From 857ab0afe174ffdcb58bde76a5152fab35df87b9 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa <sunil@medhas.org>
Date: Wed, 1 Sep 2021 17:16:38 -0700
Subject: [PATCH] apache: Enable and prioritize HTTP/2 protocol

- Enabling the module automatically sets 'Protocols h2 h2c http/1.1' in shipped
module configuration.

- HTTP/2 is given higher priority over HTTP/1.1 for supported clients.

- Clients not supporting HTTP/2 continue to work with HTTP/1.1.

- Clients work by using APLN extension in TLS to figure out that server supports
HTTP/2 and use it.

- HTTP/2 improves performance.

- Recommended by Mozilla's SSL configurator: https://ssl-config.mozilla.org/.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
---
 actions/apache                    | 3 +++
 plinth/modules/apache/__init__.py | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/actions/apache b/actions/apache
index 6b64c95c6..fc0c06e29 100755
--- a/actions/apache
+++ b/actions/apache
@@ -126,6 +126,9 @@ def subcommand_setup(arguments):
         # Disable /server-status page to avoid leaking private info.
         webserver.disable('status', kind='module')
 
+        # Enable HTTP/2 protocol
+        webserver.enable('http2', kind='module')
+
         # switch to mod_ssl from mod_gnutls
         webserver.disable('gnutls', kind='module')
         webserver.enable('ssl', kind='module')
diff --git a/plinth/modules/apache/__init__.py b/plinth/modules/apache/__init__.py
index b093c5c59..87e7dbbc5 100644
--- a/plinth/modules/apache/__init__.py
+++ b/plinth/modules/apache/__init__.py
@@ -14,7 +14,7 @@ from plinth.modules.firewall.components import Firewall
 from plinth.modules.letsencrypt.components import LetsEncrypt
 from plinth.utils import format_lazy, is_valid_user_name
 
-version = 8
+version = 9
 
 is_essential = True