[09:43] <juliank> @pilot in
[09:43] <juliank> (oh I forgot)
[14:26] <adrien> I'm disabling TLS 1.0 and 1.1 by default in rabbitmq and I can drop a file in /etc/rabbitmq-server/conf.d ; 20-tls.conf is common but if I use that, it's probably going to conflict with configuration by users; I can also use 25-tls.conf probably because the goal is to overwrite existing configurations but in the even someone wants TLS 1.0/1.1, it might be difficult to guess there is a new file; I can
[14:26] <adrien> also use something lower than 20-tls.conf which would change effective defaults but wouldn't help migrate old configurations which e.g. enable 1.1 and 1.2 (because 10 years ago that made sense)
[14:27] <adrien> there is already documentation on TLS 1.0 and 1.1 being disabled so it can be expanded as the package coverage is expanded
[14:51] <adrien> OTOH this file shouldn't change often so conflicts should be minimal
[14:53] <schopin> adrien: is there a question in there somewhere? :P
[15:13] <adrien> schopin: the implicit question: "help me solve my existential dread" :P
[15:15] <adrien> regarding the best place to put that change in, I now believe it's 20-tls.conf since it should conflict once which is good to raise awareness and that file shouldn't be modified again any time soon so it won't be a bother for users who upgrade
[15:15] <schopin> adrien: I'd use the common file. If there's a conflict then the user will see it at upgrade time.
[15:15] <schopin> (or it will just be ignored, depending on defaults)
[15:15] <adrien> (that we can't do much)
[15:16] <adrien> but I think I need to improve the comment in the file and have something standard that can be used for every software
[15:17] <adrien> I'm going to author my shortest specification so far
[15:31] <rbasak> Is it possible to have the config file not specify anything at all, and fall back to a system default that we maintain?
[15:43] <rbasak> Or is that exactly what you're trying to do? :)
[15:51] <adrien> at the moment the file isn't installed by the package and the goal is to change the default
[16:08] <rbasak> Could the default of the binary itself be changed instead of using the config file mechanism?
[16:08] <rbasak> Leaving the config file mechanism for users
[16:13] <adrien> I think it's a possibility; I haven't explored it so far but it should be possible (I didn't try to do the change in the erlang package because rabbitmq is the only erlang package in main)
[16:13] <adrien> I'll have a look next week
[16:16] <Trevinho> sergiodj: I've prepared a fixed gdm, should be uploaded soon
[16:16] <sergiodj> Trevinho: thanks!