Re: nginxQuic: ошибка ERR_QUIC_PROTOCOL_ERROR 200
izorkin на gmail.com
izorkin на gmail.com
Чт Апр 14 13:43:43 UTC 2022
Здравствуйте, Roman.
Раньше проверить небыло возможности, так как не работал вход на сайт с использованием HTTP3 - возникала ошибка с cookies.
В основном ошибка возникает на файлах с картинками.
Так же, после активном промотки страницы браузер переключается на HTTP2 протокол. Через некоторое врмя запросы по HTTP3 протоколу возобновляются.
Конфигурация сайта:
upstream backend-mastodon-streaming {
server unix:/run/mastodon-streaming/streaming.socket;
}
upstream backend-mastodon-web {
server unix:/run/mastodon-web/web.socket;
}
...
server {
server_name ...;
listen 0.0.0.0:443 http3 ;
listen 0.0.0.0:443 http2 ssl ;
listen [::0]:443 http3 ;
listen [::0]:443 http2 ssl ;
ssl_certificate /var/lib/acme/.../fullchain.pem;
ssl_certificate_key /var/lib/acme/.../key.pem;
ssl_trusted_certificate /var/lib/acme/.../chain.pem;
ssl_conf_command Options KTLS;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
add_header Strict-Transport-Security "max-age=31536000" always;
vhost_traffic_status_filter_by_set_key $uri uris::$server_name;
root /nix/store/4rk22387ml1d48kjcgralhlq0wbzqkly-mastodon-3.5.1/public/;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
try_files $uri @proxy;
}
location /emoji/ {
try_files $uri @proxy;
add_header Cache-Control "public, max-age=604800, immutable";
add_header Strict-Transport-Security "max-age=31536000";
add_header Alt-Svc 'h3=":443"; ma=86400';
}
location /packs/ {
try_files $uri @proxy;
add_header Cache-Control "public, max-age=604800, immutable";
add_header Strict-Transport-Security "max-age=31536000";
add_header Alt-Svc 'h3=":443"; ma=86400';
}
location /system/ {
try_files $uri @proxy;
add_header Cache-Control "public, max-age=604800, immutable";
add_header Strict-Transport-Security "max-age=31536000";
add_header Alt-Svc 'h3=":443"; ma=86400';
alias /var/lib/mastodon/public-system/;
}
location /sw.js {
try_files $uri @proxy;
add_header Cache-Control "public, max-age=0";
add_header Strict-Transport-Security "max-age=31536000";
add_header Alt-Svc 'h3=":443"; ma=86400';
}
location /api/v1/streaming/ {
proxy_pass http://backend-mastodon-streaming;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Proxy "";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
vhost_traffic_status_filter_by_set_key $upstream_addr upstream::backend-mastodon-streaming;
}
location /.well-known/acme-challenge {
root /var/lib/acme/acme-challenge;
auth_basic off;
}
location @proxy {
proxy_pass http://backend-mastodon-web;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Proxy "";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass_header Server;
proxy_buffering on;
proxy_redirect off;
proxy_http_version 1.1;
proxy_cache CACHE;
proxy_cache_valid 200 7d;
proxy_cache_valid 410 24h;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
proxy_hide_header Vary;
proxy_hide_header Strict-Transport-Security;
add_header X-Cached $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header Alt-Svc 'h3=":443"; ma=86400';
vhost_traffic_status_filter_by_set_key $upstream_addr upstream::backend-mastodon-web;
}
error_page 500 501 502 503 504 /500.html;
}
--
С уважением,
Izorkin mailto:izorkin на gmail.com
Подробная информация о списке рассылки nginx-ru