Rate Limiting¶

lacme.ratelimit ¶

Rate limit tracking for certificate issuance.

Provides store-backed awareness of Let's Encrypt rate limits (50 certificates per registered domain per week). Includes :class:RateLimitTracker for checking and recording issuance counts, with pluggable storage via the :class:RateLimitStore protocol.

FileRateLimitStore ¶

JSON-file-backed rate limit store.

Stores records in {base}/rate_limits.json. Uses atomic writes (tempfile + :func:os.replace) consistent with :mod:lacme.store. Prunes records older than 7 days on every write. Thread-safe.

IssuanceRecord `dataclass` ¶

A single certificate issuance event.

MemoryRateLimitStore ¶

In-memory rate limit store for testing. No filesystem access. Thread-safe.

RateLimitStatus `dataclass` ¶

Result of a rate limit check.

RateLimitStore ¶

Bases: Protocol

Abstract storage interface for rate limit records.

RateLimitTracker ¶

Check and record certificate issuance against rate limits.

Uses a :class:RateLimitStore to persist issuance records and optionally emits :class:~lacme.events.RateLimitWarning events when approaching the configured threshold.

check ¶

check(domains: list[str]) -> RateLimitStatus

Check if issuing for domains would exceed rate limits.

Emits :class:~lacme.events.RateLimitWarning events for domains approaching the threshold. Returns :class:RateLimitStatus with allowed=False if any domain would exceed the limit.

from_file_store `classmethod` ¶

from_file_store(file_store: FileStore, **kwargs: Any) -> RateLimitTracker

Create tracker using same base directory as file_store.

record ¶

record(domains: list[str]) -> None

Record an issuance for the given domains.