diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 3b9f9e40be..e47acfe118 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -629,7 +629,7 @@ of index files." modules global-directives extra-content) - (apply mixed-text-file "nginx.conf" + (apply mixed-text-file "unchecked-nginx.conf" (flatten "user nginx nginx;\n" "pid " run-directory "/pid;\n" @@ -662,6 +662,19 @@ of index files." extra-content "\n}\n")))) +(define (validated-nginx-configuration-file nginx file) + "Return a copy of FILE, an nginx config file, after checking that it is +syntactically correct." + (computed-file "nginx.conf" + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + + (mkdir "run") + (invoke #+(file-append nginx "/sbin/nginx") + "-c" #$file "-p" "run" "-t") + (copy-file #$file #$output))))) + (define %nginx-accounts (list (user-group (name "nginx") (system? #t)) (user-account @@ -694,8 +707,10 @@ of index files." (mkdir-p (string-append #$run-directory "/logs")) ;; Check configuration file syntax. (system* (string-append #$nginx "/sbin/nginx") - "-c" #$(or file - (default-nginx-config config)) + "-c" #$(validated-nginx-configuration-file + nginx + (or file + (default-nginx-config config))) "-p" #$run-directory "-t")))) @@ -709,8 +724,10 @@ of index files." (lambda args #~(lambda _ (invoke #$nginx-binary "-c" - #$(or file - (default-nginx-config config)) + #$(validated-nginx-configuration-file + nginx + (or file + (default-nginx-config config))) #$@args) (match '#$args (("-s" . _) #f)