Skip to content

Update nginx configurations#12076

Merged
mekarpeles merged 1 commit intomasterfrom
update-nginx-config
Mar 24, 2026
Merged

Update nginx configurations#12076
mekarpeles merged 1 commit intomasterfrom
update-nginx-config

Conversation

@jimchamp
Copy link
Collaborator

@jimchamp jimchamp commented Mar 11, 2026

Updates the nginx configurations for the web_nginx and covers_nginx containers. Using the http2 parameter in listen directives has been deprecated.

listen directive documentation
http2 directive documentation

Technical

Testing

Screenshot

Stakeholders

Copilot AI review requested due to automatic review settings March 11, 2026 21:04
Copilot AI reviewed Mar 11, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the nginx site configs used by the web_nginx and covers_nginx containers to avoid using the deprecated http2 parameter on listen directives.

Changes:

  • Removes http2 from listen ... directives for IPv4/IPv6 TLS listeners.
  • Enables HTTP/2 via the http2 on; directive in the relevant server blocks.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
docker/web_nginx.conf Switches HTTP/2 enablement from listen ... http2 to http2 on; in the default TLS server.
docker/covers_nginx.conf Switches HTTP/2 enablement from listen ... http2 to http2 on; in the default TLS server.

You can also share your feedback on Copilot code review. Take the survey.

docker/web_nginx.conf
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
http2 on;
server_name localhost;
Copy link

Copilot AI Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

http2 on; is only enabled in the server_name localhost server block. The actual vhost(s) in this file (e.g. openlibrary.org, www.openlibrary.org) may therefore not negotiate HTTP/2 anymore after this change. To preserve prior behavior, enable HTTP/2 on the server blocks that serve real hostnames (or otherwise ensure the setting applies to all HTTPS vhosts on :443).

Suggested change
server_name localhost;
server_name localhost openlibrary.org www.openlibrary.org;

Copilot uses AI. Check for mistakes.
docker/covers_nginx.conf
Comment on lines +4 to 7
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
http2 on;
server_name localhost;
Copy link

Copilot AI Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

http2 on; is only set in the server_name localhost block. The covers.openlibrary.org server block below appears to be the primary vhost, and it does not enable HTTP/2; this may inadvertently disable HTTP/2 for that domain. Consider enabling HTTP/2 for the covers.openlibrary.org vhost as well (or otherwise applying the setting across all HTTPS vhosts on :443).

Copilot uses AI. Check for mistakes.
@mekarpeles
Copy link
Member

mekarpeles commented Mar 23, 2026
edited
Loading

Let's patch deploy before next deploy, and can use APPLY_OPTIONS=-R to go back if needed.

@mekarpeles mekarpeles self-assigned this Mar 23, 2026
@mekarpeles mekarpeles added the Priority: 1 Do this week, receiving emails, time sensitive, . [managed] label Mar 23, 2026
@mekarpeles mekarpeles merged commit 04bb62f into master Mar 24, 2026
12 checks passed
@mekarpeles mekarpeles deleted the update-nginx-config branch March 24, 2026 23:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@mekarpeles mekarpeles

Labels

Needs: Testing Priority: 1 Do this week, receiving emails, time sensitive, . [managed]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jimchamp @mekarpeles