nixos/acme: do not eat Let's Encrypt's request limits if misconfigured on first try (#266155)
This commit is contained in:
parent
f7ac3fbf4e
commit
b1c25de57b
1 changed files with 4 additions and 0 deletions
|
@ -345,6 +345,10 @@ let
|
|||
serviceConfig = commonServiceConfig // {
|
||||
Group = data.group;
|
||||
|
||||
# Let's Encrypt Failed Validation Limit allows 5 retries per hour, per account, hostname and hour.
|
||||
# This avoids eating them all up if something is misconfigured upon the first try.
|
||||
RestartSec = 15 * 60;
|
||||
|
||||
# Keep in mind that these directories will be deleted if the user runs
|
||||
# systemctl clean --what=state
|
||||
# acme/.lego/${cert} is listed for this reason.
|
||||
|
|
Loading…
Reference in a new issue