From 888b2df4c1d833bc56e6cb39f691c06e16290da4 Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Sat, 2 Sep 2023 13:54:17 +0100
Subject: [PATCH] Handle symlinks under the `certs/` directory

Currently, if the `certs/` directory has a symlink inside, we skip it.
That is not really intended, it's an unfortunate side-effect of skipping
regular files.

To fix this, this patch adjusts the logic to only ignore regular files
instead. It also adds a message when a directory is skipped, to make it
easier to debug permission issues.

Thanks to @erjoalgo for reporting this in
https://github.com/albertito/chasquid/pull/39, and providing an
alternative patch!
---
 chasquid.go                                 | 12 ++++++++----
 test/t-01-simple_local/config/certs/symlink |  1 +
 2 files changed, 9 insertions(+), 4 deletions(-)
 create mode 120000 test/t-01-simple_local/config/certs/symlink

diff --git a/chasquid.go b/chasquid.go
index 35aa99b..1bd7356 100644
--- a/chasquid.go
+++ b/chasquid.go
@@ -92,8 +92,8 @@ func main() {
 	// The structure matches letsencrypt's, to make it easier for that case.
 	log.Infof("Loading certificates")
 	for _, info := range mustReadDir("certs/") {
-		if !info.IsDir() {
-			// Skip non-directories.
+		if info.Type().IsRegular() {
+			// Ignore regular files, we only care about directories.
 			continue
 		}
 
@@ -101,12 +101,16 @@ func main() {
 		dir := filepath.Join("certs/", name)
 		log.Infof("  %s", name)
 
+		// Ignore directories that don't have both keys.
+		// We warn about this because it can be hard to debug otherwise.
 		certPath := filepath.Join(dir, "fullchain.pem")
-		if _, err := os.Stat(certPath); os.IsNotExist(err) {
+		if _, err := os.Stat(certPath); err != nil {
+			log.Infof("    skipping: %v", err)
 			continue
 		}
 		keyPath := filepath.Join(dir, "privkey.pem")
-		if _, err := os.Stat(keyPath); os.IsNotExist(err) {
+		if _, err := os.Stat(keyPath); err != nil {
+			log.Infof("    skipping: %v", err)
 			continue
 		}
 
diff --git a/test/t-01-simple_local/config/certs/symlink b/test/t-01-simple_local/config/certs/symlink
new file mode 120000
index 0000000..13b59f7
--- /dev/null
+++ b/test/t-01-simple_local/config/certs/symlink
@@ -0,0 +1 @@
+testserver/
\ No newline at end of file