Skip to content

Commit

Permalink
Merge pull request #595 from flyingcircusio/126629-acme-avoid-443-con…
Browse files Browse the repository at this point in the history 
…flict

ACME: use HTTP for the Nginx readyness check

Case 126629
  • Loading branch information
Christian Kauhaus authored Jun 12, 2020
2 parents 49de5cc + 61194f0 commit 2782498
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions nixos/modules/security/acme.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,17 +214,17 @@ in
StateDirectory = lpath;
StateDirectoryMode = rights;
WorkingDirectory = "/var/lib/${lpath}";
ExecStartPre =
let
ExecStartPre =
let
script = pkgs.writeScript "acme-pre-start" ''
#!${pkgs.runtimeShell} -e
mkdir -p ${acmeChallengeDir}
chown ${data.user}:${data.group} ${acmeChallengeDir}
touch ${acmeChallengeDir}/${checkFile}
for x in 1 2 3 4 5; do
echo "Checking if web server is serving the challenge dir..."
${pkgs.curl}/bin/curl --insecure --output /dev/null --silent --head --fail \
https://${cert}/.well-known/acme-challenge/${checkFile} &&
echo "Checking if web server is serving the challenge dir..."
${pkgs.curl}/bin/curl --output /dev/null --silent --head --fail \
http://${cert}/.well-known/acme-challenge/${checkFile} &&
rm ${acmeChallengeDir}/${checkFile} &&
exit 0
Expand All @@ -236,9 +236,9 @@ in
'';
in
"+${script}";

ExecStart = "${pkgs.simp_le}/bin/simp_le ${escapeShellArgs cmdline}";
ExecStopPost =
ExecStopPost =
let
script = pkgs.writeScript "acme-post-stop" ''
#!${pkgs.runtimeShell} -e
Expand Down

0 comments on commit 2782498

Please sign in to comment.