Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable usage of global http2 enabling (available since nginx 1.25.1) #159

Merged
merged 1 commit into from
Oct 28, 2024
Merged

Enable usage of global http2 enabling (available since nginx 1.25.1) #159

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions nginx/domains/apt.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ proxy_cache_path /var/cache/nginx-apt levels=1:2 keys_zone=apt_cache:10m inactiv
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;

server_name apt.ffmuc.net apt.in.ffmuc.net;

Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/bitte-router-erneuern.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name bitte-router-erneuern.ffmuc.net;

return 301 https://ffmuc.net/freifunkmuc/2023/12/08/supportende-von-8-64-routern/;
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/broker.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ upstream wgkex_backend {
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name broker.ffmuc.net wgkex.ffmuc.net;

root /srv/www/{{ domain }};
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/byro.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ upstream byro_upstream {
server docker06.ov.ffmuc.net:8345;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name verein.fnmuc.net verein.ffmuc.net byro.ffmuc.net;

# Force HTTPS connection. This rules is domain agnostic
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/chat.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ upstream chat_backend {
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name chat.ffmuc.net chat-test.ffmuc.net;

location ~ /api/v[0-9]+/(users/)?websocket$ {
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/cloud.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ upstream cloud_backend {
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name cloud.ext.ffmuc.net cloud.ffmuc.net cloud.freifunk-muenchen.de;

# Force HTTPS connection. This rules is domain agnostic
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/conferencemapper.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ upstream conferencemapper_upstream {
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;

server_name {{ domain }};

Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/doh.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ server {
error_log /var/log/nginx/{{ domain }}_error.log;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;

server_name dns.ffmuc.net doh.ffmuc.net dot.ffmuc.net anycast.ffmuc.net anycast01.ffmuc.net anycast02.ffmuc.net;

Expand Down
8 changes: 4 additions & 4 deletions nginx/domains/ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ upstream wiki_upstream {
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name ffmuc.net
www.ffmuc.net
wiki.ffmuc.net
Expand All @@ -31,8 +31,8 @@ server {
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name
www.muenchen.freifunk.net muenchen.freifunk.net
www.münchen.freifunk.net münchen.freifunk.net
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/firmware.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name firmware.ffmuc.net firmware.in.ffmuc.net "";

client_max_body_size 2048M;
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/fnmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name fnmuc.net;

return 301 https://ffmuc.net/wiki/doku.php?id=ev:start;
Expand Down
6 changes: 3 additions & 3 deletions nginx/domains/map.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ proxy_cache_path /var/cache/nginx-map levels=1:2 keys_zone=map_cache:10m inactiv

server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name map.ext.ffmuc.net map.ffmuc.net map.freifunk-muenchen.de;

# Force HTTPS connection. This rules is domain agnostic
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/meet.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ server {
return 301 https://meet.ffmuc.net$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name meet.ffmuc.net meet-test.ffmuc.net ffmeet.de *.ffmeet.de ffmeet.net *.ffmeet.net klassenkonferenz.de;

add_header Strict-Transport-Security "max-age=31536000";
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/offline.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name offline.ffmuc.net;

return 307 https://wiki.freifunk.net/Mein_Freifunk_funktioniert_nicht_mehr;
Expand Down
8 changes: 4 additions & 4 deletions nginx/domains/omada.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@ upstream omada_backend {
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
listen 80;
listen [::]:80;
listen 8043 ssl http2;
listen [::]:8043 ssl http2;
listen 8043 ssl;
listen [::]:8043 ssl;

server_name omada.ext.ffmuc.net omada.ffmuc.net omada;

Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/recorder.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name recorder.ffmuc.net;

root /srv/www/recorder.ffmuc.net;
Expand Down
10 changes: 5 additions & 5 deletions nginx/domains/silo.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,17 +8,17 @@ proxy_cache_path /var/cache/nginx-silo levels=1:2 keys_zone=silo_cache:10m max_s
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name stream.ffmuc.net;
return 301 https://silo.ffmuc.net$request_uri;
}

server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name silo.ffmuc.net;

root /srv/www/{{ domain }};
Expand Down Expand Up @@ -72,7 +72,7 @@ server {
proxy_send_timeout 300;
proxy_read_timeout 300;
}

if ($scheme = http) {
rewrite ^ https://$host$uri permanent;
}
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/social.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ server {
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name social.ffmuc.net;

ssl_protocols TLSv1.2 TLSv1.3;
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/stats.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ proxy_cache_path /var/cache/nginx/grafana_datasources keys_zone=grafana_datasour
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name stats.ffmuc.net graphs.ext.ffmuc.net;

# Force HTTPS connection. This rules is domain agnostic
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/tickets.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ upstream tickets_upstream {
server docker05.ov.ffmuc.net:8002;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name tickets.ffmuc.net;

# Force HTTPS connection. This rules is domain agnostic
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/tiles.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@ proxy_cache_lock on;
proxy_cache_lock_age 10s;

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name tiles.ext.ffmuc.net a.tiles.ext.ffmuc.net b.tiles.ext.ffmuc.net c.tiles.ext.ffmuc.net tiles.ffmuc.net;

location /osm/ {
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/tv.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ proxy_cache_path /var/cache/nginx-tv levels=1:2 keys_zone=tv_cache:10m max_size=
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name tv.ffmuc.net;

root /srv/www/{{ domain }};
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/uisp.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ upstream uisp_inform_backend {
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
listen 80;
listen [::]:80;
listen 8080;
Expand Down
4 changes: 2 additions & 2 deletions nginx/domains/unifi.ffmuc.net.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ upstream unifi_inform_backend {
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
listen 80;
listen [::]:80;
listen 8080;
Expand Down
4 changes: 2 additions & 2 deletions nginx/files/default.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
server {
listen 80 default;
listen [::]:80 default;
listen 443 ssl http2 default;
listen [::]:443 ssl http2 default;
listen 443 ssl default;
listen [::]:443 ssl default;

server_name _;

Expand Down
2 changes: 2 additions & 0 deletions nginx/files/nginx.conf.jinja
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ http {
sendfile_max_chunk 512k;
server_tokens off;

http2 on;

server_names_hash_bucket_size 128;
# server_name_in_redirect off;

Expand Down
4 changes: 2 additions & 2 deletions nginx/files/nginx_vhost.jinja2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
###

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ domain }};

root /srv/www/{{ domain }};
Expand Down
Loading