Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/nginx-modules/docker-nginx-boringssl

NGINX Docker built top of rolling release BoringSSL (SIMD x86_64-v4/aarch64/armv7)
https://github.com/nginx-modules/docker-nginx-boringssl

alpine alpine-nginx arm boringssl brotli brotli-compression curve dockerfile header-more http2 http3 mainline-alpine neon nginx nginx-boringssl nginx-docker quic rolling simd tls

Last synced: about 2 months ago
JSON representation

NGINX Docker built top of rolling release BoringSSL (SIMD x86_64-v4/aarch64/armv7)

Host: GitHub
URL: https://github.com/nginx-modules/docker-nginx-boringssl
Owner: nginx-modules
Created: 2017-03-01T14:37:38.000Z (almost 8 years ago)
Default Branch: main
Last Pushed: 2024-06-07T02:36:35.000Z (8 months ago)
Last Synced: 2024-06-07T03:42:48.499Z (8 months ago)
Topics: alpine, alpine-nginx, arm, boringssl, brotli, brotli-compression, curve, dockerfile, header-more, http2, http3, mainline-alpine, neon, nginx, nginx-boringssl, nginx-docker, quic, rolling, simd, tls
Language: Dockerfile
Homepage: https://hub.docker.com/r/denji/nginx-boringssl/
Size: 62.5 KB
Stars: 46
Watchers: 5
Forks: 10
Open Issues: 4
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # **NGINX** built with **BoringSSL** & **TLSv1.3**

### Docker image

[![](https://img.shields.io/docker/automated/denji/nginx-boringssl.svg)](https://hub.docker.com/r/denji/nginx-boringssl/builds/) [![](https://img.shields.io/docker/pulls/denji/nginx-boringssl.svg)](https://hub.docker.com/r/denji/nginx-boringssl/) [![](https://img.shields.io/docker/stars/denji/nginx-boringssl.svg)](https://hub.docker.com/r/denji/nginx-boringssl/)

[![Docker Image CI](https://github.com/nginx-modules/docker-nginx-boringssl/actions/workflows/docker-image.yml/badge.svg)](https://github.com/nginx-modules/docker-nginx-boringssl/actions/workflows/docker-image.yml)

### Supported tags and respective `Dockerfile` links

* Stable Release

  - `docker.io/denji/nginx-boringssl:stable-alpine` - (Linux x86_64-v4)

  - `docker.io/denji/nginx-boringssl:stable-aarch64-alpine` - (Linux AArch64 - ARMv8)

  - `docker.io/denji/nginx-boringssl:stable-armv7-alpine` - (Linux ARMv7 - 32-bit)

* Mainline Release

  - `docker.io/denji/nginx-boringssl:mainline-alpine` - (Linux x86_64-v4)

  - `docker.io/denji/nginx-boringssl:mainline-aarch64-alpine` - (Linux AArch64 - ARMv8)

  - `docker.io/denji/nginx-boringssl:mainline-armv7-alpine` - (Linux ARMv7 - 32-bit)

#### Before you can use

This project is unstable state because of the rolling release **BoringSSL**, and modules.

#### Features

- Images are used Alpine Linux.

- NGINX built **BoringSSL**.

- PCRE with JIT enabled.

- HTTP/2.0 (+NPN) support.

- Async I/O using threads support.

- Dynamic TLS records patch CloudFlare support (and configured).

- Gzip static `.gz` files support enabled

- Brotli static `.br` files support (and configured).

  - Brotli on-the-fly disabled (dynamic compression unstable)

#### Notes

- Linux 3.17+, and the latest Docker stable are recommended.

- BoringSSL is naming ECDH curves differently, some modifications will be required if you want to use your own SSL/TLS config file.

  For example, `secp384r1` (OpenSSL, LibreSSL) is `P-384` (BoringSSL).

  BoringSSL does support multiple curves with its implementation of `SSL_CTX_set1_curves_list()`,

  an example is provided in the default `/etc/nginx/confssl_params`.

  `X25519` is actually the safest curve you can use so it should be the first curve in your list.

- BoringSSL can use cipher groups: a group is defined by brackets and ciphers are separated by `|` like this : `[cipher1|cipher2|cipher3]`.

  Ciphers in a group are considered equivalent on the server-side and let the client decide which cipher is the best.

  This can be useful when using ChaCha20, because AES remains faster than ChaCha20 on AES-NI devices.

#### Based on the Official NGINX Dockerfile & `Wonderfall/boring-nginx`