From ed3f52a57db80497ca07dc2685d595364a1fa31d Mon Sep 17 00:00:00 2001
From: Martin Habovstiak <martin.habovstiak@gmail.com>
Date: Tue, 1 Aug 2023 16:55:33 +0200
Subject: [PATCH] Fix IPv6 in `selfhost-nginx`

Previously `nginx` was only listening on IPv4 addresses which was
breaking certbot on IPv6-configured servers. This commit fixes it by
setting `nginx` to also listen on IPv6 in addition to IPv4.
---
 pkg_specs/selfhost.changelog                | 6 ++++++
 selfhost/nginx/config_top_template.mustache | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/pkg_specs/selfhost.changelog b/pkg_specs/selfhost.changelog
index c25f675..dbde51a 100644
--- a/pkg_specs/selfhost.changelog
+++ b/pkg_specs/selfhost.changelog
@@ -1,3 +1,9 @@
+selfhost (0.1.9-1) buster; urgency=medium
+
+  * Fixed IPv6
+
+ -- Martin Habovstiak <martin.habovstiak@gmail.com>  Tue, 1 Aug 2022 15:01:10 +0100
+
 selfhost (0.1.8-1) buster; urgency=low
 
   * Added X-Forwarded-Host
diff --git a/selfhost/nginx/config_top_template.mustache b/selfhost/nginx/config_top_template.mustache
index dd60cba..790719d 100644
--- a/selfhost/nginx/config_top_template.mustache
+++ b/selfhost/nginx/config_top_template.mustache
@@ -1,5 +1,6 @@
 server {
 {{#tls_key}}
+	listen {{#public}}[::]{{/public}}{{^public}}[::1]{{/public}}:443 ssl http2;
 	listen {{#public}}0.0.0.0{{/public}}{{^public}}127.0.0.1{{/public}}:443 ssl http2;
 	ssl_certificate {{{tls_cert}}};
 	ssl_certificate_key {{{tls_key}}};
@@ -32,6 +33,7 @@ server {
 {{#tls_key}}
 {{#public}}
 server {
+	listen [::]:80;
 	listen 0.0.0.0:80;
 	server_name {{{domain}}};
 	return 301 https://$host$request_uri;