From unknown Sat Jun 21 05:19:52 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#62642 <62642@debbugs.gnu.org>
To: bug#62642 <62642@debbugs.gnu.org>
Subject: Status: [PATCH] services: certbot: Fix nginx crash when certbot
 is used without domains
Reply-To: bug#62642 <62642@debbugs.gnu.org>
Date: Sat, 21 Jun 2025 12:19:52 +0000

retitle 62642 [PATCH] services: certbot: Fix nginx crash when certbot is us=
ed without domains
reassign 62642 guix-patches
submitter 62642 Saku Laesvuori <saku@laesvuori.fi>
severity 62642 normal
tag 62642 patch

thanks


From debbugs-submit-bounces@debbugs.gnu.org Mon Apr 03 09:33:25 2023
Received: (at submit) by debbugs.gnu.org; 3 Apr 2023 13:33:25 +0000
Received: from localhost ([127.0.0.1]:43729 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pjKJJ-0000m4-3e
	for submit@debbugs.gnu.org; Mon, 03 Apr 2023 09:33:25 -0400
Received: from lists.gnu.org ([209.51.188.17]:51392)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <saku@laesvuori.fi>) id 1pjKJG-0000lw-Ul
 for submit@debbugs.gnu.org; Mon, 03 Apr 2023 09:33:23 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <saku@laesvuori.fi>) id 1pjKJG-0006ej-IJ
 for guix-patches@gnu.org; Mon, 03 Apr 2023 09:33:22 -0400
Received: from vmi571514.contaboserver.net ([75.119.130.101]
 helo=mail.laesvuori.fi)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <saku@laesvuori.fi>) id 1pjKJE-00022w-KX
 for guix-patches@gnu.org; Mon, 03 Apr 2023 09:33:21 -0400
Received: from localhost.localdomain (185-185-168-253.localnetip.fi
 [185.185.168.253])
 by mail.laesvuori.fi (Postfix) with ESMTPSA id 1943034009E;
 Mon,  3 Apr 2023 15:33:32 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laesvuori.fi; s=mail;
 t=1680528813; bh=zatl4EdA0bu8eWvevljNb9xXf/srAwIQhHwRBr4YKPU=;
 h=From:To:Cc:Subject:Date;
 b=TwU38LUJUK91SiOu/rBd96OeGggiO65jTUVNbpGTzl9J+mB3WSK0CVLH0+wyg+5kM
 hhIQLa26h/jYnJMSY2VUUSYWe6WZOZmc7Fd8jwT85uUvNI8zUy0huIbANaOr6hURmZ
 OKSWiHSU6czYqciISp9MrI9XHuvH5ziI4WepUric=
From: Saku Laesvuori <saku@laesvuori.fi>
To: guix-patches@gnu.org
Subject: [PATCH] services: certbot: Fix nginx crash when certbot is used
 without domains
Date: Mon,  3 Apr 2023 16:32:41 +0300
Message-Id: <20230403133241.14760-1-saku@laesvuori.fi>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=75.119.130.101; envelope-from=saku@laesvuori.fi;
 helo=mail.laesvuori.fi
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.4 (-)
X-Debbugs-Envelope-To: submit
Cc: Saku Laesvuori <saku@laesvuori.fi>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

* gnu/services/certbot.scm (certbot-nginx-server-configurations):
Don't return a broken nginx-server-configuration when no certificate
domains are configured.
---
 gnu/services/certbot.scm | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 8e6784df2b..3d9d207f8a 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -173,20 +173,21 @@ (define certbot-nginx-server-configurations
   (match-lambda
     (($ <certbot-configuration> package webroot certificates email
                                 server rsa-key-size default-location)
-     (list
-      (nginx-server-configuration
-       (listen '("80" "[::]:80"))
-       (ssl-certificate #f)
-       (ssl-certificate-key #f)
-       (server-name
-        (apply append (map certificate-configuration-domains certificates)))
-       (locations
-        (filter identity
-                (list
-                 (nginx-location-configuration
-                  (uri "/.well-known")
-                  (body (list (list "root " webroot ";"))))
-                 default-location))))))))
+     (if (null? certificates) '()
+       (list
+        (nginx-server-configuration
+        (listen '("80" "[::]:80"))
+        (ssl-certificate #f)
+        (ssl-certificate-key #f)
+        (server-name
+         (apply append (map certificate-configuration-domains certificates)))
+        (locations
+         (filter identity
+                 (list
+                  (nginx-location-configuration
+                   (uri "/.well-known")
+                   (body (list (list "root " webroot ";"))))
+                  default-location)))))))))
 
 (define certbot-service-type
   (service-type (name 'certbot)

base-commit: 2cf71e725d55bc5bf1ad663b7c696516299cc8a7
-- 
2.39.2





From debbugs-submit-bounces@debbugs.gnu.org Mon Apr 03 10:28:16 2023
Received: (at 62642) by debbugs.gnu.org; 3 Apr 2023 14:28:16 +0000
Received: from localhost ([127.0.0.1]:44946 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pjLAN-0002ec-SV
	for submit@debbugs.gnu.org; Mon, 03 Apr 2023 10:28:16 -0400
Received: from smtpmciv3.myservices.hosting ([185.26.107.239]:33170)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mirai@makinata.eu>) id 1pjLAL-0002eU-OT
 for 62642@debbugs.gnu.org; Mon, 03 Apr 2023 10:28:14 -0400
Received: from mail1.netim.hosting (unknown [185.26.106.173])
 by smtpmciv3.myservices.hosting (Postfix) with ESMTP id 94EBC20518;
 Mon,  3 Apr 2023 16:28:12 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail1.netim.hosting (Postfix) with ESMTP id 2F7E9800A7;
 Mon,  3 Apr 2023 16:28:09 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting
Received: from mail1.netim.hosting ([127.0.0.1])
 by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id 1VCKvv7hNtwz; Mon,  3 Apr 2023 16:28:08 +0200 (CEST)
Received: from [192.168.1.239] (unknown [10.192.1.83])
 (Authenticated sender: lumen@makinata.eu)
 by mail1.netim.hosting (Postfix) with ESMTPSA id BCF8E8009D;
 Mon,  3 Apr 2023 16:28:08 +0200 (CEST)
Message-ID: <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
Date: Mon, 3 Apr 2023 15:28:00 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.9.1
Subject: Re: [bug#62642] [PATCH] services: certbot: Fix nginx crash when
 certbot is used without domains
Content-Language: en-US
To: Saku Laesvuori <saku@laesvuori.fi>
References: <20230403133241.14760-1-saku@laesvuori.fi>
From: Bruno Victal <mirai@makinata.eu>
In-Reply-To: <20230403133241.14760-1-saku@laesvuori.fi>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Score: -1.1 (-)
X-Debbugs-Envelope-To: 62642
Cc: 62642@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.1 (--)

Hi Saku,

On 2023-04-03 14:32, Saku Laesvuori via Guix-patches via wrote:
> * gnu/services/certbot.scm (certbot-nginx-server-configurations):
> Don't return a broken nginx-server-configuration when no certificate
> domains are configured.

Is there a use-case for certbot without any certificate configurations provided?
IMO it looks to me that the 'certificates' field shouldn't have a default value
configured instead?


Cheers,
Bruno




From debbugs-submit-bounces@debbugs.gnu.org Mon Apr 03 14:07:08 2023
Received: (at 62642) by debbugs.gnu.org; 3 Apr 2023 18:07:08 +0000
Received: from localhost ([127.0.0.1]:45208 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pjOaB-0005V7-N8
	for submit@debbugs.gnu.org; Mon, 03 Apr 2023 14:07:07 -0400
Received: from vmi571514.contaboserver.net ([75.119.130.101]:42598
 helo=mail.laesvuori.fi) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <saku@laesvuori.fi>) id 1pjOa9-0005Uy-LM
 for 62642@debbugs.gnu.org; Mon, 03 Apr 2023 14:07:06 -0400
Received: from X-kone (88-113-24-127.elisa-laajakaista.fi [88.113.24.127])
 by mail.laesvuori.fi (Postfix) with ESMTPSA id A950B340121;
 Mon,  3 Apr 2023 20:07:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laesvuori.fi; s=mail;
 t=1680545251; bh=cXaFYCSjaVO9ycKYI9ZVzu5lcaPPsTGU4Vb+UUd8dTY=;
 h=Date:From:To:Cc:Subject:References:In-Reply-To;
 b=G/x4pO6imx10f3EstPjAMyiDSiKfPD7mqifJOsUX9+Lqv32b/8Glcxxmp5ug91YhU
 s9P2orQ5szFlROp/Z2SMP7eDoyj7cMsrs28r5fBCQw7I5KREWAL1cFTrsLhiQr/EJK
 gtl/pi2BhPSLXm9A+oL0S1uGTvzKBIY7JfrNEN5A=
Date: Mon, 3 Apr 2023 21:06:59 +0300
From: Saku Laesvuori <saku@laesvuori.fi>
To: Bruno Victal <mirai@makinata.eu>
Subject: Re: [bug#62642] [PATCH] services: certbot: Fix nginx crash when
 certbot is used without domains
Message-ID: <20230403180659.zhbtbfnn2uhgplgc@X-kone>
References: <20230403133241.14760-1-saku@laesvuori.fi>
 <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="dpysbmjgn352fvvp"
Content-Disposition: inline
In-Reply-To: <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 62642
Cc: 62642@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--dpysbmjgn352fvvp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi,

> Is there a use-case for certbot without any certificate configurations provided?

I was writing a service that extends certbot if a configuration option
for it is set to #t. To me it seems that it is currently impossible to
view the configuration in the service type definition, so I worked
around it by extending certbot-service-type with an empty list if the
option is set to #f.

> IMO it looks to me that the 'certificates' field shouldn't have a default value
> configured instead?

Wouldn't that mean that users who use certbot only via services that
extend it would have to configure 'certificates' to () manually and have
their nginx configuration crash if they remove the extending services
and forget to remove the certbot service?

- Saku


--dpysbmjgn352fvvp
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEoMkZR3NPB29fCOn/JX0oSiodOjIFAmQrFcMACgkQJX0oSiod
OjL03hAAtugxfqNZwU6+ZtvqYoQzGongSA4sAzbNDUPImDWFxsKw7qD4t9i74O+z
tcf/9m24APdFZ2lKK6op706J6364BN5w2H5MY10bRJyyvJpM6OD4zy0+tvxTCcGZ
kJ6nhL19RtfLRF/Ov2/L3zNkITeMin5meYl9Grsvf1eRmohevwU+ogKediT4Zd81
oEKgsSBT0wxWVz+myzyo2jNb8PTMNL54Wj+UatyENBGNepLgRhKenvNeP+RQbzcX
Ft9gLHjsdxmXePCLic1GegwYELRX8CEXcng+chot7ZG5xsEmQkpk263Vw4k7rqM/
3LNTigulxoPLRVnbqEilS2e9/+SoXWRUes5e75XtOJu+Q2CSa74a50PG5JJwmPnJ
bXd4VRDXk1E+uRicXpw2ZFV0advqOz24HfozeA3m1XNr+fs7cCFDgI18oGFlreIz
Hm3LoTSU+B7K6GvFcpjR/IwxoBu1bDXg05lGT/ou1F5Ko/Hpgghc0hBVYaWLkzL0
eDSU3ZDleQ+Y0dMZQdBtS6OLfWNy4BCdMVgqMLXNbZ0qkFaOPcMa1vFb53HyYgNM
IywM7H8mszjSHmndr8Zezue0G48m80l2IWb5Dg+RRnZa/84XGZaHiN7sEEIJ2NpE
eD1w/+4G08zzJ45hFHdbb7sWxrV7VZQz+FnbPuoI6QzQ9VBghmo=
=1Qqd
-----END PGP SIGNATURE-----

--dpysbmjgn352fvvp--




From debbugs-submit-bounces@debbugs.gnu.org Tue Apr 04 09:21:35 2023
Received: (at 62642) by debbugs.gnu.org; 4 Apr 2023 13:21:35 +0000
Received: from localhost ([127.0.0.1]:46826 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pjgbP-0005au-1W
	for submit@debbugs.gnu.org; Tue, 04 Apr 2023 09:21:35 -0400
Received: from smtpm4.myservices.hosting ([185.26.105.235]:60658)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mirai@makinata.eu>) id 1pjgbM-0005al-Sf
 for 62642@debbugs.gnu.org; Tue, 04 Apr 2023 09:21:33 -0400
Received: from mail1.netim.hosting (unknown [185.26.106.173])
 by smtpm4.myservices.hosting (Postfix) with ESMTP id A73ED209C1;
 Tue,  4 Apr 2023 15:21:31 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail1.netim.hosting (Postfix) with ESMTP id 429CE800A1;
 Tue,  4 Apr 2023 15:21:28 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting
Received: from mail1.netim.hosting ([127.0.0.1])
 by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id t2SpPs2q9uy9; Tue,  4 Apr 2023 15:21:28 +0200 (CEST)
Received: from [192.168.1.239] (unknown [10.192.1.83])
 (Authenticated sender: lumen@makinata.eu)
 by mail1.netim.hosting (Postfix) with ESMTPSA id DB7658009F;
 Tue,  4 Apr 2023 15:21:27 +0200 (CEST)
Message-ID: <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
Date: Tue, 4 Apr 2023 14:21:27 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.9.1
Subject: Re: [bug#62642] [PATCH] services: certbot: Fix nginx crash when
 certbot is used without domains
Content-Language: en-US
To: Saku Laesvuori <saku@laesvuori.fi>
References: <20230403133241.14760-1-saku@laesvuori.fi>
 <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
 <20230403180659.zhbtbfnn2uhgplgc@X-kone>
From: Bruno Victal <mirai@makinata.eu>
In-Reply-To: <20230403180659.zhbtbfnn2uhgplgc@X-kone>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -1.1 (-)
X-Debbugs-Envelope-To: 62642
Cc: 62642@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.1 (--)

On 2023-04-03 19:06, Saku Laesvuori wrote:
> Hi,
> 
>> Is there a use-case for certbot without any certificate configurations provided?
> 
> I was writing a service that extends certbot if a configuration option
> for it is set to #t. To me it seems that it is currently impossible to
> view the configuration in the service type definition, so I worked
> around it by extending certbot-service-type with an empty list if the
> option is set to #f.

Right, that's a valid use case.

> 
>> IMO it looks to me that the 'certificates' field shouldn't have a default value
>> configured instead?
> 
> Wouldn't that mean that users who use certbot only via services that
> extend it would have to configure 'certificates' to () manually and have
> their nginx configuration crash if they remove the extending services
> and forget to remove the certbot service?

You're correct, having the default value set is not a problem here.

IMO, certbot should be extending the nginx service only when the 'challenge' field
is #f (ideally this should be made into a “enumerated” type, where the values range from
'http-01, 'dns-01, 'custom (as an escape hatch), ...)

Perhaps you could partition 'certificates' by whether 'challenge' is #f or not and use the
results to craft the nginx extension value instead?


Cheers,
Bruno




From debbugs-submit-bounces@debbugs.gnu.org Tue Apr 04 16:43:52 2023
Received: (at 62642) by debbugs.gnu.org; 4 Apr 2023 20:43:52 +0000
Received: from localhost ([127.0.0.1]:50370 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pjnVP-0007mK-Ug
	for submit@debbugs.gnu.org; Tue, 04 Apr 2023 16:43:52 -0400
Received: from vmi571514.contaboserver.net ([75.119.130.101]:43278
 helo=mail.laesvuori.fi) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <saku@laesvuori.fi>) id 1pjnVO-0007mC-1Y
 for 62642@debbugs.gnu.org; Tue, 04 Apr 2023 16:43:50 -0400
Received: from X-kone (88-113-24-127.elisa-laajakaista.fi [88.113.24.127])
 by mail.laesvuori.fi (Postfix) with ESMTPSA id 7ECDD342467;
 Tue,  4 Apr 2023 22:44:16 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laesvuori.fi; s=mail;
 t=1680641056; bh=p08MHGBkNtg/YMphhuUfdrd72LmG2TbrsLSMbGu37I0=;
 h=Date:From:To:Cc:Subject:References:In-Reply-To;
 b=FblHpwopY/Imt/DTMGgbIZ54t3T/jt2dZGJhlmo3ZLZrB1toeC/bAaYdWHhBclxDa
 UHhDTKHK+zBYiGgg8mBA//V0dFtJAgAr2UZDQLWY6DsiMHDkG6YZnxKZRINW7teLqE
 168+f3+e9BCWgoBc1a6aQtP5bc3iZI59YrqdDVk4=
Date: Tue, 4 Apr 2023 23:43:46 +0300
From: Saku Laesvuori <saku@laesvuori.fi>
To: Bruno Victal <mirai@makinata.eu>
Subject: [PATCH v2] services: certbot: Fix nginx crash when certbot is used
 without domains
Message-ID: <20230404204346.urftnbdrquetm7jw@X-kone>
References: <20230403133241.14760-1-saku@laesvuori.fi>
 <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
 <20230403180659.zhbtbfnn2uhgplgc@X-kone>
 <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="yx4sf7wuvknlvz7r"
Content-Disposition: inline
In-Reply-To: <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 62642
Cc: 62642@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--yx4sf7wuvknlvz7r
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* gnu/services/certbot.scm (certbot-nginx-server-configurations):
Don't return a broken nginx-server-configuration with empty server_name
when no certificate domains are configured. Instead add a separate
server for every certificate, so 0 certificates adds 0 servers.
---
 gnu/services/certbot.scm | 32 ++++++++++++++++++--------------
 1 file changed, 18 insertions(+), 14 deletions(-)

diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 8e6784df2b..0c45471659 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -173,20 +173,24 @@ (define certbot-nginx-server-configurations
   (match-lambda
     (($ <certbot-configuration> package webroot certificates email
                                 server rsa-key-size default-location)
-     (list
-      (nginx-server-configuration
-       (listen '("80" "[::]:80"))
-       (ssl-certificate #f)
-       (ssl-certificate-key #f)
-       (server-name
-        (apply append (map certificate-configuration-domains certificates)=
))
-       (locations
-        (filter identity
-                (list
-                 (nginx-location-configuration
-                  (uri "/.well-known")
-                  (body (list (list "root " webroot ";"))))
-                 default-location))))))))
+     (define (certificate->nginx-server certificate-configuration)
+       (match-record certificate-configuration <certificate-configuration>=
=20
+         (domains challenge)
+         (nginx-server-configuration
+          (listen '("80" "[::]:80"))
+          (ssl-certificate #f)
+          (ssl-certificate-key #f)
+          (server-name domains)
+          (locations
+           (filter identity
+                   (append
+                    (if challenge
+                      '()
+                      (list (nginx-location-configuration
+                             (uri "/.well-known")
+                             (body (list (list "root " webroot ";"))))))
+                    (list default-location)))))))
+     (map certificate->nginx-server certificates))))
=20
 (define certbot-service-type
   (service-type (name 'certbot)

base-commit: 2cf71e725d55bc5bf1ad663b7c696516299cc8a7
--=20
2.39.2


--yx4sf7wuvknlvz7r
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEoMkZR3NPB29fCOn/JX0oSiodOjIFAmQsjAEACgkQJX0oSiod
OjLzmBAAti74eE2JPOnhPOiwwDmeHnc84Kyqia5yszDrUFHr6m4P/00z0lYGZL1b
5wkH5lejh48nkyvQGLbBoJR+Blb3nIN2J6cPq2Ocz/JIFmO+6WlyE4lYCACqRATX
gqLTJIojwB4m4T8FUWQEissXcX7OqoaztIEVh9AfXW4BontPSQsbwk+GnsFaPe8G
AOIytFm3+pD/ZL2otcTzWP3IPEdI5UBkYTDlNA5l3sd5uFE4JqR4CeANu4Y+U4LW
rJo/AyADCicUPRUTg/eDc0NdzycpMXzCpb9i+WImsq72zXWH7J2AUoZqrHfiC2Ye
i/swvaywqN1tWVO2Bfkg7sqpu8TNRHRzNIo4bR8UuiEmOvRpOyV9DQP5osFldWnM
/9jT8jyrq99vBgogk+tYIb08t08sTN5gtWgnsVD0gpBMti13myV066HmCiZkbvD5
Gxz7sheQbXCdAXWSfA9Fa2Zt+4xcn3VF8tTpOZiymJZjPumQUdJnaQHgLjoDdHH7
a47z1D1fTxUvvbV2rbuZ5Y71YHzWnfcS505hyPGZUeoXKTByYA2QwgqN1jTSeG1o
aasuS7Gbt2o5vFk71ju+3jTMnRBa8b546vaFA8uTfvTupjLmcT54aKd3bNjG5PuP
N8byiAhkjKNy8cMIrFnH3A2BBABviUOccS2U45VUL+nhosz6Las=
=Wak2
-----END PGP SIGNATURE-----

--yx4sf7wuvknlvz7r--




From debbugs-submit-bounces@debbugs.gnu.org Thu Apr 13 05:01:00 2023
Received: (at 62642) by debbugs.gnu.org; 13 Apr 2023 09:01:00 +0000
Received: from localhost ([127.0.0.1]:42520 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1pmsp9-0007Od-UA
	for submit@debbugs.gnu.org; Thu, 13 Apr 2023 05:01:00 -0400
Received: from vmi571514.contaboserver.net ([75.119.130.101]:47988
 helo=mail.laesvuori.fi) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <saku@laesvuori.fi>) id 1pmsp5-0007OR-LR
 for 62642@debbugs.gnu.org; Thu, 13 Apr 2023 05:00:58 -0400
Received: from X-kone (88-113-24-127.elisa-laajakaista.fi [88.113.24.127])
 by mail.laesvuori.fi (Postfix) with ESMTPSA id 696973400C6;
 Thu, 13 Apr 2023 11:01:27 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laesvuori.fi; s=mail;
 t=1681376487; bh=GmkgoiaBazDMEsX92xwKuXa4v3SwQlVOYkO5Rk3OZKk=;
 h=Date:From:To:Cc:Subject:References:In-Reply-To;
 b=QnAnxWyQR0DrvQ4ahHm/Ll0PKCBKBDt1EB9oHy6t+aswS5H4kobD/QUz0o+mwQbHs
 7ufjRYY8HeccEUc90uKS9/izDoEnjVvS+Hrnf/UBey53VmAjHyp2/WrWhsovrb/0kl
 4pF6qLXcL/bkYkb5GDOHNyBEuEtd6aNAbdXiuuhI=
Date: Thu, 13 Apr 2023 12:00:51 +0300
From: Saku Laesvuori <saku@laesvuori.fi>
To: Bruno Victal <mirai@makinata.eu>
Subject: Re: [bug#62642] [PATCH] services: certbot: Fix nginx crash when
 certbot is used without domains
Message-ID: <20230413090051.p66zgoyvne6gbq7x@X-kone>
References: <20230403133241.14760-1-saku@laesvuori.fi>
 <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
 <20230403180659.zhbtbfnn2uhgplgc@X-kone>
 <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="bt4ysa3v2gib4t4q"
Content-Disposition: inline
In-Reply-To: <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 62642
Cc: 62642@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--bt4ysa3v2gib4t4q
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

> IMO, certbot should be extending the nginx service only when the 'challen=
ge' field
> is #f (ideally this should be made into a =E2=80=9Cenumerated=E2=80=9D ty=
pe, where the values range from
> 'http-01, 'dns-01, 'custom (as an escape hatch), ...)
>=20
> Perhaps you could partition 'certificates' by whether 'challenge' is #f o=
r not and use the
> results to craft the nginx extension value instead?

Certbot extends nginx for two reasons:

1. serving the challenge files
2. enforcing HTTPS by redirecting requests to domains with a certificate

The v2 patch adds a separate nginx server block for each certificate and
only servers challenge files if 'challenge' is #f. This also causes an
empty list of certificates to return an empty list of nginx server
blocks and thus fixes the original issue.

- Saku Laesvuori

--bt4ysa3v2gib4t4q
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEoMkZR3NPB29fCOn/JX0oSiodOjIFAmQ3xMMACgkQJX0oSiod
OjKbQxAAlgHHJphHq6/Gp/ETvcHWwTE4pGYsuzIXhQErXW4lnTLya3grnJ53rNtk
Z+rlXUVuolYAO3CRVVxNE+mnLDKh9TCx6PTOHyruZffIurE0WjPhPMtf6Rf58erV
7fjc9ddqSbG0YLNgJxiMg4Rwg+F4TblHpUZ3Va4tmcnBAubgBc+aE8fg92kg16ym
RpbsA9iAMy2agoX+8CHfGMehiX0v3DmyXvmkDHDUAEWPT445Ubq4aT1pl6k6QrrG
sdpBOLrHWAzwNbfwB6e6rmmZsI1GTIm2PAMwHiE+ihBWtTXI9qDguXF1g2Fnelvw
ubfCQVbScMA55DELNw+u8WzjYkMAc1wYiVUdAtokbqG8HyfhSlkdxS7vpRlBPntz
dI8rYEqRV82beKnW9yvN3hNdAweVjhtRIALfgxhQQ/JbjxuQ7qjO0tzak0BafWrs
A/79cD/Bcta3+er9s9UsT+TbVGdxJsWr5rhT5VDoL8plhTs3ni8B5XOQsD8xkJKs
o5TxZhqqotcLmmZm0DaigJNv3Mar7VLuY38SjuPHHPwONo6DeLHQPRpzLaccKydi
8auo+Gze1TPk2k4i5pxNFQ9RD1oPX70aglPw5rBxcI0UVtCEnBioNxNJMqfPgat+
/iTysvd4Su4Gn4dLtZtsuyrqgWy+j0WKB4u3X3bnEpFJNrwa2jM=
=IdFw
-----END PGP SIGNATURE-----

--bt4ysa3v2gib4t4q--




From debbugs-submit-bounces@debbugs.gnu.org Mon May 22 07:35:00 2023
Received: (at 62642) by debbugs.gnu.org; 22 May 2023 11:35:00 +0000
Received: from localhost ([127.0.0.1]:33719 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1q13oZ-0005ao-QX
	for submit@debbugs.gnu.org; Mon, 22 May 2023 07:35:00 -0400
Received: from vmi571514.contaboserver.net ([75.119.130.101]:55954
 helo=mail.laesvuori.fi) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <saku@laesvuori.fi>) id 1q13oX-0005ae-4x
 for 62642@debbugs.gnu.org; Mon, 22 May 2023 07:34:58 -0400
Received: from X-kone (unknown [185.50.245.19])
 by mail.laesvuori.fi (Postfix) with ESMTPSA id 3A605342452;
 Mon, 22 May 2023 13:35:01 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laesvuori.fi; s=mail;
 t=1684755301; bh=23smGn9bQ2XraryWhp55IE6QlQnaEnDMWE0DHR00rqE=;
 h=Date:From:To:Subject:References:In-Reply-To;
 b=nrYTDghgB4dyPvRQYzafZsdctazwQ+89cbH35wMTPaATcb6ztvyDqom9l5u/2zCQP
 5cWZx9p7xbKkcRyXOjzHBJXwYsdATcd4+O7K98tbiiQzRiZbbyj2WbP+BSdti4Oo8n
 t/wc/UhX8y+I3s3ed1QxvcZZ8RWGx29o/kwLzBuI=
Date: Mon, 22 May 2023 14:34:52 +0300
From: Saku Laesvuori <saku@laesvuori.fi>
To: Bruno Victal <mirai@makinata.eu>, 62642@debbugs.gnu.org
Subject: Re: [bug#62642] [PATCH] services: certbot: Fix nginx crash when
 certbot is used without domains
Message-ID: <20230522113452.iieqaggdfkv5lxm4@X-kone>
References: <20230403133241.14760-1-saku@laesvuori.fi>
 <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
 <20230403180659.zhbtbfnn2uhgplgc@X-kone>
 <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
 <20230413090051.p66zgoyvne6gbq7x@X-kone>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="uihfc5ngim3hqx5i"
Content-Disposition: inline
In-Reply-To: <20230413090051.p66zgoyvne6gbq7x@X-kone>
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 62642
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--uihfc5ngim3hqx5i
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Is there something blocking this patch or is it just waiting for someone
to get around to applying it?

- Saku

--uihfc5ngim3hqx5i
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEoMkZR3NPB29fCOn/JX0oSiodOjIFAmRrU1wACgkQJX0oSiod
OjLrIRAAg+xmk/aKyyfuGb1HS8rfEF7BNypFBOwWdPRL0tZA9rBdDX3ZnZ/tHet+
9tFpUiWCM2d/O2tZVOx4MCnN5RvUp5SCnQ1nny0WJnyJDN2qcKY+3J13PDxkC7rw
ujN6n+Ua8MSywGWNgVPkzs/BkxPMIcThI1UuR6ff4ep9I8/OAT0Y+mm8r4fFXcos
nQWdruBuRZFInRIM/L75MUANtJ1e7yDTGpIvJhA/jZlqF8vNEIvsZ0BnwyodBXuG
yAqX8B6mdlpehQWXpZARxhS/sv4MW6LvRzIKRNczxfW+0+ROzz1csIkrX71lR25+
G3qF6KbYBcqNgttVkaTxcX4vh8QTRRnGbrRwlLUaQ1ZlCNCH+xeLV1hX4wh39LgG
QoygKJjpad2SfwKdnA+ENNbScAlzsVD7GZDuV8QOca+Kojo2Q1sNmjnPTGBZd08p
43Sr/L/38OwZXf81zByIy7QqOoUJ64IcioGzo+3P7RADM7+o/gZSFsyCjmEyvRsl
6PXYtyAITwD2sVp9T4At1ej5VsFAN9f3TSs3vHkZofS9fXzHa4aLLA/PgxpWFNbZ
cNtH7LTai7/6Er4T7gtEv1z9xXJa0ZY7hDasyc5Qc8kbbUur1xiNEDGG2SGr7j6j
IImuOh6FDIqbgf/Hy20KHOjJP7CjzGxjN15mn2AhUXR2xpLMb0A=
=+4Ic
-----END PGP SIGNATURE-----

--uihfc5ngim3hqx5i--




From debbugs-submit-bounces@debbugs.gnu.org Sun Jun 18 17:12:06 2023
Received: (at 62642-done) by debbugs.gnu.org; 18 Jun 2023 21:12:06 +0000
Received: from localhost ([127.0.0.1]:55099 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1qAzgs-0007xM-4H
	for submit@debbugs.gnu.org; Sun, 18 Jun 2023 17:12:06 -0400
Received: from eggs.gnu.org ([209.51.188.92]:46520)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1qAzgq-0007wV-E9
 for 62642-done@debbugs.gnu.org; Sun, 18 Jun 2023 17:12:04 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1qAzgk-0006Go-GI; Sun, 18 Jun 2023 17:11:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=b9VZY6jRdFyo5PFw1K/nCO2iBZBd7d0RBdHpKl2lQmY=; b=ShHEBHJ4yBVdZ7Kgqeyt
 rLpKF22EROuaHfJEx1pKRj6aRaeswGoAGkbwlK2EXNgFaZnfKrzM4dbSMwzyssBLC2c/fhPdgbNW2
 T+XbSUo5isuPKVQi4ZKYxNcrwuSyAAzOU2a0PpZoPfiKB3/OIZDubIEPOkOukM2q1CSfv70lkYMYI
 KKkfY54wFHemDgGuZNgWR+f61UIg7LYmcyJ5UAD4qyX2Tej5UeVK8fYqWE6NYIG9zGHtdrdK0Y1N5
 h8TjX4kucuzOtr2L3+pdF6nNWU++Hn+CXOSvmAsc9yPZ65irZh8ntw4PIdBQOmyCk5eWt/23eX3yb
 KWdg8DgvBrTxzA==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1qAzgk-00066u-4C; Sun, 18 Jun 2023 17:11:58 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: Saku Laesvuori <saku@laesvuori.fi>
Subject: Re: bug#62642: [PATCH] services: certbot: Fix nginx crash when
 certbot is used without domains
References: <20230403133241.14760-1-saku@laesvuori.fi>
 <66755b58-1cb1-eae6-a4ac-69c174ed58aa@makinata.eu>
 <20230403180659.zhbtbfnn2uhgplgc@X-kone>
 <84bb2e1c-db0c-ac08-9275-ffcc0f828b1c@makinata.eu>
 <20230404204346.urftnbdrquetm7jw@X-kone>
Date: Sun, 18 Jun 2023 23:11:56 +0200
In-Reply-To: <20230404204346.urftnbdrquetm7jw@X-kone> (Saku Laesvuori's
 message of "Tue, 4 Apr 2023 23:43:46 +0300")
Message-ID: <877cs0pjab.fsf_-_@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 62642-done
Cc: 62642-done@debbugs.gnu.org, Bruno Victal <mirai@makinata.eu>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi Saku,

Saku Laesvuori <saku@laesvuori.fi> skribis:

> * gnu/services/certbot.scm (certbot-nginx-server-configurations):
> Don't return a broken nginx-server-configuration with empty server_name
> when no certificate domains are configured. Instead add a separate
> server for every certificate, so 0 certificates adds 0 servers.

Finally applied.

Thank you, and thanks to Bruno for reviewing!

Ludo=E2=80=99.




From unknown Sat Jun 21 05:19:52 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Mon, 17 Jul 2023 11:24:07 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator