That makes sense, yes, even though I’m still puzzled this is what is causing issues on your system. But let’s answer your question first:
I have not looked at that in details or tested it, but I would say yes… see below:
They actually do, I believe. First, let’s look at a previous post by @phillxnet describing Rockstor “boot” procedure:
If we look at the first systemd service of interest, we have rockstor-pre, which simply triggers the initrock script. In this script, you will find the following:
… which triggers the following:
… which itself is a wrapper for the following:
As you can see in the latter, the file in /opt/rockstor/etc/nginx/nginx.conf is used as a template and updated with port:ip settings, for instance. Let’s look at one part of that in particular:
As you can see there, it searches for the listen 443 default_server line and make sure the port (and ip if specified) fits what it should be by replacing the line with listen (ip:)port default_server. I believe this is where your manual addition of ssl gets overwritten at every boot.
You could thus try to manually alter this (note the two lines with the inclusion of ssl:
substr = "listen {} ssl default_server".format(port)
if ip is not None:
substr = "listen {}:{} ssl default_server".format(ip, port)
lines[i] = re.sub(r"listen.* default_server", substr, lines[i])
That being said, I’m really confused as to why you’re experiencing this, honestly… I cannot reproduce this problem on my systems here; they’re all Rockstor 4 (so built on openSUSE), but I’m unsure where it’s coming from.
Let us know how it goes, though, as we might need to implement this as permanent solution if that is the proper way to configure our Nginx conf. I’m not well versed in that myself, but I know we have quite a few experts in our community here so I will let these experts chime in.
Either way, thanks a lot for your finding and reporting back as it might very well help everybody in the end!