113 lines
2.6 KiB
Text
113 lines
2.6 KiB
Text
# Network Configuration Schema
|
|
# Common schema for bind addresses, CORS, TLS, and networking
|
|
|
|
{
|
|
# Supported IP versions
|
|
|
|
NetworkConfig = {
|
|
# Bind address (IP:port format)
|
|
bind_address | String | optional,
|
|
|
|
# IP version to use
|
|
ip_version | String | default = 'ipv4,
|
|
|
|
# Enable IPv6
|
|
enable_ipv6 | Bool | default = false,
|
|
|
|
# Network interface to bind to (eth0, lo, etc.)
|
|
interface | String | optional,
|
|
|
|
# Connection settings
|
|
connection | {
|
|
# TCP backlog size
|
|
backlog | String | optional,
|
|
|
|
# TCP nodelay (disable Nagle algorithm)
|
|
tcp_nodelay | Bool | default = true,
|
|
|
|
# SO_KEEPALIVE socket option
|
|
so_keepalive | Bool | default = true,
|
|
|
|
# Read timeout in milliseconds
|
|
read_timeout | Number | optional,
|
|
|
|
# Write timeout in milliseconds
|
|
write_timeout | Number | optional,
|
|
} | optional,
|
|
|
|
# Proxy Configuration
|
|
proxy | {
|
|
# Enable proxy support
|
|
enabled | Bool | default = false,
|
|
|
|
# Trust proxy headers
|
|
trust_proxy_headers | Bool | default = false,
|
|
|
|
# Trusted proxy IPs (CIDR notation)
|
|
trusted_proxies | Array String | optional,
|
|
|
|
# Client IP header name
|
|
client_ip_header | String | optional,
|
|
} | optional,
|
|
|
|
# Rate Limiting by IP
|
|
ip_rate_limiting | {
|
|
# Enable per-IP rate limiting
|
|
enabled | Bool | default = false,
|
|
|
|
# Max requests per IP per window
|
|
max_requests | String | optional,
|
|
|
|
# Window size in seconds
|
|
window_seconds | Number | optional,
|
|
|
|
# IP whitelist (bypass rate limiting)
|
|
whitelist | Array String | optional,
|
|
|
|
# IP blacklist (block entirely)
|
|
blacklist | Array String | optional,
|
|
} | optional,
|
|
|
|
# TLS Configuration
|
|
tls | {
|
|
# Enable TLS
|
|
enabled | Bool | default = false,
|
|
|
|
# Minimum TLS version
|
|
min_version | String | optional,
|
|
|
|
# Maximum TLS version
|
|
max_version | String | optional,
|
|
|
|
# Certificate file path
|
|
cert_file | String | optional,
|
|
|
|
# Key file path
|
|
key_file | String | optional,
|
|
|
|
# CA certificate for client verification
|
|
ca_file | String | optional,
|
|
|
|
# Require client certificate
|
|
client_cert_required | Bool | default = false,
|
|
|
|
# Cipher suites (use defaults if empty)
|
|
cipher_suites | Array String | optional,
|
|
} | optional,
|
|
|
|
# DNS Configuration
|
|
dns | {
|
|
# DNS servers to use
|
|
servers | Array String | optional,
|
|
|
|
# DNS timeout in seconds
|
|
timeout | Number | optional,
|
|
|
|
# Enable DNS caching
|
|
cache | Bool | default = true,
|
|
|
|
# DNS cache TTL in seconds
|
|
cache_ttl | Number | optional,
|
|
} | optional,
|
|
},
|
|
}
|