Resolve hestiacp#3684 Process "http2" directive for NGINX (hestiacp#3704)

* Process "http2" directive for NGINX
* Update v-update-sys-ip

Author: myrevery

bin/v-add-sys-ip

@@ -145,6 +145,7 @@ if [ -n "$WEB_SYSTEM" ]; then
 	elif [ "$WEB_SYSTEM" = 'nginx' ]; then
 		cp -f $HESTIA_INSTALL_DIR/nginx/unassigned.inc "$web_conf"
 		sed -i 's/directIP/'$ip'/g' "$web_conf"
+		process_http2_directive "$web_conf"
 	fi
 
 	if [ "$WEB_SSL" = 'mod_ssl' ]; then
@@ -165,6 +166,8 @@ if [ -n "$PROXY_SYSTEM" ]; then
 			-e "s/%proxy_ssl_port%/$PROXY_SSL_PORT/g" \
 			> /etc/$PROXY_SYSTEM/conf.d/$ip.conf
 
+	process_http2_directive "/etc/$PROXY_SYSTEM/conf.d/$ip.conf"
+
 	# mod_extract_forwarded
 	fw_conf="/etc/$WEB_SYSTEM/conf.d/mod_extract_forwarded.conf"
 	if [ -e "$fw_conf" ]; then

bin/v-update-sys-ip

@@ -20,6 +20,8 @@ source /etc/hestiacp/hestia.conf
 source $HESTIA/func/main.sh
 # shellcheck source=/usr/local/hestia/func/ip.sh
 source $HESTIA/func/ip.sh
+# shellcheck source=/usr/local/hestia/func/domain.sh
+source $HESTIA/func/domain.sh
 # load config file
 source_conf "$HESTIA/conf/hestia.conf"
 
@@ -93,10 +95,12 @@ if [ -n "$old_ip" ]; then
 	# Updating WEB
 	if [ -n "$WEB_SYSTEM" ]; then
 		cd /etc/$WEB_SYSTEM/conf.d
+
 		if [ -e "$old_ip.conf" ]; then
 			mv $old_ip.conf $new_ip.conf
 			sed -i "s/$old_ip/$new_ip/g" $new_ip.conf
 		fi
+
 		for user in $($BIN/v-list-sys-users plain); do
 			sed -i "s/$old_ip/$new_ip/g" $HESTIA/data/users/$user/web.conf
 			$BIN/v-rebuild-web-domains "$user" no
@@ -156,6 +160,8 @@ for ip in $ips; do
 		prefixlen="$(ip -d -j addr show | jq --arg IP "$ip" -r '.[].addr_info[] | if .local == $IP then .prefixlen else empty end')"
 		netmask="$(convert_cidr "$prefixlen")"
 		$BIN/v-add-sys-ip "$ip" "$netmask" "$interface"
+	elif [ -e "/etc/nginx/conf.d/$ip.conf" ]; then
+		process_http2_directive "/etc/nginx/conf.d/$ip.conf"
 	fi
 done
 

func/domain.sh

@@ -289,6 +289,8 @@ add_web_config() {
 			-e "s|%ssl_ca%|$ssl_ca|g" \
 			> $conf
 
+	process_http2_directive "$conf"
+
 	chown root:$user $conf
 	chmod 640 $conf
 
@@ -857,6 +859,8 @@ add_webmail_config() {
 			-e "s|%ssl_ca%|$ssl_ca|g" \
 			> $conf
 
+	process_http2_directive "$conf"
+
 	chown root:$user $conf
 	chmod 640 $conf
 
@@ -1018,3 +1022,35 @@ is_base_domain_owner() {
 		fi
 	done
 }
+
+#----------------------------------------------------------#
+#           Process "http2" directive for NGINX            #
+#----------------------------------------------------------#
+
+process_http2_directive() {
+	if [ -e /etc/nginx/conf.d/http2-directive.conf ]; then
+		while IFS= read -r old_param; do
+			new_param="$(echo "$old_param" | sed 's/\shttp2//')"
+			sed -i "s/$old_param/$new_param/" "$1"
+		done < <(grep -E "listen.*(\bssl\b(\s|.+){1,}\bhttp2\b|\bhttp2\b(\s|.+){1,}\bssl\b).*;" "$1")
+	else
+		if version_ge "$(nginx -v 2>&1 | cut -d'/' -f2)" "1.25.1"; then
+			echo "http2 on;" > /etc/nginx/conf.d/http2-directive.conf
+
+			while IFS= read -r old_param; do
+				new_param="$(echo "$old_param" | sed 's/\shttp2//')"
+				sed -i "s/$old_param/$new_param/" "$1"
+			done < <(grep -E "listen.*(\bssl\b(\s|.+){1,}\bhttp2\b|\bhttp2\b(\s|.+){1,}\bssl\b).*;" "$1")
+		else
+			listen_ssl="$(grep -E "listen.*\s\bssl\b(?:\s)*.*;" "$1")"
+			listen_http2="$(grep -E "listen.*(\bssl\b(\s|.+){1,}\bhttp2\b|\bhttp2\b(\s|.+){1,}\bssl\b).*;" "$1")"
+
+			if [ -n "$listen_ssl" ] && [ -z "$listen_http2" ]; then
+				while IFS= read -r old_param; do
+					new_param="$(echo "$old_param" | sed 's/\sssl/ ssl http2/')"
+					sed -i "s/$old_param/$new_param/" "$1"
+				done < <(grep -E "listen.*\s\bssl\b(?:\s)*.*;" "$1")
+			fi
+		fi
+	fi
+}