Skip to content

feat(ssl): add inter-site jitter and clear rate-limit messaging to ssl-renew#499

Open
mrrobot47 wants to merge 1 commit into
EasyEngine:developfrom
mrrobot47:fix/ssl-renew-rate-limit
Open

feat(ssl): add inter-site jitter and clear rate-limit messaging to ssl-renew#499
mrrobot47 wants to merge 1 commit into
EasyEngine:developfrom
mrrobot47:fix/ssl-renew-rate-limit

Conversation

@mrrobot47

Copy link
Copy Markdown
Member

Problem

ssl-renew --all fires per-site ACME operations back-to-back with no spacing, and on a Let's Encrypt rate limit authorize() shows a misleading "you're in a local environment or using a non-public domain" message instead of saying it's a rate limit.

Fix

  • Inter-site jitter: a short sleep( random_int( 1, 5 ) ) between per-site dispatches in the --all loop (none before the first or after the last; skipped sites don't count), to avoid bursting against Let's Encrypt's new-order/burst limits.
  • Clear rate-limit messaging: a helper detects the rate-limit case — authoritatively via RateLimitedServerException, plus ratelimited/too many message fallbacks — and, in authorize() and both executeRenewal() catches, emits a specific "Let's Encrypt rate limit reached, wait before retrying" message (with the rate-limits docs link) instead of the misleading default.

ssl-renew --all already fails soft per site (a rate-limited site returns false and the batch continues); this makes the spacing gentler and the failure legible.

Out of scope (follow-ups)

A fully failure-resilient --all with automatic backoff-and-retry, and removing the dead if ( $all ) branch in ssl_renew(), are larger changes left for later.

Note for merge

This edits executeRenewal()'s catch blocks, which #486 also edits — whichever merges second will need a small rebase to reconcile.

Testing

Manual: ssl-renew --all across several sites spaces requests by 1–5s; a rate-limited renewal reports a clear rate-limit message + docs link rather than the "local environment" warning.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants