From d5a097fdb609ec5ffb09bcab632e4b2a03ae05ca Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Mon, 8 Feb 2016 06:12:49 +0100
Subject: nginx module: Don't create acme certs if acme is not enabled

---
 nixos/modules/services/web-servers/nginx/default.nix | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'nixos/modules/services/web-servers/nginx')

diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix
index e369505fbc31..18fce9672dda 100644
--- a/nixos/modules/services/web-servers/nginx/default.nix
+++ b/nixos/modules/services/web-servers/nginx/default.nix
@@ -248,10 +248,14 @@ in
       };
     };
 
-    security.acme.certs = mapAttrs (vhostName: vhostConfig: {
-      webroot = vhostConfig.acmeRoot;
-      extraDomains = genAttrs vhostConfig.serverAliases (alias: null);
-    }) virtualHosts;
+    security.acme.certs = filterAttrs (n: v: v != {}) (
+      mapAttrs (vhostName: vhostConfig:
+        optionalAttrs vhostConfig.enableACME {
+          webroot = vhostConfig.acmeRoot;
+          extraDomains = genAttrs vhostConfig.serverAliases (alias: null);
+        }
+      ) virtualHosts
+    );
 
 
     users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton
-- 
cgit 1.4.1