Skip to content
/ docker-nginx-http3 Public
forked from distributedlock/docker-nginx-http3

Alpine Linux image with Nginx with HTTP/3 (QUIC), TLSv1.3, 0-RTT, brotli support, and 9 MB size. All built on the bleeding edge for max performance. Built on the edge, for the edge.

hub.docker.com/r/ranadeeppolavarapu/nginx-http3

License

MIT license
0 stars 68 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gam-phon/docker-nginx-http3

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits

hooks

hooks

 
 

.gitattributes

.gitattributes

 
 

.travis.yml

.travis.yml

 
 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

h3.nginx.conf

h3.nginx.conf

 
 

nginx.conf

nginx.conf

 
 

Repository files navigation

docker-nginx-http3

Docker Pulls Docker Cloud Build Status Docker Cloud Automated build MicroBadger GitHub Contributor Covenant

Alpine Linux image with nginx with HTTP/3 (QUIC), TLSv1.3, 0-RTT, brotli support. All built on the bleeding edge. Built on the edge, for the edge.

HTTP/3 support provided from the smart people at CloudFlare with the cloudflare/quiche project.

Images for this are available on Docker Hub.

docker pull ranadeeppolavarapu/nginx-http3

Usage

This is a base image like the default nginx image. It is meant to be used as a drop-in replacement for the nginx base image.

Best practice example Nginx configs are available in this repo. See nginx.conf and h3.nginx.conf.

Example:

# Base Nginx HTTP/3 Image
FROM ranadeeppolavarapu/nginx-http3:latest

# Copy your certs.
COPY localhost.key /etc/ssl/private/
COPY localhost.pem /etc/ssl/

# Copy your configs.
COPY nginx.conf /etc/nginx/
COPY h3.nginx.conf /etc/nginx/conf.d/

H3 runs over UDP so, you will need to port map both TCP and UDP. Ex: docker run -p 80:80 -p 443:443/tcp -p 443:443/udp ...

NOTE: Please note that you need a valid CA signed certificate for the client to upgrade you to HTTP/3. Let's Encrypt is a option for getting a free valid CA signed certificate.

Contributing

Contributions are welcome. Please feel free to contribute 😊.

Features

  • HTTP/3 (QUIC) via CloudFlare's quiche
  • HTTP/2 (with Server Push)
  • HTTP/2
  • BoringSSL (Google's flavor of OpenSSL)
  • TLS 1.3 with 0-RTT support
  • Brotli compression
  • headers-more-nginx-module
  • Alpine Linux (total size of 9 MB compressed)

Future Additions

Possible additions in the future pending IETF spec approvals.

HTTP/3 ENABLED!

Using Chrome Canary with the following CLI flags:

--flag-switches-begin --enable-quic --quic-version=h3-23 --enable-features=EnableTLS13EarlyData --flag-switches-end

Run on Mac OS (darwin):

"/Applications/Google Chrome Canary.app Contents/MacOS/Google Chrome Canary" \
  --flag-switches-begin \
  --enable-quic \
  --quic-version=h3-23 \
  --enable-features=EnableTLS13EarlyData \
  --flag-switches-end

Windows:

Windows Chrome Canary

HTTP/3 (QUIC) Proof

Since HTTP/3 is experimental, we have to be sensible with it. Therefore, below is HTTP/3 in production on one of my web apps 🙃.

h3

HTTP/2 with Server Push

alt

TLS v1.3

ssllabs

0-RTT Proof

tls-0-rtt

Testing 0-RTT

host=domain.example.com # Replace your domain.
echo -e "GET / HTTP/1.1\r\nHost: $host\r\nConnection: close\r\n\r\n" > request.txt
openssl s_client -connect $host:443 -tls1_3 -sess_out session.pem -ign_eof < request.txt
openssl s_client -connect $host:443 -tls1_3 -sess_in session.pem -early_data request.txt

About

Alpine Linux image with Nginx with HTTP/3 (QUIC), TLSv1.3, 0-RTT, brotli support, and 9 MB size. All built on the bleeding edge for max performance. Built on the edge, for the edge.

hub.docker.com/r/ranadeeppolavarapu/nginx-http3

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Dockerfile 95.6%
  • Shell 4.4%