From bd363c04cfdb3df473f0620c8c565680fac0398a Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Sun, 10 Dec 2023 20:20:54 +0100
Subject: [PATCH] sni_forward: use 444 as the internal nginx port because the
 'front' sni forwarder needs to use 443 and this would otherwise conflict

---
 conf/nginx/server.tpl.conf     | 4 ++--
 conf/nginx/sni_forward.conf    | 2 +-
 conf/nginx/yunohost_admin.conf | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/conf/nginx/server.tpl.conf b/conf/nginx/server.tpl.conf
index b8055c2ef..bbd02892b 100644
--- a/conf/nginx/server.tpl.conf
+++ b/conf/nginx/server.tpl.conf
@@ -43,7 +43,7 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     {% else %}
-    listen 127.0.0.1:443 ssl http2;
+    listen 127.0.0.1:444 ssl http2;
     {% endif %}
     server_name {{ domain }};
 
@@ -91,7 +91,7 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     {% else %}
-    listen 127.0.0.1:443 ssl http2;
+    listen 127.0.0.1:444 ssl http2;
     {% endif %}
     server_name xmpp-upload.{{ domain }};
     root /dev/null;
diff --git a/conf/nginx/sni_forward.conf b/conf/nginx/sni_forward.conf
index 79fb5c7a6..d5186fe27 100644
--- a/conf/nginx/sni_forward.conf
+++ b/conf/nginx/sni_forward.conf
@@ -15,7 +15,7 @@ stream {
     {% endfor %}
 
     upstream https_default_backend {
-        server 127.0.0.1:443;
+        server 127.0.0.1:444;
     }
 
     server {
diff --git a/conf/nginx/yunohost_admin.conf b/conf/nginx/yunohost_admin.conf
index 61dc5709b..f834d1667 100644
--- a/conf/nginx/yunohost_admin.conf
+++ b/conf/nginx/yunohost_admin.conf
@@ -11,7 +11,7 @@ server {
     listen 443 ssl http2 default_server;
     listen [::]:443 ssl http2 default_server;
     {% else %}
-    listen 127.0.0.1:443 ssl http2 default_server;
+    listen 127.0.0.1:444 ssl http2 default_server;
     {% endif %}
 
     include /etc/nginx/conf.d/security.conf.inc;