aboutsummaryrefslogtreecommitdiff
path: root/gnu/services/web.scm
diff options
context:
space:
mode:
authorJulien Lepiller <julien@lepiller.eu>2017-04-30 11:17:02 +0200
committerJulien Lepiller <julien@lepiller.eu>2017-05-01 09:56:57 +0200
commit0f4740f4fadc83227de6ec73997ecf42ba7323e9 (patch)
treecb46652ccfd0155590a5aeb649a1c26355c1c516 /gnu/services/web.scm
parent9416112ed29cf9403ea50ee8501f68b891b1691a (diff)
downloadgnu-guix-0f4740f4fadc83227de6ec73997ecf42ba7323e9.tar
gnu-guix-0f4740f4fadc83227de6ec73997ecf42ba7323e9.tar.gz
gnu: services: nginx: Test certificate presence.
* gnu/services/web.scm (default-nginx-server-config): Test certificate presence when https is requested at configure time.
Diffstat (limited to 'gnu/services/web.scm')
-rw-r--r--gnu/services/web.scm14
1 files changed, 9 insertions, 5 deletions
diff --git a/gnu/services/web.scm b/gnu/services/web.scm
index b7b2f67f13..47036f42f3 100644
--- a/gnu/services/web.scm
+++ b/gnu/services/web.scm
@@ -2,7 +2,7 @@
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
-;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
+;;; Copyright © 2016, 2017 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Christopher Baines <mail@cbaines.net>
;;;
;;; This file is part of GNU Guix.
@@ -154,12 +154,16 @@ of index files."
(nginx-server-configuration-server-name server))
";\n"
(if (nginx-server-configuration-ssl-certificate server)
- (string-append " ssl_certificate "
- (nginx-server-configuration-ssl-certificate server) ";\n")
+ (let ((certificate (nginx-server-configuration-ssl-certificate server)))
+ ;; lstat fails when the certificate file does not exist: it aborts
+ ;; and lets the user fix their configuration.
+ (lstat certificate)
+ (string-append " ssl_certificate " certificate ";\n"))
"")
(if (nginx-server-configuration-ssl-certificate-key server)
- (string-append " ssl_certificate_key "
- (nginx-server-configuration-ssl-certificate-key server) ";\n")
+ (let ((key (nginx-server-configuration-ssl-certificate-key server)))
+ (lstat certificate)
+ (string-append " ssl_certificate_key " key ";\n"))
"")
" root " (nginx-server-configuration-root server) ";\n"
" index " (config-index-strings (nginx-server-configuration-index server)) ";\n"