acme-nginx-http.example.test-start[3422]: + echo 197b6592b1395f3f8747 | |
webserver # [ 257.424536] acme-nginx-http.example.test-start[3422]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 257.427840] acme-nginx-http.example.test-start[3422]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run | |
webserver # [ 257.435326] nginx[3357]: 2023/01/21 19:56:08 [notice] 3357#3357: gracefully shutting down | |
webserver # [ 257.436082] nginx[3357]: 2023/01/21 19:56:08 [notice] 3357#3357: exiting | |
webserver # [ 257.436640] nginx[3357]: 2023/01/21 19:56:08 [notice] 3357#3357: exit | |
webserver # [ 257.440620] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3357 | |
webserver # [ 257.441456] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: worker process 3357 exited with code 0 | |
webserver # [ 257.442461] nginx[3271]: 2023/01/21 19:56:08 [notice] 3271#3271: signal 29 (SIGIO) received | |
webserver # [ 257.459640] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 No key found for account hostmaster@example.test. Generating a P256 key. | |
webserver # [ 257.461347] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key | |
acme # [ 257.611555] pebble[661]: Pebble 2023/01/21 19:56:09 GET /dir -> calling handler() | |
webserver # [ 257.513579] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] acme: Registering account for hostmaster@example.test | |
acme # [ 257.617450] pebble[661]: Pebble 2023/01/21 19:56:09 HEAD /nonce-plz -> calling handler() | |
webserver # [ 257.520418] acme-nginx-http.example.test-start[3426]: !!!! HEADS UP !!!! | |
acme # [ 257.622133] pebble[661]: Pebble 2023/01/21 19:56:09 POST /sign-me-up -> calling handler() | |
acme # [ 257.625361] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 5 accounts in memory | |
webserver # [ 257.523343] acme-nginx-http.example.test-start[3426]: Your account credentials have been saved in your Let's Encrypt | |
webserver # [ 257.527947] acme-nginx-http.example.test-start[3426]: configuration directory at "accounts". | |
webserver # [ 257.529997] acme-nginx-http.example.test-start[3426]: You should make a secure backup of this folder now. This | |
webserver # [ 257.531008] acme-nginx-http.example.test-start[3426]: configuration directory will also contain certificates and | |
acme # [ 257.630792] pebble[661]: Pebble 2023/01/21 19:56:09 POST /order-plz -> calling handler() | |
webserver # [ 257.532036] acme-nginx-http.example.test-start[3426]: private keys obtained from Let's Encrypt so making regular | |
webserver # [ 257.533045] acme-nginx-http.example.test-start[3426]: backups of this folder is ideal. | |
webserver # [ 257.533955] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 257.634411] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 16 authorizations in the db | |
acme # [ 257.638054] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 17 authorizations in the db | |
acme # [ 257.641628] pebble[661]: Pebble 2023/01/21 19:56:09 Added order "RO9kZSTE7Q6QvCeMVstotVtKFjefTNrKPFs1ixYPr2M" to the db | |
acme # [ 257.645915] pebble[661]: Pebble 2023/01/21 19:56:09 There are now 15 orders in the db | |
acme # [ 257.689687] pebble[661]: Pebble 2023/01/21 19:56:09 POST /authZ/ -> calling handler() | |
webserver # [ 257.645371] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/9Yk7bFdIxXye9kOlXXOCzF34TU-rerb3085IRt2U3oU | |
webserver # [ 257.647193] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg | |
webserver # [ 257.649655] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 257.651626] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] acme: use http-01 solver | |
acme # [ 257.746234] pebble[661]: Pebble 2023/01/21 19:56:09 POST /authZ/ -> calling handler() | |
webserver # [ 257.653382] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 257.655188] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http.example.test] acme: use http-01 solver | |
webserver # [ 257.656519] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:09 [INFO] [nginx-http-alias.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 257.756011] pebble[661]: Pebble 2023/01/21 19:56:09 POST /chalZ/ -> calling handler() | |
acme # [ 257.762651] pebble[661]: Pebble 2023/01/21 19:56:09 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000247e00), Account:(*core.Account)(0xc000217680)} | |
acme # [ 257.771284] pebble[661]: Pebble 2023/01/21 19:56:09 Starting 3 validations. | |
acme # [ 257.774035] pebble[661]: Pebble 2023/01/21 19:56:09 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/ER2iSs3sEQCE8Z_G9uKxr5ZjO_IJ56Imk06ywbl4wko | |
acme # [ 257.780515] pebble[661]: Pebble 2023/01/21 19:56:09 POST /authZ/ -> calling handler() | |
acme # [ 257.783644] pebble[661]: Pebble 2023/01/21 19:56:09 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/ER2iSs3sEQCE8Z_G9uKxr5ZjO_IJ56Imk06ywbl4wko | |
acme # [ 257.790108] pebble[661]: Pebble 2023/01/21 19:56:09 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/ER2iSs3sEQCE8Z_G9uKxr5ZjO_IJ56Imk06ywbl4wko | |
acme # [ 257.797317] pebble[661]: Pebble 2023/01/21 19:56:09 authz 9Yk7bFdIxXye9kOlXXOCzF34TU-rerb3085IRt2U3oU set VALID by completed challenge obNFyPsxj127T4rl7be4AHh0WFpfqjzEDxBQrsr7tWw | |
acme # [ 262.829634] pebble[661]: Pebble 2023/01/21 19:56:14 POST /authZ/ -> calling handler() | |
webserver # [ 262.727757] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:14 [INFO] [nginx-http-alias.example.test] The server validated our request | |
webserver # [ 262.729215] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:14 [INFO] [nginx-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 262.831716] pebble[661]: Pebble 2023/01/21 19:56:14 POST /chalZ/ -> calling handler() | |
acme # [ 262.834332] pebble[661]: Pebble 2023/01/21 19:56:14 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http.example.test"}, Challenge:(*core.Challenge)(0xc0001b8000), Account:(*core.Account)(0xc000217680)} | |
acme # [ 262.840507] pebble[661]: Pebble 2023/01/21 19:56:14 Starting 3 validations. | |
acme # [ 262.841250] pebble[661]: Pebble 2023/01/21 19:56:14 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/zIpfqcUZb0naKA3fpWCHnFHXXJHMjnZ2V1Q9l2BM7bU | |
acme # [ 262.844326] pebble[661]: Pebble 2023/01/21 19:56:14 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/zIpfqcUZb0naKA3fpWCHnFHXXJHMjnZ2V1Q9l2BM7bU | |
acme # [ 262.851785] pebble[661]: Pebble 2023/01/21 19:56:14 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/zIpfqcUZb0naKA3fpWCHnFHXXJHMjnZ2V1Q9l2BM7bU | |
acme # [ 262.858723] pebble[661]: Pebble 2023/01/21 19:56:14 POST /authZ/ -> calling handler() | |
acme # [ 262.861738] pebble[661]: Pebble 2023/01/21 19:56:14 authz aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg set VALID by completed challenge kwt9ODuf3mnXLy1hSdiOw2PDNswQrcmoIaHgjENQBvY | |
acme # [ 268.346555] pebble[661]: Pebble 2023/01/21 19:56:19 POST /authZ/ -> calling handler() | |
webserver # [ 268.245370] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] [nginx-http.example.test] The server validated our request | |
webserver # [ 268.247855] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 268.250273] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 268.352477] pebble[661]: Pebble 2023/01/21 19:56:19 POST /finalize-order/ -> calling handler() | |
acme # [ 268.353563] pebble[661]: Pebble 2023/01/21 19:56:19 Order RO9kZSTE7Q6QvCeMVstotVtKFjefTNrKPFs1ixYPr2M is fully authorized. Processing finalization | |
acme # [ 268.358059] pebble[661]: Pebble 2023/01/21 19:56:19 Issued certificate serial 15d0250b10afd6f1 for order RO9kZSTE7Q6QvCeMVstotVtKFjefTNrKPFs1ixYPr2M | |
acme # [ 268.360180] pebble[661]: Pebble 2023/01/21 19:56:19 POST /my-order/ -> calling handler() | |
acme # [ 268.361301] pebble[661]: Pebble 2023/01/21 19:56:19 POST /certZ/ -> calling handler() | |
webserver # [ 268.260982] acme-nginx-http.example.test-start[3426]: 2023/01/21 19:56:19 [INFO] [nginx-http.example.test] Server responded with a certificate. | |
webserver # [ 268.264463] acme-nginx-http.example.test-start[3422]: + mv domainhash.txt certificates/ | |
webserver # [ 268.270840] acme-nginx-http.example.test-start[3422]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key | |
webserver # [ 268.279376] acme-nginx-http.example.test-start[3422]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 268.283657] acme-nginx-http.example.test-start[3422]: + touch out/renewed | |
webserver # [ 268.289625] acme-nginx-http.example.test-start[3422]: + echo Installing new certificate | |
webserver # [ 268.290691] acme-nginx-http.example.test-start[3422]: Installing new certificate | |
webserver # [ 268.291713] acme-nginx-http.example.test-start[3422]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 268.298400] acme-nginx-http.example.test-start[3435]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 268.300825] acme-nginx-http.example.test-start[3422]: + cp -vp certificates/nginx-http.example.test.key out/key.pem | |
webserver # [ 268.305598] acme-nginx-http.example.test-start[3436]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 268.307782] acme-nginx-http.example.test-start[3422]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 268.312756] acme-nginx-http.example.test-start[3437]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 268.314680] acme-nginx-http.example.test-start[3422]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 268.319756] acme-nginx-http.example.test-start[3422]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 268.325594] acme-nginx-http.example.test-start[3422]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 268.354705] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 268.355784] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test. | |
webserver # [ 268.358194] systemd[1]: acme-nginx-http.example.test.service: Consumed 156ms CPU time, received 16.2K IP traffic, sent 10.8K IP traffic. | |
webserver # [ 268.361297] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 268.404425] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 268.481230] nginx[3447]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 268.482378] nginx[3447]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 268.526991] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: signal 1 (SIGHUP) received from 3448, reconfiguring | |
webserver # [ 268.527881] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: reconfiguring | |
webserver # [ 268.538066] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 268.541601] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 268.542527] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 268.546759] systemd[1]: Reached target test-renew-nginx.target. | |
(finished: must succeed: systemctl start test-renew-nginx.target, in 11.27 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem | |
webserver # [ 268.576938] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: using the "epoll" event method | |
webserver # [ 268.578228] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: start worker processes | |
webserver # [ 268.582358] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: start worker process 3452 | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/cert.pem, in 0.08 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem | |
webserver # [ 268.684827] nginx[3420]: 2023/01/21 19:56:20 [notice] 3420#3420: gracefully shutting down | |
webserver # [ 268.685801] nginx[3420]: 2023/01/21 19:56:20 [notice] 3420#3420: exiting | |
webserver # [ 268.686601] nginx[3420]: 2023/01/21 19:56:20 [notice] 3420#3420: exit | |
webserver # [ 268.689520] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3420 | |
webserver # [ 268.690546] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: worker process 3420 exited with code 0 | |
webserver # [ 268.692088] nginx[3271]: 2023/01/21 19:56:20 [notice] 3271#3271: signal 29 (SIGIO) received | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/nginx-http.example.test/fullchain.pem, in 0.08 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1 | |
webserver # [ 268.744862] nginx[3452]: 2023/01/21 19:56:20 [info] 3452#3452: *19 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
(finished: subtest: Can reload nginx when timer triggers renewal, in 12.41 seconds) | |
subtest: Can remove an alias from a domain + cert is updated | |
webserver: must succeed: /tmp/specialisation/nginx-remove-alias/bin/switch-to-configuration test | |
webserver # [ 269.514214] nixos[3464]: switching to system configuration /nix/store/1bimh35my92p0qgizjlvl63vpbcsbfzv-nixos-system-webserver-23.05pre-git | |
webserver # [ 269.532528] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 269.535380] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 269.537632] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 269.713636] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 269.721112] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 269.724194] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (66) | |
webserver # [ 269.724796] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 269.725518] nscd[901]: 901 monitoring file `/etc/group` (69) | |
webserver # [ 269.726277] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 269.728956] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 269.730333] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 269.732835] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (66) | |
webserver # [ 269.737508] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 269.739098] nscd[901]: 901 monitoring file `/etc/passwd` (70) | |
webserver # [ 269.739764] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 269.836023] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 269.846278] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 269.847675] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 269.850531] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 269.853620] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 269.856411] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 269.858974] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 269.860582] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 270.220572] systemd[1]: Reloading. | |
webserver # [ 270.679166] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed. | |
webserver # setting up tmpfiles | |
webserver # restarting the following units: nginx.service | |
webserver # [ 270.825616] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 270.826910] nginx[3452]: 2023/01/21 19:56:22 [notice] 3452#3452: exiting | |
webserver # [ 270.827682] nginx[3452]: 2023/01/21 19:56:22 [notice] 3452#3452: exit | |
webserver # [ 270.829833] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 270.834459] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: signal 17 (SIGCHLD) received from 3452 | |
webserver # [ 270.836212] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: worker process 3452 exited with code 0 | |
webserver # [ 270.837798] nginx[3271]: 2023/01/21 19:56:22 [notice] 3271#3271: exit | |
webserver # [ 270.849861] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 270.854355] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 270.857068] systemd[1]: nginx.service: Consumed 610ms CPU time, no IO, received 12.3K IP traffic, sent 27.0K IP traffic. | |
webserver # [ 270.864271] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 270.979044] nginx-pre-start[3612]: nginx: the configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf syntax is ok | |
webserver # [ 270.980700] nginx-pre-start[3612]: nginx: configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf test is successful | |
webserver # [ 270.989162] systemd[1]: Started Nginx Web Server. | |
webserver # [ 271.034348] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 271.038179] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 271.052728] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 271.143453] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 271.146218] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 271.160062] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 271.161116] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 271.168456] systemd[1]: Reached target Local File Systems. | |
webserver # [ 271.187064] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 271.189089] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 271.194629] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 271.198429] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 271.202156] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 271.209467] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem). | |
webserver # [ 271.219991] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem). | |
webserver # [ 271.273572] acme-example.test-start[3616]: + set -euo pipefail | |
webserver # [ 271.274970] acme-example.test-start[3616]: + echo f296e6482529fca9f20a | |
webserver # [ 271.275744] acme-example.test-start[3616]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 271.281156] acme-example.test-start[3619]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 271.290306] acme-example.test-start[3616]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 271.292758] acme-example.test-start[3616]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 271.316331] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: using the "epoll" event method | |
webserver # [ 271.317513] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: nginx/1.22.1 | |
webserver # [ 271.318941] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: built by gcc 11.3.0 (GCC) | |
webserver # [ 271.319855] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: OS: Linux 5.15.89 | |
webserver # [ 271.322407] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 271.324084] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: start worker processes | |
webserver # [ 271.326030] nginx[3613]: 2023/01/21 19:56:22 [notice] 3613#3613: start worker process 3625 | |
acme # [ 271.491070] pebble[661]: Pebble 2023/01/21 19:56:23 GET /dir -> calling handler() | |
webserver # [ 271.393435] acme-example.test-start[3620]: 2023/01/21 19:56:22 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 271.398523] acme-example.test-start[3616]: + mv domainhash.txt certificates/ | |
webserver # [ 271.405027] acme-example.test-start[3616]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 271.413261] acme-example.test-start[3616]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 271.417405] acme-example.test-start[3616]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 271.446412] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 271.447326] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 271.449273] systemd[1]: acme-example.test.service: Consumed 161ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 271.456292] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test... | |
webserver # [ 271.461809] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test... | |
webserver # [ 271.579804] acme-nginx-dns.example.test-start[3633]: + set -euo pipefail | |
webserver # [ 271.580840] acme-nginx-dns.example.test-start[3633]: + echo 59d0420c322ea19728a7 | |
webserver # [ 271.582209] acme-nginx-http.example.test-start[3634]: + set -euo pipefail | |
webserver # [ 271.583682] acme-nginx-http.example.test-start[3635]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 271.585403] acme-nginx-dns.example.test-start[3633]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 271.590726] acme-nginx-dns.example.test-start[3638]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 271.594435] acme-nginx-http.example.test-start[3635]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 271.602838] acme-nginx-dns.example.test-start[3633]: + '[' -e certificates/nginx-dns.example.test.key -a -e certificates/nginx-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 271.607259] acme-nginx-dns.example.test-start[3633]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test renew --no-random-sleep --days 30 | |
webserver # [ 271.621274] acme-nginx-http.example.test-start[3634]: + echo aba4d0213fd23644df4a | |
webserver # [ 271.623801] acme-nginx-http.example.test-start[3634]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 271.627785] acme-nginx-http.example.test-start[3634]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
acme # [ 271.861457] pebble[661]: Pebble 2023/01/21 19:56:23 GET /dir -> calling handler() | |
webserver # [ 271.763933] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 271.868875] pebble[661]: Pebble 2023/01/21 19:56:23 HEAD /nonce-plz -> calling handler() | |
acme # [ 271.876063] pebble[661]: Pebble 2023/01/21 19:56:23 POST /order-plz -> calling handler() | |
acme # [ 271.878208] pebble[661]: Pebble 2023/01/21 19:56:23 Added order "-kRQOJc3j8YRYuLZ19FjOZurLJd92AUmFIWdquNFlUs" to the db | |
acme # [ 271.879454] pebble[661]: Pebble 2023/01/21 19:56:23 There are now 16 orders in the db | |
acme # [ 271.880803] pebble[661]: Pebble 2023/01/21 19:56:23 GET /dir -> calling handler() | |
webserver # [ 271.779869] acme-nginx-dns.example.test-start[3639]: 2023/01/21 19:56:23 [nginx-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 271.784712] acme-nginx-dns.example.test-start[3633]: + mv domainhash.txt certificates/ | |
webserver # [ 271.791388] acme-nginx-dns.example.test-start[3633]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key | |
webserver # [ 271.799736] acme-nginx-dns.example.test-start[3633]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem | |
webserver # [ 271.804239] acme-nginx-dns.example.test-start[3633]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
acme # [ 271.935950] pebble[661]: Pebble 2023/01/21 19:56:23 POST /authZ/ -> calling handler() | |
webserver # [ 271.834459] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: FCsQmDrRk8fTGNhs0LpPYQ | |
webserver # [ 271.842223] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully. | |
webserver # [ 271.843611] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test. | |
webserver # [ 271.844574] systemd[1]: acme-nginx-dns.example.test.service: Consumed 162ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic. | |
acme # [ 272.097987] pebble[661]: Pebble 2023/01/21 19:56:23 POST /authZ/ -> calling handler() | |
webserver # [ 271.997178] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg | |
webserver # [ 271.999507] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] acme: authorization already valid; skipping challenge | |
webserver # [ 272.001079] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 272.102046] pebble[661]: Pebble 2023/01/21 19:56:23 POST /finalize-order/ -> calling handler() | |
webserver # [ 272.002575] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 272.106594] pebble[661]: Pebble 2023/01/21 19:56:23 Order -kRQOJc3j8YRYuLZ19FjOZurLJd92AUmFIWdquNFlUs is fully authorized. Processing finalization | |
acme # [ 272.108091] pebble[661]: Pebble 2023/01/21 19:56:23 Issued certificate serial 49329bf628ab6c5f for order -kRQOJc3j8YRYuLZ19FjOZurLJd92AUmFIWdquNFlUs | |
acme # [ 272.110147] pebble[661]: Pebble 2023/01/21 19:56:23 POST /my-order/ -> calling handler() | |
acme # [ 272.112118] pebble[661]: Pebble 2023/01/21 19:56:23 POST /certZ/ -> calling handler() | |
webserver # [ 272.012980] acme-nginx-http.example.test-start[3641]: 2023/01/21 19:56:23 [INFO] [nginx-http.example.test] Server responded with a certificate. | |
webserver # [ 272.016431] acme-nginx-http.example.test-start[3634]: + mv domainhash.txt certificates/ | |
webserver # [ 272.025752] acme-nginx-http.example.test-start[3634]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key | |
webserver # [ 272.034054] acme-nginx-http.example.test-start[3634]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 272.038047] acme-nginx-http.example.test-start[3634]: + touch out/renewed | |
webserver # [ 272.043976] acme-nginx-http.example.test-start[3634]: + echo Installing new certificate | |
webserver # [ 272.044763] acme-nginx-http.example.test-start[3634]: Installing new certificate | |
webserver # [ 272.045775] acme-nginx-http.example.test-start[3634]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 272.051456] acme-nginx-http.example.test-start[3661]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 272.053413] acme-nginx-http.example.test-start[3634]: + cp -vp certificates/nginx-http.example.test.key out/key.pem | |
webserver # [ 272.057774] acme-nginx-http.example.test-start[3662]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 272.059438] acme-nginx-http.example.test-start[3634]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 272.064069] acme-nginx-http.example.test-start[3663]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 272.065654] acme-nginx-http.example.test-start[3634]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 272.071033] acme-nginx-http.example.test-start[3634]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 272.077126] acme-nginx-http.example.test-start[3634]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 272.109538] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 272.110679] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test. | |
webserver # [ 272.113839] systemd[1]: acme-nginx-http.example.test.service: Consumed 172ms CPU time, received 8.8K IP traffic, sent 5.8K IP traffic. | |
webserver # [ 272.119615] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 272.167846] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 272.260293] nginx[3673]: nginx: the configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf syntax is ok | |
webserver # [ 272.261456] nginx[3673]: nginx: configuration file /nix/store/d1sh8fzbcvv0v17d6i84qpss5b2f6bxr-nginx.conf test is successful | |
webserver # [ 272.310198] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: signal 1 (SIGHUP) received from 3674, reconfiguring | |
webserver # [ 272.311799] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: reconfiguring | |
webserver # [ 272.321292] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 272.326635] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 272.327624] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 272.378395] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: using the "epoll" event method | |
webserver # [ 272.379632] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: start worker processes | |
webserver # [ 272.385164] nginx[3613]: 2023/01/21 19:56:23 [notice] 3613#3613: start worker process 3676 | |
webserver # [ 272.404342] nixos[3464]: finished switching to system configuration /nix/store/1bimh35my92p0qgizjlvl63vpbcsbfzv-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/nginx-remove-alias/bin/switch-to-configuration test, in 3.63 seconds) | |
webserver: waiting for unit acme-finished-nginx-http.example.test.target | |
(finished: waiting for unit acme-finished-nginx-http.example.test.target, in 0.05 seconds) | |
webserver: waiting for unit nginx.service | |
webserver # [ 272.487870] nginx[3625]: 2023/01/21 19:56:24 [notice] 3625#3625: gracefully shutting down | |
webserver # [ 272.488650] nginx[3625]: 2023/01/21 19:56:24 [notice] 3625#3625: exiting | |
webserver # [ 272.489242] nginx[3625]: 2023/01/21 19:56:24 [notice] 3625#3625: exit | |
webserver # [ 272.492551] nginx[3613]: 2023/01/21 19:56:24 [notice] 3613#3613: signal 17 (SIGCHLD) received from 3625 | |
webserver # [ 272.493352] nginx[3613]: 2023/01/21 19:56:24 [notice] 3613#3613: worker process 3625 exited with code 0 | |
webserver # [ 272.494178] nginx[3613]: 2023/01/21 19:56:24 [notice] 3613#3613: signal 29 (SIGIO) received | |
(finished: waiting for unit nginx.service, in 0.05 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1 | |
webserver # [ 272.561304] nginx[3676]: 2023/01/21 19:56:24 [info] 3676#3676: *1 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
webserver # [ 272.612469] nginx[3676]: 2023/01/21 19:56:24 [info] 3676#3676: *2 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: subtest: Can remove an alias from a domain + cert is updated, in 3.92 seconds) | |
subtest: security.acme changes reflect on web server | |
webserver: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test | |
webserver # [ 273.489154] nixos[3693]: switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git | |
webserver # [ 273.516983] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 273.522051] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 273.525620] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 273.772084] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 273.779128] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 273.783291] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (72) | |
webserver # [ 273.784160] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 273.784828] nscd[901]: 901 monitoring file `/etc/group` (75) | |
webserver # [ 273.785873] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 273.789955] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 273.792821] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 273.796564] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (72) | |
webserver # [ 273.797611] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 273.798596] nscd[901]: 901 monitoring file `/etc/passwd` (76) | |
webserver # [ 273.807099] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 273.915187] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 273.925817] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 273.934841] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 273.940561] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 273.945231] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 273.950874] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 273.952829] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 273.954528] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 274.419389] systemd[1]: Reloading. | |
webserver # [ 274.896575] systemd[1]: nginx.service: Current command vanished from the unit file, execution of the command list won't be resumed. | |
webserver # setting up tmpfiles | |
webserver # restarting the following units: nginx.service | |
webserver # [ 275.043556] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 275.044877] nginx[3676]: 2023/01/21 19:56:26 [notice] 3676#3676: exiting | |
webserver # [ 275.045682] nginx[3676]: 2023/01/21 19:56:26 [notice] 3676#3676: exit | |
webserver # [ 275.050722] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 275.052498] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: signal 17 (SIGCHLD) received from 3676 | |
webserver # [ 275.055115] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: worker process 3676 exited with code 0 | |
webserver # [ 275.057071] nginx[3613]: 2023/01/21 19:56:26 [notice] 3613#3613: exit | |
webserver # [ 275.069118] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 275.071396] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 275.074777] systemd[1]: nginx.service: Consumed 336ms CPU time, no IO, received 1.8K IP traffic, sent 5.6K IP traffic. | |
webserver # [ 275.080996] systemd[1]: Starting Nginx Web Server... | |
webserver # [ 275.197920] nginx-pre-start[3841]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 275.199662] nginx-pre-start[3841]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 275.208430] systemd[1]: Started Nginx Web Server. | |
webserver # [ 275.253541] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 275.257049] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 275.272334] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 275.362411] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 275.365210] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 275.376647] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 275.377693] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 275.387819] systemd[1]: Reached target Local File Systems. | |
webserver # [ 275.401769] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 275.405190] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 275.410720] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 275.416453] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 275.420722] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 275.428507] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem). | |
webserver # [ 275.441962] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem). | |
webserver # [ 275.491534] acme-example.test-start[3845]: + set -euo pipefail | |
webserver # [ 275.492879] acme-example.test-start[3845]: + echo f296e6482529fca9f20a | |
webserver # [ 275.493704] acme-example.test-start[3845]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 275.498838] acme-example.test-start[3848]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 275.508057] acme-example.test-start[3845]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 275.510602] acme-example.test-start[3845]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 275.525334] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: using the "epoll" event method | |
webserver # [ 275.526523] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: nginx/1.22.1 | |
webserver # [ 275.527963] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: built by gcc 11.3.0 (GCC) | |
webserver # [ 275.528951] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: OS: Linux 5.15.89 | |
webserver # [ 275.529834] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: getrlimit(RLIMIT_NOFILE): 1024:524288 | |
webserver # [ 275.534050] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker processes | |
webserver # [ 275.536702] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker process 3853 | |
acme # [ 275.706499] pebble[661]: Pebble 2023/01/21 19:56:27 GET /dir -> calling handler() | |
webserver # [ 275.608772] acme-example.test-start[3849]: 2023/01/21 19:56:27 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 275.613766] acme-example.test-start[3845]: + mv domainhash.txt certificates/ | |
webserver # [ 275.620815] acme-example.test-start[3845]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 275.629124] acme-example.test-start[3845]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 275.633111] acme-example.test-start[3845]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 275.663432] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 275.664480] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 275.666729] systemd[1]: acme-example.test.service: Consumed 159ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 275.673374] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test... | |
webserver # [ 275.679233] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test... | |
webserver # [ 275.781061] acme-nginx-dns.example.test-start[3861]: + set -euo pipefail | |
webserver # [ 275.781912] acme-nginx-dns.example.test-start[3861]: + echo 59d0420c322ea19728a7 | |
webserver # [ 275.782816] acme-nginx-dns.example.test-start[3861]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 275.786826] acme-nginx-http.example.test-start[3862]: + set -euo pipefail | |
webserver # [ 275.788403] acme-nginx-http.example.test-start[3864]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 275.791320] acme-nginx-dns.example.test-start[3866]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 275.798343] acme-nginx-http.example.test-start[3864]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 275.801316] acme-nginx-dns.example.test-start[3861]: + '[' -e certificates/nginx-dns.example.test.key -a -e certificates/nginx-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 275.804187] acme-nginx-dns.example.test-start[3861]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test renew --no-random-sleep --days 30 | |
webserver # [ 275.812117] acme-nginx-http.example.test-start[3862]: + echo 197b6592b1395f3f8747 | |
webserver # [ 275.815441] acme-nginx-http.example.test-start[3862]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 275.822464] acme-nginx-http.example.test-start[3862]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run | |
acme # [ 276.035175] pebble[661]: Pebble 2023/01/21 19:56:27 GET /dir -> calling handler() | |
acme # [ 276.036866] pebble[661]: Pebble 2023/01/21 19:56:27 GET /dir -> calling handler() | |
webserver # [ 275.935942] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 276.039477] pebble[661]: Pebble 2023/01/21 19:56:27 HEAD /nonce-plz -> calling handler() | |
webserver # [ 275.938459] acme-nginx-dns.example.test-start[3867]: 2023/01/21 19:56:27 [nginx-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
acme # [ 276.042310] pebble[661]: Pebble 2023/01/21 19:56:27 POST /order-plz -> calling handler() | |
webserver # [ 275.942499] acme-nginx-dns.example.test-start[3861]: + mv domainhash.txt certificates/ | |
acme # [ 276.044109] pebble[661]: Pebble 2023/01/21 19:56:27 Added order "OWip2NuYtxK3bGB3MPqNPCssRZ2lCGoVkwd4BECKArk" to the db | |
acme # [ 276.045785] pebble[661]: Pebble 2023/01/21 19:56:27 There are now 17 orders in the db | |
webserver # [ 275.948467] acme-nginx-dns.example.test-start[3861]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key | |
webserver # [ 275.955351] acme-nginx-dns.example.test-start[3861]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem | |
webserver # [ 275.958736] acme-nginx-dns.example.test-start[3861]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 275.981623] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully. | |
webserver # [ 275.982391] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test. | |
webserver # [ 275.984104] systemd[1]: acme-nginx-dns.example.test.service: Consumed 127ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic. | |
acme # [ 276.104464] pebble[661]: Pebble 2023/01/21 19:56:27 POST /authZ/ -> calling handler() | |
acme # [ 276.160158] pebble[661]: Pebble 2023/01/21 19:56:27 POST /authZ/ -> calling handler() | |
webserver # [ 276.059462] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/9Yk7bFdIxXye9kOlXXOCzF34TU-rerb3085IRt2U3oU | |
acme # [ 276.162878] pebble[661]: Pebble 2023/01/21 19:56:27 POST /finalize-order/ -> calling handler() | |
webserver # [ 276.061404] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/aADxLQWvXiCfMCNj7hkl8CpIYDuIl1bKfv0VV3z2ALg | |
webserver # [ 276.062840] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http-alias.example.test] acme: authorization already valid; skipping challenge | |
webserver # [ 276.064042] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test] acme: authorization already valid; skipping challenge | |
acme # [ 276.163960] pebble[661]: Pebble 2023/01/21 19:56:27 Order OWip2NuYtxK3bGB3MPqNPCssRZ2lCGoVkwd4BECKArk is fully authorized. Processing finalization | |
webserver # [ 276.065268] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 276.066643] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 276.168768] pebble[661]: Pebble 2023/01/21 19:56:27 Issued certificate serial 4a6fbcf72be51151 for order OWip2NuYtxK3bGB3MPqNPCssRZ2lCGoVkwd4BECKArk | |
acme # [ 276.170812] pebble[661]: Pebble 2023/01/21 19:56:27 POST /my-order/ -> calling handler() | |
acme # [ 276.172773] pebble[661]: Pebble 2023/01/21 19:56:27 POST /certZ/ -> calling handler() | |
webserver # [ 276.074039] acme-nginx-http.example.test-start[3873]: 2023/01/21 19:56:27 [INFO] [nginx-http.example.test] Server responded with a certificate. | |
webserver # [ 276.077186] acme-nginx-http.example.test-start[3862]: + mv domainhash.txt certificates/ | |
webserver # [ 276.082704] acme-nginx-http.example.test-start[3862]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key | |
webserver # [ 276.089953] acme-nginx-http.example.test-start[3862]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 276.093330] acme-nginx-http.example.test-start[3862]: + touch out/renewed | |
webserver # [ 276.098023] acme-nginx-http.example.test-start[3862]: + echo Installing new certificate | |
webserver # [ 276.098956] acme-nginx-http.example.test-start[3862]: Installing new certificate | |
webserver # [ 276.099995] acme-nginx-http.example.test-start[3862]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 276.105068] acme-nginx-http.example.test-start[3889]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 276.106739] acme-nginx-http.example.test-start[3862]: + cp -vp certificates/nginx-http.example.test.key out/key.pem | |
webserver # [ 276.111565] acme-nginx-http.example.test-start[3890]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 276.113643] acme-nginx-http.example.test-start[3862]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 276.118571] acme-nginx-http.example.test-start[3891]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 276.120053] acme-nginx-http.example.test-start[3862]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 276.125876] acme-nginx-http.example.test-start[3862]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 276.131654] acme-nginx-http.example.test-start[3862]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 276.162331] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 276.163136] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test. | |
webserver # [ 276.163790] systemd[1]: acme-nginx-http.example.test.service: Consumed 147ms CPU time, received 9.6K IP traffic, sent 5.9K IP traffic. | |
webserver # [ 276.167817] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 276.211842] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 276.289297] nginx[3901]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 276.290421] nginx[3901]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 276.333979] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: signal 1 (SIGHUP) received from 3902, reconfiguring | |
webserver # [ 276.334927] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: reconfiguring | |
webserver # [ 276.344421] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 276.349430] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 276.350316] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 276.388021] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: using the "epoll" event method | |
webserver # [ 276.389178] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker processes | |
webserver # [ 276.390271] nginx[3842]: 2023/01/21 19:56:27 [notice] 3842#3842: start worker process 3904 | |
webserver # [ 276.415970] nixos[3693]: finished switching to system configuration /nix/store/92chhpij14li0ag540gwy6sbwka8zj0y-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/nginx/bin/switch-to-configuration test, in 3.73 seconds) | |
webserver: waiting for unit nginx.service | |
(finished: waiting for unit nginx.service, in 0.05 seconds) | |
webserver # [ 276.493117] nginx[3853]: 2023/01/21 19:56:28 [notice] 3853#3853: gracefully shutting down | |
webserver # [ 276.494092] nginx[3853]: 2023/01/21 19:56:28 [notice] 3853#3853: exiting | |
webserver # [ 276.494799] nginx[3853]: 2023/01/21 19:56:28 [notice] 3853#3853: exit | |
webserver # [ 276.499957] nginx[3842]: 2023/01/21 19:56:28 [notice] 3842#3842: signal 17 (SIGCHLD) received from 3853 | |
webserver # [ 276.501090] nginx[3842]: 2023/01/21 19:56:28 [notice] 3842#3842: worker process 3853 exited with code 0 | |
webserver # [ 276.502136] nginx[3842]: 2023/01/21 19:56:28 [notice] 3842#3842: signal 29 (SIGIO) received | |
webserver: must succeed: /tmp/specialisation/nginx-change-acme-conf/bin/switch-to-configuration test | |
webserver # [ 277.370670] nixos[3917]: switching to system configuration /nix/store/mdh8cv5xg8k7bqqk2sgxcvlyn4wbaw5b-nixos-system-webserver-23.05pre-git | |
webserver # [ 277.394530] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 277.398622] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 277.401496] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 277.624538] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 277.632074] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 277.635988] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (78) | |
webserver # [ 277.636741] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 277.637405] nscd[901]: 901 monitoring file `/etc/group` (81) | |
webserver # [ 277.638095] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 277.641167] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 277.642818] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 277.645591] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (78) | |
webserver # [ 277.649981] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 277.650653] nscd[901]: 901 monitoring file `/etc/passwd` (82) | |
webserver # [ 277.653070] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 277.769274] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 277.776692] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 277.778372] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 277.779378] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 277.781361] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 277.784114] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 277.786160] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 277.789383] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 278.163088] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # [ 278.782836] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 278.785159] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 278.794334] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 278.819095] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 278.822501] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 278.825083] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem). | |
webserver # [ 278.866286] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 278.868254] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 278.875473] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 278.877045] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 278.879307] systemd[1]: Reached target Local File Systems. | |
webserver # [ 278.896418] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 278.897310] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 278.899652] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 278.905176] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 278.910143] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 278.915818] systemd[1]: Generate self-signed certificate for nginx-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-dns.example.test/key.pem). | |
webserver # [ 278.928171] systemd[1]: Generate self-signed certificate for nginx-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/nginx-http.example.test/key.pem). | |
webserver # [ 278.935232] systemd[1]: Starting Renew ACME certificate for nginx-http.example.test... | |
webserver # [ 278.975528] acme-example.test-start[4062]: + set -euo pipefail | |
webserver # [ 278.976807] acme-example.test-start[4062]: + echo f296e6482529fca9f20a | |
webserver # [ 278.977607] acme-example.test-start[4062]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 278.983028] acme-example.test-start[4066]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 278.991277] acme-example.test-start[4062]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 278.993520] acme-example.test-start[4062]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 279.042048] acme-nginx-http.example.test-start[4064]: + set -euo pipefail | |
webserver # [ 279.042997] acme-nginx-http.example.test-start[4072]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 279.049165] acme-nginx-http.example.test-start[4072]: + chgrp nginx /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 279.055749] acme-nginx-http.example.test-start[4064]: + echo 197b6592b1395f3f8747 | |
webserver # [ 279.056607] acme-nginx-http.example.test-start[4064]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 279.060124] acme-nginx-http.example.test-start[4064]: + lego --accept-tos --path . -d nginx-http.example.test --email hostmaster@example.test --key-type ec384 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d nginx-http-alias.example.test run | |
acme # [ 279.256783] pebble[661]: Pebble 2023/01/21 19:56:30 GET /dir -> calling handler() | |
webserver # [ 279.159807] acme-example.test-start[4067]: 2023/01/21 19:56:30 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 279.167090] acme-example.test-start[4062]: + mv domainhash.txt certificates/ | |
webserver # [ 279.173832] acme-example.test-start[4062]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 279.186800] acme-example.test-start[4062]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 279.190767] acme-example.test-start[4062]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 279.223958] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 279.224935] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 279.225782] systemd[1]: acme-example.test.service: Consumed 159ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic. | |
webserver # [ 279.237280] systemd[1]: Starting Renew ACME certificate for nginx-dns.example.test... | |
acme # [ 279.362198] pebble[661]: Pebble 2023/01/21 19:56:30 GET /dir -> calling handler() | |
webserver # [ 279.262621] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 279.366940] pebble[661]: Pebble 2023/01/21 19:56:30 HEAD /nonce-plz -> calling handler() | |
acme # [ 279.373820] pebble[661]: Pebble 2023/01/21 19:56:30 POST /order-plz -> calling handler() | |
acme # [ 279.380779] pebble[661]: Pebble 2023/01/21 19:56:30 There are now 18 authorizations in the db | |
acme # [ 279.385198] pebble[661]: Pebble 2023/01/21 19:56:30 There are now 19 authorizations in the db | |
acme # [ 279.389025] pebble[661]: Pebble 2023/01/21 19:56:30 Added order "IcGHQQhZ4S2x6sOo3T4cVn06IFxlwZB-V2rL0MOYPeg" to the db | |
acme # [ 279.393854] pebble[661]: Pebble 2023/01/21 19:56:30 There are now 18 orders in the db | |
webserver # [ 279.316360] acme-nginx-dns.example.test-start[4087]: + set -euo pipefail | |
webserver # [ 279.317453] acme-nginx-dns.example.test-start[4087]: + echo 59d0420c322ea19728a7 | |
webserver # [ 279.318610] acme-nginx-dns.example.test-start[4087]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 279.323447] acme-nginx-dns.example.test-start[4089]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 279.335827] acme-nginx-dns.example.test-start[4087]: + '[' -e certificates/nginx-dns.example.test.key -a -e certificates/nginx-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 279.338567] acme-nginx-dns.example.test-start[4087]: + lego --accept-tos --path . -d nginx-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d nginx-dns-alias.example.test renew --no-random-sleep --days 30 | |
acme # [ 279.447880] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler() | |
acme # [ 279.500883] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler() | |
webserver # [ 279.406097] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test] AuthURL: https://acme.test/authZ/jgtPZXsQmimot6G9BI6gO0IDp0qwLYragE8Eowiz_Wc | |
webserver # [ 279.407445] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] AuthURL: https://acme.test/authZ/-KxNQns8EIjMbOgspl_Z70tqt8EQuEjTdqo7dFvcsnI | |
acme # [ 279.512093] pebble[661]: Pebble 2023/01/21 19:56:31 POST /chalZ/ -> calling handler() | |
webserver # [ 279.410178] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 279.412578] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] acme: use http-01 solver | |
acme # [ 279.517693] pebble[661]: Pebble 2023/01/21 19:56:31 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc0001b9ea0), Account:(*core.Account)(0xc0004494a0)} | |
acme # [ 279.520275] pebble[661]: Pebble 2023/01/21 19:56:31 Starting 3 validations. | |
acme # [ 279.521142] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/W74usfuMaBcKT_U363dyAV6BEohOjFMjh5stAPHoDvw | |
webserver # [ 279.414079] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 279.525668] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler() | |
webserver # [ 279.424182] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http.example.test] acme: use http-01 solver | |
webserver # [ 279.426064] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] [nginx-http-alias.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 279.527296] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/W74usfuMaBcKT_U363dyAV6BEohOjFMjh5stAPHoDvw | |
acme # [ 279.531961] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http-alias.example.test:80/.well-known/acme-challenge/W74usfuMaBcKT_U363dyAV6BEohOjFMjh5stAPHoDvw | |
webserver # [ 279.427462] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:30 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/authZ/jgtPZXsQmimot6G9BI6gO0IDp0qwLYragE8Eowiz_Wc :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: nDVqPc7GooqpAgqgE0zp2g | |
acme # [ 279.537981] pebble[661]: Pebble 2023/01/21 19:56:31 GET /dir -> calling handler() | |
webserver # [ 279.438358] acme-nginx-dns.example.test-start[4090]: 2023/01/21 19:56:30 [nginx-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
acme # [ 279.540484] pebble[661]: Pebble 2023/01/21 19:56:31 authz jgtPZXsQmimot6G9BI6gO0IDp0qwLYragE8Eowiz_Wc set VALID by completed challenge VdLKfb75475F74QTF5yQ3_Rs--R4DkXYDKMNNPmWpNs | |
webserver # [ 279.443062] acme-nginx-dns.example.test-start[4087]: + mv domainhash.txt certificates/ | |
webserver # [ 279.449183] acme-nginx-dns.example.test-start[4087]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-dns.example.test.crt certificates/nginx-dns.example.test.issuer.crt certificates/nginx-dns.example.test.json certificates/nginx-dns.example.test.key | |
webserver # [ 279.456841] acme-nginx-dns.example.test-start[4087]: + cmp -s certificates/nginx-dns.example.test.crt out/fullchain.pem | |
webserver # [ 279.460744] acme-nginx-dns.example.test-start[4087]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 279.486422] systemd[1]: acme-nginx-dns.example.test.service: Deactivated successfully. | |
webserver # [ 279.487417] systemd[1]: Finished Renew ACME certificate for nginx-dns.example.test. | |
webserver # [ 279.490046] systemd[1]: acme-nginx-dns.example.test.service: Consumed 143ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic. | |
acme # [ 279.715179] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler() | |
webserver # [ 279.619602] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:31 [INFO] [nginx-http-alias.example.test] The server validated our request | |
acme # [ 279.723745] pebble[661]: Pebble 2023/01/21 19:56:31 POST /chalZ/ -> calling handler() | |
webserver # [ 279.621835] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:31 [INFO] [nginx-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 279.728647] pebble[661]: Pebble 2023/01/21 19:56:31 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"nginx-http.example.test"}, Challenge:(*core.Challenge)(0xc000246140), Account:(*core.Account)(0xc0004494a0)} | |
acme # [ 279.732760] pebble[661]: Pebble 2023/01/21 19:56:31 Starting 3 validations. | |
acme # [ 279.735577] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/5F7DQc8z7vIYyU0xFWSURxmdr-KQQT5HrmrgkZh-2PI | |
acme # [ 279.738769] pebble[661]: Pebble 2023/01/21 19:56:31 POST /authZ/ -> calling handler() | |
acme # [ 279.740727] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/5F7DQc8z7vIYyU0xFWSURxmdr-KQQT5HrmrgkZh-2PI | |
acme # [ 279.745891] pebble[661]: Pebble 2023/01/21 19:56:31 Attempting to validate w/ HTTP: http://nginx-http.example.test:80/.well-known/acme-challenge/5F7DQc8z7vIYyU0xFWSURxmdr-KQQT5HrmrgkZh-2PI | |
acme # [ 279.752354] pebble[661]: Pebble 2023/01/21 19:56:31 authz -KxNQns8EIjMbOgspl_Z70tqt8EQuEjTdqo7dFvcsnI set VALID by completed challenge sW5G8bUYd9SbPAjUrOrci5HRnpxtoYQrzIHLLDOm0EI | |
acme # [ 285.709889] pebble[661]: Pebble 2023/01/21 19:56:37 POST /authZ/ -> calling handler() | |
webserver # [ 285.614744] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] [nginx-http.example.test] The server validated our request | |
webserver # [ 285.616189] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] [nginx-http.example.test, nginx-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 285.723905] pebble[661]: Pebble 2023/01/21 19:56:37 POST /finalize-order/ -> calling handler() | |
acme # [ 285.732716] pebble[661]: Pebble 2023/01/21 19:56:37 Order IcGHQQhZ4S2x6sOo3T4cVn06IFxlwZB-V2rL0MOYPeg is fully authorized. Processing finalization | |
webserver # [ 285.641842] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 285.748468] pebble[661]: Pebble 2023/01/21 19:56:37 Issued certificate serial 04aeef5879153560 for order IcGHQQhZ4S2x6sOo3T4cVn06IFxlwZB-V2rL0MOYPeg | |
acme # [ 285.761131] pebble[661]: Pebble 2023/01/21 19:56:37 POST /my-order/ -> calling handler() | |
acme # [ 285.769734] pebble[661]: Pebble 2023/01/21 19:56:37 POST /certZ/ -> calling handler() | |
webserver # [ 285.673387] acme-nginx-http.example.test-start[4075]: 2023/01/21 19:56:37 [INFO] [nginx-http.example.test] Server responded with a certificate. | |
webserver # [ 285.684456] acme-nginx-http.example.test-start[4064]: + mv domainhash.txt certificates/ | |
webserver # [ 285.694305] acme-nginx-http.example.test-start[4064]: + chown acme:nginx certificates/domainhash.txt certificates/nginx-http.example.test.crt certificates/nginx-http.example.test.issuer.crt certificates/nginx-http.example.test.json certificates/nginx-http.example.test.key | |
webserver # [ 285.714714] acme-nginx-http.example.test-start[4064]: + cmp -s certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 285.722573] acme-nginx-http.example.test-start[4064]: + touch out/renewed | |
webserver # [ 285.731705] acme-nginx-http.example.test-start[4064]: + echo Installing new certificate | |
webserver # [ 285.736083] acme-nginx-http.example.test-start[4064]: Installing new certificate | |
webserver # [ 285.740770] acme-nginx-http.example.test-start[4064]: + cp -vp certificates/nginx-http.example.test.crt out/fullchain.pem | |
webserver # [ 285.748657] acme-nginx-http.example.test-start[4106]: 'certificates/nginx-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 285.755139] acme-nginx-http.example.test-start[4064]: + cp -vp certificates/nginx-http.example.test.key out/key.pem | |
webserver # [ 285.762453] acme-nginx-http.example.test-start[4107]: 'certificates/nginx-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 285.768855] acme-nginx-http.example.test-start[4064]: + cp -vp certificates/nginx-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 285.776421] acme-nginx-http.example.test-start[4108]: 'certificates/nginx-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 285.791137] acme-nginx-http.example.test-start[4064]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 285.803433] acme-nginx-http.example.test-start[4064]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 285.813702] acme-nginx-http.example.test-start[4064]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 285.870376] 422nn8sf83rd54wkkfnxjs3vr7fz6g7k-acme-postrun[4115]: uid=0(root) gid=0(root) groups=0(root),60(nginx) | |
webserver # [ 285.886256] systemd[1]: acme-nginx-http.example.test.service: Deactivated successfully. | |
webserver # [ 285.896730] systemd[1]: Finished Renew ACME certificate for nginx-http.example.test. | |
webserver # [ 285.902794] systemd[1]: acme-nginx-http.example.test.service: Consumed 224ms CPU time, received 14.8K IP traffic, sent 10.7K IP traffic. | |
webserver # [ 285.913325] systemd[1]: Starting nginx-config-reload.service... | |
webserver # [ 285.961325] systemd[1]: Reloading Nginx Web Server... | |
webserver # [ 286.073050] nginx[4120]: nginx: the configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf syntax is ok | |
webserver # [ 286.079422] nginx[4120]: nginx: configuration file /nix/store/8ciddn1gm16mlkifa70ri47d3j0rggfa-nginx.conf test is successful | |
webserver # [ 286.143340] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: signal 1 (SIGHUP) received from 4121, reconfiguring | |
webserver # [ 286.164423] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: reconfiguring | |
webserver # [ 286.181743] systemd[1]: Reloaded Nginx Web Server. | |
webserver # [ 286.190759] systemd[1]: nginx-config-reload.service: Deactivated successfully. | |
webserver # [ 286.203764] systemd[1]: Finished nginx-config-reload.service. | |
webserver # [ 286.237457] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: using the "epoll" event method | |
webserver # [ 286.242440] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: start worker processes | |
webserver # [ 286.250499] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: start worker process 4123 | |
webserver # [ 286.276672] nixos[3917]: finished switching to system configuration /nix/store/mdh8cv5xg8k7bqqk2sgxcvlyn4wbaw5b-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/nginx-change-acme-conf/bin/switch-to-configuration test, in 9.77 seconds) | |
webserver: waiting for unit acme-finished-nginx-http.example.test.target | |
webserver # [ 286.339229] nginx[3904]: 2023/01/21 19:56:37 [notice] 3904#3904: gracefully shutting down | |
webserver # [ 286.348150] nginx[3904]: 2023/01/21 19:56:37 [notice] 3904#3904: exiting | |
webserver # [ 286.357844] nginx[3904]: 2023/01/21 19:56:37 [notice] 3904#3904: exit | |
webserver # [ 286.360442] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: signal 17 (SIGCHLD) received from 3904 | |
webserver # [ 286.362356] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: worker process 3904 exited with code 0 | |
webserver # [ 286.364072] nginx[3842]: 2023/01/21 19:56:37 [notice] 3842#3842: signal 29 (SIGIO) received | |
(finished: waiting for unit acme-finished-nginx-http.example.test.target, in 0.10 seconds) | |
webserver: waiting for unit nginx.service | |
(finished: waiting for unit nginx.service, in 0.08 seconds) | |
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key | |
client # depth=2 CN = Pebble Root CA 07ebd3 | |
client # verify return:1 | |
client # depth=1 CN = Pebble Intermediate CA 4d6099 | |
client # verify return:1 | |
client # depth=0 CN = nginx-http.example.test | |
client # verify return:1 | |
client # DONE | |
webserver # [ 286.576068] nginx[4123]: 2023/01/21 19:56:38 [info] 4123#4123: *7 client closed connection while waiting for request, client: 192.168.1.2, server: 0.0.0.0:443 | |
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername nginx-http.example.test -connect nginx-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key, in 0.17 seconds) | |
Key type: Public-Key: (384 bit) | |
(finished: subtest: security.acme changes reflect on web server, in 13.98 seconds) | |
subtest: Works with httpd | |
webserver: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test | |
webserver # [ 287.697419] nixos[4140]: switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: acme-finished-nginx-dns.example.test.target, acme-finished-nginx-http.example.test.target, acme-fixperms.service, acme-nginx-dns.example.test.timer, acme-nginx-http.example.test.timer, logrotate-checkconf.service, nginx.service, test-renew-nginx.target | |
webserver # [ 287.738058] systemd[1]: Stopped target acme-finished-nginx-dns.example.test.target. | |
webserver # [ 287.743523] systemd[1]: Stopped target acme-finished-nginx-http.example.test.target. | |
webserver # [ 287.748949] systemd[1]: acme-fixperms.service: Deactivated successfully. | |
webserver # [ 287.753103] systemd[1]: Stopped Fix owner and group of all ACME certificates. | |
webserver # [ 287.760347] systemd[1]: acme-nginx-dns.example.test.timer: Deactivated successfully. | |
webserver # [ 287.765820] systemd[1]: Stopped Renew ACME Certificate for nginx-dns.example.test. | |
webserver # [ 287.774389] systemd[1]: acme-nginx-http.example.test.timer: Deactivated successfully. | |
webserver # [ 287.782072] systemd[1]: Stopped Renew ACME Certificate for nginx-http.example.test. | |
webserver # [ 287.782873] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 287.803081] systemd[1]: logrotate-checkconf.service: Deactivated successfully. | |
webserver # [ 287.810627] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 287.815472] systemd[1]: Stopped Logrotate configuration check. | |
webserver # [ 287.820464] nginx[4123]: 2023/01/21 19:56:39 [notice] 4123#4123: signal 15 (SIGTERM) received from 1, exiting | |
webserver # [ 287.822248] nginx[4123]: 2023/01/21 19:56:39 [notice] 4123#4123: exiting | |
webserver # [ 287.825352] nginx[4123]: 2023/01/21 19:56:39 [notice] 4123#4123: exit | |
webserver # [ 287.830172] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 287.841705] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: signal 17 (SIGCHLD) received from 4123 | |
webserver # [ 287.848745] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: worker process 4123 exited with code 0 | |
webserver # [ 287.858565] nginx[3842]: 2023/01/21 19:56:39 [notice] 3842#3842: exit | |
webserver # [ 287.861777] systemd[1]: Stopping Nginx Web Server... | |
webserver # [ 287.864522] systemd[1]: Stopped target Remote File Systems. | |
webserver # [ 287.868583] systemd[1]: Stopped target test-renew-nginx.target. | |
webserver # [ 287.871613] systemd[1]: nginx.service: Deactivated successfully. | |
webserver # [ 287.874717] systemd[1]: Stopped Nginx Web Server. | |
webserver # [ 287.877126] systemd[1]: nginx.service: Consumed 481ms CPU time, no IO, received 3.7K IP traffic, sent 6.4K IP traffic. | |
webserver # activating the configuration... | |
webserver # removing group ‘nginx’ | |
webserver # [ 288.148474] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 288.161226] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # removing user ‘nginx’ | |
webserver # [ 288.168073] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (84) | |
webserver # [ 288.178824] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 288.187971] nscd[901]: 901 monitoring file `/etc/group` (87) | |
webserver # [ 288.193443] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 288.196785] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 288.202764] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 288.208644] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (84) | |
webserver # [ 288.213223] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 288.218657] nscd[901]: 901 monitoring file `/etc/passwd` (88) | |
webserver # [ 288.222834] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 288.387293] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 288.402095] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 288.412058] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 288.418834] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 288.426787] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 288.432171] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 288.438966] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 288.443491] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 289.024996] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # reloading the following units: dbus.service | |
webserver # [ 289.728320] systemd[1]: Reloading D-Bus System Message Bus... | |
webserver # [ 289.743623] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # [ 289.772276] dbus-daemon[698]: [system] Reloaded configuration | |
webserver # [ 289.774249] dbus-send[4290]: method return time=1674331001.331981 sender=org.freedesktop.DBus -> destination=:1.51 serial=3 reply_serial=2 | |
webserver # [ 289.780117] dbus-daemon[698]: Unknown username "systemd-timesync" in message bus configuration file | |
webserver # [ 289.800859] dbus-daemon[698]: [system] Reloaded configuration | |
webserver # [ 289.804412] systemd[1]: Reloaded D-Bus System Message Bus. | |
webserver # starting the following units: acme-fixperms.service, logrotate-checkconf.service | |
webserver # [ 289.842106] systemd[1]: Starting Fix owner and group of all ACME certificates... | |
webserver # [ 289.843236] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 289.866169] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 289.916537] systemd[1]: Finished Fix owner and group of all ACME certificates. | |
webserver # [ 289.920342] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 289.922691] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 289.927239] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 289.928494] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 289.931031] systemd[1]: Reached target Local File Systems. | |
webserver # [ 289.948105] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 289.949481] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 289.952236] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 289.955284] systemd[1]: Started Renew ACME Certificate for httpd-dns.example.test. | |
webserver # [ 289.957427] systemd[1]: Started Renew ACME Certificate for httpd-http.example.test. | |
webserver # [ 289.959261] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 289.963409] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 289.967838] systemd[1]: Starting Generate self-signed certificate for httpd-dns.example.test... | |
webserver # [ 289.972813] systemd[1]: Starting Generate self-signed certificate for httpd-http.example.test... | |
webserver # [ 289.976096] systemd[1]: Starting Logrotate configuration check... | |
webserver # [ 289.988878] logrotate[4302]: warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. | |
webserver # [ 289.992190] logrotate[4302]: reading config file /nix/store/iqb68zysi2r5kq82241wrwvb84z6akj1-logrotate.conf | |
webserver # [ 290.003257] logrotate[4302]: note: 'monthly' overrides previously specified 'weekly' | |
webserver # [ 290.007755] logrotate[4302]: Reading state from file: /var/lib/logrotate.status | |
webserver # [ 290.011114] logrotate[4302]: state file /var/lib/logrotate.status does not exist | |
webserver # [ 290.011841] logrotate[4302]: Allocating hash table for state file, size 64 entries | |
webserver # [ 290.015127] logrotate[4302]: Handling 3 logs | |
webserver # [ 290.015621] logrotate[4302]: rotating pattern: "/var/log/btmp" monthly (1 rotations) | |
webserver # [ 290.019081] logrotate[4302]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 290.023079] logrotate[4302]: considering log /var/log/btmp | |
webserver # [ 290.023722] logrotate[4302]: Creating new state | |
webserver # [ 290.027065] logrotate[4302]: Now: 2023-01-21 19:56 | |
webserver # [ 290.027643] logrotate[4302]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 290.031111] logrotate[4302]: log does not need rotating (log has already been rotated) | |
webserver # [ 290.034100] logrotate[4302]: rotating pattern: "/var/log/wtmp" monthly (1 rotations) | |
webserver # [ 290.036998] logrotate[4302]: empty log files are not rotated, only log files >= 1048576 bytes are rotated, old logs are removed | |
webserver # [ 290.041078] logrotate[4302]: considering log /var/log/wtmp | |
webserver # [ 290.041686] logrotate[4302]: Creating new state | |
webserver # [ 290.044053] logrotate[4302]: Now: 2023-01-21 19:56 | |
webserver # [ 290.044607] logrotate[4302]: Last rotated at 2023-01-21 19:00 | |
webserver # [ 290.048093] logrotate[4302]: log does not need rotating (log has already been rotated) | |
webserver # [ 290.051020] logrotate[4302]: rotating pattern: "/var/log/httpd/*.log" after 1 days (28 rotations) | |
webserver # [ 290.054018] logrotate[4302]: empty log files are not rotated, old logs are removed | |
webserver # [ 290.054800] logrotate[4302]: switching euid from 0 to 54 and egid from 0 to 54 (pid 4302) | |
webserver # [ 290.060110] logrotate[4302]: considering log /var/log/httpd/*.log | |
webserver # [ 290.060766] logrotate[4302]: log /var/log/httpd/*.log does not exist -- skipping | |
webserver # [ 290.064067] logrotate[4302]: Creating new state | |
webserver # [ 290.064548] logrotate[4302]: not running postrotate script, since no logs were rotated | |
webserver # [ 290.068064] logrotate[4302]: switching euid from 54 to 0 and egid from 54 to 0 (pid 4302) | |
webserver # [ 290.071119] systemd[1]: Finished Logrotate configuration check. | |
webserver # [ 290.471817] systemd[1]: acme-selfsigned-httpd-dns.example.test.service: Deactivated successfully. | |
webserver # [ 290.475361] systemd[1]: Finished Generate self-signed certificate for httpd-dns.example.test. | |
webserver # [ 290.504539] systemd[1]: acme-selfsigned-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 290.505851] systemd[1]: Finished Generate self-signed certificate for httpd-http.example.test. | |
webserver # [ 290.513535] systemd[1]: Starting Apache HTTPD... | |
webserver # [ 290.750415] systemd[1]: httpd.service: Can't open PID file /run/httpd/httpd.pid (yet?) after start: Operation not permitted | |
webserver # [ 290.762106] systemd[1]: Started Apache HTTPD. | |
webserver # [ 290.766936] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 290.829338] acme-example.test-start[4396]: + set -euo pipefail | |
webserver # [ 290.830290] acme-example.test-start[4396]: + echo f296e6482529fca9f20a | |
webserver # [ 290.831288] acme-example.test-start[4396]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 290.835721] acme-example.test-start[4496]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 290.843200] acme-example.test-start[4396]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 290.845172] acme-example.test-start[4396]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
acme # [ 291.025937] pebble[661]: Pebble 2023/01/21 19:56:42 GET /dir -> calling handler() | |
webserver # [ 290.928253] acme-example.test-start[4497]: 2023/01/21 19:56:42 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 290.933063] acme-example.test-start[4396]: + mv domainhash.txt certificates/ | |
webserver # [ 290.939666] acme-example.test-start[4396]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 290.947914] acme-example.test-start[4396]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 290.952303] acme-example.test-start[4396]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 290.981637] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 290.982584] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 290.984114] systemd[1]: acme-example.test.service: Consumed 142ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 290.989752] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test... | |
webserver # [ 290.994734] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test... | |
webserver # [ 291.100495] acme-httpd-dns.example.test-start[4509]: + set -euo pipefail | |
webserver # [ 291.101581] acme-httpd-dns.example.test-start[4509]: + echo 0a349e39464efbfff571 | |
webserver # [ 291.102973] acme-httpd-dns.example.test-start[4509]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 291.105814] acme-httpd-http.example.test-start[4510]: + set -euo pipefail | |
webserver # [ 291.106748] acme-httpd-http.example.test-start[4512]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 291.109767] acme-httpd-dns.example.test-start[4509]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test run | |
webserver # [ 291.117725] acme-httpd-http.example.test-start[4512]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 291.125019] acme-httpd-http.example.test-start[4510]: + echo c63f2de46052d3f916bc | |
webserver # [ 291.125712] acme-httpd-http.example.test-start[4510]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 291.129425] acme-httpd-http.example.test-start[4510]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run | |
acme # [ 291.358514] pebble[661]: Pebble 2023/01/21 19:56:42 GET /dir -> calling handler() | |
webserver # [ 291.263937] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test, httpd-dns-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 291.369758] pebble[661]: Pebble 2023/01/21 19:56:42 HEAD /nonce-plz -> calling handler() | |
acme # [ 291.374653] pebble[661]: Pebble 2023/01/21 19:56:42 POST /order-plz -> calling handler() | |
webserver # [ 291.277640] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 291.379084] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 20 authorizations in the db | |
acme # [ 291.384483] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 21 authorizations in the db | |
acme # [ 291.388112] pebble[661]: Pebble 2023/01/21 19:56:42 Added order "4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI" to the db | |
acme # [ 291.392781] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 19 orders in the db | |
acme # [ 291.396142] pebble[661]: Pebble 2023/01/21 19:56:42 GET /dir -> calling handler() | |
acme # [ 291.399269] pebble[661]: Pebble 2023/01/21 19:56:42 HEAD /nonce-plz -> calling handler() | |
acme # [ 291.402628] pebble[661]: Pebble 2023/01/21 19:56:42 POST /order-plz -> calling handler() | |
acme # [ 291.406005] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 22 authorizations in the db | |
acme # [ 291.409535] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 23 authorizations in the db | |
acme # [ 291.413021] pebble[661]: Pebble 2023/01/21 19:56:42 Added order "wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A" to the db | |
acme # [ 291.417652] pebble[661]: Pebble 2023/01/21 19:56:42 There are now 20 orders in the db | |
acme # [ 291.432800] pebble[661]: Pebble 2023/01/21 19:56:42 POST /authZ/ -> calling handler() | |
acme # [ 291.442048] pebble[661]: Pebble 2023/01/21 19:56:42 POST /authZ/ -> calling handler() | |
webserver # [ 291.387562] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] AuthURL: https://acme.test/authZ/f0Uf_c_u5a94s2vN7GDyWbY9uBd2H6IWNA-j1SF8e_M | |
acme # [ 291.488768] pebble[661]: Pebble 2023/01/21 19:56:43 POST /authZ/ -> calling handler() | |
webserver # [ 291.389771] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] AuthURL: https://acme.test/authZ/7Q4pWRv62-NQ2RipC18Rrl818i3CYKx3wCran4wrMYs | |
webserver # [ 291.391508] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 291.393377] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: Could not find solver for: http-01 | |
webserver # [ 291.395185] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: use dns-01 solver | |
webserver # [ 291.397208] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 291.398602] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] acme: Could not find solver for: http-01 | |
webserver # [ 291.399988] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns-alias.example.test] acme: use dns-01 solver | |
webserver # [ 291.401793] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:42 [INFO] [httpd-dns.example.test] acme: Preparing to solve DNS-01 | |
acme # [ 291.498013] pebble[661]: Pebble 2023/01/21 19:56:43 POST /authZ/ -> calling handler() | |
webserver # [ 291.403177] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/qktsfNMOFenY55UUzSPAzzfGLaMv75Ntj3NH7eHr4jc | |
webserver # [ 291.405314] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/kbV9vVnnki-TIMq8i_YIm_pzCt8bGnIhF7SeU3osN64 | |
webserver # [ 291.406846] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 291.506463] pebble[661]: Pebble 2023/01/21 19:56:43 POST /chalZ/ -> calling handler() | |
webserver # [ 291.408462] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] acme: use http-01 solver | |
webserver # [ 291.410716] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 291.411859] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver | |
webserver # [ 291.413064] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:42 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 291.511649] pebble[661]: Pebble 2023/01/21 19:56:43 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc000001b80), Account:(*core.Account)(0xc000217680)} | |
acme # [ 291.523035] pebble[661]: Pebble 2023/01/21 19:56:43 Starting 3 validations. | |
acme # [ 291.526732] pebble[661]: Pebble 2023/01/21 19:56:43 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Py5PVyRiSMZH2R7aCvjW9xoNlgbatS_YUq4eWc1SQh4 | |
acme # [ 291.533445] pebble[661]: Pebble 2023/01/21 19:56:43 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Py5PVyRiSMZH2R7aCvjW9xoNlgbatS_YUq4eWc1SQh4 | |
acme # [ 291.540148] pebble[661]: Pebble 2023/01/21 19:56:43 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Py5PVyRiSMZH2R7aCvjW9xoNlgbatS_YUq4eWc1SQh4 | |
acme # [ 291.546833] pebble[661]: Pebble 2023/01/21 19:56:43 POST /authZ/ -> calling handler() | |
acme # [ 291.550311] pebble[661]: Pebble 2023/01/21 19:56:43 authz qktsfNMOFenY55UUzSPAzzfGLaMv75Ntj3NH7eHr4jc set VALID by completed challenge VfSl6FMB7qnPzqtt3ptEcgx5GOWVCEZvwZFpXmPcOYI | |
acme # [ 296.911907] pebble[661]: Pebble 2023/01/21 19:56:48 POST /authZ/ -> calling handler() | |
webserver # [ 296.811529] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:48 [INFO] [httpd-http.example.test] The server validated our request | |
webserver # [ 296.813673] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:48 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 296.916086] pebble[661]: Pebble 2023/01/21 19:56:48 POST /chalZ/ -> calling handler() | |
acme # [ 296.920257] pebble[661]: Pebble 2023/01/21 19:56:48 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000000000), Account:(*core.Account)(0xc000217680)} | |
acme # [ 296.924932] pebble[661]: Pebble 2023/01/21 19:56:48 Starting 3 validations. | |
acme # [ 296.926871] pebble[661]: Pebble 2023/01/21 19:56:48 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/B4mVoDUieg0xKe4hmBkdwu6iGIDoStZdCTdWB0qrXBY | |
acme # [ 296.929170] pebble[661]: Pebble 2023/01/21 19:56:48 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/B4mVoDUieg0xKe4hmBkdwu6iGIDoStZdCTdWB0qrXBY | |
acme # [ 296.931858] pebble[661]: Pebble 2023/01/21 19:56:48 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/B4mVoDUieg0xKe4hmBkdwu6iGIDoStZdCTdWB0qrXBY | |
acme # [ 296.933636] pebble[661]: Pebble 2023/01/21 19:56:48 POST /authZ/ -> calling handler() | |
acme # [ 296.934493] pebble[661]: Pebble 2023/01/21 19:56:48 authz kbV9vVnnki-TIMq8i_YIm_pzCt8bGnIhF7SeU3osN64 set VALID by completed challenge vKE_4mVCclTpBLURrcOL8DJCRq2mRr2dPIk-Q1xcMz4 | |
dnsserver # [ 301.466820] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:56:53 Added DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns.example.test." - Value "WUjxuFLvv-Rd6S-u-tzIdfSJWV4VwzDsC6GPysWN3tE" | |
webserver # [ 301.429536] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:52 [INFO] [_acme-challenge.httpd-dns.example.test.] dns-hook.sh present _acme-challenge.httpd-dns.example.test. WUjxuFLvv-Rd6S-u-tzIdfSJWV4VwzDsC6GPysWN3tE | |
webserver # [ 301.431493] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 301.433621] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed | |
webserver # [ 301.435381] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 107 0 0 100 107 0 17092 --:--:-- --:--:-- --:--:-- 17833 | |
webserver # [ 301.437226] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:56:52 [INFO] [httpd-dns.example.test] acme: Trying to solve DNS-01 | |
acme # [ 302.955366] pebble[661]: Pebble 2023/01/21 19:56:54 POST /authZ/ -> calling handler() | |
webserver # [ 302.855036] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] [httpd-http-alias.example.test] The server validated our request | |
acme # [ 302.957915] pebble[661]: Pebble 2023/01/21 19:56:54 POST /finalize-order/ -> calling handler() | |
webserver # [ 302.856814] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 302.858399] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/finalize-order/wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: 4cybYm-AQky4CRcGxYLluw | |
webserver # [ 303.120512] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 303.223529] pebble[661]: Pebble 2023/01/21 19:56:54 POST /finalize-order/ -> calling handler() | |
acme # [ 303.230090] pebble[661]: Pebble 2023/01/21 19:56:54 Order wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A is fully authorized. Processing finalization | |
acme # [ 303.236723] pebble[661]: Pebble 2023/01/21 19:56:54 Issued certificate serial 37667859f94a2884 for order wu_lCQXlfnL8x3Musp8sNLLfV6p2QnendQCfshCzw_A | |
acme # [ 303.243047] pebble[661]: Pebble 2023/01/21 19:56:54 POST /my-order/ -> calling handler() | |
webserver # [ 303.143968] acme-httpd-http.example.test-start[4520]: 2023/01/21 19:56:54 [INFO] [httpd-http.example.test] Server responded with a certificate. | |
acme # [ 303.246138] pebble[661]: Pebble 2023/01/21 19:56:54 POST /certZ/ -> calling handler() | |
webserver # [ 303.146979] acme-httpd-http.example.test-start[4510]: + mv domainhash.txt certificates/ | |
webserver # [ 303.152964] acme-httpd-http.example.test-start[4510]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key | |
webserver # [ 303.167619] acme-httpd-http.example.test-start[4510]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 303.174578] acme-httpd-http.example.test-start[4510]: + touch out/renewed | |
webserver # [ 303.182624] acme-httpd-http.example.test-start[4510]: + echo Installing new certificate | |
webserver # [ 303.186239] acme-httpd-http.example.test-start[4510]: Installing new certificate | |
webserver # [ 303.189836] acme-httpd-http.example.test-start[4510]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 303.198335] acme-httpd-http.example.test-start[4531]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 303.203690] acme-httpd-http.example.test-start[4510]: + cp -vp certificates/httpd-http.example.test.key out/key.pem | |
webserver # [ 303.212043] acme-httpd-http.example.test-start[4532]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 303.217151] acme-httpd-http.example.test-start[4510]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 303.225372] acme-httpd-http.example.test-start[4533]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 303.231042] acme-httpd-http.example.test-start[4510]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 303.238279] acme-httpd-http.example.test-start[4510]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 303.247702] acme-httpd-http.example.test-start[4510]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 303.288067] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 303.292132] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test. | |
webserver # [ 303.295870] systemd[1]: acme-httpd-http.example.test.service: Consumed 176ms CPU time, received 16.0K IP traffic, sent 11.4K IP traffic. | |
webserver # [ 311.436452] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:02 [INFO] [httpd-dns.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53] | |
webserver # [ 312.439332] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:03 [INFO] Wait for propagation [timeout: 1s, interval: 1s] | |
acme # [ 312.547078] pebble[661]: Pebble 2023/01/21 19:57:04 POST /chalZ/ -> calling handler() | |
acme # [ 312.552430] pebble[661]: Pebble 2023/01/21 19:57:04 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-dns.example.test"}, Challenge:(*core.Challenge)(0xc000247b80), Account:(*core.Account)(0xc000217680)} | |
acme # [ 312.556750] pebble[661]: Pebble 2023/01/21 19:57:04 Starting 3 validations. | |
acme # [ 312.557550] pebble[661]: Pebble 2023/01/21 19:57:04 POST /authZ/ -> calling handler() | |
acme # [ 312.560652] pebble[661]: Pebble 2023/01/21 19:57:04 authz f0Uf_c_u5a94s2vN7GDyWbY9uBd2H6IWNA-j1SF8e_M set VALID by completed challenge emcgvgpcwcKKRXfC0-G2jXBtkQhdt2ZcqHEkQhQlPIs | |
acme # [ 317.476491] pebble[661]: Pebble 2023/01/21 19:57:09 POST /authZ/ -> calling handler() | |
webserver # [ 317.375812] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:08 [INFO] [httpd-dns.example.test] The server validated our request | |
webserver # [ 317.377363] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:08 [INFO] [httpd-dns.example.test] acme: Cleaning DNS-01 challenge | |
dnsserver # [ 327.452763] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:57:19 Removed DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns.example.test." | |
webserver # [ 327.415348] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:18 [INFO] [_acme-challenge.httpd-dns.example.test.] dns-hook.sh cleanup _acme-challenge.httpd-dns.example.test. WUjxuFLvv-Rd6S-u-tzIdfSJWV4VwzDsC6GPysWN3tE | |
webserver # [ 327.423807] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 327.429102] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed | |
webserver # [ 327.434228] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 51 0 0 100 51 0 7729 --:--:-- --:--:-- --:--:-- 8500 | |
webserver # [ 327.441824] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:18 [INFO] sequence: wait for 1s | |
webserver # [ 328.424527] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:19 [INFO] [httpd-dns-alias.example.test] acme: Preparing to solve DNS-01 | |
webserver # [ 338.460607] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:30 [INFO] [_acme-challenge.httpd-dns-alias.example.test.] dns-hook.sh present _acme-challenge.httpd-dns-alias.example.test. SksjvuhQ8H2QxTjHmKWzhgMbgYX29vfOXa16GLyO2ag | |
webserver # [ 338.462211] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current | |
dnsserver # [ 338.499354] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:57:30 Added DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns-alias.example.test." - Value "SksjvuhQ8H2QxTjHmKWzhgMbgYX29vfOXa16GLyO2ag" | |
webserver # [ 338.463544] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed | |
webserver # [ 338.465065] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 113 0 0 100 113 0 18436 --:--:-- --:--:-- --:--:-- 18833 | |
webserver # [ 338.467322] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:30 [INFO] [httpd-dns-alias.example.test] acme: Trying to solve DNS-01 | |
webserver # [ 348.467696] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:40 [INFO] [httpd-dns-alias.example.test] acme: Checking DNS record propagation using [192.168.1.3:53 10.0.2.3:53] | |
webserver # [ 349.468586] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:41 [INFO] Wait for propagation [timeout: 1s, interval: 1s] | |
acme # [ 349.576856] pebble[661]: Pebble 2023/01/21 19:57:41 POST /chalZ/ -> calling handler() | |
acme # [ 349.583404] pebble[661]: Pebble 2023/01/21 19:57:41 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-dns-alias.example.test"}, Challenge:(*core.Challenge)(0xc0002479a0), Account:(*core.Account)(0xc000217680)} | |
acme # [ 349.592422] pebble[661]: Pebble 2023/01/21 19:57:41 Starting 3 validations. | |
acme # [ 349.595727] pebble[661]: Pebble 2023/01/21 19:57:41 POST /authZ/ -> calling handler() | |
acme # [ 349.599293] pebble[661]: Pebble 2023/01/21 19:57:41 authz 7Q4pWRv62-NQ2RipC18Rrl818i3CYKx3wCran4wrMYs set VALID by completed challenge Ho3dO65kaEi4eUZA6TqFz0dBAoezEriFbZcQc0PCdD0 | |
acme # [ 355.863913] pebble[661]: Pebble 2023/01/21 19:57:47 POST /authZ/ -> calling handler() | |
webserver # [ 355.763045] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:47 [INFO] [httpd-dns-alias.example.test] The server validated our request | |
webserver # [ 355.767100] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:47 [INFO] [httpd-dns-alias.example.test] acme: Cleaning DNS-01 challenge | |
dnsserver # [ 365.839672] pebble-challtestsrv[681]: pebble-challtestsrv - 2023/01/21 19:57:57 Removed DNS-01 TXT challenge for Host "_acme-challenge.httpd-dns-alias.example.test." | |
webserver # [ 365.803543] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] [_acme-challenge.httpd-dns-alias.example.test.] dns-hook.sh cleanup _acme-challenge.httpd-dns-alias.example.test. SksjvuhQ8H2QxTjHmKWzhgMbgYX29vfOXa16GLyO2ag | |
webserver # [ 365.808754] acme-httpd-dns.example.test-start[4514]: % Total % Received % Xferd Average Speed Time Time Time Current | |
webserver # [ 365.810043] acme-httpd-dns.example.test-start[4514]: Dload Upload Total Spent Left Speed | |
acme # [ 365.911730] pebble[661]: Pebble 2023/01/21 19:57:57 POST /finalize-order/ -> calling handler() | |
webserver # [ 365.811203] acme-httpd-dns.example.test-start[4514]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0100 57 0 0 100 57 0 8172 --:--:-- --:--:-- --:--:-- 9500 | |
acme # [ 365.913488] pebble[661]: Pebble 2023/01/21 19:57:57 Order 4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI is fully authorized. Processing finalization | |
webserver # [ 365.814211] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] [httpd-dns.example.test, httpd-dns-alias.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 365.816426] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 365.918660] pebble[661]: Pebble 2023/01/21 19:57:57 Issued certificate serial 4ce3f5ccd7662676 for order 4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI | |
acme # [ 365.920460] pebble[661]: Pebble 2023/01/21 19:57:57 POST /my-order/ -> calling handler() | |
webserver # [ 365.821344] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/my-order/4J9tXjdPhFkdkPXJBO0FaUgfEIMd30i_Y05DV4nBkTI :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: s28yLgRNOsGGIUGjDlDarg | |
acme # [ 366.076544] pebble[661]: Pebble 2023/01/21 19:57:57 POST /my-order/ -> calling handler() | |
acme # [ 366.079365] pebble[661]: Pebble 2023/01/21 19:57:57 POST /certZ/ -> calling handler() | |
webserver # [ 365.980978] acme-httpd-dns.example.test-start[4514]: 2023/01/21 19:57:57 [INFO] [httpd-dns.example.test] Server responded with a certificate. | |
webserver # [ 365.985995] acme-httpd-dns.example.test-start[4509]: + mv domainhash.txt certificates/ | |
webserver # [ 365.994298] acme-httpd-dns.example.test-start[4509]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key | |
webserver # [ 366.003055] acme-httpd-dns.example.test-start[4509]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem | |
webserver # [ 366.007316] acme-httpd-dns.example.test-start[4509]: + touch out/renewed | |
webserver # [ 366.013281] acme-httpd-dns.example.test-start[4509]: + echo Installing new certificate | |
webserver # [ 366.014319] acme-httpd-dns.example.test-start[4509]: Installing new certificate | |
webserver # [ 366.015215] acme-httpd-dns.example.test-start[4509]: + cp -vp certificates/httpd-dns.example.test.crt out/fullchain.pem | |
webserver # [ 366.021424] acme-httpd-dns.example.test-start[4552]: 'certificates/httpd-dns.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 366.023801] acme-httpd-dns.example.test-start[4509]: + cp -vp certificates/httpd-dns.example.test.key out/key.pem | |
webserver # [ 366.029087] acme-httpd-dns.example.test-start[4553]: 'certificates/httpd-dns.example.test.key' -> 'out/key.pem' | |
webserver # [ 366.031858] acme-httpd-dns.example.test-start[4509]: + cp -vp certificates/httpd-dns.example.test.issuer.crt out/chain.pem | |
webserver # [ 366.039307] acme-httpd-dns.example.test-start[4554]: 'certificates/httpd-dns.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 366.041663] acme-httpd-dns.example.test-start[4509]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 366.049766] acme-httpd-dns.example.test-start[4509]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 366.057780] acme-httpd-dns.example.test-start[4509]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 366.093179] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully. | |
webserver # [ 366.094293] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test. | |
webserver # [ 366.098657] systemd[1]: acme-httpd-dns.example.test.service: Consumed 268ms CPU time, received 19.0K IP traffic, sent 14.7K IP traffic. | |
webserver # [ 366.101973] systemd[1]: Starting httpd-config-reload.service... | |
webserver # [ 366.159633] httpd[4563]: Syntax OK | |
webserver # [ 366.199194] systemd[1]: Reloading Apache HTTPD... | |
webserver # [ 366.253132] systemd[1]: Reloaded Apache HTTPD. | |
webserver # [ 366.258808] systemd[1]: httpd-config-reload.service: Deactivated successfully. | |
webserver # [ 366.260340] systemd[1]: Finished httpd-config-reload.service. | |
webserver # [ 366.263563] systemd[1]: Reached target acme-finished-httpd-dns.example.test.target. | |
webserver # [ 366.265718] systemd[1]: Reached target acme-finished-httpd-http.example.test.target. | |
webserver # the following new units were started: acme-finished-httpd-dns.example.test.target, acme-finished-httpd-http.example.test.target, acme-httpd-dns.example.test.timer, acme-httpd-http.example.test.timer, httpd.service | |
webserver # [ 366.353685] nixos[4140]: finished switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test, in 79.68 seconds) | |
webserver: waiting for unit acme-finished-httpd-http.example.test.target | |
(finished: waiting for unit acme-finished-httpd-http.example.test.target, in 0.05 seconds) | |
webserver: waiting for unit acme-finished-httpd-dns.example.test.target | |
(finished: waiting for unit acme-finished-httpd-dns.example.test.target, in 0.05 seconds) | |
webserver: waiting for unit httpd.service | |
(finished: waiting for unit httpd.service, in 0.06 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem, in 0.11 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem, in 0.08 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/cert.pem, in 0.07 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-dns.example.test/fullchain.pem, in 0.07 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http-alias.example.test -connect httpd-http-alias.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http-alias.example.test -connect httpd-http-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns.example.test -connect httpd-dns.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns.example.test -connect httpd-dns.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns-alias.example.test -connect httpd-dns-alias.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-dns-alias.example.test -connect httpd-dns-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard.example.test -connect httpd-wildcard.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard.example.test -connect httpd-wildcard.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard-alias.example.test -connect httpd-wildcard-alias.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-wildcard-alias.example.test -connect httpd-wildcard-alias.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
(finished: subtest: Works with httpd, in 80.44 seconds) | |
subtest: Can reload httpd when timer triggers renewal | |
webserver: must succeed: systemctl clean acme-httpd-http.example.test.service --what=state | |
webserver # [ 367.144145] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 367.148540] systemd[1]: acme-httpd-http.example.test.service: Consumed 1ms CPU time, no IO, received 16.0K IP traffic, sent 11.4K IP traffic. | |
(finished: must succeed: systemctl clean acme-httpd-http.example.test.service --what=state, in 0.07 seconds) | |
webserver: must succeed: systemctl start acme-selfsigned-httpd-http.example.test.service | |
webserver # [ 367.195256] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 367.203870] systemd[1]: Starting Generate self-signed certificate for httpd-http.example.test... | |
webserver # [ 367.584071] systemd[1]: acme-selfsigned-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 367.584920] systemd[1]: Finished Generate self-signed certificate for httpd-http.example.test. | |
(finished: must succeed: systemctl start acme-selfsigned-httpd-http.example.test.service, in 0.44 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem, in 0.07 seconds) | |
cert.pem issuer: CN = minica root ca 26429f | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem, in 0.07 seconds) | |
fullchain.pem issuer: CN = minica root ca 26429f | |
webserver: must succeed: systemctl start httpd-config-reload.service | |
webserver # [ 367.769301] systemd[1]: Starting httpd-config-reload.service... | |
webserver # [ 367.834877] httpd[4783]: Syntax OK | |
webserver # [ 367.879028] systemd[1]: Reloading Apache HTTPD... | |
webserver # [ 367.940064] systemd[1]: Reloaded Apache HTTPD. | |
webserver # [ 367.943818] systemd[1]: httpd-config-reload.service: Deactivated successfully. | |
webserver # [ 367.945258] systemd[1]: Finished httpd-config-reload.service. | |
(finished: must succeed: systemctl start httpd-config-reload.service, in 0.22 seconds) | |
webserver: must succeed: systemctl start test-renew-httpd.target | |
webserver # [ 368.007433] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 368.009871] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem). | |
webserver # [ 368.022472] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test... | |
webserver # [ 368.098305] acme-httpd-http.example.test-start[4792]: + set -euo pipefail | |
webserver # [ 368.099955] acme-httpd-http.example.test-start[4951]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 368.106095] acme-httpd-http.example.test-start[4951]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 368.112861] acme-httpd-http.example.test-start[4792]: + echo c63f2de46052d3f916bc | |
webserver # [ 368.114156] acme-httpd-http.example.test-start[4792]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 368.118732] acme-httpd-http.example.test-start[4792]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run | |
webserver # [ 368.153926] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 No key found for account hostmaster@example.test. Generating a P256 key. | |
webserver # [ 368.155735] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 Saved key to accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key | |
acme # [ 368.307772] pebble[661]: Pebble 2023/01/21 19:57:59 GET /dir -> calling handler() | |
webserver # [ 368.210417] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] acme: Registering account for hostmaster@example.test | |
acme # [ 368.314361] pebble[661]: Pebble 2023/01/21 19:57:59 HEAD /nonce-plz -> calling handler() | |
webserver # [ 368.217710] acme-httpd-http.example.test-start[4954]: !!!! HEADS UP !!!! | |
webserver # [ 368.218598] acme-httpd-http.example.test-start[4954]: Your account credentials have been saved in your Let's Encrypt | |
acme # [ 368.319254] pebble[661]: Pebble 2023/01/21 19:57:59 POST /sign-me-up -> calling handler() | |
webserver # [ 368.219685] acme-httpd-http.example.test-start[4954]: configuration directory at "accounts". | |
webserver # [ 368.221081] acme-httpd-http.example.test-start[4954]: You should make a secure backup of this folder now. This | |
webserver # [ 368.222314] acme-httpd-http.example.test-start[4954]: configuration directory will also contain certificates and | |
webserver # [ 368.223405] acme-httpd-http.example.test-start[4954]: private keys obtained from Let's Encrypt so making regular | |
webserver # [ 368.224453] acme-httpd-http.example.test-start[4954]: backups of this folder is ideal. | |
acme # [ 368.322335] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 6 accounts in memory | |
webserver # [ 368.225312] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 368.328708] pebble[661]: Pebble 2023/01/21 19:57:59 POST /order-plz -> calling handler() | |
acme # [ 368.333369] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 24 authorizations in the db | |
acme # [ 368.337267] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 25 authorizations in the db | |
acme # [ 368.340941] pebble[661]: Pebble 2023/01/21 19:57:59 Added order "_9crOuLok7N7xIj6yuvmYWe_1uq5pPELsyNtd_JZL1s" to the db | |
acme # [ 368.345657] pebble[661]: Pebble 2023/01/21 19:57:59 There are now 21 orders in the db | |
acme # [ 368.387011] pebble[661]: Pebble 2023/01/21 19:57:59 POST /authZ/ -> calling handler() | |
webserver # [ 368.342870] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/wrz4tBgwLacLFy_y-VfbmX3pNOCRdiqGfOHrTegeMc0 | |
webserver # [ 368.344403] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/HoLPIVnDNOqEs6GP6baZuQPvzWMLUfbYdsszZW9Mxd0 | |
acme # [ 368.443775] pebble[661]: Pebble 2023/01/21 19:58:00 POST /authZ/ -> calling handler() | |
webserver # [ 368.347013] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 368.452449] pebble[661]: Pebble 2023/01/21 19:58:00 POST /chalZ/ -> calling handler() | |
webserver # [ 368.353222] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver | |
webserver # [ 368.358945] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 368.456570] pebble[661]: Pebble 2023/01/21 19:58:00 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc0003766e0), Account:(*core.Account)(0xc000434d20)} | |
acme # [ 368.468030] pebble[661]: Pebble 2023/01/21 19:58:00 Starting 3 validations. | |
acme # [ 368.468883] pebble[661]: Pebble 2023/01/21 19:58:00 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/TOygOIS-zwclcixX2FdSUVm2v5Q7dADbOy0ot1J73NI | |
webserver # [ 368.366266] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http.example.test] acme: use http-01 solver | |
acme # [ 368.470552] pebble[661]: Pebble 2023/01/21 19:58:00 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/TOygOIS-zwclcixX2FdSUVm2v5Q7dADbOy0ot1J73NI | |
webserver # [ 368.370760] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:57:59 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 368.472360] pebble[661]: Pebble 2023/01/21 19:58:00 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/TOygOIS-zwclcixX2FdSUVm2v5Q7dADbOy0ot1J73NI | |
acme # [ 368.473998] pebble[661]: Pebble 2023/01/21 19:58:00 POST /authZ/ -> calling handler() | |
acme # [ 368.474865] pebble[661]: Pebble 2023/01/21 19:58:00 authz wrz4tBgwLacLFy_y-VfbmX3pNOCRdiqGfOHrTegeMc0 set VALID by completed challenge -fcgUBpwoF3L-y0d4OBWqLSnMRGjr11uSk5e4bw23k8 | |
acme # [ 371.907362] pebble[661]: Pebble 2023/01/21 19:58:03 POST /authZ/ -> calling handler() | |
webserver # [ 371.807029] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:03 [INFO] [httpd-http-alias.example.test] The server validated our request | |
acme # [ 371.916388] pebble[661]: Pebble 2023/01/21 19:58:03 POST /chalZ/ -> calling handler() | |
webserver # [ 371.813536] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:03 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 371.918774] pebble[661]: Pebble 2023/01/21 19:58:03 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc0003768c0), Account:(*core.Account)(0xc000434d20)} | |
acme # [ 371.922599] pebble[661]: Pebble 2023/01/21 19:58:03 Starting 3 validations. | |
acme # [ 371.923392] pebble[661]: Pebble 2023/01/21 19:58:03 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Fui2XVBuabmnXWhg7r2dpi81Fxdj65IBXa-Pzd3tEbg | |
acme # [ 371.924989] pebble[661]: Pebble 2023/01/21 19:58:03 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Fui2XVBuabmnXWhg7r2dpi81Fxdj65IBXa-Pzd3tEbg | |
acme # [ 371.926558] pebble[661]: Pebble 2023/01/21 19:58:03 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/Fui2XVBuabmnXWhg7r2dpi81Fxdj65IBXa-Pzd3tEbg | |
acme # [ 371.928127] pebble[661]: Pebble 2023/01/21 19:58:03 POST /authZ/ -> calling handler() | |
acme # [ 371.929000] pebble[661]: Pebble 2023/01/21 19:58:03 authz HoLPIVnDNOqEs6GP6baZuQPvzWMLUfbYdsszZW9Mxd0 set VALID by completed challenge U_OsEyxRIsmVbiJuNW559hx1fVFIGQvv_hBepuuATM8 | |
acme # [ 376.651388] pebble[661]: Pebble 2023/01/21 19:58:08 POST /authZ/ -> calling handler() | |
webserver # [ 376.551296] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] [httpd-http.example.test] The server validated our request | |
acme # [ 376.662299] pebble[661]: Pebble 2023/01/21 19:58:08 POST /finalize-order/ -> calling handler() | |
webserver # [ 376.557844] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 376.663695] pebble[661]: Pebble 2023/01/21 19:58:08 Order _9crOuLok7N7xIj6yuvmYWe_1uq5pPELsyNtd_JZL1s is fully authorized. Processing finalization | |
acme # [ 376.670604] pebble[661]: Pebble 2023/01/21 19:58:08 POST /my-order/ -> calling handler() | |
webserver # [ 376.565604] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 376.671543] pebble[661]: Pebble 2023/01/21 19:58:08 Issued certificate serial 34269dabbe4f272c for order _9crOuLok7N7xIj6yuvmYWe_1uq5pPELsyNtd_JZL1s | |
acme # [ 377.174892] pebble[661]: Pebble 2023/01/21 19:58:08 POST /my-order/ -> calling handler() | |
acme # [ 377.176838] pebble[661]: Pebble 2023/01/21 19:58:08 POST /certZ/ -> calling handler() | |
webserver # [ 377.076957] acme-httpd-http.example.test-start[4954]: 2023/01/21 19:58:08 [INFO] [httpd-http.example.test] Server responded with a certificate. | |
webserver # [ 377.083256] acme-httpd-http.example.test-start[4792]: + mv domainhash.txt certificates/ | |
webserver # [ 377.089817] acme-httpd-http.example.test-start[4792]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key | |
webserver # [ 377.097222] acme-httpd-http.example.test-start[4792]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 377.100511] acme-httpd-http.example.test-start[4792]: + touch out/renewed | |
webserver # [ 377.105515] acme-httpd-http.example.test-start[4792]: + echo Installing new certificate | |
webserver # [ 377.106727] acme-httpd-http.example.test-start[4792]: Installing new certificate | |
webserver # [ 377.108041] acme-httpd-http.example.test-start[4792]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 377.112444] acme-httpd-http.example.test-start[4963]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 377.114176] acme-httpd-http.example.test-start[4792]: + cp -vp certificates/httpd-http.example.test.key out/key.pem | |
webserver # [ 377.118732] acme-httpd-http.example.test-start[4964]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 377.120869] acme-httpd-http.example.test-start[4792]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 377.125098] acme-httpd-http.example.test-start[4965]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 377.126667] acme-httpd-http.example.test-start[4792]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 377.131773] acme-httpd-http.example.test-start[4792]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 377.137159] acme-httpd-http.example.test-start[4792]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 377.164603] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 377.165597] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test. | |
webserver # [ 377.168329] systemd[1]: acme-httpd-http.example.test.service: Consumed 181ms CPU time, received 17.0K IP traffic, sent 11.6K IP traffic. | |
webserver # [ 377.171046] systemd[1]: Starting httpd-config-reload.service... | |
webserver # [ 377.220079] httpd[4974]: Syntax OK | |
webserver # [ 377.255994] systemd[1]: Reloading Apache HTTPD... | |
webserver # [ 377.303366] systemd[1]: Reloaded Apache HTTPD. | |
webserver # [ 377.307979] systemd[1]: httpd-config-reload.service: Deactivated successfully. | |
webserver # [ 377.309138] systemd[1]: Finished httpd-config-reload.service. | |
webserver # [ 377.311418] systemd[1]: Reached target test-renew-httpd.target. | |
(finished: must succeed: systemctl start test-renew-httpd.target, in 9.37 seconds) | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/cert.pem, in 0.08 seconds) | |
cert.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
webserver: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem | |
(finished: must succeed: openssl x509 -noout -issuer -in /var/lib/acme/httpd-http.example.test/fullchain.pem, in 0.08 seconds) | |
fullchain.pem issuer: CN = Pebble Intermediate CA 4d6099 | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1, in 0.04 seconds) | |
(finished: subtest: Can reload httpd when timer triggers renewal, in 10.43 seconds) | |
subtest: Can remove an alias from a domain + cert is updated | |
webserver: must succeed: /tmp/specialisation/httpd-remove-alias/bin/switch-to-configuration test | |
webserver # [ 378.375607] nixos[5151]: switching to system configuration /nix/store/x2j6ck2x0cjmsrnsdw8kxxh6sf0xjzx3-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: httpd.service | |
webserver # [ 378.408789] systemd[1]: Stopping Apache HTTPD... | |
webserver # [ 378.424764] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 378.438739] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 378.441696] systemd[1]: Stopped target Remote File Systems. | |
webserver # [ 378.515009] systemd[1]: httpd.service: Deactivated successfully. | |
webserver # [ 378.515863] systemd[1]: Stopped Apache HTTPD. | |
webserver # [ 378.517672] systemd[1]: httpd.service: Consumed 298ms CPU time, read 0B from disk, written 12.0K to disk, received 12.1K IP traffic, sent 27.5K IP traffic. | |
webserver # activating the configuration... | |
webserver # [ 378.776988] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 378.784153] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 378.788528] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (90) | |
webserver # [ 378.789322] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 378.789978] nscd[901]: 901 monitoring file `/etc/group` (93) | |
webserver # [ 378.790646] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 378.794167] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 378.797082] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 378.800990] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (90) | |
webserver # [ 378.801750] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 378.802570] nscd[901]: 901 monitoring file `/etc/passwd` (94) | |
webserver # [ 378.805051] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 378.948578] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 378.956248] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 378.957880] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 378.958912] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 378.962273] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 378.964575] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 378.967122] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 378.970281] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 379.438374] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # starting the following units: httpd.service | |
webserver # [ 380.117880] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 380.120514] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 380.130166] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 380.182520] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 380.184582] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 380.188485] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 380.190152] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem). | |
webserver # [ 380.201268] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem). | |
webserver # [ 380.209860] systemd[1]: Starting Apache HTTPD... | |
webserver # [ 380.211870] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 380.223512] systemd[1]: Reached target Local File Systems. | |
webserver # [ 380.255295] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 380.265583] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 380.280804] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 380.286557] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 380.294946] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 380.299139] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 380.303036] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem). | |
webserver # [ 380.353368] acme-example.test-start[5297]: + set -euo pipefail | |
webserver # [ 380.354760] acme-example.test-start[5297]: + echo f296e6482529fca9f20a | |
webserver # [ 380.355583] acme-example.test-start[5297]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 380.360987] acme-example.test-start[5306]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 380.369737] acme-example.test-start[5297]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 380.372235] acme-example.test-start[5297]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 380.406553] systemd[1]: httpd.service: Can't open PID file /run/httpd/httpd.pid (yet?) after start: Operation not permitted | |
webserver # [ 380.435616] systemd[1]: Started Apache HTTPD. | |
acme # [ 380.601293] pebble[661]: Pebble 2023/01/21 19:58:12 GET /dir -> calling handler() | |
webserver # [ 380.503549] acme-example.test-start[5307]: 2023/01/21 19:58:12 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 380.508226] acme-example.test-start[5297]: + mv domainhash.txt certificates/ | |
webserver # [ 380.513931] acme-example.test-start[5297]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 380.520879] acme-example.test-start[5297]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 380.524733] acme-example.test-start[5297]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 380.552555] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 380.553453] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 380.555457] systemd[1]: acme-example.test.service: Consumed 170ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 380.562669] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test... | |
webserver # [ 380.569379] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test... | |
webserver # [ 380.689397] acme-httpd-http.example.test-start[5481]: + set -euo pipefail | |
webserver # [ 380.690864] acme-httpd-http.example.test-start[5482]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 380.693270] acme-httpd-dns.example.test-start[5480]: + set -euo pipefail | |
webserver # [ 380.694827] acme-httpd-dns.example.test-start[5480]: + echo 0a349e39464efbfff571 | |
webserver # [ 380.696213] acme-httpd-dns.example.test-start[5480]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 380.702328] acme-httpd-dns.example.test-start[5485]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 380.704667] acme-httpd-http.example.test-start[5482]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 380.713650] acme-httpd-http.example.test-start[5481]: + echo 25a568200b41a707b1f8 | |
webserver # [ 380.715504] acme-httpd-http.example.test-start[5481]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 380.717756] acme-httpd-dns.example.test-start[5480]: + '[' -e certificates/httpd-dns.example.test.key -a -e certificates/httpd-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 380.727066] acme-httpd-dns.example.test-start[5480]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test renew --no-random-sleep --days 30 | |
webserver # [ 380.735924] acme-httpd-http.example.test-start[5481]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir run | |
acme # [ 380.968368] pebble[661]: Pebble 2023/01/21 19:58:12 GET /dir -> calling handler() | |
webserver # [ 380.871848] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 380.972964] pebble[661]: Pebble 2023/01/21 19:58:12 GET /dir -> calling handler() | |
webserver # [ 380.873468] acme-httpd-dns.example.test-start[5487]: 2023/01/21 19:58:12 [httpd-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 380.880295] acme-httpd-dns.example.test-start[5480]: + mv domainhash.txt certificates/ | |
acme # [ 380.977415] pebble[661]: Pebble 2023/01/21 19:58:12 HEAD /nonce-plz -> calling handler() | |
acme # [ 380.982908] pebble[661]: Pebble 2023/01/21 19:58:12 POST /order-plz -> calling handler() | |
webserver # [ 380.885749] acme-httpd-dns.example.test-start[5480]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key | |
acme # [ 380.986256] pebble[661]: Pebble 2023/01/21 19:58:12 There are now 26 authorizations in the db | |
acme # [ 380.989506] pebble[661]: Pebble 2023/01/21 19:58:12 Added order "P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM" to the db | |
webserver # [ 380.892363] acme-httpd-dns.example.test-start[5480]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem | |
acme # [ 380.993850] pebble[661]: Pebble 2023/01/21 19:58:12 There are now 22 orders in the db | |
webserver # [ 380.896106] acme-httpd-dns.example.test-start[5480]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 380.919361] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully. | |
webserver # [ 380.920161] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test. | |
webserver # [ 380.920825] systemd[1]: acme-httpd-dns.example.test.service: Consumed 149ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic. | |
acme # [ 381.041184] pebble[661]: Pebble 2023/01/21 19:58:12 POST /authZ/ -> calling handler() | |
webserver # [ 380.940550] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/UEaVsmJf_NNHu4123w0NCziZo8wLBmkOm0wOBY1M_kA | |
webserver # [ 380.943222] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
webserver # [ 380.944963] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: use http-01 solver | |
acme # [ 381.047015] pebble[661]: Pebble 2023/01/21 19:58:12 POST /chalZ/ -> calling handler() | |
webserver # [ 380.946472] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:12 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 381.048868] pebble[661]: Pebble 2023/01/21 19:58:12 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc000376dc0), Account:(*core.Account)(0xc000434d20)} | |
acme # [ 381.053752] pebble[661]: Pebble 2023/01/21 19:58:12 Starting 3 validations. | |
acme # [ 381.055401] pebble[661]: Pebble 2023/01/21 19:58:12 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/KQRBQUZVBvCPAzn-Mk-Y9D72pxBW0WSnqeMVvhYkJsE | |
acme # [ 381.057129] pebble[661]: Pebble 2023/01/21 19:58:12 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/KQRBQUZVBvCPAzn-Mk-Y9D72pxBW0WSnqeMVvhYkJsE | |
acme # [ 381.058821] pebble[661]: Pebble 2023/01/21 19:58:12 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/KQRBQUZVBvCPAzn-Mk-Y9D72pxBW0WSnqeMVvhYkJsE | |
acme # [ 381.060526] pebble[661]: Pebble 2023/01/21 19:58:12 POST /authZ/ -> calling handler() | |
acme # [ 381.061420] pebble[661]: Pebble 2023/01/21 19:58:12 authz UEaVsmJf_NNHu4123w0NCziZo8wLBmkOm0wOBY1M_kA set VALID by completed challenge 4gcHXMQCJs2r8ukbzXHsKLWWvNt_D8oFnU-wl5qLHo4 | |
acme # [ 384.882330] pebble[661]: Pebble 2023/01/21 19:58:16 POST /authZ/ -> calling handler() | |
acme # [ 384.884239] pebble[661]: Pebble 2023/01/21 19:58:16 POST /finalize-order/ -> calling handler() | |
webserver # [ 384.782105] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] [httpd-http.example.test] The server validated our request | |
webserver # [ 384.783923] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] [httpd-http.example.test] acme: Validations succeeded; requesting certificates | |
webserver # [ 384.785421] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] retry due to: acme: error: 400 :: POST :: https://acme.test/finalize-order/P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: sM9EuHSMgNVrOrk_m1Kp_g | |
webserver # [ 385.071555] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 385.174296] pebble[661]: Pebble 2023/01/21 19:58:16 POST /finalize-order/ -> calling handler() | |
acme # [ 385.175386] pebble[661]: Pebble 2023/01/21 19:58:16 Order P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM is fully authorized. Processing finalization | |
acme # [ 385.179760] pebble[661]: Pebble 2023/01/21 19:58:16 Issued certificate serial 2ff5c3b0ef14b850 for order P1l76ZBxaqDA508ejg7wcVrQmKTtIpWduuQyn5fYBWM | |
acme # [ 385.181350] pebble[661]: Pebble 2023/01/21 19:58:16 POST /my-order/ -> calling handler() | |
acme # [ 385.183318] pebble[661]: Pebble 2023/01/21 19:58:16 POST /certZ/ -> calling handler() | |
webserver # [ 385.083967] acme-httpd-http.example.test-start[5488]: 2023/01/21 19:58:16 [INFO] [httpd-http.example.test] Server responded with a certificate. | |
webserver # [ 385.087795] acme-httpd-http.example.test-start[5481]: + mv domainhash.txt certificates/ | |
webserver # [ 385.093141] acme-httpd-http.example.test-start[5481]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key | |
webserver # [ 385.100288] acme-httpd-http.example.test-start[5481]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 385.103765] acme-httpd-http.example.test-start[5481]: + touch out/renewed | |
webserver # [ 385.108369] acme-httpd-http.example.test-start[5481]: + echo Installing new certificate | |
webserver # [ 385.109358] acme-httpd-http.example.test-start[5481]: Installing new certificate | |
webserver # [ 385.110250] acme-httpd-http.example.test-start[5481]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 385.115286] acme-httpd-http.example.test-start[5508]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 385.117384] acme-httpd-http.example.test-start[5481]: + cp -vp certificates/httpd-http.example.test.key out/key.pem | |
webserver # [ 385.121654] acme-httpd-http.example.test-start[5509]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 385.123506] acme-httpd-http.example.test-start[5481]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 385.127785] acme-httpd-http.example.test-start[5510]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 385.129938] acme-httpd-http.example.test-start[5481]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 385.134380] acme-httpd-http.example.test-start[5481]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 385.139517] acme-httpd-http.example.test-start[5481]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 385.168340] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 385.169362] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test. | |
webserver # [ 385.171473] systemd[1]: acme-httpd-http.example.test.service: Consumed 174ms CPU time, received 11.7K IP traffic, sent 8.4K IP traffic. | |
webserver # [ 385.174780] systemd[1]: Starting httpd-config-reload.service... | |
webserver # [ 385.225494] httpd[5519]: Syntax OK | |
webserver # [ 385.264422] systemd[1]: Reloading Apache HTTPD... | |
webserver # [ 385.319305] systemd[1]: Reloaded Apache HTTPD. | |
webserver # [ 385.325240] systemd[1]: httpd-config-reload.service: Deactivated successfully. | |
webserver # [ 385.326683] systemd[1]: Finished httpd-config-reload.service. | |
webserver # [ 385.406067] nixos[5151]: finished switching to system configuration /nix/store/x2j6ck2x0cjmsrnsdw8kxxh6sf0xjzx3-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/httpd-remove-alias/bin/switch-to-configuration test, in 7.87 seconds) | |
webserver: waiting for unit acme-finished-httpd-http.example.test.target | |
(finished: waiting for unit acme-finished-httpd-http.example.test.target, in 0.06 seconds) | |
webserver: waiting for unit httpd.service | |
(finished: waiting for unit httpd.service, in 0.06 seconds) | |
client: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1 | |
(finished: must succeed: openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null 2>&1, in 0.03 seconds) | |
(finished: subtest: Can remove an alias from a domain + cert is updated, in 8.18 seconds) | |
subtest: security.acme changes reflect on web server | |
webserver: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test | |
webserver # [ 386.565724] nixos[5699]: switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git | |
webserver # stopping the following units: httpd.service | |
webserver # [ 386.585016] systemd[1]: Stopping Apache HTTPD... | |
webserver # [ 386.589420] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 386.596957] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 386.599861] systemd[1]: Stopped target Remote File Systems. | |
webserver # [ 386.669973] systemd[1]: httpd.service: Deactivated successfully. | |
webserver # [ 386.670780] systemd[1]: Stopped Apache HTTPD. | |
webserver # [ 386.672223] systemd[1]: httpd.service: Consumed 179ms CPU time, no IO, received 3.2K IP traffic, sent 7.5K IP traffic. | |
webserver # activating the configuration... | |
webserver # [ 386.899357] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 386.907203] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 386.911188] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (96) | |
webserver # [ 386.912048] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 386.912712] nscd[901]: 901 monitoring file `/etc/group` (99) | |
webserver # [ 386.913671] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 386.916973] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 386.920038] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 386.922843] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (96) | |
webserver # [ 386.923796] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 386.926495] nscd[901]: 901 monitoring file `/etc/passwd` (100) | |
webserver # [ 386.929422] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 387.031300] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 387.038920] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 387.040476] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 387.041608] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 387.046588] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 387.049239] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 387.053479] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 387.055189] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 388.795180] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # starting the following units: httpd.service | |
webserver # [ 389.410583] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 389.412321] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 389.418821] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 389.441258] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 389.443272] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 389.445606] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem). | |
webserver # [ 389.481032] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 389.482973] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 389.489691] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 389.490556] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 389.493130] systemd[1]: Reached target Local File Systems. | |
webserver # [ 389.508409] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 389.509136] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 389.510857] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 389.515413] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 389.520302] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 389.526115] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem). | |
webserver # [ 389.532144] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem). | |
webserver # [ 389.540266] systemd[1]: Starting Apache HTTPD... | |
webserver # [ 389.575082] acme-example.test-start[5845]: + set -euo pipefail | |
webserver # [ 389.575939] acme-example.test-start[5845]: + echo f296e6482529fca9f20a | |
webserver # [ 389.576995] acme-example.test-start[5845]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 389.582039] acme-example.test-start[5854]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 389.592640] acme-example.test-start[5845]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 389.594377] acme-example.test-start[5845]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 389.634061] systemd[1]: httpd.service: Can't open PID file /run/httpd/httpd.pid (yet?) after start: Operation not permitted | |
webserver # [ 389.652441] systemd[1]: Started Apache HTTPD. | |
acme # [ 389.800402] pebble[661]: Pebble 2023/01/21 19:58:21 GET /dir -> calling handler() | |
webserver # [ 389.700815] acme-example.test-start[5855]: 2023/01/21 19:58:21 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 389.705137] acme-example.test-start[5845]: + mv domainhash.txt certificates/ | |
webserver # [ 389.710303] acme-example.test-start[5845]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 389.716548] acme-example.test-start[5845]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 389.720093] acme-example.test-start[5845]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 389.746481] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 389.747404] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 389.749421] systemd[1]: acme-example.test.service: Consumed 130ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 389.756425] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test... | |
webserver # [ 389.762034] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test... | |
webserver # [ 389.847837] acme-httpd-dns.example.test-start[6028]: + set -euo pipefail | |
webserver # [ 389.848643] acme-httpd-dns.example.test-start[6028]: + echo 0a349e39464efbfff571 | |
webserver # [ 389.849476] acme-httpd-dns.example.test-start[6028]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 389.851145] acme-httpd-http.example.test-start[6029]: + set -euo pipefail | |
webserver # [ 389.852142] acme-httpd-http.example.test-start[6031]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 389.856107] acme-httpd-dns.example.test-start[6033]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 389.859186] acme-httpd-http.example.test-start[6031]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 389.866104] acme-httpd-dns.example.test-start[6028]: + '[' -e certificates/httpd-dns.example.test.key -a -e certificates/httpd-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 389.869436] acme-httpd-dns.example.test-start[6028]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test renew --no-random-sleep --days 30 | |
webserver # [ 389.877338] acme-httpd-http.example.test-start[6029]: + echo c63f2de46052d3f916bc | |
webserver # [ 389.882805] acme-httpd-http.example.test-start[6029]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 389.885065] acme-httpd-http.example.test-start[6029]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec256 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run | |
acme # [ 390.094666] pebble[661]: Pebble 2023/01/21 19:58:21 GET /dir -> calling handler() | |
acme # [ 390.096790] pebble[661]: Pebble 2023/01/21 19:58:21 GET /dir -> calling handler() | |
webserver # [ 389.995759] acme-httpd-dns.example.test-start[6034]: 2023/01/21 19:58:21 [httpd-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 390.000052] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 390.103744] pebble[661]: Pebble 2023/01/21 19:58:21 HEAD /nonce-plz -> calling handler() | |
webserver # [ 390.003194] acme-httpd-dns.example.test-start[6028]: + mv domainhash.txt certificates/ | |
acme # [ 390.108156] pebble[661]: Pebble 2023/01/21 19:58:21 POST /order-plz -> calling handler() | |
acme # [ 390.110179] pebble[661]: Pebble 2023/01/21 19:58:21 There are now 27 authorizations in the db | |
acme # [ 390.112278] pebble[661]: Pebble 2023/01/21 19:58:21 Added order "RDULNOpQXLBDg3qnWLfdYxQYlacm9kh1NyTgK3kx170" to the db | |
webserver # [ 390.009505] acme-httpd-dns.example.test-start[6028]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key | |
acme # [ 390.113585] pebble[661]: Pebble 2023/01/21 19:58:21 There are now 23 orders in the db | |
webserver # [ 390.016966] acme-httpd-dns.example.test-start[6028]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem | |
webserver # [ 390.020572] acme-httpd-dns.example.test-start[6028]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 390.043451] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully. | |
webserver # [ 390.044414] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test. | |
webserver # [ 390.045644] systemd[1]: acme-httpd-dns.example.test.service: Consumed 116ms CPU time, received 2.5K IP traffic, sent 1.0K IP traffic. | |
acme # [ 390.172413] pebble[661]: Pebble 2023/01/21 19:58:21 POST /authZ/ -> calling handler() | |
acme # [ 390.228546] pebble[661]: Pebble 2023/01/21 19:58:21 POST /authZ/ -> calling handler() | |
webserver # [ 390.127625] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/HoLPIVnDNOqEs6GP6baZuQPvzWMLUfbYdsszZW9Mxd0 | |
webserver # [ 390.129324] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/PDIGskIQeJa94NMharLa0P3n5ujaP1TkLZpK2mlIASM | |
webserver # [ 390.131721] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http.example.test] acme: authorization already valid; skipping challenge | |
webserver # [ 390.134039] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 390.235163] pebble[661]: Pebble 2023/01/21 19:58:21 POST /chalZ/ -> calling handler() | |
webserver # [ 390.135598] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver | |
webserver # [ 390.137240] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:21 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 390.238364] pebble[661]: Pebble 2023/01/21 19:58:21 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000377680), Account:(*core.Account)(0xc000434d20)} | |
acme # [ 390.241861] pebble[661]: Pebble 2023/01/21 19:58:21 Starting 3 validations. | |
acme # [ 390.243327] pebble[661]: Pebble 2023/01/21 19:58:21 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/lR3CJgllqF5IlxmqcfodHuI_vAN5rYddwZbpnUXk1k4 | |
acme # [ 390.245418] pebble[661]: Pebble 2023/01/21 19:58:21 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/lR3CJgllqF5IlxmqcfodHuI_vAN5rYddwZbpnUXk1k4 | |
acme # [ 390.247138] pebble[661]: Pebble 2023/01/21 19:58:21 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/lR3CJgllqF5IlxmqcfodHuI_vAN5rYddwZbpnUXk1k4 | |
acme # [ 390.248801] pebble[661]: Pebble 2023/01/21 19:58:21 POST /authZ/ -> calling handler() | |
acme # [ 390.249638] pebble[661]: Pebble 2023/01/21 19:58:21 authz PDIGskIQeJa94NMharLa0P3n5ujaP1TkLZpK2mlIASM set VALID by completed challenge 72nczfx4EUXQOqz7ldfRqKBisPVvH8ctoCkndSkzq_A | |
webserver # [ 395.621026] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] [httpd-http-alias.example.test] The server validated our request | |
acme # [ 395.721753] pebble[661]: Pebble 2023/01/21 19:58:27 POST /authZ/ -> calling handler() | |
webserver # [ 395.623210] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 395.725971] pebble[661]: Pebble 2023/01/21 19:58:27 POST /finalize-order/ -> calling handler() | |
webserver # [ 395.624922] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 395.726760] pebble[661]: Pebble 2023/01/21 19:58:27 Order RDULNOpQXLBDg3qnWLfdYxQYlacm9kh1NyTgK3kx170 is fully authorized. Processing finalization | |
acme # [ 395.729373] pebble[661]: Pebble 2023/01/21 19:58:27 Issued certificate serial 2ea9d36e5d56c79c for order RDULNOpQXLBDg3qnWLfdYxQYlacm9kh1NyTgK3kx170 | |
acme # [ 395.730578] pebble[661]: Pebble 2023/01/21 19:58:27 POST /my-order/ -> calling handler() | |
acme # [ 395.731850] pebble[661]: Pebble 2023/01/21 19:58:27 POST /certZ/ -> calling handler() | |
webserver # [ 395.632963] acme-httpd-http.example.test-start[6036]: 2023/01/21 19:58:27 [INFO] [httpd-http.example.test] Server responded with a certificate. | |
webserver # [ 395.636792] acme-httpd-http.example.test-start[6029]: + mv domainhash.txt certificates/ | |
webserver # [ 395.642825] acme-httpd-http.example.test-start[6029]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key | |
webserver # [ 395.650945] acme-httpd-http.example.test-start[6029]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 395.655041] acme-httpd-http.example.test-start[6029]: + touch out/renewed | |
webserver # [ 395.660347] acme-httpd-http.example.test-start[6029]: + echo Installing new certificate | |
webserver # [ 395.661299] acme-httpd-http.example.test-start[6029]: Installing new certificate | |
webserver # [ 395.662265] acme-httpd-http.example.test-start[6029]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 395.667623] acme-httpd-http.example.test-start[6056]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 395.669748] acme-httpd-http.example.test-start[6029]: + cp -vp certificates/httpd-http.example.test.key out/key.pem | |
webserver # [ 395.674748] acme-httpd-http.example.test-start[6057]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 395.676823] acme-httpd-http.example.test-start[6029]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 395.681385] acme-httpd-http.example.test-start[6058]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 395.683124] acme-httpd-http.example.test-start[6029]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 395.688239] acme-httpd-http.example.test-start[6029]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 395.694098] acme-httpd-http.example.test-start[6029]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 395.727058] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 395.728020] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test. | |
webserver # [ 395.728917] systemd[1]: acme-httpd-http.example.test.service: Consumed 148ms CPU time, received 12.6K IP traffic, sent 8.0K IP traffic. | |
webserver # [ 395.734522] systemd[1]: Starting httpd-config-reload.service... | |
webserver # [ 395.796651] httpd[6067]: Syntax OK | |
webserver # [ 395.837727] systemd[1]: Reloading Apache HTTPD... | |
webserver # [ 395.894196] systemd[1]: Reloaded Apache HTTPD. | |
webserver # [ 395.898266] systemd[1]: httpd-config-reload.service: Deactivated successfully. | |
webserver # [ 395.899692] systemd[1]: Finished httpd-config-reload.service. | |
webserver # [ 395.993181] nixos[5699]: finished switching to system configuration /nix/store/rhy6kxrgjmbbj787p9157yi6zwn89b3q-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/httpd/bin/switch-to-configuration test, in 10.28 seconds) | |
webserver: waiting for unit httpd.service | |
(finished: waiting for unit httpd.service, in 0.06 seconds) | |
webserver: must succeed: /tmp/specialisation/httpd-change-acme-conf/bin/switch-to-configuration test | |
webserver # [ 396.943251] nixos[6243]: switching to system configuration /nix/store/nb2vc26pdhpjrw4a1xln1fz06rxy92ay-nixos-system-webserver-23.05pre-git | |
webserver # [ 396.964654] systemd[1]: Stopped target Local File Systems. | |
webserver # [ 396.969344] systemd[1]: Stopped target All Network Interfaces (deprecated). | |
webserver # [ 396.972635] systemd[1]: Stopped target Remote File Systems. | |
webserver # activating the configuration... | |
webserver # [ 397.191057] nscd[901]: 901 monitored file `/etc/group` was moved into place, adding watch | |
webserver # [ 397.196157] nscd[901]: 901 ignored inotify event for `/etc/group` (file exists) | |
webserver # [ 397.199594] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (102) | |
webserver # [ 397.200358] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 397.200969] nscd[901]: 901 monitoring file `/etc/group` (105) | |
webserver # [ 397.201592] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 397.205963] nscd[901]: 901 monitored file `/etc/passwd` was moved into place, adding watch | |
webserver # [ 397.212181] nscd[901]: 901 ignored inotify event for `/etc/passwd` (file exists) | |
webserver # [ 397.215881] nscd[901]: 901 monitoring file `/etc/nsswitch.conf` (102) | |
webserver # [ 397.216674] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 397.217297] nscd[901]: 901 monitoring file `/etc/passwd` (106) | |
webserver # [ 397.218155] nscd[901]: 901 monitoring directory `/etc` (2) | |
webserver # [ 397.353669] nscd[901]: 901 monitored file `/etc/services` was moved into place, adding watch | |
webserver # [ 397.361349] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 397.363053] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 397.367055] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 397.368423] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 397.370664] nscd[901]: 901 monitored file `/etc/nsswitch.conf` was moved into place, adding watch | |
webserver # [ 397.373549] nscd[901]: 901 monitored file `/etc/netgroup` was moved into place, adding watch | |
webserver # [ 397.377080] nscd[901]: 901 monitored file `/etc/hosts` was moved into place, adding watch | |
webserver # [ 397.852741] systemd[1]: Reloading. | |
webserver # setting up tmpfiles | |
webserver # [ 398.421332] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 398.423103] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 398.429935] systemd[1]: Starting Renew ACME certificate for example.test... | |
webserver # [ 398.450626] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 398.452531] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 398.455326] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem). | |
webserver # [ 398.478407] systemd[1]: Reached target All Network Interfaces (deprecated). | |
webserver # [ 398.480051] systemd[1]: Reached target Remote File Systems. | |
webserver # [ 398.481045] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 398.484129] systemd[1]: Generate self-signed certificate for example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/example.test/key.pem). | |
webserver # [ 398.488167] systemd[1]: Generate self-signed certificate for httpd-dns.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-dns.example.test/key.pem). | |
webserver # [ 398.492533] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem). | |
webserver # [ 398.499699] systemd[1]: Starting Renew ACME certificate for httpd-http.example.test... | |
webserver # [ 398.503099] systemd[1]: File System Check on Root Device was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). | |
webserver # [ 398.511244] systemd[1]: Reached target Local File Systems. | |
webserver # [ 398.535831] systemd[1]: Starting Load Kernel Module efi_pstore... | |
webserver # [ 398.549721] systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. | |
webserver # [ 398.550958] systemd[1]: Finished Load Kernel Module efi_pstore. | |
webserver # [ 398.553181] systemd[1]: Platform Persistent Storage Archival was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). | |
webserver # [ 398.555287] systemd[1]: Generate self-signed certificate authority was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/.minica/key.pem). | |
webserver # [ 398.561790] systemd[1]: Generate self-signed certificate for httpd-http.example.test was skipped because of an unmet condition check (ConditionPathExists=!/var/lib/acme/httpd-http.example.test/key.pem). | |
webserver # [ 398.587659] acme-example.test-start[6388]: + set -euo pipefail | |
webserver # [ 398.588482] acme-example.test-start[6388]: + echo f296e6482529fca9f20a | |
webserver # [ 398.589407] acme-example.test-start[6388]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 398.595054] acme-example.test-start[6393]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 398.603384] acme-example.test-start[6388]: + '[' -e certificates/_.example.test.key -a -e certificates/_.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 398.605387] acme-example.test-start[6388]: + lego --accept-tos --path . -d '*.example.test' --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir renew --no-random-sleep --days 30 | |
webserver # [ 398.624768] acme-httpd-http.example.test-start[6389]: + set -euo pipefail | |
webserver # [ 398.625936] acme-httpd-http.example.test-start[6399]: + mkdir -p /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 398.631349] acme-httpd-http.example.test-start[6399]: + chgrp wwwrun /var/lib/acme/acme-challenge/.well-known/acme-challenge | |
webserver # [ 398.636963] acme-httpd-http.example.test-start[6389]: + echo c63f2de46052d3f916bc | |
webserver # [ 398.637945] acme-httpd-http.example.test-start[6389]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 398.641409] acme-httpd-http.example.test-start[6389]: + lego --accept-tos --path . -d httpd-http.example.test --email hostmaster@example.test --key-type ec384 --http --http.webroot /var/lib/acme/acme-challenge --server https://acme.test/dir -d httpd-http-alias.example.test run | |
acme # [ 398.828072] pebble[661]: Pebble 2023/01/21 19:58:30 GET /dir -> calling handler() | |
webserver # [ 398.732719] acme-example.test-start[6394]: 2023/01/21 19:58:30 [*.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
webserver # [ 398.740777] acme-example.test-start[6388]: + mv domainhash.txt certificates/ | |
webserver # [ 398.746751] acme-example.test-start[6388]: + chown acme:acme certificates/domainhash.txt certificates/_.example.test.crt certificates/_.example.test.issuer.crt certificates/_.example.test.json certificates/_.example.test.key | |
webserver # [ 398.753863] acme-example.test-start[6388]: + cmp -s certificates/_.example.test.crt out/fullchain.pem | |
webserver # [ 398.757304] acme-example.test-start[6388]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
acme # [ 398.875105] pebble[661]: Pebble 2023/01/21 19:58:30 GET /dir -> calling handler() | |
webserver # [ 398.781907] systemd[1]: acme-example.test.service: Deactivated successfully. | |
webserver # [ 398.782616] systemd[1]: Finished Renew ACME certificate for example.test. | |
webserver # [ 398.785133] systemd[1]: acme-example.test.service: Consumed 121ms CPU time, received 2.5K IP traffic, sent 978B IP traffic. | |
webserver # [ 398.788413] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Obtaining bundled SAN certificate | |
acme # [ 398.892535] pebble[661]: Pebble 2023/01/21 19:58:30 HEAD /nonce-plz -> calling handler() | |
webserver # [ 398.792850] systemd[1]: Starting Renew ACME certificate for httpd-dns.example.test... | |
acme # [ 398.897052] pebble[661]: Pebble 2023/01/21 19:58:30 POST /order-plz -> calling handler() | |
acme # [ 398.902262] pebble[661]: Pebble 2023/01/21 19:58:30 There are now 28 authorizations in the db | |
acme # [ 398.903392] pebble[661]: Pebble 2023/01/21 19:58:30 There are now 29 authorizations in the db | |
acme # [ 398.904379] pebble[661]: Pebble 2023/01/21 19:58:30 Added order "7NzakdRsp0ghxrVTi_Ln7X6ry2bvRydOnL-rFYQnwZE" to the db | |
acme # [ 398.905918] pebble[661]: Pebble 2023/01/21 19:58:30 There are now 24 orders in the db | |
webserver # [ 398.838216] acme-httpd-dns.example.test-start[6414]: + set -euo pipefail | |
webserver # [ 398.839024] acme-httpd-dns.example.test-start[6414]: + echo 0a349e39464efbfff571 | |
webserver # [ 398.839820] acme-httpd-dns.example.test-start[6414]: + cmp -s domainhash.txt certificates/domainhash.txt | |
webserver # [ 398.843487] acme-httpd-dns.example.test-start[6416]: ++ find accounts -name hostmaster@example.test.key | |
webserver # [ 398.849605] acme-httpd-dns.example.test-start[6414]: + '[' -e certificates/httpd-dns.example.test.key -a -e certificates/httpd-dns.example.test.crt -a -n accounts/acme.test/hostmaster@example.test/keys/hostmaster@example.test.key ']' | |
webserver # [ 398.851274] acme-httpd-dns.example.test-start[6414]: + lego --accept-tos --path . -d httpd-dns.example.test --email hostmaster@example.test --key-type ec256 --dns exec --dns.disable-cp --server https://acme.test/dir -d httpd-dns-alias.example.test renew --no-random-sleep --days 30 | |
acme # [ 398.964994] pebble[661]: Pebble 2023/01/21 19:58:30 POST /authZ/ -> calling handler() | |
acme # [ 399.020518] pebble[661]: Pebble 2023/01/21 19:58:30 POST /authZ/ -> calling handler() | |
acme # [ 399.027703] pebble[661]: Pebble 2023/01/21 19:58:30 POST /chalZ/ -> calling handler() | |
webserver # [ 398.925912] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http-alias.example.test] AuthURL: https://acme.test/authZ/fvPNNv2tOEbZWCwqn3To7ubZD88BwLT9W6RcoJV-WBg | |
webserver # [ 398.927697] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] AuthURL: https://acme.test/authZ/Vgxobycl5RM4kxYFY37L42PSrf-m8FrIZNAAJUsdzGM | |
acme # [ 399.032854] pebble[661]: Pebble 2023/01/21 19:58:30 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http.example.test"}, Challenge:(*core.Challenge)(0xc0001b8820), Account:(*core.Account)(0xc0004494a0)} | |
acme # [ 399.035363] pebble[661]: Pebble 2023/01/21 19:58:30 Starting 3 validations. | |
webserver # [ 398.930077] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 399.036246] pebble[661]: Pebble 2023/01/21 19:58:30 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/nRkjT3hKue13DE1VkGV6odDb9xMxi2vsepJSqNx6WZU | |
webserver # [ 398.935138] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] acme: use http-01 solver | |
acme # [ 399.040869] pebble[661]: Pebble 2023/01/21 19:58:30 POST /authZ/ -> calling handler() | |
webserver # [ 398.939414] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http-alias.example.test] acme: Could not find solver for: tls-alpn-01 | |
acme # [ 399.042124] pebble[661]: Pebble 2023/01/21 19:58:30 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/nRkjT3hKue13DE1VkGV6odDb9xMxi2vsepJSqNx6WZU | |
webserver # [ 398.941286] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http-alias.example.test] acme: use http-01 solver | |
webserver # [ 398.943067] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:30 [INFO] [httpd-http.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 399.046621] pebble[661]: Pebble 2023/01/21 19:58:30 Attempting to validate w/ HTTP: http://httpd-http.example.test:80/.well-known/acme-challenge/nRkjT3hKue13DE1VkGV6odDb9xMxi2vsepJSqNx6WZU | |
acme # [ 399.049929] pebble[661]: Pebble 2023/01/21 19:58:30 GET /dir -> calling handler() | |
webserver # [ 398.949125] acme-httpd-dns.example.test-start[6417]: 2023/01/21 19:58:30 [httpd-dns.example.test] The certificate expires in 1825 days, the number of days defined to perform the renewal is 30: no renewal. | |
acme # [ 399.055385] pebble[661]: Pebble 2023/01/21 19:58:30 authz fvPNNv2tOEbZWCwqn3To7ubZD88BwLT9W6RcoJV-WBg set VALID by completed challenge SGxyzLnS1KJ90pzARH7Ri7s_nW_dnqHgzodP0_U6UcM | |
webserver # [ 398.955289] acme-httpd-dns.example.test-start[6414]: + mv domainhash.txt certificates/ | |
webserver # [ 398.961545] acme-httpd-dns.example.test-start[6414]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-dns.example.test.crt certificates/httpd-dns.example.test.issuer.crt certificates/httpd-dns.example.test.json certificates/httpd-dns.example.test.key | |
webserver # [ 398.969675] acme-httpd-dns.example.test-start[6414]: + cmp -s certificates/httpd-dns.example.test.crt out/fullchain.pem | |
webserver # [ 398.973605] acme-httpd-dns.example.test-start[6414]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem | |
webserver # [ 399.002392] systemd[1]: acme-httpd-dns.example.test.service: Deactivated successfully. | |
webserver # [ 399.003397] systemd[1]: Finished Renew ACME certificate for httpd-dns.example.test. | |
webserver # [ 399.006333] systemd[1]: acme-httpd-dns.example.test.service: Consumed 130ms CPU time, received 2.5K IP traffic, sent 1.2K IP traffic. | |
acme # [ 403.637560] pebble[661]: Pebble 2023/01/21 19:58:35 POST /authZ/ -> calling handler() | |
webserver # [ 403.540488] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:35 [INFO] [httpd-http.example.test] The server validated our request | |
acme # [ 403.644513] pebble[661]: Pebble 2023/01/21 19:58:35 POST /chalZ/ -> calling handler() | |
webserver # [ 403.542742] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:35 [INFO] [httpd-http-alias.example.test] acme: Trying to solve HTTP-01 | |
acme # [ 403.650026] pebble[661]: Pebble 2023/01/21 19:58:35 Pulled a task from the Tasks queue: &va.vaTask{Identifier:acme.Identifier{Type:"dns", Value:"httpd-http-alias.example.test"}, Challenge:(*core.Challenge)(0xc000377ea0), Account:(*core.Account)(0xc0004494a0)} | |
acme # [ 403.652850] pebble[661]: Pebble 2023/01/21 19:58:35 Starting 3 validations. | |
acme # [ 403.653658] pebble[661]: Pebble 2023/01/21 19:58:35 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/i_c9t0i6atHvrarEhvtslmom9s5xzTEYyiZokbzNiK4 | |
acme # [ 403.657454] pebble[661]: Pebble 2023/01/21 19:58:35 POST /authZ/ -> calling handler() | |
acme # [ 403.660987] pebble[661]: Pebble 2023/01/21 19:58:35 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/i_c9t0i6atHvrarEhvtslmom9s5xzTEYyiZokbzNiK4 | |
acme # [ 403.663955] pebble[661]: Pebble 2023/01/21 19:58:35 Attempting to validate w/ HTTP: http://httpd-http-alias.example.test:80/.well-known/acme-challenge/i_c9t0i6atHvrarEhvtslmom9s5xzTEYyiZokbzNiK4 | |
acme # [ 403.670285] pebble[661]: Pebble 2023/01/21 19:58:35 authz Vgxobycl5RM4kxYFY37L42PSrf-m8FrIZNAAJUsdzGM set VALID by completed challenge izgj16IRVA2uPGLpNgWMN9rRj1g5RAVxb0k18xirwlc | |
acme # [ 411.129561] pebble[661]: Pebble 2023/01/21 19:58:42 POST /authZ/ -> calling handler() | |
webserver # [ 411.033771] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] [httpd-http-alias.example.test] The server validated our request | |
webserver # [ 411.035721] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] [httpd-http.example.test, httpd-http-alias.example.test] acme: Validations succeeded; requesting certificates | |
acme # [ 411.143552] pebble[661]: Pebble 2023/01/21 19:58:42 POST /finalize-order/ -> calling handler() | |
acme # [ 411.149025] pebble[661]: Pebble 2023/01/21 19:58:42 Order 7NzakdRsp0ghxrVTi_Ln7X6ry2bvRydOnL-rFYQnwZE is fully authorized. Processing finalization | |
webserver # [ 411.049792] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] Wait for certificate [timeout: 30s, interval: 500ms] | |
acme # [ 411.153955] pebble[661]: Pebble 2023/01/21 19:58:42 Issued certificate serial 50d1c3eccbf566f5 for order 7NzakdRsp0ghxrVTi_Ln7X6ry2bvRydOnL-rFYQnwZE | |
acme # [ 411.155658] pebble[661]: Pebble 2023/01/21 19:58:42 POST /my-order/ -> calling handler() | |
acme # [ 411.161655] pebble[661]: Pebble 2023/01/21 19:58:42 POST /certZ/ -> calling handler() | |
webserver # [ 411.063513] acme-httpd-http.example.test-start[6402]: 2023/01/21 19:58:42 [INFO] [httpd-http.example.test] Server responded with a certificate. | |
webserver # [ 411.069871] acme-httpd-http.example.test-start[6389]: + mv domainhash.txt certificates/ | |
webserver # [ 411.077081] acme-httpd-http.example.test-start[6389]: + chown acme:wwwrun certificates/domainhash.txt certificates/httpd-http.example.test.crt certificates/httpd-http.example.test.issuer.crt certificates/httpd-http.example.test.json certificates/httpd-http.example.test.key | |
webserver # [ 411.085208] acme-httpd-http.example.test-start[6389]: + cmp -s certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 411.089492] acme-httpd-http.example.test-start[6389]: + touch out/renewed | |
webserver # [ 411.095591] acme-httpd-http.example.test-start[6389]: + echo Installing new certificate | |
webserver # [ 411.096623] acme-httpd-http.example.test-start[6389]: Installing new certificate | |
webserver # [ 411.097881] acme-httpd-http.example.test-start[6389]: + cp -vp certificates/httpd-http.example.test.crt out/fullchain.pem | |
webserver # [ 411.103657] acme-httpd-http.example.test-start[6433]: 'certificates/httpd-http.example.test.crt' -> 'out/fullchain.pem' | |
webserver # [ 411.105982] acme-httpd-http.example.test-start[6389]: + cp -vp certificates/httpd-http.example.test.key out/key.pem | |
webserver # [ 411.112868] acme-httpd-http.example.test-start[6434]: 'certificates/httpd-http.example.test.key' -> 'out/key.pem' | |
webserver # [ 411.115170] acme-httpd-http.example.test-start[6389]: + cp -vp certificates/httpd-http.example.test.issuer.crt out/chain.pem | |
webserver # [ 411.120164] acme-httpd-http.example.test-start[6435]: 'certificates/httpd-http.example.test.issuer.crt' -> 'out/chain.pem' | |
webserver # [ 411.122220] acme-httpd-http.example.test-start[6389]: + ln -sf fullchain.pem out/cert.pem | |
webserver # [ 411.128097] acme-httpd-http.example.test-start[6389]: + cat out/key.pem out/fullchain.pem | |
webserver # [ 411.133744] acme-httpd-http.example.test-start[6389]: + chmod 640 out/cert.pem out/chain.pem out/fullchain.pem out/full.pem out/key.pem out/renewed | |
webserver # [ 411.171439] ff138gkahjg2i8scp5lf2280cnjw7s6j-acme-postrun[6442]: uid=0(root) gid=0(root) groups=0(root),54(wwwrun) | |
webserver # [ 411.175445] systemd[1]: acme-httpd-http.example.test.service: Deactivated successfully. | |
webserver # [ 411.178699] systemd[1]: Finished Renew ACME certificate for httpd-http.example.test. | |
webserver # [ 411.182239] systemd[1]: acme-httpd-http.example.test.service: Consumed 180ms CPU time, received 15.6K IP traffic, sent 10.7K IP traffic. | |
webserver # [ 411.185765] systemd[1]: Starting httpd-config-reload.service... | |
webserver # [ 411.244609] httpd[6446]: Syntax OK | |
webserver # [ 411.285429] systemd[1]: Reloading Apache HTTPD... | |
webserver # [ 411.333144] systemd[1]: Reloaded Apache HTTPD. | |
webserver # [ 411.337277] systemd[1]: httpd-config-reload.service: Deactivated successfully. | |
webserver # [ 411.338582] systemd[1]: Finished httpd-config-reload.service. | |
webserver # [ 411.400448] nixos[6243]: finished switching to system configuration /nix/store/nb2vc26pdhpjrw4a1xln1fz06rxy92ay-nixos-system-webserver-23.05pre-git | |
(finished: must succeed: /tmp/specialisation/httpd-change-acme-conf/bin/switch-to-configuration test, in 15.31 seconds) | |
webserver: waiting for unit acme-finished-httpd-http.example.test.target | |
(finished: waiting for unit acme-finished-httpd-http.example.test.target, in 0.06 seconds) | |
webserver: waiting for unit httpd.service | |
(finished: waiting for unit httpd.service, in 0.06 seconds) | |
client: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key | |
client # depth=2 CN = Pebble Root CA 07ebd3 | |
client # verify return:1 | |
client # depth=1 CN = Pebble Intermediate CA 4d6099 | |
client # verify return:1 | |
client # depth=0 CN = httpd-http.example.test | |
client # verify return:1 | |
client # DONE | |
(finished: must succeed: openssl s_client -CAfile /tmp/ca.crt -servername httpd-http.example.test -connect httpd-http.example.test:443 < /dev/null | openssl x509 -noout -text | grep -i Public-Key, in 0.12 seconds) | |
Key type: Public-Key: (384 bit) | |
(finished: subtest: security.acme changes reflect on web server, in 25.96 seconds) | |
(finished: run the VM test script, in 412.46 seconds) | |
test script finished in 412.58s | |
cleanup | |
kill machine (pid 6) | |
acme # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10) | |
kill machine (pid 17) | |
client # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10) | |
kill machine (pid 27) | |
dnsserver # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10) | |
kill machine (pid 38) | |
webserver # qemu-kvm: terminating on signal 15 from pid 4 (/nix/store/abax98471z8fshv4b9p46bkh3lxmpy0z-python3-3.10.9/bin/python3.10) | |
(finished: cleanup, in 0.25 seconds) | |
kill vlan (pid 5) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment