Nextcloud - Memories HTTP/2 or HTTP/3 is strongly recommended (http/1.1 detected) + Nginx

Isti6github · 2 May 2023 08:58

Creating a bug report/issue

Required Information

DietPi version |
G_DIETPI_VERSION_CORE=8
G_DIETPI_VERSION_SUB=16
G_DIETPI_VERSION_RC=2
G_GITBRANCH=‘master’
G_GITOWNER=‘MichaIng’
G_LIVE_PATCH_STATUS[0]=‘not applicable’
Distro version | bullseye
Kernel version | Linux DietPi 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux
Architecture | amd64
SBC model | Intel Compute stick (4gb ram) Native PC (x86_64)
Power supply used | (EG: 5V 1A RAVpower)
SD card used | (EG: SanDisk ultra)

Additional Information (if applicable)

Software title | Nextcloud - Memories app
Was the software title installed freshly or updated/migrated? Freshly
Can this issue be replicated on a fresh installation of DietPi? Yes
← If you sent a “dietpi-bugreport”, please paste the ID here →
Bug report ID | echo $G_HW_UUID

Steps to reproduce

Install Memories app in nextcloud app store
Check administration settings (Memories)

Expected behaviour

Everything green

Actual behaviour

one warning: HTTP/2 or HTTP/3 is strongly recommended (http/1.1 detected)

Request

How I can update HTTP protocol? Is it possible update with HTTP? (Not just with HTTPS) I use HTTP connection becouse I need local network connection too.

I have one more question: Is it possible to use SSL/HTTPS in local network? My router dosen’t manage NAT.

Jappe · 2 May 2023 09:11

What webserver do you use?

SSL works on domains, so you would need to set up a domain in your local network. But why would you need SSL in LAN?

Joulinar · 2 May 2023 09:17

Question is if you like to access your NC from intern only or as well from external?

Isti6github · 2 May 2023 10:16

Both, internal and external

Isti6github · 2 May 2023 10:16

because, I want to use 1 server addres to connect with mobile app and browser

Isti6github · 2 May 2023 10:18

I use Nginx, I installed everithing with dietpi-software

Joulinar · 2 May 2023 13:23

Where did you see that error message? With NC?

Do you mean your router is not able to handle NAT Loopback? If not, you would have a challenge to access your DDNS from inside your local network. From external, there would be no issue to access NC using DDNS + https. However from internal, some other workarounds needed to manipulate DNS request inside your network.

Depending on actual situation we could move ahead step by step to activate HTTPS, DDNS and HTTP/2

Isti6github · 2 May 2023 13:40

No, this message get from admin page of Memories at Performance tab (based on my information, this can speed up my APP)

Yes, in that case I have HTTPS with Let’snncript and DDNS, I just want to speed up my performance with HTML/2 or HTML/3

Joulinar · 2 May 2023 13:47

to enable HTTPS/2, you would need to adjust /etc/nginx/sites-available/default

Based on Step-by-Step Guide: How to Enable HTTP/2 on Nginx , you can add http2 configuration within the SSL part. Should looks like this

    listen [::]:443 ssl http2 ipv6only=on; # managed by Certbot
    listen 443 ssl http2; # managed by Certbot

Tested on my demo system with Memories

Isti6github · 3 May 2023 06:27

This is strange, I updated, but the message is same…
I reboot-ed the system to and I used

systemctl reload nginx.service

Joulinar · 3 May 2023 06:44

can you share your configuration file? Did you try different browser and/cleared cache?

Isti6github · 3 May 2023 08:17

I tried, chrome and edge with cleared cache and I added the html2 to port80 too and after that everithings good.

Thanks for your help!

Joulinar · 3 May 2023 08:25

usually this should not be needed if you activate redirect from 80 to 443.

Isti6github · 3 May 2023 08:32

I didn’t activate redirect, yet.

Joulinar · 3 May 2023 08:50

Something I recommend if you plan to access your system from extern, to ensure people get redirect to https

MichaIng · 3 May 2023 23:01

It is “http2”, about the HTTP (transport protocol), not the HTML (website document language) .

And HTTP/2 is supported with HTTPS only, so adding it to port 80 at best is ignored or may break plain HTTP access. It is hence intentionally not part of the guide.

I wonder why Certbot is not adding it, or whether it can be forced to do so .

Oh wow, such a trivial task, requested since 2016 but not added until today: HTTP2 support in Nginx plugin · Issue #3646 · certbot/certbot · GitHub
There is even a PR open since 2019 to add it as option, sadly it is incomplete: Add HTTP2 Support by TheBrokenRail · Pull Request #7113 · certbot/certbot · GitHub
I think I’ll open a PR to just enable it by default. Zero reasons to not enable HTTP/2 on any webserver nowadays as of course it is backwards compatible.

And of course we can do that in dietpi-letsencrypt until then.

Isti6github · 4 May 2023 10:28

This is a very good idea, and its can speed up some app too

MichaIng · 4 May 2023 21:20

Done: v8.17 · MichaIng/DietPi@b5d3eb7 · GitHub