k-space/kube
12
1
Fork 3
Code Issues 62 Pull Requests 1 Wiki Activity

Possible TLS regression #99

New Issue
Closed
opened 2025-06-04 11:56:32 +00:00 by rasmus · 2 comments
rasmus commented 2025-06-04 11:56:32 +00:00
Owner
Copy Link

Your certificate (or certificates) for the names listed below will expire in 19 days (on 2025-06-17).
git.k-space.ee
*.minio-clusters.k-space.ee
longhorn.k-space.ee
playground-lauri.k-space.ee

Smells not OK, possibly regression of #36: e632b90d2b, a280a19772

> Your certificate (or certificates) for the names listed below will expire in 19 days (on 2025-06-17). > git.k-space.ee > *.minio-clusters.k-space.ee > longhorn.k-space.ee > playground-lauri.k-space.ee Smells not OK, possibly regression of https://git.k-space.ee/k-space/kube/issues/36: https://git.k-space.ee/k-space/kube/commit/e632b90d2b499aaf4ee67072525ed50caf7329bd, https://git.k-space.ee/k-space/kube/commit/a280a19772eefb90a402baa7ebd170d536a81365
rasmus added the
upkeep
 label 2025-06-04 11:56:32 +00:00
rasmus commented 2025-06-18 17:52:41 +00:00
Author
Owner
Copy Link

Unsure if touching cert-manager and related resources did anything. Found out that gitea doesn't run through treafik at all. Debugging lead to 'everything works, but traefik isn't exchanging certs' (including for others, on wildcard-tls, which does run through traefik). End result was to restart gitea to pick up the new cert. Gitea pod was 1w old, so question for the past remains, why cert wasn't renewed.

longhorn.k-space.ee should be normal, and configured under wildcard-tls, but may be actually deprecated, otherwise there'd be a notification for *.k-space.ee instead.

Unsure if touching cert-manager and related resources did anything. Found out that gitea doesn't run through treafik at all. Debugging lead to 'everything works, but traefik isn't exchanging certs' (including for others, on wildcard-tls, which does run through traefik). End result was to restart gitea to pick up the new cert. Gitea pod was 1w old, so question for the past remains, why cert wasn't renewed. longhorn.k-space.ee should be normal, and configured under wildcard-tls, but may be actually deprecated, otherwise there'd be a notification for `*.k-space.ee` instead.
rasmus commented 2025-06-18 17:54:58 +00:00
Author
Owner
Copy Link

AFAIK minio-clusters dashboard is to-be-axed, not bothering with it. As there isn't much action to be done here (besides integrating gitea under traefik, or restarting the statefulset on renewal). Expecting the issue to pop up again, or not… logs leave desires.

AFAIK minio-clusters dashboard is to-be-axed, not bothering with it. As there isn't much action to be done here (besides integrating gitea under traefik, or restarting the statefulset on renewal). Expecting the issue to pop up again, or not… logs leave desires.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
new app
shiny
disposal
Liability in safety, usability, space, or upkeep. It doesn't provide enough meaningful historical value (museum) nor personal interest.
enchancement
Improving the existing
greenlit
The stars have aligned: Orders have arrived, plan has been laid, only hands are needed. Just do it!
upkeep
Subjects of maintenance
No Label
upkeep
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
akpall arti artur dos4dev eaas erki kkuusk lauri madis plaes rasmus sander savva
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: k-space/kube#99
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?