services: certbot: Fix nginx crash when certbot is used without domains.

* gnu/services/certbot.scm (certbot-nginx-server-configurations): Don't return a broken nginx-server-configuration with empty server_name when no certificate domains are configured. Instead add a separate server for every certificate, so 0 certificates adds 0 servers. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reviewed-by: Bruno Victal <mirai@makinata.eu>
2025-10-02 02:15:12 +00:00 · 2023-04-04 23:43:46 +03:00 · 2023-04-04 23:43:46 +03:00 · a82130de50
commit a82130de50
parent c0921a394d
1 changed files with 18 additions and 14 deletions
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@ -173,20 +173,24 @@
  (match-lambda
    (($ <certbot-configuration> package webroot certificates email
                                server rsa-key-size default-location)
-     (list
+     (define (certificate->nginx-server certificate-configuration)
       (match-record certificate-configuration <certificate-configuration> 
         (domains challenge)
         (nginx-server-configuration
          (listen '("80" "[::]:80"))
          (ssl-certificate #f)
          (ssl-certificate-key #f)
-       (server-name
+          (server-name domains)
        (apply append (map certificate-configuration-domains certificates)))
          (locations
           (filter identity
-                (list
+                   (append
-                 (nginx-location-configuration
+                    (if challenge
                      '()
                      (list (nginx-location-configuration
                             (uri "/.well-known")
-                  (body (list (list "root " webroot ";"))))
+                             (body (list (list "root " webroot ";"))))))
-                 default-location))))))))
+                    (list default-location)))))))
     (map certificate->nginx-server certificates))))
 (define certbot-service-type
  (service-type (name 'certbot)