diff options
Diffstat (limited to 'jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def')
-rw-r--r-- | jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def | 123 |
1 files changed, 123 insertions, 0 deletions
diff --git a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def new file mode 100644 index 00000000000..4c86c8b9bb6 --- /dev/null +++ b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def @@ -0,0 +1,123 @@ +# Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +namespace=jdisc.http + +# The TCP port to listen to for this connector. +listenPort int default=0 + +# The connector name +name string default="default" + +# The header field cache size. +headerCacheSize int default=512 + +# The size of the buffer into which response content is aggregated before being sent to the client. +outputBufferSize int default=65536 + +# The maximum size of a request header. +requestHeaderSize int default=65536 + +# The maximum size of a response header. +responseHeaderSize int default=65536 + +# The accept queue size (also known as accept backlog). +acceptQueueSize int default=0 + +# Whether the server socket reuses addresses. +reuseAddress bool default=true + +# The maximum idle time for a connection, which roughly translates to the Socket.setSoTimeout(int). +idleTimeout double default=180.0 + +# DEPRECATED - Ignored, no longer in use +stopTimeout double default = 30.0 +# TODO Vespa 8 Remove stop timeout + +# Whether or not to have socket keep alive turned on. +tcpKeepAliveEnabled bool default=false + +# Enable/disable TCP_NODELAY (disable/enable Nagle's algorithm). +tcpNoDelay bool default=true + +# Whether to enable connection throttling. New connections will be dropped when a threshold is exceeded. +throttling.enabled bool default=false + +# Max number of connections. +throttling.maxConnections int default=-1 + +# Max memory utilization as a value between 0 and 1. +throttling.maxHeapUtilization double default=-1.0 + +# Max connection accept rate per second. +throttling.maxAcceptRate int default=-1 + +# Idle timeout in seconds applied to endpoints when a threshold is exceeded. +throttling.idleTimeout double default=-1.0 + +# Whether to enable SSL for this connector. +ssl.enabled bool default=false + +# File with private key in PEM format. Specify either this or privateKey, but not both +ssl.privateKeyFile string default="" + +# Private key in PEM format. Specify either this or privateKeyFile, but not both +ssl.privateKey string default="" + +# File with certificate in PEM format. Specify either this or certificate, but not both +ssl.certificateFile string default="" + +# Certificate in PEM format. Specify either this or certificateFile, but not both +ssl.certificate string default="" + +# with trusted CA certificates in PEM format. Used to verify clients +# - this is the name of a file on the local container file system +# - only one of caCertificateFile and caCertificate +ssl.caCertificateFile string default="" + +# with trusted CA certificates in PEM format. Used to verify clients +# - this is the actual certificates instead of a pointer to the file +# - only one of caCertificateFile and caCertificate +ssl.caCertificate string default="" + +# Client authentication mode. See SSLEngine.getNeedClientAuth()/getWantClientAuth() for details. +ssl.clientAuth enum { DISABLED, WANT_AUTH, NEED_AUTH } default=DISABLED + +# List of enabled cipher suites. JDisc will use Vespa default if empty. +ssl.enabledCipherSuites[] string + +# List of enabled TLS protocol versions. JDisc will use Vespa default if empty. +ssl.enabledProtocols[] string + +# Enforce TLS client authentication for https requests at the http layer. +# Intended to be used with connectors with optional client authentication enabled. +# 401 status code is returned for requests from non-authenticated clients. +tlsClientAuthEnforcer.enable bool default=false + +# Paths where client authentication should not be enforced. To be used in combination with WANT_AUTH. Typically used for health checks. +tlsClientAuthEnforcer.pathWhitelist[] string + +# Use connector only for proxying '/status.html' health checks. Any ssl configuration will be ignored if this option is enabled. +healthCheckProxy.enable bool default=false + +# Which port to proxy +healthCheckProxy.port int default=8080 + +# Low-level timeout for proxy client (socket connect, socket read, connection pool). Aggregate timeout will be longer. +healthCheckProxy.clientTimeout double default=1.0 + +# Enable PROXY protocol V1/V2 support (only for https connectors). +proxyProtocol.enabled bool default=false + +# Allow https in parallel with proxy protocol +proxyProtocol.mixedMode bool default=false + +# Redirect all requests to https port +secureRedirect.enabled bool default=false + +# Target port for redirect +secureRedirect.port int default=443 + +# Maximum number of request per connection before server marks connections as non-persistent. Set to '0' to disable. +maxRequestsPerConnection int default=0 + +# Maximum number of seconds a connection can live before it's marked as non-persistent. Set to '0' to disable. +maxConnectionLife double default=0.0 |