summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
authorJulien Lepiller <julien@lepiller.eu>2017-04-30 11:17:02 +0200
committerJulien Lepiller <julien@lepiller.eu>2017-05-01 09:56:57 +0200
commit0f4740f4fadc83227de6ec73997ecf42ba7323e9 (patch)
treecb46652ccfd0155590a5aeb649a1c26355c1c516 /gnu
parent9416112ed29cf9403ea50ee8501f68b891b1691a (diff)
downloadguix-0f4740f4fadc83227de6ec73997ecf42ba7323e9.tar.gz
gnu: services: nginx: Test certificate presence.
* gnu/services/web.scm (default-nginx-server-config): Test certificate
presence when https is requested at configure time.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/services/web.scm14
1 files changed, 9 insertions, 5 deletions
diff --git a/gnu/services/web.scm b/gnu/services/web.scm
index b7b2f67f13..47036f42f3 100644
--- a/gnu/services/web.scm
+++ b/gnu/services/web.scm
@@ -2,7 +2,7 @@
 ;;; Copyright © 2015 David Thompson <davet@gnu.org>
 ;;; Copyright © 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
-;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
+;;; Copyright © 2016, 2017 Julien Lepiller <julien@lepiller.eu>
 ;;; Copyright © 2017 Christopher Baines <mail@cbaines.net>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -154,12 +154,16 @@ of index files."
                          (nginx-server-configuration-server-name server))
                         ";\n"
    (if (nginx-server-configuration-ssl-certificate server)
-       (string-append "      ssl_certificate "
-                      (nginx-server-configuration-ssl-certificate server) ";\n")
+       (let ((certificate (nginx-server-configuration-ssl-certificate server)))
+         ;; lstat fails when the certificate file does not exist: it aborts
+         ;; and lets the user fix their configuration.
+         (lstat certificate)
+         (string-append "      ssl_certificate " certificate ";\n"))
        "")
    (if (nginx-server-configuration-ssl-certificate-key server)
-       (string-append "      ssl_certificate_key "
-                      (nginx-server-configuration-ssl-certificate-key server) ";\n")
+       (let ((key (nginx-server-configuration-ssl-certificate-key server)))
+         (lstat certificate)
+         (string-append "      ssl_certificate_key " key ";\n"))
        "")
    "      root " (nginx-server-configuration-root server) ";\n"
    "      index " (config-index-strings (nginx-server-configuration-index server)) ";\n"