install brotli for nginx in ubuntu

How to Install Brotli for NGINX in Ubuntu

Brotli is a popular data compression algorithm developed by Google. It is a good alternative to gzip, deflate & bzip2 algorithms. It is as fast and in some cases, provides better compression than these algorithms. In this article, we will look at how to install Brotli for NGINX in Ubuntu.

How to Install Brotli for NGINX in Ubuntu

Here are the steps to install Brotli for NGINX in Ubuntu.

1. Pre-requisites

Before you begin installation, it is important to be logged in as non-root user with sudo privileges. Also you need to install certain prerequisite packages. Open terminal and run the following command to create & switch to new non-root user test_user with sudo privileges. Replace test_user with username of your choice.

$ adduser test_user --gecos "Test User"
$ usermod -aG sudo test_user
$ su - test_user

Next, run the following command to update Ubuntu and install certain pre-requisites.

$ sudo apt update && sudo apt upgrade -y
$ sudo apt install -y build-essential git apt-transport-https socat

2. Install SSL/TLS certificate from Let’s Encrypt

Next, we will install SSL/TLS certificate using Lets Encrypt. Run the following command to install Lets Encrypt. We will install its certbot that automatically generates & renews certificates for you.

$ sudo apt install certbot

Once the installation is complete, run the following command to generate certificate. Replace with your domain name, and with your administrator’s email address.

$ sudo certbot certonly --agree-tos --email -d -d

After you run the above command, the certbot will issue some questions to understand your requirement and issue a text string that you need to add as a text record in your website’s DNS entry.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None

Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
(Y)es/(N)o: y
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for

NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
(Y)es/(N)o: y

Please deploy a DNS TXT record under the name with the following value:


Before continuing, verify the record is deployed.

The text in bold needs to be added as a text record in your website’s DNS entry. This will prove to the certbot that you indeed are the owner/administrator of your domain.

Wait for a few minutes before proceeding with the prompt. If all goes well, then certbot will generate your certificates and display a success message, with the location of SSL/TLS certificates.

 - Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:
   Your cert will expire on 2020-01-09. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:
   Donating to EFF:          

Verify the certificates with the following command.

$ sudo certbot certificates

You will see the following output.

Found the following certs:
  Certificate Name:
    Domains: *
    Expiry Date: 2021-09-05 07:48:04+00:00 (VALID: 85 days)
    Certificate Path: /etc/letsencrypt/live/
    Private Key Path: /etc/letsencrypt/live/

Let’s Encrypt’s certificate is valid for 85 days. So we will setup cronjob to auto-renew it regularly. For that, open crontab with the following command.

$ sudo crontab -e

Add the following lines to it.

0 1 * * * /usr/bin/certbot renew >> /var/log/letsencrypt/renew.log

Save and close the file to apply the new cronjob.

3. Install NGINX

Run the following commands to install NGINX.

$ sudo apt update
$ sudo apt install software-properties-common
$ sudo add-apt-repository ppa:nginx/stable
$ sudo apt-get update
$ sudo apt-get install nginx

You can verify NGINX installation with the following command.

$ sudo nginx -v
nginx version: nginx/1.16.1

Please note the version in the output of above command.

4. Download & Compile Brotli

You need to download & compile the ngx_brotli module as a dynamic module. So you need to download the right Brotli module based on the NGINX version.

First we install pre-requisites.

$ sudo apt install git libpcre3 libpcre3-dev zlib1g zlib1g-dev openssl libssl-dev

Next, download the NGINX version that matches the NGINX installed on your system.

$ cd ~/
$ wget
$ tar zxvf nginx-1.16.1.tar.gz

Next, run the following commands to clone the ngx_brotli module from Github.

$ cd ~/
$ git clone
$ cd ~/ngx_brotli
$ git submodule update --init

Change to nginx-1.16.1 folder.

$ cd ~/nginx-1.16.1

Run the following commands to dynamically compile ngx_brotli and copy it to standar directory for NGINX modules /etc/nginx/modules.

$ ./configure --with-compat --add-dynamic-module=./ngx_brotli
$ make modules
$ sudo cp objs/*.so /etc/nginx/modules-available
$ sudo cp objs/*.so /usr/share/nginx/modules

List files at /etc/nginx/modules-available

$ ls /etc/nginx/modules-available

You will see the following output.

5. Configure NGINX

Open NGINX configuration file in a text editor.

$ sudo vi /etc/nginx/nginx.conf

Add the following lines to the top of the file to load Brotli.

load_module modules/;
load_module modules/;

Your configuration file will look like the following.

load_module modules/;
load_module modules/;
user www-data;
worker_processes auto;
pid /run/;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;

http {

Save and exit file.

Run the following command to test NGINX configuration.

$ sudo nginx -t

You should see the following output.

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok 
nginx: configuration file /etc/nginx/nginx.conf test is successful

Now when you want to use Brotli with virtual host, use the following configuration. Replace with your domain name.

server {
listen 80;
return 301 https://$server_name$request_uri;

server {
listen 443 ssl http2;

ssl_certificate /etc/letsencrypt/;
ssl_certificate_key /etc/letsencrypt/;

brotli on;
brotli_static on;
brotli_types *;

Restart NGINX server to apply changes.

$ sudo systemctl reload nginx.service

That’s it. In this article, we have learnt how to install Brotli module for NGINX in Ubuntu.

Also read:

How to Install Brotli for Apache in Ubuntu
How to Uninstall Docker in CentOS
How to Uninstall Asterisk in Ubuntu
JSON.dump vs JSON.dumps in Python
How to Uninstall Docker in Ubuntu

Leave a Reply

Your email address will not be published.