Nginx 1.25配置QUIC和HTTP/3 和http2

Nginx 1.25配置QUIC和HTTP/3 和http2

http {
    include       mime.types;
    default_type  application/octet-stream;

    # 添加 HTTP/2 和 HTTP/3 支持
    server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        # 使用 QUIC 和 HTTP/3
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        listen 443 quic reuseport;
        listen [::]:443 quic reuseport;

        # 配置域名和 SSL 证书
        server_name example.com;
        ssl_certificate /path/to/your/fullchain.pem;
        ssl_certificate_key /path/to/your/privkey.pem;

        # 配置 SSL 和 QUIC
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers off;

        ssl_ciphers TLS13+AESGCM+AESGCM:AES128+SHA:!AES256+SHA;

        # HTTP/3 特定配置
        ssl_conf_command Ciphersuites TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256;
        ssl_conf_command Groups X25519:P-256;
        ssl_early_data on;

        # 指定 QUIC 证书文件和密钥
        ssl_certificate /path/to/your/fullchain.pem;
        ssl_certificate_key /path/to/your/privkey.pem;

        # 启用 QUIC 和 HTTP/3
        add_header Alt-Svc 'h3-23=":443"; ma=86400';  # h3-23 for HTTP/3-23 draft

        location / {
            root   html;
            index  index.html index.htm;
        }
    }

    include servers/*;
}