emily/nixfiles
emily/nixfiles
1
0
Fork 1
Code Issues Pull requests Activity

nginx: enable http3

Browse source
This commit is contained in:
emily 2024-11-04 18:51:13 +01:00
parent 03c32f38d0
commit 9df0260f15
Signed by: emily
GPG key ID: F6F4C66207FCF995
2 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
config/services/nginx.nix
View file

@ -1,4 +1,6 @@
{ config, lib, ... }: with lib; { { config, lib, pkgs, ... }: let
inherit (lib) mkDefault;
in {
kyouma.deployment.tags = [ "web" ]; kyouma.deployment.tags = [ "web" ];
security.dhparams.enable = true; security.dhparams.enable = true;
security.dhparams.params.nginx = {}; security.dhparams.params.nginx = {};
@ -11,7 +13,7 @@
}; };
services.nginx = { services.nginx = {
enable = true; enable = true;
#package = pkgs.nginxQuic; package = mkDefault pkgs.nginxQuic;
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedOptimisation = true; recommendedOptimisation = true;

6
modules/nginx/default.nix
View file

@ -9,11 +9,11 @@
add_header Referrer-Policy "same-origin" always; add_header Referrer-Policy "same-origin" always;
''; '';
createHost = vhostName: vhostCfg: { createHost = vhostName: vhostCfg: {
extraConfig = (lib.optionalString (builtins.hasAttr "extraConfig" vhostCfg) vhostCfg.extraConfig) + "\n" + extraConfig; extraConfig = lib.optionalString (builtins.hasAttr "extraConfig" vhostCfg) (vhostCfg.extraConfig + "\n" + extraConfig);
forceSSL = true; forceSSL = true;
#kTLS = true; #kTLS = true;
#http3 = true; http3 = true;
#quic = true; quic = true;
} // } //
lib.optionalAttrs (!(builtins.hasAttr "useACMEHost" vhostCfg)) { lib.optionalAttrs (!(builtins.hasAttr "useACMEHost" vhostCfg)) {
enableACME = true; enableACME = true;