Closed erjoalgo closed 1 year ago
Thanks for reporting this and sending a patch!
You're absolutely correct that currently symlinks inside of certs/
are not well handled. That is a bug.
Note that the suggestion in the how-to guide is to make the certs/
directory itself be a symlink, and that does work fine; however that is just an option, and symlinks inside should work.
About your patch, thanks again for sending it, it's always really appreciated. I think this can be done in a simpler way by not trying to detect directories entirely, and just skipping paths if there are no keys inside of them.
I will work on that approach for a little, and send you an alternative patch for this to see if it works for you.
I've written commit 888b2df4c1d833bc56e6cb39f691c06e16290da4 to fix this.
Would you mind giving it a try and see if it works well for you?
Thanks!
Thanks for the quick response, I've tried out 888b2df and it works as expected.
Thanks a lot!
I'm not sure if I am missing something but symlinks under certs/* weren't resolving for me despite following the recommendations for symlinking to the certbot directory and setting up permissions with
setfacl
.I added some logging and noticed that
isDir
was false when traversing my site's certificate symlink in `chasquid.go:And I also saw from the documentation(https://pkg.go.dev/io/fs#DirEntry) that the
os.DirEntry
fromos.ReadDir
, or at leastos.DirEntry.Info
, represents info about the symlink rather than the target:After implementing this change I was able to follow
certs/*
symlinks.