I just noticed while Server Side TLS guideline for Modern compatibility recommends the following cipher suites for TLSv1.3, the config generator doesn't include them. At least not for Nginx + Modern config.

TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256