fix: acme.sh-systemd allow read write to /etc/nginx and /var/log/nginx so no error when auto renew

author: Xiao Pan <xyz@flylightning.xyz> 2025-11-19 15:22:01 +0000
committer: Xiao Pan <xyz@flylightning.xyz> 2025-11-19 15:22:01 +0000
commit: 8f4684ca9807d37f404a52a0c96b207835784141 (patch)
tree: 601dc645d3a693d7596464cd059c40b28044f7db /etc/systemd/system/acme.sh.service.d
parent: f245d02a62168df5d6696d665bfe3d86463dc6f9 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/etc/systemd/system/acme.sh.service.d/override.conf b/etc/systemd/system/acme.sh.service.d/override.conf
index 722f60a6..058446db 100644
--- a/etc/systemd/system/acme.sh.service.d/override.conf
+++ b/etc/systemd/system/acme.sh.service.d/override.conf
@@ -1,2 +1,7 @@
+# Note need both /etc/nginx and /var/log/nginx, else acme.sh will error: "It
+# seems that the nginx config is not correct, cannot continue." By editing
+# /usr/share/acme.sh/acme.sh to change `nginx -t >/dev/null 2>&1` to `nginx
+# -t`, we can see nginx's error log: "open() "/var/log/nginx/access.log"
+# failed", this is the reason why /var/log/nginx is also included
 [Service]
-ReadWritePaths=/etc/acme.sh /var/log/acme.sh /etc/postfix
+ReadWritePaths=/etc/acme.sh /var/log/acme.sh /etc/postfix /etc/nginx /var/log/nginx
author	Xiao Pan <xyz@flylightning.xyz>	2025-11-19 15:22:01 +0000
committer	Xiao Pan <xyz@flylightning.xyz>	2025-11-19 15:22:01 +0000
commit	8f4684ca9807d37f404a52a0c96b207835784141 (patch)
tree	601dc645d3a693d7596464cd059c40b28044f7db /etc/systemd/system/acme.sh.service.d
parent	f245d02a62168df5d6696d665bfe3d86463dc6f9 (diff)