From: Saku Laesvuori via Guix-patches via <guix-patches@gnu.org>
To: Bruno Victal <mirai@makinata.eu>
Cc: 62642@debbugs.gnu.org
Subject: [bug#62642] [PATCH v2] services: certbot: Fix nginx crash when certbot is used without domains
Date: Tue, 4 Apr 2023 23:43:46 +0300 [thread overview]
Message-ID: <20230404204346.urftnbdrquetm7jw@X-kone> (raw)
In-Reply-To: <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
[-- Attachment #1: Type: text/plain, Size: 2247 bytes --]
* gnu/services/certbot.scm (certbot-nginx-server-configurations):
Don't return a broken nginx-server-configuration with empty server_name
when no certificate domains are configured. Instead add a separate
server for every certificate, so 0 certificates adds 0 servers.
---
gnu/services/certbot.scm | 32 ++++++++++++++++++--------------
1 file changed, 18 insertions(+), 14 deletions(-)
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 8e6784df2b..0c45471659 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -173,20 +173,24 @@ (define certbot-nginx-server-configurations
(match-lambda
(($ <certbot-configuration> package webroot certificates email
server rsa-key-size default-location)
- (list
- (nginx-server-configuration
- (listen '("80" "[::]:80"))
- (ssl-certificate #f)
- (ssl-certificate-key #f)
- (server-name
- (apply append (map certificate-configuration-domains certificates)))
- (locations
- (filter identity
- (list
- (nginx-location-configuration
- (uri "/.well-known")
- (body (list (list "root " webroot ";"))))
- default-location))))))))
+ (define (certificate->nginx-server certificate-configuration)
+ (match-record certificate-configuration <certificate-configuration>
+ (domains challenge)
+ (nginx-server-configuration
+ (listen '("80" "[::]:80"))
+ (ssl-certificate #f)
+ (ssl-certificate-key #f)
+ (server-name domains)
+ (locations
+ (filter identity
+ (append
+ (if challenge
+ '()
+ (list (nginx-location-configuration
+ (uri "/.well-known")
+ (body (list (list "root " webroot ";"))))))
+ (list default-location)))))))
+ (map certificate->nginx-server certificates))))
(define certbot-service-type
(service-type (name 'certbot)
base-commit: 2cf71e725d55bc5bf1ad663b7c696516299cc8a7
--
2.39.2
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2023-04-04 20:44 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-03 13:32 [bug#62642] [PATCH] services: certbot: Fix nginx crash when certbot is used without domains Saku Laesvuori via Guix-patches via
2023-04-03 14:28 ` Bruno Victal
2023-04-03 18:06 ` Saku Laesvuori via Guix-patches via
2023-04-04 13:21 ` Bruno Victal
2023-04-04 20:43 ` Saku Laesvuori via Guix-patches via [this message]
2023-06-18 21:11 ` bug#62642: " Ludovic Courtès
2023-04-13 9:00 ` [bug#62642] " Saku Laesvuori via Guix-patches via
2023-05-22 11:34 ` Saku Laesvuori via Guix-patches via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230404204346.urftnbdrquetm7jw@X-kone \
--to=guix-patches@gnu.org \
--cc=62642@debbugs.gnu.org \
--cc=mirai@makinata.eu \
--cc=saku@laesvuori.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.