http2-http3.conf (837B)
1 # Drop-in placed by Ansible. 2 # Sets HTTP/2 and HTTP/3 (QUIC) globally inside the http{} context. 3 # All per-server listen/quic directives live in listen.conf.inc. 4 5 http2 on; 6 http3 on; 7 quic_retry on; 8 9 ssl_early_data on; 10 11 # FIXME: comment-in later, upgrade fails if we put this immediately, 12 # we need to run once without, otherwise nginx will see these 13 # directives twice in different places and the setup script will fail. 14 # NOTE: remove the above comment AND the commented out lines 15 # below once spec has been updated once -- then update immediately 16 # again! 17 18 # ssl_prefer_server_ciphers on; 19 ## Note: session cache is shared across all services on this server 20 # ssl_session_cache shared:TLS:10m; 21 # ssl_dhparam /etc/ssl/private/dhparam.pem; 22 # ssl_protocols TLSv1.3 TLSv1.2; 23 # ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';