commit 3287441158d36d15257902e4579d31ef422b130f · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #275484 from Izorkin/update-nginx-http3

nixos/nginx: disable automatic advertise of HTTP/3 protocol support

authored by Ryan Lahfa and committed by GitHub 2 years ago 32874411 a2498cdd

+15 -10

3 changed files

expand all

unified split

nixos

doc

manual

release-notes

rl-2405.section.md

modules

services

web-servers

nginx

default.nix

vhost-options.nix

+12

nixos/doc/manual/release-notes/rl-2405.section.md

··· 68 68 - `mkosi` was updated to v19. Parts of the user interface have changed. Consult the 69 69 [release notes](https://github.com/systemd/mkosi/releases/tag/v19) for a list of changes. 70 70 71 + - `services.nginx` will no longer advertise HTTP/3 availability automatically. This must now be manually added, preferably to each location block. 72 + Example: 73 + 74 + ```nix 75 + locations."/".extraConfig = '' 76 + add_header Alt-Svc 'h3=":$server_port"; ma=86400'; 77 + ''; 78 + locations."^~ /assets/".extraConfig = '' 79 + add_header Alt-Svc 'h3=":$server_port"; ma=86400'; 80 + ''; 81 + 82 + ``` 71 83 - The `kanata` package has been updated to v1.5.0, which includes [breaking changes](https://github.com/jtroo/kanata/releases/tag/v1.5.0). 72 84 73 85 - The latest available version of Nextcloud is v28 (available as `pkgs.nextcloud28`). The installation logic is as follows:

-6

nixos/modules/services/web-servers/nginx/default.nix

··· 408 408 ssl_conf_command Options KTLS; 409 409 ''} 410 410 411 - ${optionalString (hasSSL && vhost.quic && vhost.http3) 412 - # Advertise that HTTP/3 is available 413 - '' 414 - add_header Alt-Svc 'h3=":$server_port"; ma=86400'; 415 - ''} 416 - 417 411 ${mkBasicAuth vhostName vhost} 418 412 419 413 ${optionalString (vhost.root != null) "root ${vhost.root};"}

+3 -4

nixos/modules/services/web-servers/nginx/vhost-options.nix

··· 235 235 which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;` 236 236 and activate the QUIC transport protocol 237 237 `services.nginx.virtualHosts.<name>.quic = true;`. 238 - Note that HTTP/3 support is experimental and 239 - *not* yet recommended for production. 238 + Note that HTTP/3 support is experimental and *not* yet recommended for production. 240 239 Read more at https://quic.nginx.org/ 240 + HTTP/3 availability must be manually advertised, preferably in each location block. 241 241 ''; 242 242 }; 243 243 ··· 250 250 which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;` 251 251 and activate the QUIC transport protocol 252 252 `services.nginx.virtualHosts.<name>.quic = true;`. 253 - Note that special application protocol support is experimental and 254 - *not* yet recommended for production. 253 + Note that special application protocol support is experimental and *not* yet recommended for production. 255 254 Read more at https://quic.nginx.org/ 256 255 ''; 257 256 };