From a82130de50d2c84d77492d9aa43e4b7f4b06b4b2 Mon Sep 17 00:00:00 2001 From: Saku Laesvuori Date: Tue, 4 Apr 2023 23:43:46 +0300 Subject: services: certbot: Fix nginx crash when certbot is used without domains. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/certbot.scm (certbot-nginx-server-configurations): Don't return a broken nginx-server-configuration with empty server_name when no certificate domains are configured. Instead add a separate server for every certificate, so 0 certificates adds 0 servers. Signed-off-by: Ludovic Courtès Reviewed-by: Bruno Victal --- gnu/services/certbot.scm | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 8e6784df2b..0c45471659 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -173,20 +173,24 @@ (match-lambda (($ package webroot certificates email server rsa-key-size default-location) - (list - (nginx-server-configuration - (listen '("80" "[::]:80")) - (ssl-certificate #f) - (ssl-certificate-key #f) - (server-name - (apply append (map certificate-configuration-domains certificates))) - (locations - (filter identity - (list - (nginx-location-configuration - (uri "/.well-known") - (body (list (list "root " webroot ";")))) - default-location)))))))) + (define (certificate->nginx-server certificate-configuration) + (match-record certificate-configuration + (domains challenge) + (nginx-server-configuration + (listen '("80" "[::]:80")) + (ssl-certificate #f) + (ssl-certificate-key #f) + (server-name domains) + (locations + (filter identity + (append + (if challenge + '() + (list (nginx-location-configuration + (uri "/.well-known") + (body (list (list "root " webroot ";")))))) + (list default-location))))))) + (map certificate->nginx-server certificates)))) (define certbot-service-type (service-type (name 'certbot) -- cgit 1.4.1