mirror of
https://github.com/dokku/dokku.git
synced 2025-12-29 00:25:08 +01:00
chore: remove nginx checks for functionality that always exists
TLS 1.3, HTTP2 and GRPC are now standard in all operating systems where Dokku is supported.
This commit is contained in:
Jose Diaz-Gonzalez
@@ -146,24 +146,6 @@ get_custom_nginx_template() {
|
||||
fi
|
||||
}
|
||||
|
||||
is_tls13_available() {
|
||||
declare desc="detects whether the installed nginx version has TLSv1.3 support"
|
||||
local NGINX_VERSION="$1"
|
||||
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
|
||||
local HAS_SUPPORT=false
|
||||
|
||||
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
|
||||
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
|
||||
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
|
||||
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
elif [[ "$MAJOR_VERSION" -eq "1" ]] && [[ "$MINOR_VERSION" -ge "13" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
fi
|
||||
|
||||
echo $HAS_SUPPORT
|
||||
}
|
||||
|
||||
is_http2_push_enabled() {
|
||||
declare desc="detects whether the installed nginx version has http2 push support"
|
||||
local NGINX_VERSION="$1"
|
||||
@@ -181,7 +163,7 @@ is_http2_push_enabled() {
|
||||
elif [[ "$MINOR_VERSION" -ge "14" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
fi
|
||||
if [[ "$MINOR_VERSION" -eq "25" ]]; then
|
||||
if [[ "$MINOR_VERSION" -ge "25" ]]; then
|
||||
HAS_SUPPORT=false
|
||||
fi
|
||||
fi
|
||||
@@ -189,28 +171,6 @@ is_http2_push_enabled() {
|
||||
echo $HAS_SUPPORT
|
||||
}
|
||||
|
||||
is_http2_enabled() {
|
||||
declare desc="detects whether the installed nginx version has http2 support"
|
||||
local NGINX_VERSION="$1"
|
||||
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
|
||||
local HAS_SUPPORT=false
|
||||
|
||||
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
|
||||
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
|
||||
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
|
||||
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
elif [[ "$MAJOR_VERSION" -eq "1" ]]; then
|
||||
if [[ "$MINOR_VERSION" -eq "11" ]] && [[ "$PATCH_VERSION" -ge "5" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
elif [[ "$MINOR_VERSION" -ge "12" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
fi
|
||||
fi
|
||||
|
||||
echo $HAS_SUPPORT
|
||||
}
|
||||
|
||||
is_http2_directive_supported() {
|
||||
declare desc="detects whether the installed nginx version has http2 directive support"
|
||||
local NGINX_VERSION="$1"
|
||||
@@ -233,28 +193,6 @@ is_http2_directive_supported() {
|
||||
echo $HAS_SUPPORT
|
||||
}
|
||||
|
||||
is_grpc_enabled() {
|
||||
declare desc="detects whether the installed nginx version has grpc support"
|
||||
local NGINX_VERSION="$1"
|
||||
local MAJOR_VERSION MINOR_VERSION PATCH_VERSION
|
||||
local HAS_SUPPORT=false
|
||||
|
||||
MAJOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[1]}')
|
||||
MINOR_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[2]}')
|
||||
PATCH_VERSION=$(echo "$NGINX_VERSION" | awk '{split($0,a,"."); print a[3]}')
|
||||
if [[ "$MAJOR_VERSION" -ge "2" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
elif [[ "$MAJOR_VERSION" -eq "1" ]]; then
|
||||
if [[ "$MINOR_VERSION" -eq "13" ]] && [[ "$PATCH_VERSION" -ge "10" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
elif [[ "$MINOR_VERSION" -ge "14" ]]; then
|
||||
HAS_SUPPORT=true
|
||||
fi
|
||||
fi
|
||||
|
||||
echo $HAS_SUPPORT
|
||||
}
|
||||
|
||||
nginx_build_config() {
|
||||
declare desc="build nginx config to proxy app containers using sigil"
|
||||
declare APP="$1" DOKKU_APP_LISTEN_PORT="$2" DOKKU_APP_LISTEN_IP="$3"
|
||||
@@ -343,11 +281,11 @@ nginx_build_config() {
|
||||
NGINX_VERSION="$("$NGINX_LOCATION" -v 2>&1 | cut -d'/' -f 2 | awk '{print $1}')"
|
||||
# DEPRECATED: Remove me at 1.0.0
|
||||
SPDY_SUPPORTED="false"
|
||||
TLS13_SUPPORTED="$(is_tls13_available "$NGINX_VERSION")"
|
||||
HTTP2_SUPPORTED="$(is_http2_enabled "$NGINX_VERSION")"
|
||||
TLS13_SUPPORTED="true"
|
||||
HTTP2_SUPPORTED="true"
|
||||
HTTP2_DIRECTIVE_SUPPORTED="$(is_http2_directive_supported "$NGINX_VERSION")"
|
||||
HTTP2_PUSH_SUPPORTED="$(is_http2_push_enabled "$NGINX_VERSION")"
|
||||
GRPC_SUPPORTED="$(is_grpc_enabled "$NGINX_VERSION")"
|
||||
GRPC_SUPPORTED="true"
|
||||
|
||||
local NGINX_LOG_ROOT="$(fn-nginx-log-root)"
|
||||
local NGINX_ACCESS_LOG_FORMAT="$(fn-nginx-computed-access-log-format "$APP")"
|
||||
|
||||
@@ -82,8 +82,8 @@ server {
|
||||
listen {{ if $.NGINX_BIND_ADDRESS_IP4 }}{{ $.NGINX_BIND_ADDRESS_IP4 }}:{{end}}{{ $listen_port }} ssl;
|
||||
http2 on;
|
||||
{{ else }}
|
||||
listen [{{ $.NGINX_BIND_ADDRESS_IP6 }}]:{{ $listen_port }} ssl {{ if eq $.HTTP2_SUPPORTED "true" }}http2{{ end }};
|
||||
listen {{ if $.NGINX_BIND_ADDRESS_IP4 }}{{ $.NGINX_BIND_ADDRESS_IP4 }}:{{end}}{{ $listen_port }} ssl {{ if eq $.HTTP2_SUPPORTED "true" }}http2{{ end }};
|
||||
listen [{{ $.NGINX_BIND_ADDRESS_IP6 }}]:{{ $listen_port }} ssl http2;
|
||||
listen {{ if $.NGINX_BIND_ADDRESS_IP4 }}{{ $.NGINX_BIND_ADDRESS_IP4 }}:{{end}}{{ $listen_port }} ssl http2;
|
||||
{{ end }}
|
||||
{{ if $.SSL_SERVER_NAME }}server_name {{ $.SSL_SERVER_NAME }}; {{ end }}
|
||||
{{ if $.NOSSL_SERVER_NAME }}server_name {{ $.NOSSL_SERVER_NAME }}; {{ end }}
|
||||
@@ -93,7 +93,7 @@ server {
|
||||
|
||||
ssl_certificate {{ $.APP_SSL_PATH }}/server.crt;
|
||||
ssl_certificate_key {{ $.APP_SSL_PATH }}/server.key;
|
||||
ssl_protocols TLSv1.2 {{ if eq $.TLS13_SUPPORTED "true" }}TLSv1.3{{ end }};
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
{{ if $.CLIENT_BODY_TIMEOUT }}client_body_timeout {{ $.CLIENT_BODY_TIMEOUT }};{{end}}
|
||||
@@ -159,7 +159,6 @@ server {
|
||||
include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
|
||||
}
|
||||
{{ else if eq $scheme "grpc"}}
|
||||
{{ if eq $.GRPC_SUPPORTED "true"}}{{ if eq $.HTTP2_SUPPORTED "true"}}
|
||||
server {
|
||||
{{ if eq $.HTTP2_DIRECTIVE_SUPPORTED "true" }}
|
||||
listen [{{ $.NGINX_BIND_ADDRESS_IP6 }}]:{{ $listen_port }};
|
||||
@@ -180,9 +179,7 @@ server {
|
||||
{{ if $.CLIENT_MAX_BODY_SIZE }}client_max_body_size {{ $.CLIENT_MAX_BODY_SIZE }};{{ end }}
|
||||
include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
|
||||
}
|
||||
{{ end }}{{ end }}
|
||||
{{ else if eq $scheme "grpcs"}}
|
||||
{{ if eq $.GRPC_SUPPORTED "true"}}{{ if eq $.HTTP2_SUPPORTED "true"}}
|
||||
server {
|
||||
{{ if eq $.HTTP2_DIRECTIVE_SUPPORTED "true" }}
|
||||
listen [{{ $.NGINX_BIND_ADDRESS_IP6 }}]:{{ $listen_port }} ssl;
|
||||
@@ -199,7 +196,7 @@ server {
|
||||
|
||||
ssl_certificate {{ $.APP_SSL_PATH }}/server.crt;
|
||||
ssl_certificate_key {{ $.APP_SSL_PATH }}/server.key;
|
||||
ssl_protocols TLSv1.2 {{ if eq $.TLS13_SUPPORTED "true" }}TLSv1.3{{ end }};
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
location / {
|
||||
@@ -209,7 +206,6 @@ server {
|
||||
{{ if $.CLIENT_MAX_BODY_SIZE }}client_max_body_size {{ $.CLIENT_MAX_BODY_SIZE }};{{ end }}
|
||||
include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
|
||||
}
|
||||
{{ end }}{{ end }}
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user