Skip to content

Impossible to disable http2 #844

Closed
Closed
@bhujagendra-ishaya

Description

ISSUE TYPE

  • Bug Report

Checklist

OS / ENVIRONMENT

  1. Host operating system and version: Ubuntu 20.04.3 LTS (Focal Fossa)
  2. (Windows only) Native Docker or Docker Toolbox:
  3. Docker version: Docker version 20.10.9, build c2ea9bc
  4. Docker Compose version: docker-compose version 1.26.2, build eefe0d31
  5. (Linux) Is SELinux enabled?: no
  6. What git commit hash are you on?: f6bbdc7 (HEAD -> master, tag: v1.9.2, origin/master, origin/HEAD) Merge pull request Release v1.9.2 #814 from cytopia/release/v1.9.2

SUMMARY

I start having HTTP2 connection errors. In Firefox I just don't seem to get anything back, while Chrome shows HTTP2 connection error.

The error log doesn't show anything while the access log shows a normal request with a 2xx or 3xx status.

Disabling http2 in nginx-stable solves the issue.

STEPS TO REPRODUCE

Not sure how to reproduce the http2 connection issue.

However, to be able to disable http2 I would have thought, it's enough to create a nginx.yml file under cfg/vhost-gen. However, that does not seem to help.

EXPECTED BEHAVIOUR

Either, http2 should be working, or able to be disabled.

ACTUAL BEHAVIOUR

http2 needs to be disabled by entering the http container, editing the following files setting http2: False (under ssl):

  • /etc/vhost-gen/mass.yml
  • /etc/vhost-gen/conf.yml
  • /etc/vhost-gen/main.yml

Obviously this change is not permanent and needs to be redone after docker-compose down.

OTHER INFORMATION

Seems to be related to

Having created a file ~/devilbox/cfg/vhost-gen/nginx.yml with setting the http2 to False seem not to have helped (as either http2 is active for all vhosts on one address/port or disabled for all of them):

# Generic vhost generator configuration file.
# Location: /etc/vhost-gen/mass.yml
#
# See: https://github.com/devilbox/vhost-gen
#
# If not specified or file is missing the following
# default values will be merged to your current (if any)
# configuration:
#
# server: nginx
# conf_dir: /etc/nginx/conf.d
# custom:
# vhost:
#   port:
#   name:
#     prefix:
#     suffix:
#   docroot:
#     suffix:
#   log:
#     access:
#       prefix:
#       stdout: no
#     error:
#       prefix:
#       stderr: no
#     dir:
#       create: no
#       path: /var/log/nginx
#   listen:
#     enable: no
#   php_fpm:
#     enable: no
#     address: php
#     port: 9000
#   alias: []
#   deny: []
#   server_status:
#     enable: no
#     alias: /server-status


# The server type determines which template
# from etc/templates/ will be chosen.
# Allowed server types:
# server: apache22
# server: apache24
# server: nginx
server: nginx


# Where to store the generated configuration files.
# This must be a directory the web server will read
# configuration files from.
conf_dir: /etc/httpd/vhost.d


# Custom directive
# Everything specified here will be directly replaced
# into the corresponding vhost directive:
#   nginx:  server { HERE }
#   apache: <VirtualHost *:80> HERE </VirtualHost>
#
# How to add multiline strings?
#
# custom: |
#   custom statement 1
#   custom statement 2
custom:


# Vhost definition
vhost:
  # What port should this virtual host listen on
  port: 80
  ssl_port: 443

  # The virtual host name is specified as an command line argument
  # to vhost-gen via '-n', however it is possible
  # to prepend and/or append additional name strings.
  name:
    prefix:
    suffix: .local
  # The document root directory is specified as an command line argument
  # to vhost-gen via '-p', however it is possible
  # to prepend another subdirectory here.
  docroot:
    suffix: htdocs
  # Array of indecies to serve as default files (e.g.: index.php, index.html, etc)
  index:
    - index.php
    - index.html
    - index.htm
  # SSL Definition
  ssl:
    http2: False
    dir_crt: /etc/httpd/cert/mass
    dir_key: /etc/httpd/cert/mass
    protocols: 'TLSv1 TLSv1.1 TLSv1.2'
    honor_cipher_order: 'on'
    ciphers: 'HIGH:!aNULL:!MD5'

  # Log definition
  log:
    # Log file settings (error/access log)
    access:
      # By default the vhost name is used for log file names.
      # You can also prepand an additional string to the access log
      # as shown here:
      # <prefix><vhost>-access.log
      prefix: ''
      # For use inside a docker container, enable this in order
      # to redirect the access log to stdout instead of to file.
      # NOTE: When enabling this, the prefix will have no effect and the access
      # log will be stored under /tmp/www-access.log which will be a symlink of
      # /dev/stdout
      stdout: no
    error:
      # By default the vhost name is used for log file names.
      # You can also prepand an additional string to the error log
      # as shown here:
      # <prefix><vhost>-error.log
      prefix: ''
      # For use inside a docker container, enable this in order
      # to redirect the error log to stderr instead of to file.
      # NOTE: When enabling this, the prefix will have no effect and the error
      # log will be stored under /tmp/www-error.log which will be a symlink of
      # /dev/stderr
      stderr: no
    # Directory to store log files in.
    # Also define if the directory should be created or not.
    dir:
      create: yes
      path: /var/log/nginx-stable
  # Enable PHP-FPM
  php_fpm:
    enable: yes
    # Hostname or IP address
    address: 172.16.238.10
    port: 9000
    # Timeout to upstream FPM service
    timeout: 36600
  # Create additional aliases
  alias:
    - alias: /devilbox-api/
      path: /var/www/default/api
      # Allow cross-domain-request to this alias from the hosts/origin
      # specified by the below defined regex
      xdomain_request:
        enable: yes
        origin: 'http(s)?://(.*)$'
  # Denies locations
  deny:
    - alias: '/\.git'
    - alias: '/\.ht.*'
  # Enable server status on the following alias
  server_status:
    enable: no
    alias: /httpd-status

Happy to provide further details or information.

Metadata

Assignees

Labels

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions