From 7a1be33b7a472a72bd2a0b098f5c0d3559ecfaab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A2u=20Cao?= <raucao@kip.pe>
Date: Tue, 4 Apr 2023 15:10:23 +0200
Subject: [PATCH] Make all nginx vhosts listen on IPv6

---
 .../kosmos-bitcoin/templates/nginx_conf_btcpayserver.erb         | 1 +
 site-cookbooks/kosmos-bitcoin/templates/nginx_conf_lndhub.erb    | 1 +
 .../kosmos-btcpayserver/templates/nginx_conf_btcpayserver.erb    | 1 +
 .../kosmos-ejabberd/templates/nginx_conf_upload_service.erb      | 1 +
 .../kosmos-hubot/templates/default/nginx_conf_hubot.erb          | 1 +
 site-cookbooks/kosmos_rsk/templates/nginx_conf_rskj.erb          | 1 +
 site-cookbooks/kredits-github/templates/default/nginx_conf.erb   | 1 +
 7 files changed, 7 insertions(+)

diff --git a/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_btcpayserver.erb b/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_btcpayserver.erb
index bf17dab..3cfec3f 100644
--- a/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_btcpayserver.erb
+++ b/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_btcpayserver.erb
@@ -49,6 +49,7 @@ server {
   client_max_body_size 100M;
   server_name <%= @server_name %>;
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
 
   access_log <%= node[:nginx][:log_dir] %>/btcpayserver.access.log json;
   error_log <%= node[:nginx][:log_dir] %>/btcpayserver.error.log warn;
diff --git a/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_lndhub.erb b/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_lndhub.erb
index 06d258e..07ec9a4 100644
--- a/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_lndhub.erb
+++ b/site-cookbooks/kosmos-bitcoin/templates/nginx_conf_lndhub.erb
@@ -7,6 +7,7 @@ upstream _lndhub {
 
 server {
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
   server_name <%= @server_name %>;
 
   add_header Strict-Transport-Security "max-age=15768000";
diff --git a/site-cookbooks/kosmos-btcpayserver/templates/nginx_conf_btcpayserver.erb b/site-cookbooks/kosmos-btcpayserver/templates/nginx_conf_btcpayserver.erb
index 48a34cb..7ddd862 100644
--- a/site-cookbooks/kosmos-btcpayserver/templates/nginx_conf_btcpayserver.erb
+++ b/site-cookbooks/kosmos-btcpayserver/templates/nginx_conf_btcpayserver.erb
@@ -49,6 +49,7 @@ server {
   server_name <%= @server_name %>;
   <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
   <% else -%>
   listen 80;
   <% end -%>
diff --git a/site-cookbooks/kosmos-ejabberd/templates/nginx_conf_upload_service.erb b/site-cookbooks/kosmos-ejabberd/templates/nginx_conf_upload_service.erb
index bbf25a5..2f2018f 100644
--- a/site-cookbooks/kosmos-ejabberd/templates/nginx_conf_upload_service.erb
+++ b/site-cookbooks/kosmos-ejabberd/templates/nginx_conf_upload_service.erb
@@ -3,6 +3,7 @@
 
 server {
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
   server_name <%= @server_name %>;
 
   ssl_certificate     <%= @ssl_cert %>;
diff --git a/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb b/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb
index 6265688..3c8c426 100644
--- a/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb
+++ b/site-cookbooks/kosmos-hubot/templates/default/nginx_conf_hubot.erb
@@ -7,6 +7,7 @@ upstream _express_<%= @server_name.gsub(".", "_") %> {
 
 server {
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
   server_name <%= @server_name %>;
 
   add_header Strict-Transport-Security "max-age=15768000";
diff --git a/site-cookbooks/kosmos_rsk/templates/nginx_conf_rskj.erb b/site-cookbooks/kosmos_rsk/templates/nginx_conf_rskj.erb
index 0c18d52..1a14d5c 100644
--- a/site-cookbooks/kosmos_rsk/templates/nginx_conf_rskj.erb
+++ b/site-cookbooks/kosmos_rsk/templates/nginx_conf_rskj.erb
@@ -2,6 +2,7 @@
 <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
 server {
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
   add_header Strict-Transport-Security "max-age=15768000";
 
   ssl_certificate <%= @ssl_cert %>;
diff --git a/site-cookbooks/kredits-github/templates/default/nginx_conf.erb b/site-cookbooks/kredits-github/templates/default/nginx_conf.erb
index 257de71..9772f86 100644
--- a/site-cookbooks/kredits-github/templates/default/nginx_conf.erb
+++ b/site-cookbooks/kredits-github/templates/default/nginx_conf.erb
@@ -6,6 +6,7 @@ upstream _<%= @app_name %> {
 <% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
 server {
   listen 443 ssl http2;
+  listen [::]:443 ssl http2;
   server_name <%= @server_name %>;
 
   access_log <%= node[:nginx][:log_dir] %>/<%= @app_name %>.access.log json;