Need help with docker-nginx-http3?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

RanadeepPolavarapu
822 Stars 53 Forks MIT License 48 Commits 5 Opened issues

Description

Alpine Linux image with Nginx 1.19.4 (mainline) with HTTP/3 (QUIC), TLSv1.3, 0-RTT, brotli, NJS support, and 10 MB size. All built on the bleeding edge for max performance. Built on the edge, for the edge.

Services available

!
?

Need anything else?

Contributors list

# 32,303
Sass
cypress
brotli
nginx
45 commits
# 3,492
Koa
Algolia
algolia...
Visual ...
2 commits
# 219,494
Applica...
HTML
CSS
http2-p...
1 commit

docker-nginx-http3

Docker Pulls Docker Cloud Build Status Docker Cloud Automated build MicroBadger GitHub Contributor Covenant

Alpine Linux image with nginx

1.19.5
(mainline) with HTTP/3 (QUIC), TLSv1.3, 0-RTT, brotli, NJS, Cookie-Flag support. All built on the bleeding edge. Built on the edge, for the edge.

HTTP/3 support provided from the smart people at CloudFlare with the cloudflare/quiche project.

Images for this are available on Docker Hub.

Latest:

docker pull ranadeeppolavarapu/nginx-http3

Usage

This is a base image like the default nginx image. It is meant to be used as a drop-in replacement for the nginx base image.

Best practice example Nginx configs are available in this repo. See nginx.conf and h3.nginx.conf.

Example:

# Base Nginx HTTP/3 Image
FROM ranadeeppolavarapu/nginx-http3:latest

Copy your certs.

COPY localhost.key /etc/ssl/private/ COPY localhost.pem /etc/ssl/

Copy your configs.

COPY nginx.conf /etc/nginx/ COPY h3.nginx.conf /etc/nginx/conf.d/

H3 runs over UDP so, you will need to port map both TCP and UDP. Ex:

docker run -p 80:80 -p 443:443/tcp -p 443:443/udp ...

NOTE: Please note that you need a valid CA signed certificate for the client to upgrade you to HTTP/3. Let's Encrypt is a option for getting a free valid CA signed certificate.

Contributing

Contributions are welcome. Please feel free to contribute 😊.

Features

Future Additions

Possible additions in the future pending IETF spec approvals.

HTTP/3 ENABLED!

Using Chrome Canary with the following CLI flags:

--flag-switches-begin --enable-quic --quic-version=h3-29 --enable-features=EnableTLS13EarlyData --flag-switches-end

Run on Mac OS (darwin):

"/Applications/Google Chrome Canary.app Contents/MacOS/Google Chrome Canary" \
  --flag-switches-begin \
  --enable-quic \
  --quic-version=h3-29 \
  --enable-features=EnableTLS13EarlyData \
  --flag-switches-end

Windows:

Windows Chrome Canary

HTTP/3 (QUIC) Proof

Since HTTP/3 is experimental, we have to be sensible with it. Therefore, below is HTTP/3 in production on one of my web apps 🙃.

h3

HTTP/2 with Server Push

alt

TLS v1.3

ssllabs

0-RTT Proof

tls-0-rtt

Testing 0-RTT

host=domain.example.com # Replace your domain.
echo -e "GET / HTTP/1.1\r\nHost: $host\r\nConnection: close\r\n\r\n" > request.txt
openssl s_client -connect $host:443 -tls1_3 -sess_out session.pem -ign_eof < request.txt
openssl s_client -connect $host:443 -tls1_3 -sess_in session.pem -early_data request.txt

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.