From e770c6dc9813c48d37d161165ef5fe6dffc9b011 Mon Sep 17 00:00:00 2001
From: Minecon724 <minecon724@noreply.git.m724.eu>
Date: Tue, 7 Jan 2025 16:08:34 +0100
Subject: [PATCH] Update nginx/nginx.conf

---
 nginx/nginx.conf | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 708e72f..15826c8 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -31,12 +31,19 @@ http {
     keepalive_timeout  65;
 
     gzip  on;
+    http2 on;
+
+    add_header Alt-Svc 'h3=":443"; ma=86400';
+
 
     # modern configuration
     ssl_protocols TLSv1.3;
     ssl_ecdh_curve X25519:prime256v1:secp384r1;
     ssl_prefer_server_ciphers off;
 
+    # Make sure to generate it first
+    ssl_dhparam /etc/ssl/dhparam.pem;
+
     # OCSP stapling
     ssl_stapling on;
     ssl_stapling_verify on;
@@ -62,7 +69,9 @@ http {
         listen 443 quic reuseport default_server;
         listen [::]:443 ssl default_server;
 
-        return 200;
+        # Make sure to generate
+        ssl_certificate snakeoil.pem;
+        ssl_certificate_key snakeoil.key;
     }
 
     include /etc/nginx/conf.d/*.conf;