diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2017-01-25 19:11:42 +0100 |
---|---|---|
committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-01-25 19:15:04 +0100 |
commit | 516760a6fb82ec856ca0eecc8fa637ebfd4852e9 (patch) | |
tree | 92e3fdb810653986162a9094df508ba6762541ba /nixos/modules/security/acme.nix | |
parent | 2a939c4b21bd408f6fc07e23b2b98d6b73b0dec1 (diff) | |
download | nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.gz nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.bz2 nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.lz nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.xz nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.tar.zst nixlib-516760a6fb82ec856ca0eecc8fa637ebfd4852e9.zip |
nixos/acme: add random delay to timer
This way we behave like good citizens and won't overload Let's Encrypt with lots of cert renewal requests at the same time.
Diffstat (limited to 'nixos/modules/security/acme.nix')
-rw-r--r-- | nixos/modules/security/acme.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 726e54711410..4e7c966a463a 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -284,6 +284,8 @@ in OnCalendar = cfg.renewInterval; Unit = "acme-${cert}.service"; Persistent = "yes"; + AccuracySec = "5m"; + RandomizedDelaySec = "1h"; }; }) ); |