diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2025-05-12 20:05:23 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2025-05-12 20:05:23 +0530 |
| commit | b826f0a053eec8f1dd24dca70f0ad83055827397 (patch) | |
| tree | c353b55492491b2a0aa5ebe94fdb592ee3459185 /os/kay/modules/www.nix | |
| parent | bb9157a35aa592a36cb15fafc8f56be4d1afef83 (diff) | |
kay/www: http3 optmizations
Diffstat (limited to 'os/kay/modules/www.nix')
| -rw-r--r-- | os/kay/modules/www.nix | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/os/kay/modules/www.nix b/os/kay/modules/www.nix index 39e5b4b..725abb9 100644 --- a/os/kay/modules/www.nix +++ b/os/kay/modules/www.nix @@ -46,9 +46,15 @@ in recommendedProxySettings = true; recommendedBrotliSettings = true; eventsConfig = "worker_connections 1024;"; + appendHttpConfig = '' + quic_retry on; + quic_gso on; + add_header Alt-Svc 'h3=":443"; ma=2592000; persist=1'; + ''; virtualHosts = let defaultOpts = { + # reuseport = true; quic = true; http3 = true; forceSSL = true; @@ -129,17 +135,31 @@ in }; "www.${domain}" = defaultOpts // { + extraConfig = '' + ssl_early_data on; + ''; + root = "/var/www/${domain}"; }; - "git.${domain}" = defaultOpts; + "git.${domain}" = defaultOpts // { + extraConfig = '' + ssl_early_data on; + ''; + }; "bin.${domain}" = defaultOpts // { + extraConfig = '' + ssl_early_data on; + ''; root = "${storage}/bin"; locations."= /".return = "307 https://www.${domain}"; }; "static.${domain}" = defaultOpts // { + extraConfig = '' + ssl_early_data on; + ''; root = "${storage}/static"; locations."= /".return = "301 https://www.${domain}"; }; @@ -161,6 +181,9 @@ in }; "mta-sts.${domain}" = defaultOpts // { + extraConfig = '' + ssl_early_data on; + ''; locations."= /.well-known/mta-sts.txt".return = ''200 "${ lib.strings.concatStringsSep "\\n" [ "version: STSv1" @@ -199,7 +222,10 @@ in }; "= /" = { - extraConfig = "add_header Content-Type text/html;"; + extraConfig = '' + add_header Content-Type text/html; + add_header Alt-Svc 'h3=":443"; ma=2592000; persist=1'; + ''; return = ''200 '<!DOCTYPE html> <html lang="en"> @@ -232,6 +258,9 @@ in useACMEHost = null; enableACME = true; globalRedirect = "alinafs.com/home"; + extraConfig = '' + ssl_early_data on; + ''; }; "alinafs.com" = defaultOpts // { useACMEHost = null; |