94 lines
3.7 KiB
TOML
94 lines
3.7 KiB
TOML
########################################
|
|
# #
|
|
# rust-rxpy configuration #
|
|
# #
|
|
########################################
|
|
###################################
|
|
# Global settings #
|
|
###################################
|
|
# Both or either one of http/https ports must be specified
|
|
listen_port = 8080
|
|
listen_port_tls = 8443
|
|
|
|
# Optional for h2 and http1.1
|
|
max_concurrent_streams = 100
|
|
|
|
# Optional. Counted in total for http1.1, 2, 3
|
|
max_clients = 512
|
|
|
|
# Optional: Listen [::]
|
|
listen_ipv6 = false
|
|
|
|
# Optional: App that serves all plaintext http request by referring to HOSTS or request header
|
|
# execpt for configured application.
|
|
# Note that this is only for http.
|
|
# Note that nothing is served for requests via https since secure channel cannot be
|
|
# established for unconfigured server_name, and they are always rejected by checking SNI.
|
|
default_app = 'another_localhost'
|
|
|
|
###################################
|
|
# Backend settings #
|
|
###################################
|
|
[apps]
|
|
|
|
######################################################################
|
|
## Registering a backend app served by a domain name "localhost"
|
|
[apps.localhost]
|
|
server_name = 'localhost' # Domain name
|
|
|
|
# Optional: TLS setting. if https_port is specified and tls is true above, this must be given.
|
|
tls = { https_redirection = true, tls_cert_path = '/certs/localhost.crt', tls_cert_key_path = '/certs/localhost.key' } # for docker volume mounted certs
|
|
#tls = { https_redirection = true, tls_cert_path = './localhost.crt', tls_cert_key_path = './localhost.key' } # for local
|
|
|
|
## TODO
|
|
# allowhosts = ['127.0.0.1', '::1', '192.168.10.0/24'] # TODO
|
|
# denyhosts = ['*'] # TODO
|
|
|
|
# default destination if "path" is not specified
|
|
[[apps.localhost.reverse_proxy]]
|
|
# List of destinations to send data to. At this point, round-robin is used for load-balancing if multiple URLs are specified.
|
|
upstream = [
|
|
{ location = 'www.yahoo.com', tls = true },
|
|
{ location = 'www.yahoo.co.jp', tls = true },
|
|
]
|
|
upstream_options = ["override_host", "convert_to_http2"]
|
|
|
|
# Non-default destination in "localhost" app, which is routed by "path"
|
|
[[apps.localhost.reverse_proxy]]
|
|
path = '/maps'
|
|
# For request path starting with "/maps",
|
|
# this configuration results that any path like "/maps/org/any.ext" is mapped to "/replacing/path1/org/any.ext"
|
|
# by replacing "/maps" with "/replacing/path1" for routing to the locations given in upstream array
|
|
# Note that unless "path_replaced_with" is specified, the "path" is always preserved.
|
|
# "path_replaced_with" must be start from "/" (root path)
|
|
replace_path = "/replacing/path1"
|
|
upstream = [
|
|
{ location = 'www.bing.com', tls = true },
|
|
{ location = 'www.bing.co.jp', tls = true },
|
|
]
|
|
upstream_options = [
|
|
"override_host",
|
|
"upgrade_insecure_requests",
|
|
"convert_to_http11",
|
|
]
|
|
######################################################################
|
|
|
|
######################################################################
|
|
# Another application backend servied by different domain name
|
|
[apps.another_localhost]
|
|
server_name = 'localhost.localdomain'
|
|
reverse_proxy = [{ upstream = [{ location = 'www.google.com', tls = true }] }]
|
|
######################################################################
|
|
|
|
###################################
|
|
# Experimantal settings #
|
|
###################################
|
|
[experimental]
|
|
ignore_sni_consistency = false # Higly recommend not to be true. If true, you ignore RFC. if not specified, it is always false.
|
|
|
|
[experimental.h3] # If this specified, h3 is enabled
|
|
alt_svc_max_age = 3600 # sec
|
|
request_max_body_size = 65536 # bytes
|
|
max_concurrent_connections = 10000
|
|
max_concurrent_bidistream = 100
|
|
max_concurrent_unistream = 100
|