From unknown Sat Sep 13 10:22:28 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#26684 <26684@debbugs.gnu.org> To: bug#26684 <26684@debbugs.gnu.org> Subject: Status: let nginx configs reference the store Reply-To: bug#26684 <26684@debbugs.gnu.org> Date: Sat, 13 Sep 2025 17:22:28 +0000 retitle 26684 let nginx configs reference the store reassign 26684 guix-patches submitter 26684 Andy Wingo severity 26684 normal thanks From debbugs-submit-bounces@debbugs.gnu.org Thu Apr 27 16:09:30 2017 Received: (at submit) by debbugs.gnu.org; 27 Apr 2017 20:09:30 +0000 Received: from localhost ([127.0.0.1]:43272 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d3pjF-0003ob-L2 for submit@debbugs.gnu.org; Thu, 27 Apr 2017 16:09:30 -0400 Received: from eggs.gnu.org ([208.118.235.92]:55556) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d3pjD-0003oO-H6 for submit@debbugs.gnu.org; Thu, 27 Apr 2017 16:09:28 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d3pj6-00029f-S6 for submit@debbugs.gnu.org; Thu, 27 Apr 2017 16:09:22 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_20,T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:45385) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d3pj6-00029U-Oa for submit@debbugs.gnu.org; Thu, 27 Apr 2017 16:09:20 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46496) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d3pj5-0002pO-4d for guix-patches@gnu.org; Thu, 27 Apr 2017 16:09:20 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d3pj1-00026X-Ud for guix-patches@gnu.org; Thu, 27 Apr 2017 16:09:19 -0400 Received: from pb-sasl2.pobox.com ([64.147.108.67]:54697 helo=sasl.smtp.pobox.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d3pj1-0001iI-PJ for guix-patches@gnu.org; Thu, 27 Apr 2017 16:09:15 -0400 Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-sasl2.pobox.com (Postfix) with ESMTP id 79F6F7F103 for ; Thu, 27 Apr 2017 16:08:39 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=from:to :subject:date:message-id:mime-version:content-type; s=sasl; bh=l RBZP8g2U7meKf2mpfHSfHkFt4s=; b=HOIrVBu/UpSU8mwp56vF8WE8fTilqfd4k bq4S5XUDZjbZHAfzndp7gG6VkPs1PaN10ejWkltOhFNZd0mNorP3m2xrKEYCuZh1 OqBjutKskAeQ3GTkM+8L6GBb8M32g0Ppu+Ydu92C0C55mMzz8KuL1phtxDdN5UV6 hoVlcwa5Kk= Received: from pb-sasl2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-sasl2.pobox.com (Postfix) with ESMTP id 72A5A7F102 for ; Thu, 27 Apr 2017 16:08:39 -0400 (EDT) Received: from clucks (unknown [88.160.190.192]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pb-sasl2.pobox.com (Postfix) with ESMTPSA id D3E387F101 for ; Thu, 27 Apr 2017 16:08:37 -0400 (EDT) From: Andy Wingo To: guix-patches@gnu.org Subject: let nginx configs reference the store Date: Thu, 27 Apr 2017 22:08:29 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Pobox-Relay-ID: 4D202236-2B85-11E7-87A1-571C92A0D1B0-02397024!pb-sasl2.pobox.com X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.4 (----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.4 (----) --=-=-= Content-Type: text/plain Hi, Is this the right way to do things? Passing lists around seems to be an intermediate point between strings and proper configuration values -- as such it seems like a useful intermediate step. The context is that I need to be able to extend the nginx configuration with a server config that references a store path. Andy --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-gnu-services-Nginx-configs-can-reference-store.patch >From b56b797e2ca26619485d874110d3f1f0ae96fba4 Mon Sep 17 00:00:00 2001 From: Andy Wingo Date: Thu, 27 Apr 2017 19:49:02 +0200 Subject: [PATCH 1/5] gnu: services: Nginx configs can reference store * gnu/services/web.scm (config-domain-strings, config-index-strings): Emit lists instead of strings. (emit-nginx-location-config, emit-nginx-server-config) (emit-nginx-upstream-config): Rename from nginx-location-config, default-nginx-server-config, and nginx-upstream-config. Emit lists instead of strings. (flatten): New helper. (default-nginx-config): Use flatten helper to write nginx conf. This allows location configs to reference store values. --- gnu/services/web.scm | 150 +++++++++++++++++++++++++-------------------------- 1 file changed, 74 insertions(+), 76 deletions(-) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index b7b2f67f1..e8769522a 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -110,101 +110,99 @@ (define (config-domain-strings names) "Return a string denoting the nginx config representation of NAMES, a list of domain names." - (string-join - (map (match-lambda + (map (match-lambda ('default "_ ") - ((? string? str) (string-append str " "))) - names))) + ((? string? str) (list str " "))) + names)) (define (config-index-strings names) "Return a string denoting the nginx config representation of NAMES, a list of index files." - (string-join - (map (match-lambda - ((? string? str) (string-append str " "))) - names))) + (map (match-lambda + ((? string? str) (list str " "))) + names)) -(define nginx-location-config +(define emit-nginx-location-config (match-lambda (($ uri body) - (string-append + (list " location " uri " {\n" - " " (string-join body "\n ") "\n" + (map (lambda (x) (list " " x "\n")) body) " }\n")) (($ name body) - (string-append + (list " location @" name " {\n" - " " (string-join body "\n ") "\n" + (map (lambda (x) (list " " x "\n")) body) " }\n")))) -(define (default-nginx-server-config server) - (string-append - " server {\n" - (if (nginx-server-configuration-http-port server) - (string-append " listen " - (number->string (nginx-server-configuration-http-port server)) - ";\n") - "") - (if (nginx-server-configuration-https-port server) - (string-append " listen " - (number->string (nginx-server-configuration-https-port server)) - " ssl;\n") - "") - " server_name " (config-domain-strings - (nginx-server-configuration-server-name server)) - ";\n" - (if (nginx-server-configuration-ssl-certificate server) - (string-append " ssl_certificate " - (nginx-server-configuration-ssl-certificate server) ";\n") - "") - (if (nginx-server-configuration-ssl-certificate-key server) - (string-append " ssl_certificate_key " - (nginx-server-configuration-ssl-certificate-key server) ";\n") - "") - " root " (nginx-server-configuration-root server) ";\n" - " index " (config-index-strings (nginx-server-configuration-index server)) ";\n" - " server_tokens " (if (nginx-server-configuration-server-tokens? server) - "on" "off") ";\n" - "\n" - (string-join - (map nginx-location-config (nginx-server-configuration-locations server)) - "\n") - " }\n")) +(define (emit-nginx-server-config server) + (let ((http-port (nginx-server-configuration-http-port server)) + (https-port (nginx-server-configuration-https-port server)) + (server-name (nginx-server-configuration-server-name server)) + (ssl-certificate (nginx-server-configuration-ssl-certificate server)) + (ssl-certificate-key + (nginx-server-configuration-ssl-certificate-key server)) + (root (nginx-server-configuration-root server)) + (index (nginx-server-configuration-index server)) + (server-tokens? (nginx-server-configuration-server-tokens? server)) + (locations (nginx-server-configuration-locations server))) + (define-syntax-parameter <> (syntax-rules ())) + (define-syntax-rule (and/l x tail ...) + (let ((x* x)) + (if x* + (syntax-parameterize ((<> (identifier-syntax x*))) + (list tail ...)) + '()))) + (list + " server {\n" + (and/l http-port " listen " (number->string <>) ";\n") + (and/l https-port " listen " (number->string <>) " ssl;\n") + " server_name " (config-domain-strings server-name) ";\n" + (and/l ssl-certificate " ssl_certificate " <> ";\n") + (and/l ssl-certificate-key " ssl_certificate_key " <> ";\n") + " root " root ";\n" + " index " (config-index-strings index) ";\n" + " server_tokens " (if server-tokens? "on" "off") ";\n" + "\n" + (map emit-nginx-location-config locations) + "\n" + " }\n"))) -(define (nginx-upstream-config upstream) - (string-append +(define (emit-nginx-upstream-config upstream) + (list " upstream " (nginx-upstream-configuration-name upstream) " {\n" - (string-concatenate - (map (lambda (server) - (simple-format #f " server ~A;\n" server)) - (nginx-upstream-configuration-servers upstream))) + (map (lambda (server) + (simple-format #f " server ~A;\n" server)) + (nginx-upstream-configuration-servers upstream)) " }\n")) +(define (flatten . lst) + "Return a list that recursively concatenates all sub-lists of LST." + (define (flatten1 head out) + (if (list? head) + (fold-right flatten1 out head) + (cons head out))) + (fold-right flatten1 '() lst)) + (define (default-nginx-config nginx log-directory run-directory server-list upstream-list) - (mixed-text-file "nginx.conf" - "user nginx nginx;\n" - "pid " run-directory "/pid;\n" - "error_log " log-directory "/error.log info;\n" - "http {\n" - " client_body_temp_path " run-directory "/client_body_temp;\n" - " proxy_temp_path " run-directory "/proxy_temp;\n" - " fastcgi_temp_path " run-directory "/fastcgi_temp;\n" - " uwsgi_temp_path " run-directory "/uwsgi_temp;\n" - " scgi_temp_path " run-directory "/scgi_temp;\n" - " access_log " log-directory "/access.log;\n" - " include " nginx "/share/nginx/conf/mime.types;\n" - "\n" - (string-join - (filter (lambda (section) (not (null? section))) - (map nginx-upstream-config upstream-list)) - "\n") - "\n" - (let ((http (map default-nginx-server-config server-list))) - (do ((http http (cdr http)) - (block "" (string-append (car http) "\n" block ))) - ((null? http) block))) - "}\n" - "events {}\n")) + (apply mixed-text-file "nginx.conf" + (flatten + "user nginx nginx;\n" + "pid " run-directory "/pid;\n" + "error_log " log-directory "/error.log info;\n" + "http {\n" + " client_body_temp_path " run-directory "/client_body_temp;\n" + " proxy_temp_path " run-directory "/proxy_temp;\n" + " fastcgi_temp_path " run-directory "/fastcgi_temp;\n" + " uwsgi_temp_path " run-directory "/uwsgi_temp;\n" + " scgi_temp_path " run-directory "/scgi_temp;\n" + " access_log " log-directory "/access.log;\n" + " include " nginx "/share/nginx/conf/mime.types;\n" + "\n" + (map emit-nginx-upstream-config upstream-list) + (map emit-nginx-server-config server-list) + "}\n" + "events {}\n"))) (define %nginx-accounts (list (user-group (name "nginx") (system? #t)) -- 2.12.2 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Wed May 03 08:43:22 2017 Received: (at 26684) by debbugs.gnu.org; 3 May 2017 12:43:22 +0000 Received: from localhost ([127.0.0.1]:52049 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d5tco-00068k-0R for submit@debbugs.gnu.org; Wed, 03 May 2017 08:43:22 -0400 Received: from eggs.gnu.org ([208.118.235.92]:44108) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d5tcm-00068W-RT for 26684@debbugs.gnu.org; Wed, 03 May 2017 08:43:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d5tce-0000op-LG for 26684@debbugs.gnu.org; Wed, 03 May 2017 08:43:15 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_40,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:46562) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d5tce-0000ob-Hv; Wed, 03 May 2017 08:43:12 -0400 Received: from reverse-83.fdn.fr ([80.67.176.83]:55382 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1d5tcd-0001Cg-VY; Wed, 03 May 2017 08:43:12 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Andy Wingo Subject: Re: bug#26684: let nginx configs reference the store References: Date: Wed, 03 May 2017 14:43:10 +0200 In-Reply-To: (Andy Wingo's message of "Thu, 27 Apr 2017 22:08:29 +0200") Message-ID: <87k25yt8kh.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 26684 Cc: 26684@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) Andy Wingo skribis: > Is this the right way to do things? Passing lists around seems to be an > intermediate point between strings and proper configuration values -- as > such it seems like a useful intermediate step. The context is that I > need to be able to extend the nginx configuration with a server config > that references a store path. I don=E2=80=99t know if it=E2=80=99s ideal but it=E2=80=99s definitely an i= mprovement! What I had in mind when I thought about fixing the very same issue was to generate a gexp as the IR of the configuration file, something like: #~(nginx (server bar (location #$foo))) and then have a build-side =E2=80=98sexp->nginx-config-file=E2=80=99 proced= ure that would convert it. That=E2=80=99s nicer in theory but probably more tricky than what you propo= se here. In the short term I think applying the patch you posted is probably the right thing. Thoughts? Thanks, Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Wed May 03 18:58:39 2017 Received: (at 26684) by debbugs.gnu.org; 3 May 2017 22:58:39 +0000 Received: from localhost ([127.0.0.1]:53349 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d63EE-0007pP-PG for submit@debbugs.gnu.org; Wed, 03 May 2017 18:58:38 -0400 Received: from mail.lassieur.org ([83.152.10.219]:58394) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d63ED-0007pG-3G for 26684@debbugs.gnu.org; Wed, 03 May 2017 18:58:37 -0400 Received: from rodion (88.191.118.83 [88.191.118.83]) by mail.lassieur.org (OpenSMTPD) with ESMTPSA id 9ec50cf8 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Wed, 3 May 2017 22:58:35 +0000 (UTC) References: User-agent: mu4e 0.9.18; emacs 25.2.1 From: =?utf-8?Q?Cl=C3=A9ment?= Lassieur To: Andy Wingo Subject: Re: bug#26684: let nginx configs reference the store In-reply-to: Date: Thu, 04 May 2017 00:58:34 +0200 Message-ID: <87pofp7dk5.fsf@lassieur.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684 Cc: 26684@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Andy Wingo writes: > Hi, > > Is this the right way to do things? Passing lists around seems to be an > intermediate point between strings and proper configuration values -- as > such it seems like a useful intermediate step. The context is that I > need to be able to extend the nginx configuration with a server config > that references a store path. > > Andy > > From b56b797e2ca26619485d874110d3f1f0ae96fba4 Mon Sep 17 00:00:00 2001 > From: Andy Wingo > Date: Thu, 27 Apr 2017 19:49:02 +0200 > Subject: [PATCH 1/5] gnu: services: Nginx configs can reference store > > * gnu/services/web.scm (config-domain-strings, config-index-strings): Emit > lists instead of strings. > (emit-nginx-location-config, emit-nginx-server-config) > (emit-nginx-upstream-config): Rename from nginx-location-config, > default-nginx-server-config, and nginx-upstream-config. Emit lists instead of > strings. > (flatten): New helper. > (default-nginx-config): Use flatten helper to write nginx conf. This allows > location configs to reference store values. > --- > gnu/services/web.scm | 150 +++++++++++++++++++++++++-------------------------- > 1 file changed, 74 insertions(+), 76 deletions(-) Hi Andy, I tested it successfully (with a reference to the store), and it looks good to me as well. Thanks you! You'll have some rebasing work to do though with (lstat ssl-cert...). Clément From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 24 09:01:58 2017 Received: (at 26684) by debbugs.gnu.org; 24 Jul 2017 13:01:58 +0000 Received: from localhost ([127.0.0.1]:53932 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dZczm-0001FP-1h for submit@debbugs.gnu.org; Mon, 24 Jul 2017 09:01:58 -0400 Received: from eggs.gnu.org ([208.118.235.92]:33763) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dZczk-0001F8-7Z for 26684@debbugs.gnu.org; Mon, 24 Jul 2017 09:01:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dZczZ-0001y1-FU for 26684@debbugs.gnu.org; Mon, 24 Jul 2017 09:01:51 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:41636) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dZczZ-0001xv-Bw; Mon, 24 Jul 2017 09:01:45 -0400 Received: from [193.50.110.220] (port=48166 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1dZczY-00073Y-QH; Mon, 24 Jul 2017 09:01:45 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: =?utf-8?Q?Cl=C3=A9ment?= Lassieur , Christopher Baines Subject: Re: bug#26684: let nginx configs reference the store References: <87pofp7dk5.fsf@lassieur.org> Date: Mon, 24 Jul 2017 15:01:42 +0200 In-Reply-To: <87pofp7dk5.fsf@lassieur.org> (=?utf-8?Q?=22Cl=C3=A9ment?= Lassieur"'s message of "Thu, 04 May 2017 00:58:34 +0200") Message-ID: <87wp6ykmyx.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -7.8 (-------) X-Debbugs-Envelope-To: 26684 Cc: Andy Wingo , 26684@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -7.8 (-------) Hello! Christopher, Cl=C3=A9ment: I wanted to apply this patch from Andy but it conflicts with recent changes, presumably commit cb341293fa by Chris. Could you take a look and apply it, if possible? https://bugs.gnu.org/26684 Thanks, Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 24 09:11:46 2017 Received: (at 26684) by debbugs.gnu.org; 24 Jul 2017 13:11:46 +0000 Received: from localhost ([127.0.0.1]:53936 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dZd9G-0001UG-1u for submit@debbugs.gnu.org; Mon, 24 Jul 2017 09:11:46 -0400 Received: from mail.lassieur.org ([83.152.10.219]:36424) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dZd9E-0001U5-12 for 26684@debbugs.gnu.org; Mon, 24 Jul 2017 09:11:44 -0400 Received: from newt (46.218.109.88 [46.218.109.88]) by mail.lassieur.org (OpenSMTPD) with ESMTPSA id eef2dc55 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Mon, 24 Jul 2017 13:11:41 +0000 (UTC) References: <87pofp7dk5.fsf@lassieur.org> <87wp6ykmyx.fsf@gnu.org> User-agent: mu4e 0.9.18; emacs 25.2.1 From: =?utf-8?Q?Cl=C3=A9ment?= Lassieur To: Ludovic =?utf-8?Q?Court=C3=A8s?= Subject: Re: bug#26684: let nginx configs reference the store In-reply-to: <87wp6ykmyx.fsf@gnu.org> Date: Mon, 24 Jul 2017 15:11:40 +0200 Message-ID: <87mv7uq8s3.fsf@lassieur.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684 Cc: Andy Wingo , Christopher Baines , 26684@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Ludovic Courtès writes: > Christopher, Clément: I wanted to apply this patch from Andy but it > conflicts with recent changes, presumably commit cb341293fa by Chris. > Could you take a look and apply it, if possible? > > https://bugs.gnu.org/26684 Hi Ludo, Sure, I'll have a look at it, probably this week-end. I remember I fixed the conflict on my local branch. I haven't been very active those last weeks, but I hope to be back soon. :) Clément From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 02 03:45:35 2017 Received: (at 26684) by debbugs.gnu.org; 2 Aug 2017 07:45:36 +0000 Received: from localhost ([127.0.0.1]:37616 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcoLX-0002Pc-DF for submit@debbugs.gnu.org; Wed, 02 Aug 2017 03:45:35 -0400 Received: from li622-129.members.linode.com ([212.71.249.129]:52460 helo=mira.cbaines.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcoLV-0002PS-3u for 26684@debbugs.gnu.org; Wed, 02 Aug 2017 03:45:34 -0400 Received: by mira.cbaines.net (Postfix, from userid 113) id 0D49413E3AD; Wed, 2 Aug 2017 08:45:32 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from localhost (unknown [94.119.64.4]) by mira.cbaines.net (Postfix) with ESMTPSA id A050A13E3AA; Wed, 2 Aug 2017 08:45:29 +0100 (BST) Date: Wed, 2 Aug 2017 08:45:18 +0100 From: Christopher Baines To: ludo@gnu.org (Ludovic =?UTF-8?B?Q291cnTDqHM=?=) Subject: Re: bug#26684: let nginx configs reference the store Message-ID: <20170802084518.4e4f1d7b@cbaines.net> In-Reply-To: <87wp6ykmyx.fsf@gnu.org> References: <87pofp7dk5.fsf@lassieur.org> <87wp6ykmyx.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/bbDpdCdBSAkrFGf_Ss7Q3Vt"; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684 Cc: Andy Wingo , 26684@debbugs.gnu.org, =?UTF-8?B?Q2zDqW1lbnQ=?= Lassieur X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) --Sig_/bbDpdCdBSAkrFGf_Ss7Q3Vt Content-Type: multipart/mixed; boundary="MP_/alZDM3SxWxP4dGJJxg31TMs" --MP_/alZDM3SxWxP4dGJJxg31TMs Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Mon, 24 Jul 2017 15:01:42 +0200 ludo@gnu.org (Ludovic Court=C3=A8s) wrote: > Hello! >=20 > Christopher, Cl=C3=A9ment: I wanted to apply this patch from Andy but it > conflicts with recent changes, presumably commit cb341293fa by Chris. > Could you take a look and apply it, if possible? >=20 > https://bugs.gnu.org/26684 Hey, So I've had a look at this, it looks like its just the changes that are causing the conflict relate to checking that the files related to SSL exist. I've adjusted the patch so that it applies, and included my translation of the changes. I haven't done much testing yet, but the patch, and the diff with the previous patch is attached. --MP_/alZDM3SxWxP4dGJJxg31TMs Content-Type: text/x-patch Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename=0001-gnu-services-Nginx-configs-can-reference-store.patch =46rom 247843cb62c36cf0a65064eb0dcf5559dc78a460 Mon Sep 17 00:00:00 2001 From: Andy Wingo Date: Thu, 27 Apr 2017 19:49:02 +0200 Subject: [PATCH] gnu: services: Nginx configs can reference store * gnu/services/web.scm (config-domain-strings, config-index-strings): Emit lists instead of strings. (emit-nginx-location-config, emit-nginx-server-config) (emit-nginx-upstream-config): Rename from nginx-location-config, default-nginx-server-config, and nginx-upstream-config. Emit lists instead= of strings. (flatten): New helper. (default-nginx-config): Use flatten helper to write nginx conf. This allows location configs to reference store values. --- gnu/services/web.scm | 158 +++++++++++++++++++++++++----------------------= ---- 1 file changed, 78 insertions(+), 80 deletions(-) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index c605d7686..6e7ffa787 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -114,105 +114,103 @@ (define (config-domain-strings names) "Return a string denoting the nginx config representation of NAMES, a list of domain names." - (string-join - (map (match-lambda + (map (match-lambda ('default "_ ") - ((? string? str) (string-append str " "))) - names))) + ((? string? str) (list str " "))) + names)) =20 (define (config-index-strings names) "Return a string denoting the nginx config representation of NAMES, a list of index files." - (string-join - (map (match-lambda - ((? string? str) (string-append str " "))) - names))) + (map (match-lambda + ((? string? str) (list str " "))) + names)) =20 -(define nginx-location-config +(define emit-nginx-location-config (match-lambda (($ uri body) - (string-append + (list " location " uri " {\n" - " " (string-join body "\n ") "\n" + (map (lambda (x) (list " " x "\n")) body) " }\n")) (($ name body) - (string-append + (list " location @" name " {\n" - " " (string-join body "\n ") "\n" + (map (lambda (x) (list " " x "\n")) body) " }\n")))) =20 -(define (default-nginx-server-config server) - (string-append - " server {\n" - (if (nginx-server-configuration-http-port server) - (string-append " listen " - (number->string (nginx-server-configuration-http-por= t server)) - ";\n") - "") - (if (nginx-server-configuration-https-port server) - (string-append " listen " - (number->string (nginx-server-configuration-https-po= rt server)) - " ssl;\n") - "") - " server_name " (config-domain-strings - (nginx-server-configuration-server-name server)) - ";\n" - (if (nginx-server-configuration-ssl-certificate server) - (let ((certificate (nginx-server-configuration-ssl-certificate serv= er))) - ;; lstat fails when the certificate file does not exist: it aborts - ;; and lets the user fix their configuration. - (lstat certificate) - (string-append " ssl_certificate " certificate ";\n")) - "") - (if (nginx-server-configuration-ssl-certificate-key server) - (let ((key (nginx-server-configuration-ssl-certificate-key server))) - (lstat key) - (string-append " ssl_certificate_key " key ";\n")) - "") - " root " (nginx-server-configuration-root server) ";\n" - " index " (config-index-strings (nginx-server-configuration-index = server)) ";\n" - " server_tokens " (if (nginx-server-configuration-server-tokens? s= erver) - "on" "off") ";\n" - "\n" - (string-join - (map nginx-location-config (nginx-server-configuration-locations serve= r)) - "\n") - " }\n")) +(define (emit-nginx-server-config server) + (let ((http-port (nginx-server-configuration-http-port server)) + (https-port (nginx-server-configuration-https-port server)) + (server-name (nginx-server-configuration-server-name server)) + (ssl-certificate (nginx-server-configuration-ssl-certificate serve= r)) + (ssl-certificate-key + (nginx-server-configuration-ssl-certificate-key server)) + (root (nginx-server-configuration-root server)) + (index (nginx-server-configuration-index server)) + (server-tokens? (nginx-server-configuration-server-tokens? server)) + (locations (nginx-server-configuration-locations server))) + (define-syntax-parameter <> (syntax-rules ())) + (define-syntax-rule (and/l x tail ...) + (let ((x* x)) + (if x* + (syntax-parameterize ((<> (identifier-syntax x*))) + (list tail ...)) + '()))) + (for-each (lambda (file) + (if (and file (not (file-exists? file))) + (error "~A does not exist" file))) + (list ssl-certificate ssl-certificate-key)) + (list + " server {\n" + (and/l http-port " listen " (number->string <>) ";\n") + (and/l https-port " listen " (number->string <>) " ssl;\n") + " server_name " (config-domain-strings server-name) ";\n" + (and/l ssl-certificate " ssl_certificate " <> ";\n") + (and/l ssl-certificate-key " ssl_certificate_key " <> ";\n") + " root " root ";\n" + " index " (config-index-strings index) ";\n" + " server_tokens " (if server-tokens? "on" "off") ";\n" + "\n" + (map emit-nginx-location-config locations) + "\n" + " }\n"))) =20 -(define (nginx-upstream-config upstream) - (string-append +(define (emit-nginx-upstream-config upstream) + (list " upstream " (nginx-upstream-configuration-name upstream) " {\n" - (string-concatenate - (map (lambda (server) - (simple-format #f " server ~A;\n" server)) - (nginx-upstream-configuration-servers upstream))) + (map (lambda (server) + (simple-format #f " server ~A;\n" server)) + (nginx-upstream-configuration-servers upstream)) " }\n")) =20 +(define (flatten . lst) + "Return a list that recursively concatenates all sub-lists of LST." + (define (flatten1 head out) + (if (list? head) + (fold-right flatten1 out head) + (cons head out))) + (fold-right flatten1 '() lst)) + (define (default-nginx-config nginx log-directory run-directory server-lis= t upstream-list) - (mixed-text-file "nginx.conf" - "user nginx nginx;\n" - "pid " run-directory "/pid;\n" - "error_log " log-directory "/error.log info;\n" - "http {\n" - " client_body_temp_path " run-directory "/client_body_te= mp;\n" - " proxy_temp_path " run-directory "/proxy_temp;\n" - " fastcgi_temp_path " run-directory "/fastcgi_temp;\n" - " uwsgi_temp_path " run-directory "/uwsgi_temp;\n" - " scgi_temp_path " run-directory "/scgi_temp;\n" - " access_log " log-directory "/access.log;\n" - " include " nginx "/share/nginx/conf/mime.types;\n" - "\n" - (string-join - (filter (lambda (section) (not (null? section))) - (map nginx-upstream-config upstream-list)) - "\n") - "\n" - (let ((http (map default-nginx-server-config server-list))) - (do ((http http (cdr http)) - (block "" (string-append (car http) "\n" block ))) - ((null? http) block))) - "}\n" - "events {}\n")) + (apply mixed-text-file "nginx.conf" + (flatten + "user nginx nginx;\n" + "pid " run-directory "/pid;\n" + "error_log " log-directory "/error.log info;\n" + "http {\n" + " client_body_temp_path " run-directory "/client_body_temp;\n" + " proxy_temp_path " run-directory "/proxy_temp;\n" + " fastcgi_temp_path " run-directory "/fastcgi_temp;\n" + " uwsgi_temp_path " run-directory "/uwsgi_temp;\n" + " scgi_temp_path " run-directory "/scgi_temp;\n" + " access_log " log-directory "/access.log;\n" + " include " nginx "/share/nginx/conf/mime.types;\n" + "\n" + (map emit-nginx-upstream-config upstream-list) + (map emit-nginx-server-config server-list) + "}\n" + "events {}\n"))) =20 (define %nginx-accounts (list (user-group (name "nginx") (system? #t)) --=20 2.13.1 --MP_/alZDM3SxWxP4dGJJxg31TMs Content-Type: text/x-patch Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename=0001-gnu-services-Nginx-configs-can-reference-store.patch.diff 1c1 < From 247843cb62c36cf0a65064eb0dcf5559dc78a460 Mon Sep 17 00:00:00 2001 --- > From b56b797e2ca26619485d874110d3f1f0ae96fba4 Mon Sep 17 00:00:00 2001 4c4 < Subject: [PATCH] gnu: services: Nginx configs can reference store --- > Subject: [PATCH 1/5] gnu: services: Nginx configs can reference store 16,17c16,17 < gnu/services/web.scm | 158 +++++++++++++++++++++++++--------------------= ------ < 1 file changed, 78 insertions(+), 80 deletions(-) --- > gnu/services/web.scm | 150 +++++++++++++++++++++++++--------------------= ------ > 1 file changed, 74 insertions(+), 76 deletions(-) 20c20 < index c605d7686..6e7ffa787 100644 --- > index b7b2f67f1..e8769522a 100644 23c23 < @@ -114,105 +114,103 @@ --- > @@ -110,101 +110,99 @@ 82,86c82,83 < - (let ((certificate (nginx-server-configuration-ssl-certificate se= rver))) < - ;; lstat fails when the certificate file does not exist: it abo= rts < - ;; and lets the user fix their configuration. < - (lstat certificate) < - (string-append " ssl_certificate " certificate ";\n")) --- > - (string-append " ssl_certificate " > - (nginx-server-configuration-ssl-certificate server= ) ";\n") 89,91c86,87 < - (let ((key (nginx-server-configuration-ssl-certificate-key server= ))) < - (lstat key) < - (string-append " ssl_certificate_key " key ";\n")) --- > - (string-append " ssl_certificate_key " > - (nginx-server-configuration-ssl-certificate-key se= rver) ";\n") 120,123d115 < + (for-each (lambda (file) < + (if (and file (not (file-exists? file))) < + (error "~A does not exist" file))) < + (list ssl-certificate ssl-certificate-key)) 208c200 < 2.13.1 --- > 2.12.2 --MP_/alZDM3SxWxP4dGJJxg31TMs-- --Sig_/bbDpdCdBSAkrFGf_Ss7Q3Vt Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAlmBgw5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE 9XcpTw/8DydaIAIT6h7V1c8GD521mBSNMGJLD8YNPzLpHIZzqaFo79OLbQ4peRnp QZm3QIGcKZZYAYwgjFaVbIUUKF93JyID57bUfLF2Dc+24CaUapSiS3N5iFHJfO/O zQqO7YxO8k+MnEWLia15oEvo2oO/fRuBGHHKqOz+kY5a3f62jsKdKVRahoPIGIwx Z3s0Zjjf9UVC4wnod1oR1hf0/0gSor5OTNcLqmNz3J5kHesVcEzhPYk4PWvjunR0 tYNWUB5jnmmDLPBK5po8yliPtJiiQBOj9SI16NF1C5uhqcHOtDlikOYa90yEFtrQ 4fsn5CnPLrw2OSBMBNB2VEKKvYv6Mju+A9jVOsxgf96LK6WkEFmJ7MV+fS8tD72F DaVwuilO8ZrFa99j6f0WdGagsQkU3xNP0r7n6m6cG2Go5ppRDjq6asY5dc0ZDpMH T0Me8DaJbijpYx9OKfZe/NM1jfnrHWKe4SLqvM5FKn/8yCWNWl1qF1EPoTrhZ4CV By3Irkq+qAhtqAKPczQjF+ciPVwHHyHVQ8hb64+XzWYEH5qxjMCfRPb44vfdqYnb yA0Nd88ZX+Q3ssKqqWdGoj14eLq+0N8Q0YyBBtoffrjOPv2+ElCMP4eFzzGD1mc+ /YDtpc3zOcGH//wQXBnDPMVXHoWB+sV2xVTT1ca6J5Sw8KQF44Y= =UldH -----END PGP SIGNATURE----- --Sig_/bbDpdCdBSAkrFGf_Ss7Q3Vt-- From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 02 05:31:57 2017 Received: (at 26684) by debbugs.gnu.org; 2 Aug 2017 09:31:57 +0000 Received: from localhost ([127.0.0.1]:37679 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcq0T-0004tj-6w for submit@debbugs.gnu.org; Wed, 02 Aug 2017 05:31:57 -0400 Received: from eggs.gnu.org ([208.118.235.92]:52973) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcq0Q-0004tX-Kg for 26684@debbugs.gnu.org; Wed, 02 Aug 2017 05:31:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dcq0H-00022c-AX for 26684@debbugs.gnu.org; Wed, 02 Aug 2017 05:31:49 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:48405) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dcq0H-00022Y-7w; Wed, 02 Aug 2017 05:31:45 -0400 Received: from reverse-83.fdn.fr ([80.67.176.83]:39114 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1dcq0G-0005oS-Cf; Wed, 02 Aug 2017 05:31:44 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Christopher Baines Subject: Re: bug#26684: let nginx configs reference the store References: <87pofp7dk5.fsf@lassieur.org> <87wp6ykmyx.fsf@gnu.org> <20170802084518.4e4f1d7b@cbaines.net> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 15 Thermidor an 225 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-unknown-linux-gnu Date: Wed, 02 Aug 2017 11:31:41 +0200 In-Reply-To: <20170802084518.4e4f1d7b@cbaines.net> (Christopher Baines's message of "Wed, 2 Aug 2017 08:45:18 +0100") Message-ID: <87o9rytiwy.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 26684 Cc: Andy Wingo , 26684@debbugs.gnu.org, =?utf-8?Q?Cl=C3=A9ment?= Lassieur X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) Hello, Christopher Baines skribis: > On Mon, 24 Jul 2017 15:01:42 +0200 > ludo@gnu.org (Ludovic Court=C3=A8s) wrote: > >> Hello! >>=20 >> Christopher, Cl=C3=A9ment: I wanted to apply this patch from Andy but it >> conflicts with recent changes, presumably commit cb341293fa by Chris. >> Could you take a look and apply it, if possible? >>=20 >> https://bugs.gnu.org/26684 > > Hey, > > So I've had a look at this, it looks like its just the changes that are > causing the conflict relate to checking that the files related to SSL > exist. > > I've adjusted the patch so that it applies, and included my translation > of the changes. I haven't done much testing yet, but the patch, and the > diff with the previous patch is attached. As long as =E2=80=9Cmake check-system TESTS=3Dnginx=E2=80=9D doesn=E2=80=99= t catch obvious errors, it=E2=80=99s probably fine. Thank you! Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 02 11:20:47 2017 Received: (at 26684) by debbugs.gnu.org; 2 Aug 2017 15:20:47 +0000 Received: from localhost ([127.0.0.1]:38570 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcvS2-0006Lh-Qw for submit@debbugs.gnu.org; Wed, 02 Aug 2017 11:20:47 -0400 Received: from li622-129.members.linode.com ([212.71.249.129]:59479 helo=mira.cbaines.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcvS0-0006LR-G2 for 26684@debbugs.gnu.org; Wed, 02 Aug 2017 11:20:45 -0400 Received: by mira.cbaines.net (Postfix, from userid 113) id D876213E3AD; Wed, 2 Aug 2017 16:20:42 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.0 Received: from localhost (unknown [94.119.64.0]) by mira.cbaines.net (Postfix) with ESMTPSA id 7CF7113E3AC for <26684@debbugs.gnu.org>; Wed, 2 Aug 2017 16:20:42 +0100 (BST) Received: from localhost.localdomain (localhost [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id e3526e2c for <26684@debbugs.gnu.org>; Wed, 2 Aug 2017 15:20:41 +0000 (UTC) From: Christopher Baines To: 26684@debbugs.gnu.org Subject: [PATCH 2/2] web: Check for the existance of SSL related files. Date: Wed, 2 Aug 2017 16:20:41 +0100 Message-Id: <20170802152041.11053-2-mail@cbaines.net> X-Mailer: git-send-email 2.13.1 In-Reply-To: <20170802152041.11053-1-mail@cbaines.net> References: <87o9rytiwy.fsf@gnu.org> <20170802152041.11053-1-mail@cbaines.net> X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) This adds back the previous behaviour of the nginx-service-type, where the service would check at the time when the configuration is generated if the SSL certificate and certificate key file exists. * gnu/services/web.scm (emit-nginx-server-config): Add back check for SSL related files. --- gnu/services/web.scm | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 97318ecb1..cc7adeb5e 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -157,6 +157,16 @@ of index files." (syntax-parameterize ((<> (identifier-syntax x*))) (list tail ...)) '()))) + (for-each + (match-lambda + ((record-key . file) + (if (and file (not (file-exists? file))) + (error + (simple-format + #f + "~A in the nginx configuration for the server with name \"~A\" does not exist" record-key server-name))))) + `(("ssl-certificate" . ,ssl-certificate) + ("ssl-certificate-key" . ,ssl-certificate-key))) (list " server {\n" (and/l http-port " listen " (number->string <>) ";\n") -- 2.13.1 From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 02 11:20:48 2017 Received: (at 26684) by debbugs.gnu.org; 2 Aug 2017 15:20:48 +0000 Received: from localhost ([127.0.0.1]:38572 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcvS4-0006Lp-3a for submit@debbugs.gnu.org; Wed, 02 Aug 2017 11:20:48 -0400 Received: from li622-129.members.linode.com ([212.71.249.129]:59480 helo=mira.cbaines.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcvS0-0006LS-G2 for 26684@debbugs.gnu.org; Wed, 02 Aug 2017 11:20:45 -0400 Received: by mira.cbaines.net (Postfix, from userid 113) id 30B8913E3AC; Wed, 2 Aug 2017 16:20:43 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from localhost (unknown [94.119.64.0]) by mira.cbaines.net (Postfix) with ESMTPSA id 7309713E3AA for <26684@debbugs.gnu.org>; Wed, 2 Aug 2017 16:20:42 +0100 (BST) Received: from localhost.localdomain (localhost [127.0.0.1]) by localhost (OpenSMTPD) with ESMTP id 18f5726e for <26684@debbugs.gnu.org>; Wed, 2 Aug 2017 15:20:41 +0000 (UTC) From: Christopher Baines To: 26684@debbugs.gnu.org Subject: [PATCH 1/2] gnu: services: Nginx configs can reference store Date: Wed, 2 Aug 2017 16:20:40 +0100 Message-Id: <20170802152041.11053-1-mail@cbaines.net> X-Mailer: git-send-email 2.13.1 In-Reply-To: <87o9rytiwy.fsf@gnu.org> References: <87o9rytiwy.fsf@gnu.org> X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) From: Andy Wingo * gnu/services/web.scm (config-domain-strings, config-index-strings): Emit lists instead of strings. (emit-nginx-location-config, emit-nginx-server-config) (emit-nginx-upstream-config): Rename from nginx-location-config, default-nginx-server-config, and nginx-upstream-config. Emit lists instead of strings. (flatten): New helper. (default-nginx-config): Use flatten helper to write nginx conf. This allows location configs to reference store values. --- gnu/services/web.scm | 154 +++++++++++++++++++++++++-------------------------- 1 file changed, 74 insertions(+), 80 deletions(-) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index c605d7686..97318ecb1 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -114,105 +114,99 @@ (define (config-domain-strings names) "Return a string denoting the nginx config representation of NAMES, a list of domain names." - (string-join - (map (match-lambda + (map (match-lambda ('default "_ ") - ((? string? str) (string-append str " "))) - names))) + ((? string? str) (list str " "))) + names)) (define (config-index-strings names) "Return a string denoting the nginx config representation of NAMES, a list of index files." - (string-join - (map (match-lambda - ((? string? str) (string-append str " "))) - names))) + (map (match-lambda + ((? string? str) (list str " "))) + names)) -(define nginx-location-config +(define emit-nginx-location-config (match-lambda (($ uri body) - (string-append + (list " location " uri " {\n" - " " (string-join body "\n ") "\n" + (map (lambda (x) (list " " x "\n")) body) " }\n")) (($ name body) - (string-append + (list " location @" name " {\n" - " " (string-join body "\n ") "\n" + (map (lambda (x) (list " " x "\n")) body) " }\n")))) -(define (default-nginx-server-config server) - (string-append - " server {\n" - (if (nginx-server-configuration-http-port server) - (string-append " listen " - (number->string (nginx-server-configuration-http-port server)) - ";\n") - "") - (if (nginx-server-configuration-https-port server) - (string-append " listen " - (number->string (nginx-server-configuration-https-port server)) - " ssl;\n") - "") - " server_name " (config-domain-strings - (nginx-server-configuration-server-name server)) - ";\n" - (if (nginx-server-configuration-ssl-certificate server) - (let ((certificate (nginx-server-configuration-ssl-certificate server))) - ;; lstat fails when the certificate file does not exist: it aborts - ;; and lets the user fix their configuration. - (lstat certificate) - (string-append " ssl_certificate " certificate ";\n")) - "") - (if (nginx-server-configuration-ssl-certificate-key server) - (let ((key (nginx-server-configuration-ssl-certificate-key server))) - (lstat key) - (string-append " ssl_certificate_key " key ";\n")) - "") - " root " (nginx-server-configuration-root server) ";\n" - " index " (config-index-strings (nginx-server-configuration-index server)) ";\n" - " server_tokens " (if (nginx-server-configuration-server-tokens? server) - "on" "off") ";\n" - "\n" - (string-join - (map nginx-location-config (nginx-server-configuration-locations server)) - "\n") - " }\n")) +(define (emit-nginx-server-config server) + (let ((http-port (nginx-server-configuration-http-port server)) + (https-port (nginx-server-configuration-https-port server)) + (server-name (nginx-server-configuration-server-name server)) + (ssl-certificate (nginx-server-configuration-ssl-certificate server)) + (ssl-certificate-key + (nginx-server-configuration-ssl-certificate-key server)) + (root (nginx-server-configuration-root server)) + (index (nginx-server-configuration-index server)) + (server-tokens? (nginx-server-configuration-server-tokens? server)) + (locations (nginx-server-configuration-locations server))) + (define-syntax-parameter <> (syntax-rules ())) + (define-syntax-rule (and/l x tail ...) + (let ((x* x)) + (if x* + (syntax-parameterize ((<> (identifier-syntax x*))) + (list tail ...)) + '()))) + (list + " server {\n" + (and/l http-port " listen " (number->string <>) ";\n") + (and/l https-port " listen " (number->string <>) " ssl;\n") + " server_name " (config-domain-strings server-name) ";\n" + (and/l ssl-certificate " ssl_certificate " <> ";\n") + (and/l ssl-certificate-key " ssl_certificate_key " <> ";\n") + " root " root ";\n" + " index " (config-index-strings index) ";\n" + " server_tokens " (if server-tokens? "on" "off") ";\n" + "\n" + (map emit-nginx-location-config locations) + "\n" + " }\n"))) -(define (nginx-upstream-config upstream) - (string-append +(define (emit-nginx-upstream-config upstream) + (list " upstream " (nginx-upstream-configuration-name upstream) " {\n" - (string-concatenate - (map (lambda (server) - (simple-format #f " server ~A;\n" server)) - (nginx-upstream-configuration-servers upstream))) + (map (lambda (server) + (simple-format #f " server ~A;\n" server)) + (nginx-upstream-configuration-servers upstream)) " }\n")) +(define (flatten . lst) + "Return a list that recursively concatenates all sub-lists of LST." + (define (flatten1 head out) + (if (list? head) + (fold-right flatten1 out head) + (cons head out))) + (fold-right flatten1 '() lst)) + (define (default-nginx-config nginx log-directory run-directory server-list upstream-list) - (mixed-text-file "nginx.conf" - "user nginx nginx;\n" - "pid " run-directory "/pid;\n" - "error_log " log-directory "/error.log info;\n" - "http {\n" - " client_body_temp_path " run-directory "/client_body_temp;\n" - " proxy_temp_path " run-directory "/proxy_temp;\n" - " fastcgi_temp_path " run-directory "/fastcgi_temp;\n" - " uwsgi_temp_path " run-directory "/uwsgi_temp;\n" - " scgi_temp_path " run-directory "/scgi_temp;\n" - " access_log " log-directory "/access.log;\n" - " include " nginx "/share/nginx/conf/mime.types;\n" - "\n" - (string-join - (filter (lambda (section) (not (null? section))) - (map nginx-upstream-config upstream-list)) - "\n") - "\n" - (let ((http (map default-nginx-server-config server-list))) - (do ((http http (cdr http)) - (block "" (string-append (car http) "\n" block ))) - ((null? http) block))) - "}\n" - "events {}\n")) + (apply mixed-text-file "nginx.conf" + (flatten + "user nginx nginx;\n" + "pid " run-directory "/pid;\n" + "error_log " log-directory "/error.log info;\n" + "http {\n" + " client_body_temp_path " run-directory "/client_body_temp;\n" + " proxy_temp_path " run-directory "/proxy_temp;\n" + " fastcgi_temp_path " run-directory "/fastcgi_temp;\n" + " uwsgi_temp_path " run-directory "/uwsgi_temp;\n" + " scgi_temp_path " run-directory "/scgi_temp;\n" + " access_log " log-directory "/access.log;\n" + " include " nginx "/share/nginx/conf/mime.types;\n" + "\n" + (map emit-nginx-upstream-config upstream-list) + (map emit-nginx-server-config server-list) + "}\n" + "events {}\n"))) (define %nginx-accounts (list (user-group (name "nginx") (system? #t)) -- 2.13.1 From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 02 11:23:10 2017 Received: (at 26684) by debbugs.gnu.org; 2 Aug 2017 15:23:11 +0000 Received: from localhost ([127.0.0.1]:38577 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcvUM-0006QD-MR for submit@debbugs.gnu.org; Wed, 02 Aug 2017 11:23:10 -0400 Received: from li622-129.members.linode.com ([212.71.249.129]:59611 helo=mira.cbaines.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dcvUL-0006Q6-Ia for 26684@debbugs.gnu.org; Wed, 02 Aug 2017 11:23:10 -0400 Received: by mira.cbaines.net (Postfix, from userid 113) id 181A213E3AF; Wed, 2 Aug 2017 16:23:09 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from localhost (unknown [94.119.64.18]) by mira.cbaines.net (Postfix) with ESMTPSA id 6D27B13E3AA; Wed, 2 Aug 2017 16:23:07 +0100 (BST) Date: Wed, 2 Aug 2017 16:23:03 +0100 From: Christopher Baines To: ludo@gnu.org (Ludovic =?UTF-8?B?Q291cnTDqHM=?=) Subject: Re: bug#26684: let nginx configs reference the store Message-ID: <20170802162304.0f9e9253@cbaines.net> In-Reply-To: <87o9rytiwy.fsf@gnu.org> References: <87pofp7dk5.fsf@lassieur.org> <87wp6ykmyx.fsf@gnu.org> <20170802084518.4e4f1d7b@cbaines.net> <87o9rytiwy.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/Yi3Xs006X+.svHB=b.=yYiq"; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684 Cc: Andy Wingo , 26684@debbugs.gnu.org, =?UTF-8?B?Q2zDqW1lbnQ=?= Lassieur X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) --Sig_/Yi3Xs006X+.svHB=b.=yYiq Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Wed, 02 Aug 2017 11:31:41 +0200 ludo@gnu.org (Ludovic Court=C3=A8s) wrote: > Hello, >=20 > Christopher Baines skribis: >=20 > > On Mon, 24 Jul 2017 15:01:42 +0200 > > ludo@gnu.org (Ludovic Court=C3=A8s) wrote: > > =20 > >> Hello! > >>=20 > >> Christopher, Cl=C3=A9ment: I wanted to apply this patch from Andy but = it > >> conflicts with recent changes, presumably commit cb341293fa by > >> Chris. Could you take a look and apply it, if possible? > >>=20 > >> https://bugs.gnu.org/26684 =20 > > > > Hey, > > > > So I've had a look at this, it looks like its just the changes that > > are causing the conflict relate to checking that the files related > > to SSL exist. > > > > I've adjusted the patch so that it applies, and included my > > translation of the changes. I haven't done much testing yet, but > > the patch, and the diff with the previous patch is attached. =20 >=20 > As long as =E2=80=9Cmake check-system TESTS=3Dnginx=E2=80=9D doesn=E2=80= =99t catch obvious > errors, it=E2=80=99s probably fine. >=20 > Thank you! Yep, that test passes fine. I've send a couple of updated patches, the first is just the one from Andy, modified to apply, with the additional validation being re-added in the second, as I didn't like the idea of just modifying the patch from Andy with my own additions. I've also improved the error message since the first patch, so it will say something like: ERROR: ssl-certificate in the nginx configuration for the server with name "(default)" does not exist --Sig_/Yi3Xs006X+.svHB=b.=yYiq Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAlmB7lhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE 9XfWQw/7Beq7u/ZOBqOANsRRL6+Zag3kXawZVGOsLyOBe9B1rO4RpEXRf2rNDfTR dXxhMDlddmTmuToeKUtWHfqyKwmpgLO+AawsfYloyjCCD/zrb20FvODaGXIuWRYI RLTOhhOxtdd4j7Cve5XMaTKy1H7p/VnYmSVbvcAawPApOJHikaz+E6+VVhoi6s0j mf1sKaZaxqIiR8pXRCf6IGmIG2hfYGuieK1RY3X8PLdJJutblOwNijNXYoEEPOi0 HNp8PGIWVLihIfjBLtJ4OzhxSmcrrlNNC82zOsEqJ6YiXxYTGjypt9OJtKYCcgjN e+c+tVVnYWRrCQMJhvVN6UTNX/o6ufAJFEIhyS/PL6ds/g7Ad+DlCTmHn4etMHHn sPzjOTnDKL7G81fVgQTLbsD68kN/SEC0vwi9k27v9xPg9+kG8fLtxwyUyIM1W+pF Q5M9tT2So5XhiJYKupge3wk4XlRzPixQSDL7tIeXvje+kSUrTdJrd455cvtiagrx F7hnMS4anZ8+DZvzhn1i/UM8dorhYcOtKQwBLenHP8YborjKOYA+/HlkgAOjxFXZ sLdT60fz2ruEPiBjromST5bfF8SqnTGjMzYNw1fD5b5mSGYqQC5LtirL0t2TCi1f pKLz0abqQv2TIApAir2UNwApQPbBm2LdUa8hDkmUbWC8/wbGtU4= =yl0H -----END PGP SIGNATURE----- --Sig_/Yi3Xs006X+.svHB=b.=yYiq-- From debbugs-submit-bounces@debbugs.gnu.org Thu Aug 17 13:35:42 2017 Received: (at 26684-done) by debbugs.gnu.org; 17 Aug 2017 17:35:42 +0000 Received: from localhost ([127.0.0.1]:43064 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1diOhq-00047r-GO for submit@debbugs.gnu.org; Thu, 17 Aug 2017 13:35:42 -0400 Received: from li622-129.members.linode.com ([212.71.249.129]:56847 helo=mira.cbaines.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1diOho-00047i-PZ for 26684-done@debbugs.gnu.org; Thu, 17 Aug 2017 13:35:41 -0400 Received: by mira.cbaines.net (Postfix, from userid 113) id D9B6316FE82; Thu, 17 Aug 2017 18:35:39 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from localhost (cpc102582-walt20-2-0-cust14.13-2.cable.virginm.net [86.27.34.15]) by mira.cbaines.net (Postfix) with ESMTPSA id 6182B16FE7E; Thu, 17 Aug 2017 18:35:37 +0100 (BST) Date: Thu, 17 Aug 2017 18:35:36 +0100 From: Christopher Baines To: ludo@gnu.org (Ludovic =?UTF-8?B?Q291cnTDqHM=?=) Subject: Re: [bug#26684] let nginx configs reference the store Message-ID: <20170817183536.1c9b701b@cbaines.net> In-Reply-To: <20170802162304.0f9e9253@cbaines.net> References: <87pofp7dk5.fsf@lassieur.org> <87wp6ykmyx.fsf@gnu.org> <20170802084518.4e4f1d7b@cbaines.net> <87o9rytiwy.fsf@gnu.org> <20170802162304.0f9e9253@cbaines.net> X-Mailer: Claws Mail 3.15.0-dirty (GTK+ 2.24.31; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/ZelRW52LZve380to1OsutzT"; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 26684-done Cc: Andy Wingo , =?UTF-8?B?Q2zDqW1lbnQ=?= Lassieur , 26684-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) --Sig_/ZelRW52LZve380to1OsutzT Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Wed, 2 Aug 2017 16:23:03 +0100 Christopher Baines wrote: > On Wed, 02 Aug 2017 11:31:41 +0200 > ludo@gnu.org (Ludovic Court=C3=A8s) wrote: >=20 > > Hello, > >=20 > > Christopher Baines skribis: > > =20 > > > On Mon, 24 Jul 2017 15:01:42 +0200 > > > ludo@gnu.org (Ludovic Court=C3=A8s) wrote: > > > =20 > > >> Hello! > > >>=20 > > >> Christopher, Cl=C3=A9ment: I wanted to apply this patch from Andy but > > >> it conflicts with recent changes, presumably commit cb341293fa by > > >> Chris. Could you take a look and apply it, if possible? > > >>=20 > > >> https://bugs.gnu.org/26684 =20 > > > > > > Hey, > > > > > > So I've had a look at this, it looks like its just the changes > > > that are causing the conflict relate to checking that the files > > > related to SSL exist. > > > > > > I've adjusted the patch so that it applies, and included my > > > translation of the changes. I haven't done much testing yet, but > > > the patch, and the diff with the previous patch is attached. =20 > >=20 > > As long as =E2=80=9Cmake check-system TESTS=3Dnginx=E2=80=9D doesn=E2= =80=99t catch obvious > > errors, it=E2=80=99s probably fine. > >=20 > > Thank you! =20 >=20 > Yep, that test passes fine. >=20 > I've send a couple of updated patches, the first is just the one from > Andy, modified to apply, with the additional validation being re-added > in the second, as I didn't like the idea of just modifying the patch > from Andy with my own additions. >=20 > I've also improved the error message since the first patch, so it will > say something like: >=20 > ERROR: ssl-certificate in the nginx configuration for the server > with name "(default)" does not exist I've got some more improvements I'd like to make to the NGinx service, so to keep things progressing on this, I've merged my adjusted version of the change from Andy, and my additional patch that adds back in the validation. --Sig_/ZelRW52LZve380to1OsutzT Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAlmV0+hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE 9XfHsQ//ZiU/+yhkwCCJkJp+2bAWYxVNCfIY9/ZHZFhUIVUHSaz31a+6duPpRmyj 21Q6i2xQUIjTQTHOpL70rN/pXyXAq8fcR5QUnet91j4yYPDoRTXjjraqfMbxnrKy hjlMk7/T+oCNeIwzniBJn4/EUCtwPva6pNExQT5yIJnutZgs/qpteNiEzO1UtIDS PwwnCq2pt/kUOIMrwe5viyPNR+15nIdCj/m7h6N2K9M/O+WWTagFZBndtBOyLBm0 oK6Qg3LfXPg80012n4Yia+en1eWdVNMWJFQp/xLjRXwHit9rbbHSYRmnMC7RqapW 67vdZMfHyIniNUcma4wMA5F3P+EcvFt25DJ92ALAkC+zXRrWXyZr4HKwHTIYYLyM b/V/MQAILC13XDdCbokfMZ4BOwX6R36Pqei9Wkh7Ex0DdAqC5FlePg/kgeWDj9Bn DZQBDoMoz5Drxcxu2LbHzjiafnmJgw/MbJL83AzZu5sztenHQNUC0wjXupw+Px63 9OGBK1qEOCr6XWg4YqM467zS/q0iPH7ffJbDznh7hpAmFWjIiWXFq1VgMNwQQkAk NWEp1di4MQJQbkohjY7yMAWapBkEfyCsj4oh91/ucvQ+kgus9dKGrxNLVMZuvqzf 3mQ8XwKKyJB5d24trIlLj5Am+mHTqHctADmgsSq8oUGbtbNIXj4= =GR8S -----END PGP SIGNATURE----- --Sig_/ZelRW52LZve380to1OsutzT-- From debbugs-submit-bounces@debbugs.gnu.org Mon Aug 21 06:32:08 2017 Received: (at 26684-done) by debbugs.gnu.org; 21 Aug 2017 10:32:08 +0000 Received: from localhost ([127.0.0.1]:47346 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1djk08-0005lw-8k for submit@debbugs.gnu.org; Mon, 21 Aug 2017 06:32:08 -0400 Received: from eggs.gnu.org ([208.118.235.92]:38824) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1djk05-0005lR-T1 for 26684-done@debbugs.gnu.org; Mon, 21 Aug 2017 06:32:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1djjzz-0000Vr-Kl for 26684-done@debbugs.gnu.org; Mon, 21 Aug 2017 06:32:00 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:52271) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1djjzu-0000Ro-Cd; Mon, 21 Aug 2017 06:31:54 -0400 Received: from [193.50.110.251] (port=38710 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1djjzt-0002wq-Sy; Mon, 21 Aug 2017 06:31:54 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Christopher Baines Subject: Re: [bug#26684] let nginx configs reference the store References: <87pofp7dk5.fsf@lassieur.org> <87wp6ykmyx.fsf@gnu.org> <20170802084518.4e4f1d7b@cbaines.net> <87o9rytiwy.fsf@gnu.org> <20170802162304.0f9e9253@cbaines.net> <20170817183536.1c9b701b@cbaines.net> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 4 Fructidor an 225 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-unknown-linux-gnu Date: Mon, 21 Aug 2017 12:31:51 +0200 In-Reply-To: <20170817183536.1c9b701b@cbaines.net> (Christopher Baines's message of "Thu, 17 Aug 2017 18:35:36 +0100") Message-ID: <87lgmdus88.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 26684-done Cc: Andy Wingo , =?utf-8?Q?Cl=C3=A9ment?= Lassieur , 26684-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) Christopher Baines skribis: > On Wed, 2 Aug 2017 16:23:03 +0100 > Christopher Baines wrote: > >> On Wed, 02 Aug 2017 11:31:41 +0200 >> ludo@gnu.org (Ludovic Court=C3=A8s) wrote: >>=20 >> > Hello, >> >=20 >> > Christopher Baines skribis: >> >=20=20=20 >> > > On Mon, 24 Jul 2017 15:01:42 +0200 >> > > ludo@gnu.org (Ludovic Court=C3=A8s) wrote: >> > >=20=20=20=20 >> > >> Hello! >> > >>=20 >> > >> Christopher, Cl=C3=A9ment: I wanted to apply this patch from Andy b= ut >> > >> it conflicts with recent changes, presumably commit cb341293fa by >> > >> Chris. Could you take a look and apply it, if possible? >> > >>=20 >> > >> https://bugs.gnu.org/26684=20=20=20=20 >> > > >> > > Hey, >> > > >> > > So I've had a look at this, it looks like its just the changes >> > > that are causing the conflict relate to checking that the files >> > > related to SSL exist. >> > > >> > > I've adjusted the patch so that it applies, and included my >> > > translation of the changes. I haven't done much testing yet, but >> > > the patch, and the diff with the previous patch is attached.=20=20= =20=20 >> >=20 >> > As long as =E2=80=9Cmake check-system TESTS=3Dnginx=E2=80=9D doesn=E2= =80=99t catch obvious >> > errors, it=E2=80=99s probably fine. >> >=20 >> > Thank you!=20=20 >>=20 >> Yep, that test passes fine. >>=20 >> I've send a couple of updated patches, the first is just the one from >> Andy, modified to apply, with the additional validation being re-added >> in the second, as I didn't like the idea of just modifying the patch >> from Andy with my own additions. >>=20 >> I've also improved the error message since the first patch, so it will >> say something like: >>=20 >> ERROR: ssl-certificate in the nginx configuration for the server >> with name "(default)" does not exist > > I've got some more improvements I'd like to make to the NGinx service, > so to keep things progressing on this, I've merged my adjusted version > of the change from Andy, and my additional patch that adds back in the > validation. Awesome, thank you! Ludo=E2=80=99. From unknown Sat Sep 13 10:22:28 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Mon, 18 Sep 2017 11:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator