wayne-cheng commented on a change in pull request #4856:
URL: https://github.com/apache/apisix/pull/4856#discussion_r692605756
##########
File path: apisix/cli/ngx_tpl.lua
##########
@@ -459,11 +459,11 @@ http {
server {
{% for _, item in ipairs(node_listen) do %}
- listen {* item.port *} default_server {% if enable_reuseport then %}
reuseport {% end %} {% if item.enable_http2 then %} http2 {% end %};
- {% end %}
- {% if ssl.enable then %}
+ listen {* item.ip *}:{* item.port *} default_server {% if
enable_reuseport then %} reuseport {% end %} {% if item.enable_http2 then %}
http2 {% end %};
+ {% if item.allow_ssl and ssl.enable then %}
Review comment:
> And the default value of "enable_ssl" should not be true, since `9080`
doesn't have "enable_ssl", and it doesn't enable SSL by default.
If the default value of "enable_ssl" is false, the old configuration will
be affected.
Considering the param `enable_ssl` should be compatible with the original
param `apisix.ssl.enable`, I design the param `enable_ssl` as a control switch
that cooperates with the param `apisix.ssl.enable`:
```lua
{% if item.enable_ssl and ssl.enable then %}
{% for _, port in ipairs(ssl.listen_port) do %}
listen {* item.ip *}:{* port *} ssl default_server {% if ssl.enable_http2
then %} http2 {% end %} {% if enable_reuseport then %} reuseport {% end %};
{% end %}
{% end %}
```
Beacause there are other params about ssl ( `enable_http2`, `listen_port`
etc. ) is set in the param `apisix.ssl`, the ssl config should not be complex
in the param `apisix.node_listen[]`
```yaml
apisix
ssl:
enable: true
enable_http2: true
listen_port: 9443
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
