nginx: enable http3

This commit is contained in:
emily 2024-11-04 18:51:13 +01:00
parent 03c32f38d0
commit 9df0260f15
Signed by: emily
GPG key ID: F6F4C66207FCF995
2 changed files with 7 additions and 5 deletions

View file

@ -1,4 +1,6 @@
{ config, lib, ... }: with lib; {
{ config, lib, pkgs, ... }: let
inherit (lib) mkDefault;
in {
kyouma.deployment.tags = [ "web" ];
security.dhparams.enable = true;
security.dhparams.params.nginx = {};
@ -11,7 +13,7 @@
};
services.nginx = {
enable = true;
#package = pkgs.nginxQuic;
package = mkDefault pkgs.nginxQuic;
recommendedGzipSettings = true;
recommendedOptimisation = true;

View file

@ -9,11 +9,11 @@
add_header Referrer-Policy "same-origin" always;
'';
createHost = vhostName: vhostCfg: {
extraConfig = (lib.optionalString (builtins.hasAttr "extraConfig" vhostCfg) vhostCfg.extraConfig) + "\n" + extraConfig;
extraConfig = lib.optionalString (builtins.hasAttr "extraConfig" vhostCfg) (vhostCfg.extraConfig + "\n" + extraConfig);
forceSSL = true;
#kTLS = true;
#http3 = true;
#quic = true;
http3 = true;
quic = true;
} //
lib.optionalAttrs (!(builtins.hasAttr "useACMEHost" vhostCfg)) {
enableACME = true;