Add HTTP3 support when using SSL + Use new way of adding HTTP2 support

src/bw/Dockerfile

@@ -76,7 +76,7 @@ LABEL url "https://www.bunkerweb.io"
 LABEL bunkerweb.type "bunkerweb"
 LABEL bunkerweb.INSTANCE "bunkerweb"
 
-EXPOSE 8080/tcp 8443/tcp
+EXPOSE 8080/tcp 8443/tcp 8443/udp
 
 USER nginx:nginx
 

src/common/confs/default-server-http.conf

@@ -29,9 +29,21 @@ server {
 	{% endif %}
 	ssl_certificate /var/cache/bunkerweb/misc/default-server-cert.pem;
 	ssl_certificate_key /var/cache/bunkerweb/misc/default-server-cert.key;
-	listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %} default_server {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+	{% if HTTP2 == "yes" %}
+	http2 on;
+	{% endif %}
+	listen 0.0.0.0:{{ HTTPS_PORT }} ssl default_server {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
 	{% if USE_IPV6 == "yes" +%}
-	listen [::]:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %} default_server {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+	listen [::]:{{ HTTPS_PORT }} ssl default_server {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+	{% endif %}
+
+	{% if HTTP3 == "yes" %}
+	http3 on;
+	listen 0.0.0.0:{{ HTTPS_PORT }} quic default_server {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %} reuseport;
+	{% if USE_IPV6 == "yes" +%}
+	listen [::]:{{ HTTPS_PORT }} quic default_server {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %} reuseport;
+	{% endif %}
+	add_header Alt-Svc 'h3=":{{ HTTP3_ALT_SVC_PORT }}"; ma=86400';
 	{% endif %}
 {% endif %}
 

src/common/confs/server-http/ssl-certificate-lua.conf

@@ -10,9 +10,21 @@ ssl_dhparam /etc/nginx/dhparam;
 ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
 {% endif %}
 
-listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %} {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+{% if HTTP2 == "yes" %}
+http2 on;
+{% endif %}
+listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
 {% if USE_IPV6 == "yes" +%}
-listen [::]:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %} {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+listen [::]:{{ HTTPS_PORT }} ssl {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+{% endif %}
+
+{% if HTTP3 == "yes" %}
+http3 on;
+listen 0.0.0.0:{{ HTTPS_PORT }} quic {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+{% if USE_IPV6 == "yes" +%}
+listen [::]:{{ HTTPS_PORT }} quic {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
+{% endif %}
+add_header Alt-Svc 'h3=":{{ HTTP3_ALT_SVC_PORT }}"; ma=86400';
 {% endif %}
 
 ssl_certificate_by_lua_block {

src/common/core/misc/plugin.json

@@ -95,6 +95,24 @@
       "regex": "^(yes|no)$",
       "type": "check"
     },
+    "HTTP3": {
+      "context": "multisite",
+      "default": "no",
+      "help": "Support HTTP3 protocol when HTTPS is enabled.",
+      "id": "http3",
+      "label": "HTTP3",
+      "regex": "^(yes|no)$",
+      "type": "check"
+    },
+    "HTTP3_ALT_SVC_PORT": {
+      "context": "multisite",
+      "default": "443",
+      "help": "HTTP3 alternate service port.",
+      "id": "http3-alt-svc-port",
+      "label": "HTTP3 alt svc port",
+      "regex": "^\\d+$",
+      "type": "text"
+    },
     "LISTEN_HTTP": {
       "context": "multisite",
       "default": "yes",