Matt Holt

icon indicating a website link https://matt.life

icon location M.S. Computer Science. Author of the Caddy Web Server, CertMagic, Papa Parse, JSON/curl-to-Go, Timelinize, and other random stuff...

Results 1518 comments of Matt Holt

Do calls to storage Load need to be Lock protected?

That would be a great help, thank you! :raised_hands:

Do calls to storage Load need to be Lock protected?

@elee1766 We can close this right? Now that we have #300 merged

TLS does not work on NATed IPv4 literal

What's in the Caddy logs though? (Enable debug mode just in case.) That should reveal the reason.

Use posix file advisory locks on supported platforms

This could be a good idea. As mentioned in Slack, I don't know much about them, so I'm not sure I'd be the right person to implement or review this...

Allow Certmagic to generate 'next' private key to allow safe TLSA/DANE deployment and rollover

Thanks for the thoughtful feature request! I have mixed feelings about the effectivness of DNNSEC (and by extension, DANE) -- are you using this to secure SMTP servers? DNSSEC might...

Allow Certmagic to generate 'next' private key to allow safe TLSA/DANE deployment and rollover

Yeah, there's a `Load()` as well. Interesting, I had no idea governments would require it. But I guess it makes sense, given that [DNSSEC is basically government-controlled PKI](https://sockpuppet.org/blog/2015/01/15/against-dnssec/). I think...

Allow Certmagic to generate 'next' private key to allow safe TLSA/DANE deployment and rollover

One thing I am in favor of is not reusing private keys, so any scaffolding moving us away from key pinning is a win IMO. If what came of this...

Make restic work without permission to delete files on GCS

What if it was a specific exit code? It could be useful to know that there's a stale lock in the repo...