iggy

@iggy@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Cloudflare LE certificate management?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I’m not familiar enough with cloudflare proxy stuff. I just have my DNS pointed at my router external IP (and luckily my ISP doesn’t reset my IP ever.) It sounds like CF has designed this intentionally as a profit center. Sorry couldn’t be no6w help
⁨Comment⁩ on ⁨Cloudflare LE certificate management?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
This isn’t a cloudflare limitation. It’s a TLS limitation. It was a conscious decision not to support multi-level wildcards. You won’t find a service that supports it. Most people get around this by just not using TLS certs like this. You can encode your multi-level name spacing in 1 level So instead of something like svc1.svcgroup.dev.domain.org You can do it like svcgroup-svc1.dev.domain.org

Never heard of a tool to get around this TLS limitation. There are tools that manage lots of certs (cert-manager in k8s comes to mind). If you had a more concrete example it might help people to suggest solutions.
⁨Comment⁩ on ⁨ARM SBC Replacement for my k3s cluster⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
The only Radxa I’d bother with is the Rock 5 and for the price, I’d probably just go with rpi5 (unless you like to tinker… a lot). That’s coming from someone that owns 3 Rock5’s. The new Orion board looks interesting, but if it’s like any other Radxa products it’ll be 2+ years before it gets decent software support.