me/guix
Archived
1
0
Fork 0
Code Activity

services: certbot: Fix nginx crash when certbot is used without domains.

Browse source 
* gnu/services/certbot.scm (certbot-nginx-server-configurations):
Don't return a broken nginx-server-configuration with empty server_name
when no certificate domains are configured. Instead add a separate
server for every certificate, so 0 certificates adds 0 servers.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Reviewed-by: Bruno Victal <mirai@makinata.eu>
This commit is contained in:
Saku Laesvuori 2023-04-04 23:43:46 +03:00 committed by Ludovic Courtès
parent c0921a394d
commit a82130de50
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 18 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
gnu/services/certbot.scm
View file

@ -173,20 +173,24 @@
(match-lambda
(($ <certbot-configuration> package webroot certificates email
server rsa-key-size default-location)
(list
(nginx-server-configuration
(listen '("80" "[::]:80"))
(ssl-certificate #f)
(ssl-certificate-key #f)
(server-name
(apply append (map certificate-configuration-domains certificates)))
(locations
(filter identity
(list
(nginx-location-configuration
(uri "/.well-known")
(body (list (list "root " webroot ";"))))
default-location))))))))
(define (certificate->nginx-server certificate-configuration)
(match-record certificate-configuration <certificate-configuration>
(domains challenge)
(nginx-server-configuration
(listen '("80" "[::]:80"))
(ssl-certificate #f)
(ssl-certificate-key #f)
(server-name domains)
(locations
(filter identity
(append
(if challenge
'()
(list (nginx-location-configuration
(uri "/.well-known")
(body (list (list "root " webroot ";"))))))
(list default-location)))))))
(map certificate->nginx-server certificates))))
(define certbot-service-type
(service-type (name 'certbot)