diff options
author | Lucas Savva <lucas@m1cr0man.com> | 2021-11-28 22:48:43 +0000 |
---|---|---|
committer | github-actions[bot] <github-actions[bot]@users.noreply.github.com> | 2021-11-29 11:02:56 +0000 |
commit | 045ce94e55b0bc25d8352d4b243ca5c6e56d9931 (patch) | |
tree | 3e1baa97dad3de7201b010459c6058580041ed52 | |
parent | 877bc00322c7202fe96621cdb1a83b32f09b2f1a (diff) |
nixos/acme: Fix rate limiting of selfsigned services
Closes NixOS/nixpkgs#147348 I was able to reproduce this intermittently in the test suite during the tests for HTTPd. Adding StartLimitIntervalSec=0 to disable rate limiting for these services works fine. I added it anywhere there was a ConditionPathExists. (cherry picked from commit be952aba1cff795f61f1608cb265b829c57fcb8e)
-rw-r--r-- | nixos/modules/security/acme.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 88c5774d187c8..2815e2593b23f 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -77,6 +77,7 @@ let unitConfig = { ConditionPathExists = "!/var/lib/acme/.minica/key.pem"; + StartLimitIntervalSec = 0; }; serviceConfig = commonServiceConfig // { @@ -235,6 +236,7 @@ let unitConfig = { ConditionPathExists = "!/var/lib/acme/${cert}/key.pem"; + StartLimitIntervalSec = 0; }; serviceConfig = commonServiceConfig // { |