Skip to content

Commit

Permalink
acme: ensure nginx challenges directory is writeable
Browse files Browse the repository at this point in the history
  • Loading branch information
@domenkozar
domenkozar committed Nov 29, 2016
1 parent 69e0740 commit 75f131d
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions nixos/modules/security/acme.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,7 @@ in
path = [ pkgs.simp_le ];
preStart = ''
mkdir -p '${cfg.directory}'
chown '${data.user}:${data.group}' '${cfg.directory}'

This comment has been minimized.

Sign in to view

Copy link
@nh2

nh2 Apr 1, 2017

Contributor

Shouldn't this be chown -R? See #24529 (comment)
if [ ! -d '${cpath}' ]; then
mkdir '${cpath}'
fi
Expand Down
2 changes: 1 addition & 1 deletion nixos/modules/security/acme.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ options for the <literal>security.acme</literal> module.</para>

<programlisting>
security.acme.certs."foo.example.com" = {
webroot = "/var/www/challenges";
webroot = config.security.acme.directory + "/acme-challenge";
email = "foo@example.com";
user = "nginx";
group = "nginx";
Expand Down

0 comments on commit 75f131d

Please sign in to comment.