From a87b5d01314ca96a7b26a219cfb0fb17c3e0bba5 Mon Sep 17 00:00:00 2001
From: Grant Slater <git@firefishy.com>
Date: Wed, 3 Jul 2019 21:57:36 +0100
Subject: [PATCH] Imagery: improved nginx listen + http2

---
 cookbooks/imagery/templates/default/nginx_default.conf.erb | 7 +++----
 cookbooks/imagery/templates/default/nginx_imagery.conf.erb | 6 ++----
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/cookbooks/imagery/templates/default/nginx_default.conf.erb b/cookbooks/imagery/templates/default/nginx_default.conf.erb
index eeb4a61c1..4a74d06ed 100644
--- a/cookbooks/imagery/templates/default/nginx_default.conf.erb
+++ b/cookbooks/imagery/templates/default/nginx_default.conf.erb
@@ -1,8 +1,7 @@
 server {
-    listen [::]:80 fastopen=2048 default_server;
-    listen *:80 fastopen=2048 default_server;
-    listen [::]:443 fastopen=2048 ssl http2; # No default_server here unless certificate specified here too.
-    listen *:443 fastopen=2048 ssl http2; # No default_server here unless certificate specified here too.
+    listen 80 deferred backlog=16384 reuseport fastopen=2048 http2 default_server;;
+    listen 443 ssl deferred backlog=16384 reuseport fastopen=2048 http2; # No default_server here unless certificate specified here too.
+
     server_name  _;
     default_type text/html;
     return 404 '<html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>default imagery server vhost. Please use correct URL.</center></body></html>';
diff --git a/cookbooks/imagery/templates/default/nginx_imagery.conf.erb b/cookbooks/imagery/templates/default/nginx_imagery.conf.erb
index 9aa397905..b95bc601f 100644
--- a/cookbooks/imagery/templates/default/nginx_imagery.conf.erb
+++ b/cookbooks/imagery/templates/default/nginx_imagery.conf.erb
@@ -1,6 +1,5 @@
 server {
-    listen [::]:80;
-    listen *:80;
+    listen 80;
     server_name <%= @name %> a.<%= @name %> b.<%= @name %> c.<%= @name %><% @aliases.each do |alias_name| %> <%= alias_name %> a.<%= alias_name %> b.<%= alias_name %> c.<%= alias_name %><%- end -%>;
 
     rewrite ^/\.well-known/acme-challenge/(.*)$ http://acme.openstreetmap.org/.well-known/acme-challenge/$1 permanent;
@@ -22,8 +21,7 @@ upstream <%= @name %>_fastcgi {
 }
 
 server {
-    listen [::]:443 ssl;
-    listen *:443 ssl;
+    listen 443 ssl;
     server_name <%= @name %> a.<%= @name %> b.<%= @name %> c.<%= @name %><% @aliases.each do |alias_name| %> <%= alias_name %> a.<%= alias_name %> b.<%= alias_name %> c.<%= alias_name %><%- end -%>;
 
     ssl_certificate /etc/ssl/certs/<%= @name %>.pem;
-- 
2.43.2