Make it possible to disable rate limits

2021-11-20 21:12:28 +01:00 · 2021-11-20 21:12:28 +01:00 · f22cd6c4e0
parent c99dbb34ce
commit f22cd6c4e0
2 changed files with 8 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -11,6 +11,7 @@
 - `ACME_EMAIL` (default: `noreply@example.email`): Set this to "true" to accept the Terms of Service of your ACME provider.
 - `ACME_EAB_KID` &  `ACME_EAB_HMAC` (default: don't use EAB): EAB credentials, for example for ZeroSSL.
 - `ACME_ACCEPT_TERMS` (default: use self-signed certificate): Set this to "true" to accept the Terms of Service of your ACME provider.
+- `ACME_USE_RATE_LIMITS` (default: true): Set this to false to disable rate limits, e.g. with ZeroSSL.
 - `ENABLE_HTTP_SERVER` (default: false): Set this to true to enable the HTTP-01 challenge and redirect all other HTTP requests to HTTPS. Currently only works with port 80.
 - `DNS_PROVIDER` (default: use self-signed certificate): Code of the ACME DNS provider for the main domain wildcard.  
  See https://go-acme.github.io/lego/dns/ for available values & additional environment variables.
--- a/certificates.go
+++ b/certificates.go
@ -278,12 +278,16 @@ func obtainCert(acmeClient *lego.Client, domains []string, renew *certificate.Re
 	var res *certificate.Resource
 	var err error
 	if renew != nil {
-		acmeClientRequestLimit.Take()
+		if os.Getenv("ACME_USE_RATE_LIMITS") != "false" {
+			acmeClientRequestLimit.Take()
+		}
 		log.Printf("Renewing certificate for %v", domains)
 		res, err = acmeClient.Certificate.Renew(*renew, true, false, "")
 	} else {
-		acmeClientOrderLimit.Take()
-		acmeClientRequestLimit.Take()
+		if os.Getenv("ACME_USE_RATE_LIMITS") != "false" {
+			acmeClientOrderLimit.Take()
+			acmeClientRequestLimit.Take()
+		}
 		log.Printf("Requesting new certificate for %v", domains)
 		res, err = acmeClient.Certificate.Obtain(certificate.ObtainRequest{
 			Domains:    domains,