Add Brotli support to Nginx on Ubuntu 18.04

Published on: Fri, Mar 22, 2019 at 11:08 am EST
Linux Guides Ubuntu Web Servers

Brotli (br) is a new open source compression algorithm, developed by Google as an alternative to Gzip, Zopfli and Deflate. It is formally defined in Internet Engineering Task Force (IETF) as RFC 7932. Google's case study on Brotli has shown compression ratios of up to 26% smaller than current methods, with less CPU usage.

Nginx does not have official support but there is a third-party module developed by Google called ngx_brotli that we can use to add support to Nginx.

This guide will show you how to add Brotli support to Nginx on a fresh Ubuntu 18.04 LTS Vultr instance.

NOTE: This guide will use johndoe as an example user and as an example domain. Replace them according to your names.


  • Ubuntu 18.04 LTS server
  • Nginx version 1.11.5 or greater
  • Domain name with A/AAAA records set up
  • TLS certificate

Before you begin

Check the Ubuntu version.

lsb_release -ds
# Ubuntu 18.04 LTS

Create a new non-root user account with sudo access and switch to it.

adduser johndoe --gecos "John Doe"
usermod -aG sudo johndoe
su - johndoe

NOTE: Replace johndoe with your username.

Update your operating system’s software.

sudo apt update && sudo apt upgrade -y

Set up the timezone.

sudo dpkg-reconfigure tzdata

Install required build tools and packages.

sudo apt install -y build-essential git apt-transport-https socat

Step 1 - Install and obtain a TLS certificate from Let's Encrypt

Brotli requires you to set up and use HTTPS. In this part we will get a trusted certificate from Let's Encrypt.

Download and install

sudo mkdir /etc/letsencrypt
git clone
sudo ./ --install --home /etc/letsencrypt --accountemail
cd ~
source ~/.bashrc

Check the version. --version
# v2.8.0

Obtain RSA and ECDSA certificates for

# RSA 2048
sudo /etc/letsencrypt/ --issue --standalone --home /etc/letsencrypt -d --accountemail --ocsp-must-staple --keylength 2048

sudo /etc/letsencrypt/ --issue --standalone --home /etc/letsencrypt -d --accountemail --ocsp-must-staple --keylength ec-256

After running the commands above, your certificates and keys will be in the following locations:

  • RSA: /etc/letsencrypt/
  • ECC/ECDSA: /etc/letsencrypt/example.com_ecc

Step 2 – Install Nginx from the official Nginx repository

Download and install the latest mainline Nginx from the official Nginx repo.

sudo apt-key add nginx_signing.key
rm nginx_signing.key
sudo -s
printf "deb `lsb_release -sc` nginx \ndeb-src `lsb_release -sc` nginx \n" >> /etc/apt/sources.list.d/nginx_mainline.list
sudo apt update
sudo apt install -y nginx nginx-module-geoip nginx-module-image-filter nginx-module-njs nginx-module-perl nginx-module-xslt

Check the version.

sudo nginx -v
# nginx version: nginx/1.15.2

Enable and start Nginx.

sudo systemctl enable nginx.service
sudo systemctl start nginx.service

Step 3 – Download and compile the Brotli source code

After installing Nginx, we need to build the Brotli module (ngx_brotli) as a dynamic Nginx module. From Nginx version 1.11.5 it is possible to compile individual dynamic modules without compiling the complete Nginx software. In the next few steps, we will build the Brotli module as dynamic without compiling the complete Nginx.

Download the latest version of the mainline Nginx source code and extract it.

wget && tar zxvf nginx-1.15.2.tar.gz

NOTE: It is very important that version numbers of the Nginx package and Nginx source code match. If you installed Nginx 1.15.2 from the official Nginx repository, then you must download the same version of the source code, 1.15.2 in this case.

Remove nginx-1.15.2.tar.gz.

rm nginx-1.15.2.tar.gz

Clone ngx_brotli from GitHub.

git clone
cd ngx_brotli && git submodule update --init && cd ~

Navigate to the Nginx source code directory.

cd ~/nginx-1.15.2

Download required libraries.

sudo apt install -y libpcre3 libpcre3-dev zlib1g zlib1g-dev openssl libssl-dev

Compile the ngx_brotli as a dynamic module and copy it to the standard directory for Nginx modules, /etc/nginx/modules.

./configure --with-compat --add-dynamic-module=../ngx_brotli
make modules
sudo cp objs/*.so /etc/nginx/modules

List files in /etc/nginx/modules and you will see and

ls /etc/nginx/modules

Set permissions to 644 for all .so files.

sudo chmod 644 /etc/nginx/modules/*.so

Step 4 – Configure Nginx

We are ready to configure Brotli support in Nginx.

Run sudo vim /etc/nginx/nginx.conf and add the following two directives at the top of the file to load new Brotli modules.

load_module modules/;
load_module modules/;

Test the configuration.

sudo nginx -t

Create a document root directory for and create index.html with some content in it.

sudo mkdir -p /var/www/
sudo -s
echo "Hello from" >> /var/www/

Create a virtual host for

sudo vim /etc/nginx/conf.d/

Populate it with the following configuration.

server {
  listen 80;
  server_name; # Replace with your domain name
  return 301 https://$server_name$request_uri;

server {    
  listen 443 ssl http2;
  server_name; # Replace with your domain name

  root /var/www/; # Replace with your document root

  # RSA
  ssl_certificate /etc/letsencrypt/;
  ssl_certificate_key /etc/letsencrypt/;
  ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.cer;
  ssl_certificate_key /etc/letsencrypt/example.com_ecc/;

  brotli on;
  brotli_static on;
  brotli_types text/plain text/css text/javascript application/javascript text/xml application/xml image/svg+xml application/json;

Test the configuration.

sudo nginx -t

Reload Nginx.

sudo systemctl reload nginx.service

Visit your site in your web browser and open the network tab of developer tools. You will see Content-Encoding: br in the response headers. That is the indicator that Brotli compression is working.

You have enabled Brotli compression on your web server.

Want to contribute ?

You could earn up to $300 by adding new articles