From a20dcec401f765519535b19768043f7e38cf4cd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Colombaro?= Date: Wed, 24 May 2023 22:58:05 +0200 Subject: [PATCH 1/5] Add support for HTTP/3 --- conf.d/.default.conf | 2 ++ conf.d/templates/example.com.conf | 4 ++++ test/vhosts/default.conf | 2 ++ test/vhosts/secure.server.localhost.conf | 4 ++++ 4 files changed, 12 insertions(+) diff --git a/conf.d/.default.conf b/conf.d/.default.conf index 9c509943..910034f8 100644 --- a/conf.d/.default.conf +++ b/conf.d/.default.conf @@ -10,6 +10,8 @@ # returning 444 "No Response". server { + listen [::]:443 quic reuseport; + listen 443 quic reuseport; listen [::]:443 ssl http2 default_server; listen 443 ssl http2 default_server; diff --git a/conf.d/templates/example.com.conf b/conf.d/templates/example.com.conf index 1b55babb..80a2f330 100644 --- a/conf.d/templates/example.com.conf +++ b/conf.d/templates/example.com.conf @@ -10,6 +10,8 @@ # the right one. # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#server-name-if server { + listen [::]:443 quic reuseport; + listen 443 quic reuseport; listen [::]:443 ssl http2; listen 443 ssl http2; @@ -24,6 +26,8 @@ server { server { + listen [::]:443 quic reuseport; + listen 443 quic reuseport; # listen [::]:443 ssl http2 accept_filter=dataready; # for FreeBSD # listen 443 ssl http2 accept_filter=dataready; # for FreeBSD listen [::]:443 ssl http2; diff --git a/test/vhosts/default.conf b/test/vhosts/default.conf index 782c88e3..d938def1 100644 --- a/test/vhosts/default.conf +++ b/test/vhosts/default.conf @@ -9,6 +9,8 @@ server { server { + listen [::]:443 quic reuseport; + listen 443 quic reuseport; listen [::]:443 ssl http2 default_server; listen 443 ssl http2 default_server; diff --git a/test/vhosts/secure.server.localhost.conf b/test/vhosts/secure.server.localhost.conf index 9faa8336..6db90f2b 100644 --- a/test/vhosts/secure.server.localhost.conf +++ b/test/vhosts/secure.server.localhost.conf @@ -1,4 +1,6 @@ server { + listen [::]:443 quic reuseport; + listen 443 quic reuseport; listen [::]:443 ssl http2; listen 443 ssl http2; @@ -12,6 +14,8 @@ server { } server { + listen [::]:443 quic reuseport; + listen 443 quic reuseport; listen [::]:443 ssl http2; listen 443 ssl http2; From c437c4bc9ac43a237796df0766b4ae47c94b5621 Mon Sep 17 00:00:00 2001 From: onemannoplan <96282233+onemannoplan@users.noreply.github.com> Date: Sun, 23 Jul 2023 04:35:44 -0500 Subject: [PATCH 2/5] Switch to the newest `http2` directive (#335) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Pete Cooper Co-authored-by: Léo Colombaro --- conf.d/.default.conf | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/conf.d/.default.conf b/conf.d/.default.conf index 910034f8..f0faa2c2 100644 --- a/conf.d/.default.conf +++ b/conf.d/.default.conf @@ -12,8 +12,11 @@ server { listen [::]:443 quic reuseport; listen 443 quic reuseport; - listen [::]:443 ssl http2 default_server; - listen 443 ssl http2 default_server; + listen [::]:443 ssl default_server; + listen 443 ssl default_server; + + http2 on; + http3 on; server_name _; From eb9f95293ad7a5428b0f71d0a3fd3680206d346d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Colombaro?= Date: Sun, 23 Jul 2023 11:56:22 +0200 Subject: [PATCH 3/5] Update support version --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f15e1c63..d9c16cc3 100644 --- a/README.md +++ b/README.md @@ -172,7 +172,7 @@ nginx -s reload ## Support - * Nginx v**1.8.0**+ + * Nginx v**1.25.0**+ ## Contributing From b29addf7bb28bb89a9a161f98b9128a25a9fd85c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Colombaro?= Date: Sun, 23 Jul 2023 11:57:47 +0200 Subject: [PATCH 4/5] Switch to the newest syntax --- .gitignore | 2 +- conf.d/templates/example.com.conf | 12 ++++++------ test/vhosts/default.conf | 4 ++-- test/vhosts/secure.server.localhost.conf | 8 ++++---- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.gitignore b/.gitignore index 4e4a6e1c..f91cf7c4 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,4 @@ conf.d/*.conf !conf.d/.default.conf !conf.d/no-ssl.default.conf test/* -!test/vhosts/ +!test/vhosts diff --git a/conf.d/templates/example.com.conf b/conf.d/templates/example.com.conf index 80a2f330..7d2e376a 100644 --- a/conf.d/templates/example.com.conf +++ b/conf.d/templates/example.com.conf @@ -12,8 +12,8 @@ server { listen [::]:443 quic reuseport; listen 443 quic reuseport; - listen [::]:443 ssl http2; - listen 443 ssl http2; + listen [::]:443 ssl; + listen 443 ssl; server_name www.example.com; @@ -28,10 +28,10 @@ server { server { listen [::]:443 quic reuseport; listen 443 quic reuseport; - # listen [::]:443 ssl http2 accept_filter=dataready; # for FreeBSD - # listen 443 ssl http2 accept_filter=dataready; # for FreeBSD - listen [::]:443 ssl http2; - listen 443 ssl http2; + # listen [::]:443 ssl accept_filter=dataready; # for FreeBSD + # listen 443 ssl accept_filter=dataready; # for FreeBSD + listen [::]:443 ssl; + listen 443 ssl; # The host name to respond to server_name example.com; diff --git a/test/vhosts/default.conf b/test/vhosts/default.conf index d938def1..cf7c509c 100644 --- a/test/vhosts/default.conf +++ b/test/vhosts/default.conf @@ -11,8 +11,8 @@ server { server { listen [::]:443 quic reuseport; listen 443 quic reuseport; - listen [::]:443 ssl http2 default_server; - listen 443 ssl http2 default_server; + listen [::]:443 ssl default_server; + listen 443 ssl default_server; server_name _; diff --git a/test/vhosts/secure.server.localhost.conf b/test/vhosts/secure.server.localhost.conf index 6db90f2b..1645ae87 100644 --- a/test/vhosts/secure.server.localhost.conf +++ b/test/vhosts/secure.server.localhost.conf @@ -1,8 +1,8 @@ server { listen [::]:443 quic reuseport; listen 443 quic reuseport; - listen [::]:443 ssl http2; - listen 443 ssl http2; + listen [::]:443 ssl; + listen 443 ssl; server_name www.secure.server.localhost; @@ -16,8 +16,8 @@ server { server { listen [::]:443 quic reuseport; listen 443 quic reuseport; - listen [::]:443 ssl http2; - listen 443 ssl http2; + listen [::]:443 ssl; + listen 443 ssl; server_name secure.server.localhost; From 8a760a187fd8ea79f52bfe9a9fa98ee9dac7f0b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Colombaro?= Date: Sun, 23 Jul 2023 11:58:37 +0200 Subject: [PATCH 5/5] Split protocol support into separate files --- h5bp/protocol/http2.conf | 7 +++++++ h5bp/protocol/http3.conf | 7 +++++++ 2 files changed, 14 insertions(+) create mode 100644 h5bp/protocol/http2.conf create mode 100644 h5bp/protocol/http3.conf diff --git a/h5bp/protocol/http2.conf b/h5bp/protocol/http2.conf new file mode 100644 index 00000000..431aeea7 --- /dev/null +++ b/h5bp/protocol/http2.conf @@ -0,0 +1,7 @@ +# ---------------------------------------------------------------------- +# | HTTP/2 Support | +# ---------------------------------------------------------------------- + +# https://nginx.org/en/docs/http/ngx_http_v2_module.html + +http2 on; diff --git a/h5bp/protocol/http3.conf b/h5bp/protocol/http3.conf new file mode 100644 index 00000000..39f3269f --- /dev/null +++ b/h5bp/protocol/http3.conf @@ -0,0 +1,7 @@ +# ---------------------------------------------------------------------- +# | HTTP/3 Support | +# ---------------------------------------------------------------------- + +# https://nginx.org/en/docs/http/ngx_http_v3_module.html + +http3 on;