From e4ec5041eb71ddf01ee0fb82f2bf36ef3addef26 Mon Sep 17 00:00:00 2001
From: Carlos Cesario <carloscesario@gmail.com>
Date: Wed, 26 Sep 2018 14:10:20 -0300
Subject: [PATCH] Make nginx support multiple servers entries (#870)

Currently the code [::]:80 ipv6only=off does not supported when running multiple servers in nginx.conf
More details in
https://unix.stackexchange.com/questions/321879/remove-ipv6only-option-from-puppet-nginx-module
https://serverfault.com/questions/638367/do-you-need-separate-ipv4-and-ipv6-listen-directives-in-nginx
http://nginx.org/en/docs/http/ngx_http_core_module.html#listen
https://forum.opnsense.org/index.php?topic=8877.msg44610#msg44610

This fix works as expected.
---
 .../src/opnsense/service/templates/OPNsense/Nginx/http.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
index 9da79e97f..38ba09e09 100644
--- a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
+++ b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
@@ -58,11 +58,13 @@ if cache_path.use_temp_path is defined and cache_path.use_temp_path == '1'
 {%   set single_servername = server.servername.split(",")[0] %}
 server {
 {%   if server.listen_http_port is defined %}
-    listen  [::]:{{ server.listen_http_port }}{% if server.listen_https_port not in listen_list%} ipv6only=off{% endif %};
+    listen  {{ server.listen_http_port }};
+    listen  [::]:{{ server.listen_http_port }};
 {% do listen_list.append(server.listen_http_port) %}
 {%   endif %}
 {%   if server.listen_https_port is defined and server.certificate is defined %}
-    listen  [::]:{{ server.listen_https_port }}{% if server.listen_https_port not in listen_list%} ipv6only=off{% endif %} http2 ssl;
+    listen  {{ server.listen_https_port }} http2 ssl;
+    listen  [::]:{{ server.listen_https_port }} http2 ssl;
 {% do listen_list.append(server.listen_https_port) %}
 {%     if server.ca is defined %}
     ssl_client_certificate /usr/local/etc/nginx/key/{{ single_servername }}_ca.pem;