Custom NGINX build

Luna-HTTP/S

A maintained, source-built NGINX mainline distribution with OpenSSL LTS, post-quantum ML-KEM support, HTTP/3 / QUIC, Brotli, GeoIP2, header manipulation support, and reproducible Docker builds.

Overview

Base

NGINX mainline

TLS stack

OpenSSL 3.5 LTS

Protocols

HTTP/1.1, HTTP/2, HTTP/3

Image

ghcr.io/tiekoetter/lunahttps

The build identifies itself as luna-http/s in generated server headers and error pages.

Included Features

NGINX mainline as the base for current protocol and module support.
OpenSSL LTS pinned by version and SHA256, including ML-KEM-capable post-quantum TLS support.
HTTP/3 / QUIC alongside HTTP/1.1 and HTTP/2.
Brotli compression through ngx_brotli.
GeoIP2 support through ngx_http_geoip2_module.
Header manipulation through headers-more-nginx-module.

Container Usage

The image is published through GitHub Container Registry after CI succeeds on the main branch.

docker pull ghcr.io/tiekoetter/lunahttps:latest

docker run --rm \
  -p 80:80/tcp \
  -p 443:443/tcp \
  -p 443:443/udp \
  ghcr.io/tiekoetter/lunahttps:latest

Source Build

The public repository keeps the build process inspectable, repeatable, and CI-tested.

git clone --recurse-submodules https://github.com/tiekoetter/lunahttps.git
cd lunahttps
sudo ./build.sh

Background

Luna-HTTP/S started in 2018 as a personal source-built NGINX setup. The goal was simple: build NGINX directly from source with the protocol, TLS, and module support needed for my own deployments. This public version keeps that long-running build reproducible and visible.