From 334127494ecbb789acba6580deb7f2cc8e8fa160 Mon Sep 17 00:00:00 2001
From: Zoey <zoey@z0ey.de>
Date: Sun, 12 Nov 2023 14:52:46 +0100
Subject: [PATCH] fix Alt-Svc header

Signed-off-by: Zoey <zoey@z0ey.de>
---
 backend/templates/_listen.conf                          | 2 +-
 backend/templates/default.conf                          | 3 +--
 rootfs/bin/start.sh                                     | 1 +
 rootfs/usr/local/nginx/conf/conf.d/include/default.conf | 3 +--
 4 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/backend/templates/_listen.conf b/backend/templates/_listen.conf
index 50b1f1f3..775d9e2b 100644
--- a/backend/templates/_listen.conf
+++ b/backend/templates/_listen.conf
@@ -10,7 +10,7 @@
   listen 443 quic;
   listen [::]:443 quic;
 
-  more_set_headers "Alt-Svc: h3=':443'; ma=86400";
+  more_set_headers 'Alt-Svc: h3=":443"; ma=86400';
 {% endif %}
 {% endif %}
 {% unless hsts_subdomains %}
diff --git a/backend/templates/default.conf b/backend/templates/default.conf
index fde8bc5a..10b3941c 100644
--- a/backend/templates/default.conf
+++ b/backend/templates/default.conf
@@ -10,6 +10,7 @@ server {
   
   listen 443 quic reuseport default_server;
   listen [::]:443 quic reuseport default_server;
+  more_set_headers 'Alt-Svc: h3=":443"; ma=86400';
   
   server_name _;
   
@@ -18,8 +19,6 @@ server {
   include conf.d/include/tls-ciphers.conf;
   include conf.d/include/acme-challenge.conf;
   include conf.d/include/block-exploits.conf;
-  add_header Alt-Svc 'h3=":443"; ma=86400';
-  http3 on;
   
   #ssl_certificate ;
   #ssl_certificate_key ;
diff --git a/rootfs/bin/start.sh b/rootfs/bin/start.sh
index b7f47f77..9fccd0fe 100755
--- a/rootfs/bin/start.sh
+++ b/rootfs/bin/start.sh
@@ -326,6 +326,7 @@ find /data/nginx -type f -name '*.conf' -exec sed -i "s|\(listen .*\) http3|\1 q
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|quic reuseport;|quic;|g" {} \;
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|security_headers on;|include conf.d/include/hsts.conf;|g" {} \;
 sed -i "s|quic default_server|quic reuseport default_server|g" /data/nginx/default.conf
+find /data/nginx -type f -name '*.conf' -exec sed -i "s|more_set_headers \"Alt-Svc: h3=':443'; ma=86400\";|more_set_headers 'Alt-Svc: h3=\":443\"; ma=86400';|g" {} \;
 
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|/data/access|/data/nginx/access|g" {} \;
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|/data/nginx/access|/data/etc/access|g" {} \;
diff --git a/rootfs/usr/local/nginx/conf/conf.d/include/default.conf b/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
index 6f09bbb1..7d630de7 100644
--- a/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
@@ -10,6 +10,7 @@ server {
 
     listen 443 quic reuseport default_server;
     listen [::]:443 quic reuseport default_server;
+    more_set_headers 'Alt-Svc: h3=":443"; ma=86400';
 
     server_name _;
 
@@ -18,8 +19,6 @@ server {
     include conf.d/include/tls-ciphers.conf;
     include conf.d/include/acme-challenge.conf;
     include conf.d/include/block-exploits.conf;
-    add_header Alt-Svc 'h3=":443"; ma=86400';
-    http3 on;
 
     #ssl_certificate ;
     #ssl_certificate_key ;