enable http2 for vhosts and nginx #1167
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Errored hosts (4)Changed hosts (1)Unaffected hosts (81)WARNING: Output is too long for a comment, posted to a gist instead: https://gist.github.com/0e9ef14f548e88695e20fd85dd69e7ff |
blame poor documentation
Errored hosts (0)Changed hosts (5)Unaffected hosts (81)Changed hostsdiff for death.ocf.berkeley.edu*******************************************
+ Apache::Mod[http2] =>
parameters =>
"lib_path": "/usr/lib/apache2/modules",
"package_ensure": "present"
*******************************************
+ File[/etc/apache2/mods-available/http2.load] =>
parameters =>
"backup": "main",
"content": "LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so\n"...
"ensure": "file",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root"
*******************************************
+ File[/etc/apache2/mods-enabled/http2.load] =>
parameters =>
"backup": "main",
"ensure": "link",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root",
"target": "/etc/apache2/mods-available/http2.load"
*******************************************
File[/opt/share/vhost-web.jinja] =>
parameters =>
content =>
@@ -10,4 +10,5 @@
SSLCertificateKeyFile {{vhost.ssl.key}}
SSLCertificateChainFile {{vhost.ssl.chain}}
+ Protocols h2 http/1.1
{% endif %}
_
*******************************************diff for dev-flood.ocf.berkeley.edu*******************************************
Concat::Fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[dev-irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for flood.ocf.berkeley.edu*******************************************
Concat::Fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for lightning.ocf.berkeley.edu*******************************************
Concat::Fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Concat_fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[puppet.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for reaper.ocf.berkeley.edu*******************************************
Concat::Fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Concat_fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[jenkins.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************Unaffected hosts |
spaces
|
This should be a rather painless patch (if things go smoothly). HTTP/2's benefit is pretty significant especially when there are a lot of resources and the user's network is slow/high-latency. |
Errored hosts (0)Changed hosts (5)Unaffected hosts (81)Changed hostsdiff for death.ocf.berkeley.edu*******************************************
+ Apache::Mod[http2] =>
parameters =>
"lib_path": "/usr/lib/apache2/modules",
"package_ensure": "present"
*******************************************
+ File[/etc/apache2/mods-available/http2.load] =>
parameters =>
"backup": "main",
"content": "LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so\n"...
"ensure": "file",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root"
*******************************************
+ File[/etc/apache2/mods-enabled/http2.load] =>
parameters =>
"backup": "main",
"ensure": "link",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root",
"target": "/etc/apache2/mods-available/http2.load"
*******************************************
File[/opt/share/vhost-web.jinja] =>
parameters =>
content =>
@@ -10,4 +10,5 @@
SSLCertificateKeyFile {{vhost.ssl.key}}
SSLCertificateChainFile {{vhost.ssl.chain}}
+ Protocols h2 http/1.1
{% endif %}
_
*******************************************diff for dev-flood.ocf.berkeley.edu*******************************************
Concat::Fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[dev-irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for flood.ocf.berkeley.edu*******************************************
Concat::Fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for lightning.ocf.berkeley.edu*******************************************
Concat::Fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Concat_fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[puppet.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for reaper.ocf.berkeley.edu*******************************************
Concat::Fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Concat_fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[jenkins.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************Unaffected hosts |
Errored hosts (0)Changed hosts (5)Unaffected hosts (81)Changed hostsdiff for death.ocf.berkeley.edu*******************************************
+ Apache::Mod[http2] =>
parameters =>
"lib_path": "/usr/lib/apache2/modules",
"package_ensure": "present"
*******************************************
Apache::Vhost[www] =>
parameters =>
custom_fragment =>
@@ -1,3 +1,4 @@
_
+ Protocols h2 http/1.1
UserDir /services/http/users/
UserDir disabled root
*******************************************
Concat::Fragment[www-custom_fragment] =>
parameters =>
content =>
@@ -2,4 +2,5 @@
## Custom fragment
___
+ Protocols h2 http/1.1
UserDir /services/http/users/
UserDir disabled root
*******************************************
Concat_fragment[www-custom_fragment] =>
parameters =>
content =>
@@ -2,4 +2,5 @@
## Custom fragment
___
+ Protocols h2 http/1.1
UserDir /services/http/users/
UserDir disabled root
*******************************************
+ File[/etc/apache2/mods-available/http2.load] =>
parameters =>
"backup": "main",
"content": "LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so\n"...
"ensure": "file",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root"
*******************************************
+ File[/etc/apache2/mods-enabled/http2.load] =>
parameters =>
"backup": "main",
"ensure": "link",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root",
"target": "/etc/apache2/mods-available/http2.load"
*******************************************
File[/opt/share/vhost-web.jinja] =>
parameters =>
content =>
@@ -10,4 +10,5 @@
SSLCertificateKeyFile {{vhost.ssl.key}}
SSLCertificateChainFile {{vhost.ssl.chain}}
+ Protocols h2 http/1.1
{% endif %}
_
*******************************************diff for dev-flood.ocf.berkeley.edu*******************************************
Concat::Fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[dev-irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for flood.ocf.berkeley.edu*******************************************
Concat::Fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for lightning.ocf.berkeley.edu*******************************************
Concat::Fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Concat_fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[puppet.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for reaper.ocf.berkeley.edu*******************************************
Concat::Fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Concat_fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[jenkins.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************Unaffected hosts |
jvperrin
reviewed
Oct 15, 2021
There was a problem hiding this comment.
I've got jvperrin@9b75c22 from a while back if it's helpful at all too, although I think you've done most of this already now?
|
This is great; thank you! My main concern is if the http2 module even exists in our apache install. Either way, anything touching vhosts is a pretty major change, so we should definitely test on dev-death. I think @ethanhs brought that one up anyway for the bullseye upgrade (?) so that should be relatively less painful than usual |
|
I haven't brought up dev-death yet but we should do that anyway. (Also looks like this needs a rebase on master) |
Errored hosts (0)Changed hosts (6)Unaffected hosts (80)Changed hostsdiff for death.ocf.berkeley.edu*******************************************
+ Apache::Mod[http2] =>
parameters =>
"lib_path": "/usr/lib/apache2/modules",
"package_ensure": "present"
*******************************************
Apache::Vhost[www] =>
parameters =>
custom_fragment =>
@@ -1,3 +1,4 @@
_
+ Protocols h2 http/1.1
UserDir /services/http/users/
UserDir disabled root
*******************************************
Concat::Fragment[www-custom_fragment] =>
parameters =>
content =>
@@ -2,4 +2,5 @@
## Custom fragment
___
+ Protocols h2 http/1.1
UserDir /services/http/users/
UserDir disabled root
*******************************************
Concat_fragment[www-custom_fragment] =>
parameters =>
content =>
@@ -2,4 +2,5 @@
## Custom fragment
___
+ Protocols h2 http/1.1
UserDir /services/http/users/
UserDir disabled root
*******************************************
+ File[/etc/apache2/mods-available/http2.load] =>
parameters =>
"backup": "main",
"content": "LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so\n"...
"ensure": "file",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root"
*******************************************
+ File[/etc/apache2/mods-enabled/http2.load] =>
parameters =>
"backup": "main",
"ensure": "link",
"group": "root",
"mode": "0644",
"notify": "Class[Apache::Service]",
"owner": "root",
"target": "/etc/apache2/mods-available/http2.load"
*******************************************
File[/opt/share/vhost-web.jinja] =>
parameters =>
content =>
@@ -9,4 +9,5 @@
SSLCertificateFile {{vhost.ssl.bundle}}
SSLCertificateKeyFile {{vhost.ssl.key}}
+ Protocols h2 http/1.1
{% endif %}
_
*******************************************diff for dev-flood.ocf.berkeley.edu*******************************************
Concat::Fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[dev-irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name dev-irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[dev-irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for fallingrocks.ocf.berkeley.edu*******************************************
File[/etc/systemd/system/ftpsync-debian.timer] =>
parameters =>
content =>
@@ -5,5 +5,5 @@
_
[Timer]
-OnCalendar=*-*-* 2/3:30:00
+OnCalendar=*-*-* 0/6:10:00
_
[Install]
*******************************************
File[/opt/mirrors/project/debian-cd/etc/ftpsync.conf] =>
parameters =>
content =>
@@ -13,8 +13,8 @@
## rsync YOURUPSTREAMSERVER::
## (You might have to export RSYNC_USER/RSYNC_PASSWORD for this to work)
-RSYNC_PATH="debian-cd"
+RSYNC_PATH="debian-cdimage"
_
## The host we mirror from
-RSYNC_HOST="cdimage.debian.org"
+RSYNC_HOST="ftp.osuosl.org"
_
## In case we need a user to access the rsync share at our upstream host
*******************************************
Ocf::Systemd::Timer[ftpsync-debian] =>
parameters =>
timer_content =>
@@ -5,5 +5,5 @@
_
[Timer]
-OnCalendar=*-*-* 2/3:30:00
+OnCalendar=*-*-* 0/6:10:00
_
[Install]
*******************************************
Ocf_mirrors::Ftpsync[debian-cd] =>
parameters =>
rsync_host =>
- cdimage.debian.org
+ ftp.osuosl.org
rsync_path =>
- debian-cd
+ debian-cdimage
*******************************************
Ocf_mirrors::Ftpsync[debian] =>
parameters =>
cron_hour =>
- 2/3
+ 0/6
cron_minute =>
- 30
+ 10
*******************************************
Ocf_mirrors::Timer[ftpsync-debian] =>
parameters =>
hour =>
- 2/3
+ 0/6
minute =>
- 30
+ 10
*******************************************diff for flood.ocf.berkeley.edu*******************************************
Concat::Fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Concat_fragment[irc.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name irc.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[irc.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for lightning.ocf.berkeley.edu*******************************************
Concat::Fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Concat_fragment[puppet.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name puppet.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[puppet.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************diff for reaper.ocf.berkeley.edu*******************************************
Concat::Fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Concat_fragment[jenkins.ocf.berkeley.edu-ssl-header] =>
parameters =>
content =>
@@ -1,6 +1,6 @@
# MANAGED BY PUPPET
server {
- listen *:443 ssl;
- listen [::]:443 ssl ;
+ listen *:443 ssl http2;
+ listen [::]:443 ssl http2 ;
_
server_name jenkins.ocf.berkeley.edu;
*******************************************
Nginx::Resource::Server[jenkins.ocf.berkeley.edu] =>
parameters =>
http2 =>
- off
+ on
*******************************************Unaffected hosts |
ethanhs
approved these changes
Oct 23, 2021
|
Yes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#1163