From 7a1214437d0eb2c202ff301d41672db00d676a7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Mon, 16 Dec 2024 01:56:49 +0100
Subject: [PATCH] nginx: disable tcpFastOpen in opinionated settings

due to cert challenge
---
 modules/nginx.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/nginx.nix b/modules/nginx.nix
index 613a135..a1243d2 100644
--- a/modules/nginx.nix
+++ b/modules/nginx.nix
@@ -49,7 +49,7 @@ in
       includeSubDomains = lib.mkEnableOption "" // { description = "Whether to add `includeSubDomains` to the `Strict-Transport-Security` header"; };
     };
 
-    tcpFastOpen = libS.mkOpinionatedOption "enable tcp fast open";
+    tcpFastOpen = lib.mkEnableOption "" // { description = "Whether to configure tcp fast open. This requires configuring useACMEHost for `_` due to limitatons in the nginx config parser"; };
 
     # source https://gist.github.com/danbst/f1e81358d5dd0ba9c763a950e91a25d0
     virtualHosts = lib.mkOption {