Ubuntu 22.04 How to install NGINX HTTP3/QUIC

2 min read

Installing NGINX with HTTP3/QUIC on Ubuntu 22.04.

What’s NGINX

NGINX is a high-performance web server known for its efficiency, stability, and rich feature set. It’s designed to handle high concurrency with low memory usage, making it ideal for serving static content, acting as a reverse proxy, and handling load balancing. Its event-driven architecture enables it to power many of the world’s busiest websites.

Why use HTTP3/QUIC in NGINX

The introduction of HTTP/3 and QUIC protocols marks a significant evolution in web technologies, offering faster, more secure internet communication. By leveraging UDP, these protocols minimize connection and transport latencies, outperforming their predecessor, HTTP/2, especially in conditions of packet loss and network fluctuations. Integrating HTTP3/QUIC with NGINX can drastically improve your website’s loading times, enhance user experience, and boost your site’s ranking on search engines as speed and security become increasingly important ranking factors.

How to install and enable NGINX HTTP3/QUIC

Installing and enabling HTTP3/QUIC support in NGINX on Ubuntu 22.04 isn’t just about stepping up your web server game; it’s a strategic move towards embracing the future of the internet. This guide will walk you through the pre-requisites for NGINX and HTTP3/QUIC setup, including updating your system, installing required libraries.

Updating Ubuntu OS

apt update && apt upgrade -y

Install and Setup SSL Certificate

HTTP/3 and QUIC fundamentally require SSL/TLS, specifically using TLS 1.3, for a few critical reasons that underscore their emphasis on enhanced security and performance.

We could use Let’s Encrypt for free, if you’ve the paid SSL Certificate should be good.

apt install -y certbot

certbot certonly --standalone -n --agree-tos -m [email protected] -d blackonsole.org --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"

# Set cronjob for SSL renewal
crontab -e

0  0,12 *  *  * certbot renew -q

Setup NGINX Ubuntu Repository

apt install -y curl gnupg2 ca-certificates lsb-release ubuntu-keyring

curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
    | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null

echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list

Install NGINX and Modules (if needed)

# installing
apt update && apt install nginx

# checking the version
nginx -v
nginx version: nginx/1.25.5

Enable HTTP3/QUIC in NGINX config or vhost

server {
  server_name   _;
  root          /var/www/html;

  # HTTP
  listen 80 default_server reuseport;
  listen [::]:80 default_server reuseport;

  # HTTP2/SSL
  listen 443 ssl default_server reuseport;
  listen [::]:443 ssl default_server reuseport;
  http2 on;

  # Enable HTTP3/QUIC
  listen 443 quic default_server reuseport;
  listen [::]:443 quic default_server reuseport;
  http3 on;

  # Let's Encrypt
  ssl_certificate 	    /etc/letsencrypt/live/blackonsole.org/fullchain.pem;
  ssl_certificate_key 	/etc/letsencrypt/live/blackonsole.org/privkey.pem;
  ssl_dhparam           /etc/letsencrypt/ssl-dhparams.pem;

  include               /etc/letsencrypt/options-ssl-nginx.conf;
  
  location / {
    # HTTP3/QUIC Header
    add_header Alt-Svc 'h3=":443"; ma=86400';
    return 200 '{ "HTTP3/QUIC": "Enabled" }';
  }
}

Check the config and restart NGINX Service

# test the config file
nginx -t

# reload the service
nginx -s reload

# OR

systemctl restart nginx
systemctl status nginx

Check the HTTP3/QUIC run as expected

# curl -I localhost
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 20 Apr 2024 04:31:29 GMT
Content-Type: application/xhtml+xml; charset=UTF-8
Content-Length: 24568
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400

If you need check from internet, you could use this website – https://http3check.net/

Reference

  • http://nginx.org/en/docs/quic.html
  • http://nginx.org/en/docs/http/ngx_http_v3_module.html
  • https://www.nginx.com/blog/quic-http3-support-openssl-nginx/

Leave a Reply

Your email address will not be published. Required fields are marked *