Ludovic Courtès writes:

> Hi,
>
> julien lepiller <julien@lepiller.eu> skribis:
>
>> Le 2017-12-05 12:14, ludo@gnu.org a écrit:
>
> [...]
>
>>> We cannot check for file existence at configuration time for the
>>> reasons
>>> above.
>>>
>>> We cannot check for file existence at build time because certificates
>>> may be part of the machine’s state; they are typically managed in a
>>> stateful fashion, outside of GuixSD.
>>>
>>> So the only option we’re left with is checking at run time, when we
>>> start the service.  But that’s something nginx already does, I think?
>>>
>>> As for the default, I would be in favor of setting it to #f, because I
>>> can’t really think of a default that would work for everyone.
>>>
>>> WDYT?
>>
>> Having it default to #f is fine with me. Nginx does this check at
>> runtime
>> and will refuse to start if these files are missing. Keeping https-port
>> to 443 and certificates to #f means it will not be able to establish a
>> connection to the client, but the http website will be available. So
>> just
>> setting the key and the certificate to #f by default should be OK.
>
> OK, sounds good.
>
> Chris, can you make this change?

Yep, I've send some updated patches.