amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

services: certbot: Fix nginx crash when certbot is used without domains.

Browse source 
* gnu/services/certbot.scm (certbot-nginx-server-configurations):
Don't return a broken nginx-server-configuration with empty server_name
when no certificate domains are configured. Instead add a separate
server for every certificate, so 0 certificates adds 0 servers.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Reviewed-by: Bruno Victal <mirai@makinata.eu>
This commit is contained in:
Saku Laesvuori 2023-04-04 23:43:46 +03:00 committed by Ludovic Courtès
parent c0921a394d
commit a82130de50
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 18 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

32
gnu/services/certbot.scm
View file

@ -173,20 +173,24 @@
(match-lambda (match-lambda
(($ <certbot-configuration> package webroot certificates email (($ <certbot-configuration> package webroot certificates email
server rsa-key-size default-location) server rsa-key-size default-location)
(list (define (certificate->nginx-server certificate-configuration)
(nginx-server-configuration (match-record certificate-configuration <certificate-configuration>
(listen '("80" "[::]:80")) (domains challenge)
(ssl-certificate #f) (nginx-server-configuration
(ssl-certificate-key #f) (listen '("80" "[::]:80"))
(server-name (ssl-certificate #f)
(apply append (map certificate-configuration-domains certificates))) (ssl-certificate-key #f)
(locations (server-name domains)
(filter identity (locations
(list (filter identity
(nginx-location-configuration (append
(uri "/.well-known") (if challenge
(body (list (list "root " webroot ";")))) '()
default-location)))))))) (list (nginx-location-configuration
(uri "/.well-known")
(body (list (list "root " webroot ";"))))))
(list default-location)))))))
(map certificate->nginx-server certificates))))
(define certbot-service-type (define certbot-service-type
(service-type (name 'certbot) (service-type (name 'certbot)