diff options
| author | ajs124 <ajs124@users.noreply.github.com> | 2023-08-03 14:50:31 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-03 14:50:31 +0200 |
| commit | 4b0ef51702e1512880179cd24e9e63b88f0a2121 (patch) | |
| tree | 6640fa428f05108adb4561615df5d3586a79b798 | |
| parent | e9fd5bf91302e22970be947f67bbecd5f749af48 (diff) | |
| parent | cf7cea328785316ed428cb1036169072cedf7a89 (diff) | |
Merge pull request #245891 from Izorkin/fix-nginx-http2
nixos/nginx: using new variant of http2 directive
| -rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 7e5d2aa964a4f..fccc31b5116cb 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -335,7 +335,7 @@ let + ";")) + " listen ${addr}:${toString port} " - + optionalString (ssl && vhost.http2) "http2 " + + optionalString (ssl && vhost.http2 && oldHTTP2) "http2 " + optionalString ssl "ssl " + optionalString vhost.default "default_server " + optionalString vhost.reuseport "reuseport " @@ -380,6 +380,9 @@ let server { ${concatMapStringsSep "\n" listenString hostListen} server_name ${vhost.serverName} ${concatStringsSep " " vhost.serverAliases}; + ${optionalString (hasSSL && vhost.http2 && !oldHTTP2) '' + http2 on; + ''} ${optionalString (hasSSL && vhost.quic) '' http3 ${if vhost.http3 then "on" else "off"}; http3_hq ${if vhost.http3_hq then "on" else "off"}; @@ -463,6 +466,8 @@ let ); mkCertOwnershipAssertion = import ../../../security/acme/mk-cert-ownership-assertion.nix; + + oldHTTP2 = versionOlder cfg.package.version "1.25.1"; in { |