• 0 Posts
  • 219 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle




  • Yes, that’s one option. Then you only have to distribute the certificates and keys.

    Or you allow remote access to that DNS server (Bind has a secure protocol for this), do the challenge requests and cert generation on some other machine. Depends on what is more convenient for you (the latter is better if you have lots of machines/certs).

    Worst case if someone compromises that DNS server they can only generate certificates but not change your actual valuable records because these are not delegated there.


  • Life isn’t a zero sum game where you have to optimize material wealth. Some people do things for others just because they like doing it, because they have the means to do so, or because they simply want to help others.

    Sure, there are costs involved, but that’s true for literally everything if you account for opportunity cost. The vast majority of people choose to waste time completely unproductively, with no objective benefits to their lives (often with objective disadvantages), so is it hard to imagine that some people aren’t like that and instead choose to help/provide for others whole perhaps having some other non-material benefits like learning something or just becoming liked within a community?


  • What you can (and absolutely should) do is DNS delegation. On your main domain you delegate the _acme-challenge. subdomains with NS records to your DNS server that will do cert generation (and cert generation only). You probably want to run Bind there (since it has decent and fast remote access for changing records and other existing solutions). You can still split it with separate keys into different zones (I would suggest one key per certificate, and splitting certificates by where/how they will be used).

    You don’t even need to allow remote access beyond the DNS responses if you don’t want to, and that server doesn’t have anything to do with anything else in your infrastructure.











  • If you ask a user to show you a “core dump” they’re more likely to shit on their floor and send you a photo than do what you actually mean.

    Telemetry is absolutely crucial in determining what to focus on in development, to fix issues the users might not even realize exist. Especially for projects that aim at the general public. As long as it’s communicated clearly, used truly only for development purposes and an opt-out is available there’s nothing wrong about it.