Hi dominikwilkowski,
Excellent question! 
I had lots of questions like yours, i.e. HTTP/2 with NGINX frequently, so I decided to write a post about it:
The Diffie-Hellman with 1024 and 2048 is considered weak, because using massive precomputation (with clouds like AWS, Azure and Google Cloud) that’s no longer state of the art.
Besides you should also stay away from SSL v2, SSL v3 and TLS 1.0. Secure as of today are only TLS v1.1 and v.1.2!
So in the NGINX conf it looks like this:
ssl_protocols TLSv1.1 TLSv1.2;
How to Activate HTTP/2 with TLS Encryption in NGINX for Secure Connections without a Performance Penalty
I hope it helps!
Cheers,