Unless you are on a very old machine you should be able to just

listen [::]:443 ssl http2 default_server;

As sysctl net.ipv6.bindv6only defaults to 0 on linux (not sure about other platforms) and so binding to ipv6 will also bind to the ipv6-mapped ipv4 address.

Rolling HTTP2 requires nginx >= 1.9.5, isn't the example missing the ssl statement?

I am on my Raspberry Pi 3 running a Debian Jessie derivate (OSMC) and that does not work.

invalid parameter "http2" in /etc/nginx/sites-enabled/default:44

Also I tested it without http2 and it does not bind to IPv4.

I verified net.ipv6.bindv6only = 0

As per https://trac.nginx.org/nginx/ticket/345 we might need to set ipv6only=off then.

When running Jessie the necessary nginx version is only available in the backports I'm afraid.

I would argue that the current solution is the same as the port handling of port 80 (see above that line in the same file).
Binding to v6 individually works on every version, so I do not really see a reason to change the PR.

Just tested and confirmed working:

listen [::]:443 ssl default_server ipv6only=off;

I don't feel strongly about saving a single line.

We should however note that http2 can be enabled given a recent enough nginx version.

I'm still quite certain this will make 443 a plain http port. Are you sure leaving out the ssl flag here is correct?

Right below is ssl on which does the trick. I have this config running and working on my machine

Ok, cool!

So is this approved? Can you merge the changes please?

Not a member, just a contributor.

lgtm

Ah, I see. But I guess you can approve your review, can't you? :)