IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#i2p-dev
/2025/07/08
@eyedeekay
&zzz
+ContestI2PTeam
+R4SAS
+RN
+RN_
+T3s|4
+acetone
+dr|z3d
+eche|off
+hagen
+hk
+mareki2p
+orignal
+postman
+qend-irc2p
+snex
+weko
+wodencafe
Arch
BubbRubb
Danny
DeltaOreo
FreefallHeavens
HowardPlayzOfAdmin
Irc2PGuest16378
Irc2PGuest17402
Irc2PGuest56601
Irc2PGuest65194
Irc2PGuest89334
Leopold
Onn4l7h
Onn4|7h
SigSegv
Sisyphus
Sleepy
SlippyJoe
T3s|4_
Teeed
Yotsu
ardu
b3t4f4c3___
cumlord
death
dr4wd3_
eyedeekay_bnc
f00b4r
idontpee
nnm
not_bob_afk
ohThuku1
onon_
poriori_
profetikla
r00tobo_BNC
rapidash
rascal
shiver_
solidx66
thetia
u5657
uop23ip
w8rabbit
wew
x74a6
eyedeekay i2pgit.org cert update, Let's Encrypt says `2025-07-08 19:37:33 UTC` is when they'll let me request a new certificate
dr|z3d not using certbot, eyedeekay? there's a plugin for nginx that works pretty well.
dr|z3d > python3-certbot-nginx - Nginx plugin for Certbot
eyedeekay certbot is what broke it, requested a cert, tried to update the keys, tried again 4 more times, by the time I see it, it's hit the ratelimit
dr|z3d are you running the plugin, though?
dr|z3d sounds like you're/were doing it manually?
eyedeekay No this happened automatically
dr|z3d have you got a ton of certs you're requesting concurrently?
eyedeekay no, it refused to overwrite some keys from the old server, which it interpreted(correctly) as failing to update the keys locally, but it had already requested the keys from LE and LE had counted the request
eyedeekay So when it tried again, it failed again, and LE counted again
eyedeekay But LE actually did issue the certs, so of course they're rate limiting this doofus<- with the misconfigured certbot
dr|z3d ah, maybe the differing ips caused the issue, then, and it wanted some manual intervention to place a file on the server it could read?
dr|z3d sounds like it should be a transient issue, anyways, given you're not going to be switching ips again?
eyedeekay In the log it's actually:
eyedeekay An unexpected error occurred:
eyedeekay FileExistsError: [Errno 17] File exists:
eyedeekay followed by the path to an existing ECDSA key
eyedeekay Which it didn't know was there and didn't want to overwrite
eyedeekay Not really, it wasn't in the nginx config where certbot looks for it, and I understand why it wouldn't want to overwrite keys it was unaware of
dr|z3d ok, well, hopefully you're able to fix it and have the process automated from hereon in. saves the hassle of having to remember to update.
eyedeekay Shouldn't be a problem again after this, the mismatch between the cert dir with the backed-up keys from the old server and the new nginx config that didn't know about them will be resolved
eyedeekay It might be good to have the i2pgit.org and git.i2p.net certs update at different intervals too but I'm sure that would eventually explode
dr|z3d if anyone has the magic touch for spontaneous digital explosions, it's you :)
eyedeekay Wile E. Coyote is indeed my spirit animal
eyedeekay ACME joke