server {
    listen 80;
    server_name filebrowser.example.com;
      return 307 https://$host$request_uri;
}

server {
   listen 443 quic;
   listen 443 ssl;
   listen [::]:443 ssl;
   quic_retry on;
   ssl_early_data on;
   quic_gso on;
   http3 on;
   http2 on;
   
   server_name filebrowser.example.com;
   ssl_certificate /etc/nginx/ssl/*.filebrowser.example.com/fullchain.cer;
   ssl_certificate_key /etc/nginx/ssl/*.filebrowser.example.com/private.key;
    
   add_header alt-svc 'h3=":$server_port"; ma=1800';
   add_header x-quic 'h3';
   
    location / {
        #ip:port filebrowser
       proxy_pass http://filebrowser_local_ip:8869;
       #access from lan network add your IPV4 and IPV6 networks
       allow ::/64;
       allow 192.168.1.0/24;
       deny all;
}

    location /.well-known/acme-challenge {
        proxy_set_header Host $host;
        proxy_set_header X-Real_IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
        proxy_pass http://127.0.0.1:9180;
    }
}