As soon as OpenSSL 1.1.1 is ready in IPFire (and HAProxy is built against it), it should be no problem to enable TLS 1.3 on our websites.
According to SSLLabs, TLS 1.3 is enabled on IPFire web sites by now. Thank you. :-)