From 0f4740f4fadc83227de6ec73997ecf42ba7323e9 Mon Sep 17 00:00:00 2001
From: Julien Lepiller <julien@lepiller.eu>
Date: Sun, 30 Apr 2017 11:17:02 +0200
Subject: [PATCH] gnu: services: nginx: Test certificate presence.
* gnu/services/web.scm (default-nginx-server-config): Test certificate
presence when https is requested at configure time.
---
gnu/services/web.scm | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/gnu/services/web.scm b/gnu/services/web.scm
index b7b2f67f136..47036f42f3d 100644
--- a/gnu/services/web.scm
+++ b/gnu/services/web.scm
@@ -2,7 +2,7 @@
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
-;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
+;;; Copyright © 2016, 2017 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Christopher Baines <mail@cbaines.net>
;;;
;;; This file is part of GNU Guix.
@@ -154,12 +154,16 @@ (define (default-nginx-server-config server)
(nginx-server-configuration-server-name server))
";\n"
(if (nginx-server-configuration-ssl-certificate server)
- (string-append " ssl_certificate "
- (nginx-server-configuration-ssl-certificate server) ";\n")
+ (let ((certificate (nginx-server-configuration-ssl-certificate server)))
+ ;; lstat fails when the certificate file does not exist: it aborts
+ ;; and lets the user fix their configuration.
+ (lstat certificate)
+ (string-append " ssl_certificate " certificate ";\n"))
"")
(if (nginx-server-configuration-ssl-certificate-key server)
- (string-append " ssl_certificate_key "
- (nginx-server-configuration-ssl-certificate-key server) ";\n")
+ (let ((key (nginx-server-configuration-ssl-certificate-key server)))
+ (lstat certificate)
+ (string-append " ssl_certificate_key " key ";\n"))
"")
" root " (nginx-server-configuration-root server) ";\n"
" index " (config-index-strings (nginx-server-configuration-index server)) ";\n"
--
GitLab