47 lines
1.2 KiB
Plaintext
47 lines
1.2 KiB
Plaintext
|
# https://www.nginx.com/blog/introducing-technology-preview-nginx-support-for-quic-http-3/
|
||
|
|
server {
|
||
|
|
# quic and http/3
|
||
|
|
listen 443 http3 reuseport;
|
||
|
|
|
||
|
|
# http/2 and http/1.1
|
||
|
|
listen 443 ssl http2;
|
||
|
|
|
||
|
|
# openssl-generated pair for local development
|
||
|
|
# https://letsencrypt.org/docs/certificates-for-localhost/
|
||
|
|
ssl_certificate /etc/nginx/ssl/fullchain.pem;
|
||
|
|
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
|
||
|
|
|
||
|
|
# Enable all TLS versions (TLSv1.3 is required for QUIC).
|
||
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||
|
|
|
||
|
|
# 0-RTT QUIC connection resumption
|
||
|
|
ssl_early_data on;
|
||
|
|
|
||
|
|
# Add Alt-Svc header to negotiate HTTP/3.
|
||
|
|
add_header alt-svc 'h3=":443";ma=86400,h3-27=":443";ma=86400,h3-28=":443";ma=86400,h3-29=":443";ma=86400';
|
||
|
|
add_header httpversion $server_protocol; # Sent when QUIC was used
|
||
|
|
|
||
|
|
location /static/ {
|
||
|
|
root /static;
|
||
|
|
}
|
||
|
|
|
||
|
|
location /uploads/ {
|
||
|
|
root /uploads;
|
||
|
|
}
|
||
|
|
|
||
|
|
location / {
|
||
|
|
proxy_pass http://backend:3000;
|
||
|
|
proxy_set_header httpversion $server_protocol;
|
||
|
|
}
|
||
|
|
|
||
|
|
# location / {
|
||
|
|
# root /static;
|
||
|
|
|
||
|
|
# gzip_static on;
|
||
|
|
# brotli_static on;
|
||
|
|
|
||
|
|
# expires 1d;
|
||
|
|
# }
|
||
|
|
|
||
|
|
}
|