search

go-acme / lego

Let's Encrypt/ACME client and library written in Go
https://go-acme.github.io/lego/
MIT License
7.46k stars 986 forks source link

constellix: handle rate limiting #2064

Closed jsnjack closed 5 months ago

jsnjack commented 7 months ago

Hi,

Constellix has quite strict limits on REST API requests. When retrieving certificates for multiple domains (14 in my case) the following error happens:

[  3m5.995s] 2023/11/30 09:20:56 [INFO] [domain.io] acme: Cleaning DNS-01 challenge
[   3m6.43s] 2023/11/30 09:20:56 [WARN] [domain.io] acme: cleaning up failed: constellix: failed to get domain (domain.io.): 429: Rate limit exceeded

Proposed fix retries the rate limited request in 5 seconds (constellix uses sliding window to track the number of requests).

Constellix provides special headers to keep track of remaining requests, however the proposed fix is simpler and works well :)

ldez commented 7 months ago

Hello,

are you an employee of Constellix?

jsnjack commented 7 months ago

I'm not, just use their service

ldez commented 5 months ago

Hello @jsnjack,

I'm not sure about this naive implementation, so I created an implementation based on the rate limit headers.

Can you try it? #2085

Note: Your PR comes from a GitHub Organization, it's a problem to edit your PR and for automation that modifies or updates PR.

jsnjack commented 5 months ago

Many thanks for looking into it! I'll test it today-tomorrow.

Note: Your PR comes from a GitHub Organization, it's a problem to edit your PR and for automation that modifies or updates PR.

Didn't know about these limitations. Is there some sort of extra permissions on the repository i could set?

ldez commented 5 months ago

It's a constraint related to GitHub Organization, there is not real solution. You can add some people to your org but it's not a viable solution.

jsnjack commented 5 months ago

just finished testing, works perfect! :+1: