@eyedeekay
&zzz
+ContestI2PTeam
+R4SAS
+RN
+RN_
+T3s|4
+acetone
+dr|z3d
+eche|off
+hagen
+hk
+mareki2p
+orignal
+postman
+qend-irc2p
+snex
+weko
+wodencafe
Arch
BubbRubb
Danny
DeltaOreo
FreefallHeavens
HowardPlayzOfAdmin
Irc2PGuest16378
Irc2PGuest17402
Irc2PGuest56601
Irc2PGuest65194
Irc2PGuest89334
Leopold
Onn4l7h
Onn4|7h
SigSegv
Sisyphus
Sleepy
SlippyJoe
T3s|4_
Teeed
Yotsu
ardu
b3t4f4c3___
cumlord
death
dr4wd3_
eyedeekay_bnc
f00b4r
idontpee
nnm
not_bob_afk
ohThuku1
onon_
poriori_
profetikla
r00tobo_BNC
rapidash
rascal
shiver_
solidx66
thetia
u5657
uop23ip
w8rabbit
wew
x74a6
eyedeekay
i2pgit.org cert update, Let's Encrypt says `2025-07-08 19:37:33 UTC` is when they'll let me request a new certificate
dr|z3d
not using certbot, eyedeekay? there's a plugin for nginx that works pretty well.
dr|z3d
> python3-certbot-nginx - Nginx plugin for Certbot
eyedeekay
certbot is what broke it, requested a cert, tried to update the keys, tried again 4 more times, by the time I see it, it's hit the ratelimit
dr|z3d
are you running the plugin, though?
dr|z3d
sounds like you're/were doing it manually?
eyedeekay
yes
eyedeekay
No this happened automatically
dr|z3d
have you got a ton of certs you're requesting concurrently?
eyedeekay
no, it refused to overwrite some keys from the old server, which it interpreted(correctly) as failing to update the keys locally, but it had already requested the keys from LE and LE had counted the request
eyedeekay
So when it tried again, it failed again, and LE counted again
eyedeekay
But LE actually did issue the certs, so of course they're rate limiting this doofus<- with the misconfigured certbot
dr|z3d
ah, maybe the differing ips caused the issue, then, and it wanted some manual intervention to place a file on the server it could read?
dr|z3d
sounds like it should be a transient issue, anyways, given you're not going to be switching ips again?
eyedeekay
In the log it's actually:
eyedeekay
An unexpected error occurred:
eyedeekay
FileExistsError: [Errno 17] File exists:
eyedeekay
followed by the path to an existing ECDSA key
eyedeekay
Which it didn't know was there and didn't want to overwrite
dr|z3d
odd
eyedeekay
Not really, it wasn't in the nginx config where certbot looks for it, and I understand why it wouldn't want to overwrite keys it was unaware of
dr|z3d
ok, well, hopefully you're able to fix it and have the process automated from hereon in. saves the hassle of having to remember to update.
eyedeekay
Shouldn't be a problem again after this, the mismatch between the cert dir with the backed-up keys from the old server and the new nginx config that didn't know about them will be resolved
eyedeekay
It might be good to have the i2pgit.org and git.i2p.net certs update at different intervals too but I'm sure that would eventually explode
dr|z3d
if anyone has the magic touch for spontaneous digital explosions, it's you :)
eyedeekay
Wile E. Coyote is indeed my spirit animal
eyedeekay
ACME joke
dr|z3d
:)