[10:02] <icey> hey jamespage - was there any update on that pip in proposed issue? I can't find the bug at the moment and was hoping to find what progress was made on that
[13:19] <jamespage> I've not been tracking it tbh
[13:20] <jamespage> I'd assume its wedged in proposed still
[14:35] <maret> Hi what is the recommended way to mount a folder on startup ? I am mount a folder for sftp but everytime I restart the server I have to run mount command again
[14:41] <sdeziel> maret: (if you come back) /etc/fstab is where I'd put it
[15:59] <spat> Can some tell me what happened to the php-mail-mimedecode package?
[16:16] <oerheks> spat, latest version was for 16.04 https://launchpad.net/ubuntu/xenial/amd64/php-mail-mimedecode
[16:16] <oerheks> not sure why it is removed, unmaintained perhaps?
[16:17] <ginggs_> not compatible with PHP 7.0
[16:20] <spat> oerheks: Just found out that a lot of former php extensions moved to PECL
[18:52] <maret> Hi what is the recommended way to mount a folder on startup ? I am mount a folder for sftp but everytime I restart the server I have to run mount command again
[18:53] <sdeziel> maret:  /etc/fstab is where I'd put it
[18:53] <maret> Thank you , I will take a look at it
[18:55] <Ussat> be REALLY carefull editing that
[18:55] <Ussat> you can easilly render your system ubnnbootable
[18:55] <Ussat> unbootable
[18:59] <maret> uff ok
[19:35] <xibalba> i have a bind9 box in aws, it's set to listen in on any v4/v6 socket. i notice at reboot the v6 socket no longer works. i suspect the v6 stack isn't up yet when the service starts. whats the best way to delay the service for ~30 seconds or 1 minute? it's a systemd service
[19:38] <tomreyn> https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
[19:38] <tomreyn> explains how to make the service start only after the network is fully up
[19:38] <tomreyn> i'm not sure which target unit bind defaults to, though, maybe it's already network-online
[19:39] <xibalba> thank you
[19:40] <xibalba> I see the following under bind9.service. After=network.target \n
[19:40] <xibalba> Wants=nss-lookup.target
[19:40] <xibalba>  \n Before=nss-lookup.target
[19:40] <xibalba> sorry tried to put that on one line. I'm looking at a timer option too
[19:43] <tomreyn> so make it After=network-online.target
[19:44] <tomreyn> this could impact other services which depend on bind as a local resolver, though, if they start earlier (but the same applies to a fixed time delay)
[19:44] <tomreyn> https://stackoverflow.com/questions/43001223/how-to-ensure-that-there-is-a-delay-before-a-service-is-started-in-systemd/44737570
[19:44] <tomreyn> this is not really the systemd-ish way, but it's possible
[19:45] <xibalba> yeh i saw those options earlier, i like this option of After=network-online.target, i'm reading up on it now. thanks
[19:48] <sdeziel> xibalba: it's a terrible hack but "ExecStartPre=/bin/sleep 30" should artificially delay the actual ExecStart=
[19:49] <sdeziel> oh, I just repeated the stackoverflow answer ...
[19:49] <tomreyn> you phrased it better, though.
[19:50] <xibalba> thank you both, the execStartPre works, but i'm going to try the timer option too. With After=network.target, Bind still came up bound only to v4 not v6.
[19:53] <sdeziel> xibalba: I vaguely recall that bind9 re-scans the network devices once in a while to discover new ones. Have you tried waiting a little post-boot? It might self fix
[19:54] <xibalba> hmm no i didn't wait, i'll look into that
[20:00] <sdeziel> xibalba: automatic-interface-scan is the name of the parameter that defaults to yes
[20:01] <tomreyn> should have been "After=network-online.target"
[20:35] <MIF> what is the best way to cat only some lines in a file? but not the rest
[20:36] <MIF> I have a config file for something and I need to grab the urls but it also has the path to the certs and I can't use that so I just need the url's
[20:44] <mybalzitch> pipe it through to grep?
[20:46] <rfm> MIF, depends on the format of the config file.  if there's a keyword tag on the lines you want, grep can work.  if you know the line numbers, sed -n  with p commands might work.  if it's json, jq might be what you need.
[20:46] <MIF> I got it 101 greps
[20:47] <MIF>  cat acme-client.conf | grep -v "/etc/ssl/" | grep -v "sign with letsencrypt" | grep -v "}" > names.txt
[21:24] <Mipsalawishus> Does anyone have experience with Dovecot+LetsEncrypt?
[21:27] <sdeziel> yes, why?
[21:27] <Mipsalawishus> I'm troubleshooting an issue on a fresh install with SSL certificates
[21:28] <Mipsalawishus> I get the following error in mail.log:  mail dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load SSL certificate: There is no valid PEM certificate.
[21:29] <Mipsalawishus> I went through step by step on a tutorial and verified the proper path to my .pem files from letsencrypt
[21:34] <sdeziel> can you pastebin the .pem in question?
[21:39] <Mipsalawishus> I'm not sure if the .pem files are the issue. I'm thinking it's something to do with the 10-ssl.conf
[21:46] <sdeziel> Mipsalawishus: you need to set ssl_cert = /path/to/the/fullchain.pem
[21:46] <sdeziel> and ssl_key = /path/to/the/privkey.pem
[21:48] <Mipsalawishus> sdeziel, yes - I've pointed it to the correct path and even did "certbot renew --force-renewal" to make sure the .pem files aren't corrupt
[21:51] <sdeziel> Mipsalawishus: sorry, you need  ssl_cert = </path/to/the/fullchain.pem
[21:52] <sdeziel> there is this weird "<" char that is important
[21:52] <sdeziel> same for ssl_key
[21:53] <Mipsalawishus> Yes, I made sure it's there too
[21:55] <Mipsalawishus> Should "ssl_client_ca_dir = /etc/ssl/certs
[21:55] <Mipsalawishus> " point to my letsencrypt dir instead?
[22:04] <Mipsalawishus> sdeziel, this is the tutorial I followed: https://www.rosehosting.com/blog/how-to-install-a-mail-server-with-postfixadmin-on-ubuntu-20-04/#Step-6-Install-Dovecot
[22:05] <Mipsalawishus> I'm finding that there's some important details that were skipped in the tutorial
[22:05] <Mipsalawishus> Lol