Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable HTTP/3 QUIC

Browse Source
This commit is contained in:
VirtuBox
2024-06-08 11:59:18 +02:00
parent cb18d970bd
commit c641f1eaa1
6 changed files with 27 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -10,7 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
#### Added #### Added
- Ubuntu 24.04 LTS support - Ubuntu 24.04 LTS compatibility (some required php packages are not available yet) so not officially supported by WordOps
- New Nginx package with HTTP/3 QUIC support - New Nginx package with HTTP/3 QUIC support
- `wo stack install/remove --brotli` to enable/disable brotli compression - `wo stack install/remove --brotli` to enable/disable brotli compression
@@ -21,6 +21,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- All APT repositories are properly signed with gpg keys - All APT repositories are properly signed with gpg keys
- Netdata is installed from debian packages when available - Netdata is installed from debian packages when available
- Less logs in acme.sh operation - Less logs in acme.sh operation
- Migrate all repositories in /etc/apt/sources.list.d/wo-repo.list in indivual files like mariadb.list, redis.list, wordops.list
#### Fixed #### Fixed

4
README.md
View File

@@ -71,6 +71,10 @@
- Raspbian 10 (Buster) - Raspbian 10 (Buster)
- Raspbian 11 (Bullseye) - Raspbian 11 (Bullseye)
#### Not fully compatible yet
- Ubuntu 24.04 LTS (Noble)
## Getting Started ## Getting Started
```bash ```bash

2
wo/cli/templates/22222.mustache
View File

@@ -2,7 +2,7 @@
server { server {
listen {{port}} default_server ssl http2; listen {{port}} default_server ssl;
access_log /var/log/nginx/22222.access.log rt_cache; access_log /var/log/nginx/22222.access.log rt_cache;
error_log /var/log/nginx/22222.error.log; error_log /var/log/nginx/22222.error.log;

3
wo/cli/templates/nginx-core.mustache
View File

@@ -55,6 +55,9 @@ http {
proxy_set_header Early-Data $ssl_early_data; proxy_set_header Early-Data $ssl_early_data;
ssl_early_data on; ssl_early_data on;
# enable http/2
http2 on;
ssl_session_timeout 1d; ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m; ssl_session_cache shared:SSL:50m;
ssl_session_tickets off; ssl_session_tickets off;

18
wo/cli/templates/ssl.mustache
View File

@@ -1,5 +1,19 @@
listen 443 ssl http2; # display http version used in header (optional)
listen [::]:443 ssl http2; more_set_headers "X-protocol : $server_protocol always";
# Advertise HTTP/3 QUIC support (required)
more_set_headers 'Alt-Svc h3=":$server_port"; ma=86400';
# enable [QUIC address validation](https://datatracker.ietf.org/doc/html/rfc9000#name-address-validation)
quic_retry on;
# Listen on port 443 with HTTP/3 QUIC
listen 443 quic;
listen [::]:443 quic;
# listen on port 443 with HTTP/2
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate {{ssl_live_path}}/{{domain}}/fullchain.pem; ssl_certificate {{ssl_live_path}}/{{domain}}/fullchain.pem;
ssl_certificate_key {{ssl_live_path}}/{{domain}}/key.pem; ssl_certificate_key {{ssl_live_path}}/{{domain}}/key.pem;
ssl_trusted_certificate {{ssl_live_path}}/{{domain}}/ca.pem; ssl_trusted_certificate {{ssl_live_path}}/{{domain}}/ca.pem;

2
wo/core/variables.py
View File

@@ -117,7 +117,7 @@ class WOVar():
# WordOps stack installation variables # WordOps stack installation variables
# Nginx repo and packages # Nginx repo and packages
if wo_distro == 'ubuntu': if wo_distro == 'ubuntu':
wo_nginx_repo = "ppa:wordops/nginx-wo" wo_nginx_repo = "ppa:virtubox/nginx"
else: else:
if wo_distro == 'debian': if wo_distro == 'debian':