From b9f87199195d0ba7f078e31c26557a8ffd421501 Mon Sep 17 00:00:00 2001
From: Steven Achilles <steven.achilles@googlemail.com>
Date: Sat, 22 Feb 2025 20:09:00 +0100
Subject: [PATCH] Fix nginx configuration

---
 assets/runtime/config/nginx/gitlab-pages-ssl | 3 ++-
 assets/runtime/config/nginx/gitlab-registry  | 7 ++++---
 assets/runtime/config/nginx/gitlab-ssl       | 5 +++--
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/assets/runtime/config/nginx/gitlab-pages-ssl b/assets/runtime/config/nginx/gitlab-pages-ssl
index d18956d3c..8563c1a92 100644
--- a/assets/runtime/config/nginx/gitlab-pages-ssl
+++ b/assets/runtime/config/nginx/gitlab-pages-ssl
@@ -23,7 +23,8 @@ server {
 ## Pages serving host
 server {
   listen 0.0.0.0:443 ssl;
-  listen [::]:443 ssl http2;
+  listen [::]:443 ssl;
+  http2 on;
 
   ## Replace this with something like pages.gitlab.com
   server_name ~^.*{{GITLAB_PAGES_DOMAIN}};
diff --git a/assets/runtime/config/nginx/gitlab-registry b/assets/runtime/config/nginx/gitlab-registry
index b37aac542..ce98d045f 100644
--- a/assets/runtime/config/nginx/gitlab-registry
+++ b/assets/runtime/config/nginx/gitlab-registry
@@ -11,14 +11,15 @@ server {
   server_name  {{GITLAB_REGISTRY_HOST}};
   server_tokens off; ## Don't show the nginx version number, a security best practice
   return 301 https://$http_host:$request_uri;
-  access_log  {{GITLAB_LOG_DIR}}/nginx/gitlab_registry_access.log gitlab_access;
+  access_log  {{GITLAB_LOG_DIR}}/nginx/gitlab_registry_access.log;
   error_log   {{GITLAB_LOG_DIR}}/nginx/gitlab_registry_error.log;
 }
 
 server {
   # If a different port is specified in https://gitlab.com/gitlab-org/gitlab-foss/blob/8-8-stable/config/gitlab.yml.example#L182,
   # it should be declared here as well
-  listen *:{{GITLAB_REGISTRY_PORT}} ssl http2;
+  listen *:{{GITLAB_REGISTRY_PORT}} ssl;
+  http2 on;
   server_name  {{GITLAB_REGISTRY_HOST}};
   server_tokens off; ## Don't show the nginx version number, a security best practice
 
@@ -36,7 +37,7 @@ server {
   ssl_session_cache  builtin:1000  shared:SSL:10m;
   ssl_session_timeout  5m;
 
-  access_log  {{GITLAB_LOG_DIR}}/nginx/gitlab_registry_access.log gitlab_access;
+  access_log  {{GITLAB_LOG_DIR}}/nginx/gitlab_registry_access.log;
   error_log   {{GITLAB_LOG_DIR}}/nginx/gitlab_registry_error.log;
 
   location / {
diff --git a/assets/runtime/config/nginx/gitlab-ssl b/assets/runtime/config/nginx/gitlab-ssl
index df349ec9b..1057e0926 100644
--- a/assets/runtime/config/nginx/gitlab-ssl
+++ b/assets/runtime/config/nginx/gitlab-ssl
@@ -55,8 +55,9 @@ server {
 
 ## HTTPS host
 server {
-  listen 0.0.0.0:443 ssl http2;
-  listen [::]:443 ipv6only=on ssl http2 default_server;
+  listen 0.0.0.0:443 ssl;
+  listen [::]:443 ipv6only=on ssl default_server;
+  http2 on;
   server_name {{GITLAB_HOST}}; ## Replace this with something like gitlab.example.com
   server_tokens off; ## Don't show the nginx version number, a security best practice