#i2p-dev (irc2p) | 2.10.0-4 | See important notes on zzz.i2p before updating | New beta site please review http://g5hrmnatotkavda5nnalr74ecvu44vigutrcb7h3qbrmsfdmoora.b32.i2p/

#i2p-dev

/2025/07/08

Online: 65

@eyedeekay

&eche|on

&zzz

+R4SAS

+RN

+RN_

+StormyCloud

+acetone

+cumlord

+dr|z3d

+eche|off

+hagen

+mareki2p

+orignal

+postman

+qend-irc2p

+snex

Arch

Birdy

Daddy_

Danny

FreefallHeavens

Irc2PGuest13449

Irc2PGuest20240

Irc2PGuest4863

Irc2PGuest57061

Irc2PGuest77260

Onn4l7h

Onn4|7h

Over1

Sisyphus

Sleepy

Stormycloud_

Teeed

aargh2

anontor

b3t4f4c3__

dr4wd3

duanin2

duck

gellegery

makoto

n1_

nilbog

noidea

not_bob_afk2

onon_

poriori_

profetikla

r00tobo_BNC

rapidash

shiver_

solidx66

thetia

u5657

uop23ip

urist

user1

user4

vivid_reader56

w8rabbit

wodencafe2

x74a6

zelgomer

zyx

eyedeekay i2pgit.org cert update, Let's Encrypt says `2025-07-08 19:37:33 UTC` is when they'll let me request a new certificate

dr|z3d not using certbot, eyedeekay? there's a plugin for nginx that works pretty well.

dr|z3d > python3-certbot-nginx - Nginx plugin for Certbot

eyedeekay certbot is what broke it, requested a cert, tried to update the keys, tried again 4 more times, by the time I see it, it's hit the ratelimit

dr|z3d are you running the plugin, though?

dr|z3d sounds like you're/were doing it manually?

eyedeekay yes

eyedeekay No this happened automatically

dr|z3d have you got a ton of certs you're requesting concurrently?

eyedeekay no, it refused to overwrite some keys from the old server, which it interpreted(correctly) as failing to update the keys locally, but it had already requested the keys from LE and LE had counted the request

eyedeekay So when it tried again, it failed again, and LE counted again

eyedeekay But LE actually did issue the certs, so of course they're rate limiting this doofus<- with the misconfigured certbot

dr|z3d ah, maybe the differing ips caused the issue, then, and it wanted some manual intervention to place a file on the server it could read?

dr|z3d sounds like it should be a transient issue, anyways, given you're not going to be switching ips again?

eyedeekay In the log it's actually:

eyedeekay An unexpected error occurred:

eyedeekay FileExistsError: [Errno 17] File exists:

eyedeekay followed by the path to an existing ECDSA key

eyedeekay Which it didn't know was there and didn't want to overwrite

dr|z3d odd

eyedeekay Not really, it wasn't in the nginx config where certbot looks for it, and I understand why it wouldn't want to overwrite keys it was unaware of

dr|z3d ok, well, hopefully you're able to fix it and have the process automated from hereon in. saves the hassle of having to remember to update.

eyedeekay Shouldn't be a problem again after this, the mismatch between the cert dir with the backed-up keys from the old server and the new nginx config that didn't know about them will be resolved

eyedeekay It might be good to have the i2pgit.org and git.i2p.net certs update at different intervals too but I'm sure that would eventually explode

dr|z3d if anyone has the magic touch for spontaneous digital explosions, it's you :)

eyedeekay Wile E. Coyote is indeed my spirit animal

eyedeekay ACME joke

dr|z3d :)