1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
{
//Host application config, config is loaded as a read-only DOM that is available
//to the host and loaded child plugins, all elements are available to plugins via the 'HostConfig' property
"http": {
//The defaut HTTP version to being requests with (does not support http/2 yet)
"default_version": "HTTP/1.1",
//The maxium size (in bytes) of response messges that will be compressed
"compression_limit": 512000,
//Minium response size (in bytes) to compress
"compression_minimum": 2048,
//The size of the buffer to use when parsing multipart/form data uploads
"multipart_max_buf_size": 8192,
//The maxium ammount of data (in bytes) allows for mulitpart/form data file uploads
"multipart_max_size": 80240,
//Absolute maximum size (in bytes) of the request entity body (exludes headers)
"max_entity_size": 1024000,
//Keepalive ms for HTTP1.1 keepalive connections
"keepalive_ms": 1000000,
//The buffer size to use when parsing headers (also the maxium request header size allowed)
"header_buf_size": 8128,
//The maxium number of headers allowed in an HTTP request message
"max_request_header_count": 50,
//The maxium number of allowed network connections, before 503s will be issued automatically and connections closed
"max_connections": 5000,
//The size in bytes of the buffer to use when writing response messages
"response_buf_size": 4096,
//time (in ms) to wait for a response from an active connection in recv mode, before dropping it
"recv_timeout_ms": 5000,
//Time in ms to wait for the client to accept transport data before terminating the connection
"send_timeout_ms": 60000,
//The size (in bytes) of the buffer used to store all response header data
"response_header_buf_size": 16384,
//Max number of file uploads allowed per request
"max_uploads_per_request": 10
},
//Compression is installed in the container at lib/ directory along with the native library supporting gzip and brotli
"compression_lib": "lib/vnlib.net.compression/VNLib.Net.Compression.dll",
//Setup the native lib
"vnlib.net.compression": {
"lib_path": "lib/libvn_compress.so",
"level": 1
},
//Maxium ammount of time a request is allowed to be processed (includes loading or waiting for sessions) before operations will be cancelled and a 503 returned
"max_execution_time_ms": 20000,
//Collection of objects to define hosts+interfaces to build server listeners from
"virtual_hosts": [
{
//The interface to bind to, you may not mix TLS and non-TLS connections on the same interface
"interface": {
"address": "0.0.0.0",
"port": 8080
},
//Collection of "trusted" servers to allow proxy header support from
"downstream_servers": ${HTTP_DOWNSTREAM_SERVERS},
//The hostname to listen for, "*" as wildcard, and "[system]" as the default hostname for the current machine
"hostname": "*",
"path": "dist/",
//A list of file extensions to deny access to, if a resource is requested and has one of the following extensions, a 404 is returned
"deny_extensions": [ ".ts", ".json", ".htaccess", ".php" ],
//The default file extensions to append to a resource that does not have a file extension
"default_files": [ "index.html", "index.htm" ],
//A list of error file objects, files are loaded into memory (and watched for changes) and returned when the specified error code occurs
"error_files": [],
//The default
"cache_default_sec": 864000,
"ssl": ${SSL_JSON},
}
],
//Defines the directory where plugin's are to be loaded from
"plugins": {
//Hot-reload creates collectable assemblies that allow full re-load support in the host application, should only be used for development purposes!
"hot_reload": false,
"path": "plugins/",
"config_dir": "config/",
"assets": "plugins/assets/"
},
"sys_log": {
"path": "data/logs/sys-log.txt",
"flush_sec": 5,
"retained_files": 31,
"file_size_limit": 10485760,
"interval": "infinite"
},
"app_log": {
"path": "data/logs/app-log.txt",
"flush_sec": 5,
"retained_files": 31,
"file_size_limit": 10485760,
"interval": "infinite"
},
//HASHICORP VAULT
"hashicorp_vault": {
"url": "${HC_VAULT_ADDR}",
"token": "${HC_VAULT_TOKEN}",
"trust_certificate": ${HC_VAULT_TRUST_CERT},
},
//SQL CONFIG
"sql": {
"provider": "${SQL_LIB_PATH}",
"connection_string": "${SQL_CONNECTION_STRING}"
},
//VNCACHE global config
//Enable vncache as the providers above rely on the object caching server
"cache": {
"assembly_name": "${CACHE_ASM_PATH}",
"url": "${REDIS_CONNECTION_STRING}",
//Max size (in bytes) of allowed data to be stored in each user's session object
"max_object_size": 8128,
//Request timeout
"request_timeout_sec": 10,
//Time delay between cluster node discovery
"discovery_interval_sec": 120,
//Initial nodes to discover from
"initial_nodes": ${VNCACHE_INITIAL_NODES},
//Disable TLS
"use_tls": false,
//Setting this value to true will cause the cache store to load a memory-only instance, without remote backing
"memory_only": ${MEMCACHE_ONLY},
//enable memory cache
"memory_cache": {
"buckets": 20,
"bucket_size": 5000,
"max_age_sec": 600,
"refresh_interval_sec": 60,
"zero_all": false,
"max_object_size": 8128
}
},
"secrets": {
//Special key used by the loading library for access to the PasswordHashing library to pepper password hashes
"passwords": "${PASSWORD_PEPPER}",
"db_password": "${DATABASE_PASSWORD}",
"client_private_key": "${VNCACHE_CLIENT_PRIVATE_KEY}",
"cache_public_key": "${VNCACHE_CACHE_PUBLIC_KEY}",
"redis_password": "${REDIS_PASSWORD}"
}
}
|
