diff --git a/nginx/ulicraft-caddy.conf.tmpl b/nginx/ulicraft-caddy.conf.tmpl index 731db89..5e3681e 100644 --- a/nginx/ulicraft-caddy.conf.tmpl +++ b/nginx/ulicraft-caddy.conf.tmpl @@ -40,9 +40,8 @@ server { # caddy routes by the forwarded Host header (apex -> www, auth -> drasl, # pack -> packwiz files). server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name ${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/${BASE_DOMAIN}/cert.pem; @@ -60,9 +59,8 @@ server { } server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name auth.${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/auth.${BASE_DOMAIN}/cert.pem; @@ -80,9 +78,8 @@ server { } server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name pack.${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/pack.${BASE_DOMAIN}/cert.pem; @@ -98,9 +95,8 @@ server { } server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name distribution.${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/distribution.${BASE_DOMAIN}/cert.pem; diff --git a/nginx/ulicraft.conf.tmpl b/nginx/ulicraft.conf.tmpl index b21de2d..1539a36 100644 --- a/nginx/ulicraft.conf.tmpl +++ b/nginx/ulicraft.conf.tmpl @@ -28,9 +28,8 @@ server { # /ca.crt from the caddy path is intentionally omitted: LE certs are publicly # trusted, so guests need no CA import. server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name ${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/${BASE_DOMAIN}/cert.pem; @@ -51,9 +50,8 @@ server { # Pack — packwiz metadata (./pack) + custom jars (./custom at /custom/). server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name pack.${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/pack.${BASE_DOMAIN}/cert.pem; @@ -73,9 +71,8 @@ server { # Auth — reverse proxy to drasl (published on localhost by the nginx override). server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name auth.${BASE_DOMAIN}; ssl_certificate ${APP_DIR}/certs/auth.${BASE_DOMAIN}/cert.pem;