diff options
-rw-r--r-- | nixos/modules/services/web-servers/nginx/default.nix | 3 | ||||
-rw-r--r-- | nixos/modules/services/web-servers/nginx/vhost-options.nix | 14 |
2 files changed, 16 insertions, 1 deletions
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 97511aac97374..b4a075ce0ae07 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -167,7 +167,8 @@ let listenString = { addr, port, ssl, ... }: "listen ${addr}:${toString port} " - + optionalString ssl "ssl http2 " + + optionalString ssl "ssl " + + optionalString vhost.http2 "http2 " + optionalString vhost.default "default_server " + ";"; diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 801601aafd9d6..29f08cc4f307e 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -114,6 +114,20 @@ with lib; description = "Path to server SSL certificate key."; }; + http2 = mkOption { + type = types.bool; + default = true; + description = '' + Whether to enable HTTP 2. + Note that (as of writing) due to nginx's implementation, to disable + HTTP 2 you have to disable it on all vhosts that use a given + IP address / port. + If there is one server block configured to enable http2,then it is + enabled for all server blocks on this IP. + See https://stackoverflow.com/a/39466948/263061. + ''; + }; + root = mkOption { type = types.nullOr types.path; default = null; |