From ef5a7bf7565cec2e7ed0fe661f4326ebb40b4126 Mon Sep 17 00:00:00 2001
From: Emilien Mantel <emilien.mantel@debianiste.org>
Date: Tue, 12 Jan 2016 15:10:43 +0100
Subject: [PATCH] Closes #9

---
 README.md                                    | 2 ++
 defaults/main.yml                            | 1 +
 tasks/prepare.yml                            | 5 +++++
 templates/etc/nginx/sites-available/_base.j2 | 2 +-
 4 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f593ca7..f542e35 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ Features:
 - Proxy + Upstream
 - Fast PHP configuration
 - Preconfigured vhost templates (should work on many app)
+- Auto-configure HTTP2 on SSL/TLS vhosts
 
 Requirements
 ------------
@@ -32,6 +33,7 @@ Role Variables
 - `nginx_log_dir`: log directory (if you change it, don't forget to change logrotate config)
 - `nginx_resolver`: list of DNS resolver (default: OpenDNS)
 - `nginx_error_log_level`: default log level
+- `nginx_auto_config_httpv2`: boolean, auto configure HTTP2 where possible
 
 ### Nginx Configuration
 
diff --git a/defaults/main.yml b/defaults/main.yml
index f0c802f..f5bf07d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -13,6 +13,7 @@ nginx_resolver_hosts: ['8.8.8.8', '8.8.4.4']
 nginx_resolver_valid: '300s'
 nginx_resolver_timeout: '5s'
 nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log
+nginx_auto_config_httpv2: true
 
 #
 # Nginx directories
diff --git a/tasks/prepare.yml b/tasks/prepare.yml
index bea8b4e..a54f255 100644
--- a/tasks/prepare.yml
+++ b/tasks/prepare.yml
@@ -5,6 +5,11 @@
   register: nginx_version
   changed_when: false
 
+- name: SHELL | Get module list
+  shell: nginx -V 2>&1 | tr -- - '\n' | grep -A 1 with | grep _module | sed -r 's/_module\s*$//g' |sort
+  register: nginx_modules
+  changed_when: false
+
 - name: FILE | Create folders
   file: dest={{ item }} owner=root mode=0755 state=directory
   with_items: "{{ nginx_dirs }}"
diff --git a/templates/etc/nginx/sites-available/_base.j2 b/templates/etc/nginx/sites-available/_base.j2
index 753e70f..0ba5c16 100644
--- a/templates/etc/nginx/sites-available/_base.j2
+++ b/templates/etc/nginx/sites-available/_base.j2
@@ -30,7 +30,7 @@ server {
 {% endif %}
 {% if 'https' in __proto %}
 {% for port in __listen_ssl %}
-	listen {{ port }} ssl;
+	listen {{ port }} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
 {% endfor %}
 {{ ssl(item.ssl_name) }}
 	include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};