add quic support

http/default.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic reuseport default_server;
 	listen 443 ssl default_server;
 	server_name *.tronnet.net;
 	include snippets/ssl-acme.conf;

http/gitea.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name git.tronnet.net;
 	include snippets/ssl-acme.conf;

http/homepage.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name tronnet.net;
 	include snippets/ssl-acme.conf;

http/minecraft.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name minecraft.tronnet.net;
 	include snippets/ssl-acme.conf;

http/office.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name office.tronnet.net;
 	include snippets/ssl-acme.conf;

http/opns.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name opns.tronnet.net;
 	include snippets/ssl-acme.conf;

http/paas.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name paas.tronnet.net;
 	include snippets/ssl-acme.conf;

http/pve.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name pve.tronnet.net;
 	include snippets/ssl-acme.conf;

http/root.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name root.tronnet.net;
 	include snippets/ssl-acme.conf;

http/status.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name status.tronnet.net;
 	include snippets/ssl-acme.conf;

http/wiki.conf

@@ -1,4 +1,5 @@
 server {
+	listen 443 quic;
 	listen 443 ssl;
 	server_name wiki.tronnet.net;
 	include snippets/ssl-acme.conf;

ssl-params.conf

@@ -10,6 +10,8 @@ ssl_stapling on;
 ssl_stapling_verify on;
 resolver 8.8.8.8 8.8.4.4 valid=300s;
 resolver_timeout 5s;
+# quic alternate service advertisement
+add_header Alt-Svc 'h3=":443"; ma=864000';
 # ssl cert paths
 ssl_dhparam /etc/ssl/certs/dhparam.pem;
 ssl_certificate /etc/letsencrypt/live/tronnet.net/fullchain.pem;