From 1b6b669b9b82d1f81b887a32055f19c53d3bb8bf Mon Sep 17 00:00:00 2001
From: DanConwayDev <DanConwayDev@protonmail.com>
Date: Sat, 10 Jan 2026 02:14:01 +0000
Subject: Add naughty list for git remotes with persistent SSL/DNS errors

Implement domain-level naughty list tracking for git remotes, reusing the
existing NaughtyListTracker from relay sync. This prevents repeated attempts
to fetch from git domains with persistent infrastructure issues (SSL/TLS
certificate errors, DNS failures).

Changes:
- Updated NaughtyListTracker to track both relay URLs and git domains
- Added git_naughty_list field to RealSyncContext for error classification
- Modified fetch_oids() to classify git fetch errors and record naughty domains
- Updated sync_identifier_next_url() to filter out naughty domains during URL selection
- Added git_naughty_list parameter to ThrottleManager for domain queue processing
- Threaded naughty list through start_sync_loop and all sync functions
- Updated all tests to pass naughty list parameter

The naughty list uses 12-hour expiration (configurable) to allow domains to
recover from infrastructure issues. First occurrence logs WARN, repeats log DEBUG.
---
 src/main.rs | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'src/main.rs')

diff --git a/src/main.rs b/src/main.rs
index 5e9e2d0..44545b5 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -12,7 +12,7 @@ use ngit_grasp::{
     metrics::Metrics,
     nostr,
     purgatory::{sync::RealSyncContext, sync::ThrottleManager, Purgatory},
-    sync::SyncManager,
+    sync::{naughty_list::NaughtyListTracker, SyncManager},
 };
 
 #[tokio::main]
@@ -132,23 +132,29 @@ async fn main() -> Result<()> {
         info!("Expired event cleanup task started (24h interval, keeps 7 days)");
 
         // Start purgatory sync loop for background git data fetching
+        // Create naughty list tracker for git remote domains with persistent errors (12h expiration)
+        let git_naughty_list = Arc::new(NaughtyListTracker::with_defaults());
+
         let sync_ctx = Arc::new(RealSyncContext::new(
             purgatory.clone(),
             relay_with_db.database.clone(),
             PathBuf::from(config.effective_git_data_path()),
             Some(config.domain.clone()),
             Some(relay_with_db.relay.clone()),
+            git_naughty_list.clone(),
         ));
 
         // Create throttle manager for rate limiting remote git servers
         // Default: 5 concurrent requests per domain, 30 requests per minute per domain
         let throttle_manager = Arc::new(ThrottleManager::new(5, 30));
         throttle_manager.set_context(sync_ctx.clone());
+        throttle_manager.set_git_naughty_list(git_naughty_list.clone());
 
         // Start the sync loop
-        let _sync_loop_handle = purgatory
-            .clone()
-            .start_sync_loop(sync_ctx, throttle_manager);
+        let _sync_loop_handle =
+            purgatory
+                .clone()
+                .start_sync_loop(sync_ctx, throttle_manager, git_naughty_list.clone());
         info!("Purgatory sync loop started (1s interval)");
 
         // Setup shutdown handler for purgatory cleanup
-- 
cgit v1.2.3