cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

nixos/nginx: disable automatic advertise of HTTP/3 protocol support

Browse source 
Automatic advertise in the `http` block about support of HTTP/3
protocol makes it difficult to automatically configure services
to work with it.
HTTP/3 availability must be manually advertised, preferably in
each location block.
This commit is contained in:
Izorkin 2023-12-19 22:31:46 +03:00
parent 4c896726d7
commit 2fb0b52c50
No known key found for this signature in database
GPG key ID: 1436C1B3F3679F09
3 changed files with 15 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
nixos/doc/manual/release-notes/rl-2405.section.md
View file

@ -59,6 +59,18 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `mkosi` was updated to v19. Parts of the user interface have changed. Consult the - `mkosi` was updated to v19. Parts of the user interface have changed. Consult the
[release notes](https://github.com/systemd/mkosi/releases/tag/v19) for a list of changes. [release notes](https://github.com/systemd/mkosi/releases/tag/v19) for a list of changes.
- `services.nginx` will no longer advertise HTTP/3 availability automatically. This must now be manually added, preferably to each location block.
Example:
```nix
locations."/".extraConfig = ''
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
'';
locations."^~ /assets/".extraConfig = ''
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
'';
```
- The `kanata` package has been updated to v1.5.0, which includes [breaking changes](https://github.com/jtroo/kanata/releases/tag/v1.5.0). - The `kanata` package has been updated to v1.5.0, which includes [breaking changes](https://github.com/jtroo/kanata/releases/tag/v1.5.0).
- The latest available version of Nextcloud is v28 (available as `pkgs.nextcloud28`). The installation logic is as follows: - The latest available version of Nextcloud is v28 (available as `pkgs.nextcloud28`). The installation logic is as follows:

6
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -408,12 +408,6 @@ let
ssl_conf_command Options KTLS; ssl_conf_command Options KTLS;
''} ''}
${optionalString (hasSSL && vhost.quic && vhost.http3)
# Advertise that HTTP/3 is available
''
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
''}
${mkBasicAuth vhostName vhost} ${mkBasicAuth vhostName vhost}
${optionalString (vhost.root != null) "root ${vhost.root};"} ${optionalString (vhost.root != null) "root ${vhost.root};"}

7
nixos/modules/services/web-servers/nginx/vhost-options.nix
View file

@ -235,9 +235,9 @@ with lib;
which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;` which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;`
and activate the QUIC transport protocol and activate the QUIC transport protocol
`services.nginx.virtualHosts.<name>.quic = true;`. `services.nginx.virtualHosts.<name>.quic = true;`.
Note that HTTP/3 support is experimental and Note that HTTP/3 support is experimental and *not* yet recommended for production.
*not* yet recommended for production.
Read more at https://quic.nginx.org/ Read more at https://quic.nginx.org/
HTTP/3 availability must be manually advertised, preferably in each location block.
''; '';
}; };
@ -250,8 +250,7 @@ with lib;
which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;` which can be achieved by setting `services.nginx.package = pkgs.nginxQuic;`
and activate the QUIC transport protocol and activate the QUIC transport protocol
`services.nginx.virtualHosts.<name>.quic = true;`. `services.nginx.virtualHosts.<name>.quic = true;`.
Note that special application protocol support is experimental and Note that special application protocol support is experimental and *not* yet recommended for production.
*not* yet recommended for production.
Read more at https://quic.nginx.org/ Read more at https://quic.nginx.org/
''; '';
}; };