https: T2815: adjust for change in certbot config directory

2 files changed, 7 insertions, 5 deletions

diff --git a/data/templates/https/nginx.default.tmpl b/data/templates/https/nginx.default.tmpl
index f4f2c1848..aaa652e09 100644
--- a/data/templates/https/nginx.default.tmpl
+++ b/data/templates/https/nginx.default.tmpl
@@ -25,10 +25,10 @@ server {
 {% endfor %}
 
 {% if server.certbot %}
-        ssl_certificate /etc/letsencrypt/live/{{ server.certbot_dir }}/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/{{ server.certbot_dir }}/privkey.pem;
-        include /etc/letsencrypt/options-ssl-nginx.conf;
-        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+        ssl_certificate {{ server.certbot_dir }}/live/{{ server.certbot_domain_dir }}/fullchain.pem;
+        ssl_certificate_key {{ server.certbot_dir }}/live/{{ server.certbot_domain_dir }}/privkey.pem;
+        include {{ server.certbot_dir }}/options-ssl-nginx.conf;
+        ssl_dhparam {{ server.certbot_dir }}/ssl-dhparams.pem;
 {% elif server.vyos_cert %}
         include {{ server.vyos_cert.conf }};
 {% else %}
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py
index 7acb629bd..3dae0fddb 100755
--- a/src/conf_mode/https.py
+++ b/src/conf_mode/https.py
@@ -31,6 +31,7 @@ from vyos import airbag
 airbag.enable()
 
 config_file = '/etc/nginx/sites-available/default'
+certbot_dir = vyos.defaults.directories['certbot']
 
 default_server_block = {
     'id'        : '',
@@ -86,8 +87,9 @@ def get_config():
             if sub_list:
                 for sb in sub_list:
                     sb['certbot'] = True
+                    sb['certbot_dir'] = certbot_dir
                     # certbot organizes certificates by first domain
-                    sb['certbot_dir'] = certbot_domains[0]
+                    sb['certbot_domain_dir'] = certbot_domains[0]
 
     api_somewhere = False
     api_data = {}