diff options
Diffstat (limited to 'nixos/modules/security/acme/default.nix')
-rw-r--r-- | nixos/modules/security/acme/default.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/nixos/modules/security/acme/default.nix b/nixos/modules/security/acme/default.nix index 932bf3e79115..7cc302969fb6 100644 --- a/nixos/modules/security/acme/default.nix +++ b/nixos/modules/security/acme/default.nix @@ -345,6 +345,10 @@ let serviceConfig = commonServiceConfig // { Group = data.group; + # Let's Encrypt Failed Validation Limit allows 5 retries per hour, per account, hostname and hour. + # This avoids eating them all up if something is misconfigured upon the first try. + RestartSec = 15 * 60; + # Keep in mind that these directories will be deleted if the user runs # systemctl clean --what=state # acme/.lego/${cert} is listed for this reason. |