From 537334f3db527bcacc5275ad8e86151de3c0e816 Mon Sep 17 00:00:00 2001
From: Gilles Filippini <pini@pini.fr>
Date: Wed, 3 Jun 2020 12:25:57 +0000
Subject: [PATCH] Log reasonning when falling back on default certificate

---
 nginx.tmpl | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/nginx.tmpl b/nginx.tmpl
index 8bb79b9..a5866ba 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -244,8 +244,14 @@ upstream {{ $upstream_name }} {
 {{ if $is_https }}
 {{/* No cert? But we do want HTTPS! Let's fallback on the nginx default one.
      And set up acme-challenge so that Let's Encrpyt can do its job */}}
+{{ if (eq $cert "") }}
+# WARNING: No certificate found - Using 'default' as fallback
+{{ else }}
+    {{ if (not (and (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert)))) }}
+# WARNING: Certificate '{{ $cert }}' doesn't exist yet - Falling back on 'default'
+    {{ end }}
+{{ end }}
 {{ $cert := coalesce $cert "default" }}
-{{/* Very same reasoning as above */}}
 {{ $cert := when (and (exists (printf "/etc/nginx/certs/%s.crt" $cert)) (exists (printf "/etc/nginx/certs/%s.key" $cert))) $cert "default" }}
 
 {{ if eq $https_method "redirect" }}