Fix: nginx http2 Syntax für nginx 1.25+ (listen 443 ssl + http2 on)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fix: certbot in sudoers + SSL-Seite zeigt Zertifikate
2026-04-24 17:16:20 +02:00 · 2026-04-24 16:29:57 +02:00
1 changed files with 7 additions and 4 deletions
--- a/installer.sh
+++ b/installer.sh
@ -725,8 +725,9 @@ if [ -n "${UI_HOST}" ] && [ "${UI_HAS_CERT}" = "1" ]; then
  cat <<CONF

 server {
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
+  listen 443 ssl;
+  listen [::]:443 ssl;
+  http2 on;
  server_name ${UI_HOST};

  ssl_certificate     /etc/letsencrypt/live/${UI_HOST}/fullchain.pem;
@ -752,8 +753,9 @@ if [ -n "${WEBMAIL_HOST}" ] && [ "${WM_HAS_CERT}" = "1" ]; then
  cat <<CONF

 server {
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
+  listen 443 ssl;
+  listen [::]:443 ssl;
+  http2 on;
  server_name ${WEBMAIL_HOST};

  ssl_certificate     /etc/letsencrypt/live/${WEBMAIL_HOST}/fullchain.pem;
@ -803,6 +805,7 @@ install -m 755 "${APP_DIR}/update.sh" /usr/local/sbin/mailwolt-update
 cat > /etc/sudoers.d/mailwolt-certbot <<'SUDOERS'
 www-data ALL=(root) NOPASSWD: /usr/local/sbin/mailwolt-apply-domains
 www-data ALL=(root) NOPASSWD: /usr/local/sbin/mailwolt-update
+www-data ALL=(root) NOPASSWD: /usr/bin/certbot
 SUDOERS
 chmod 440 /etc/sudoers.d/mailwolt-certbot
Author	SHA1	Message	Date
boban	d50aedeafb	Fix: nginx http2 Syntax für nginx 1.25+ (listen 443 ssl + http2 on) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-24 17:16:20 +02:00
boban	bc2810eb8a	Fix: certbot in sudoers + SSL-Seite zeigt Zertifikate www-data braucht sudo-Recht auf certbot für SSL-Seite (certificates/renew) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-24 16:29:57 +02:00