Skip to content

Latest commit

 

History

History
25 lines (21 loc) · 7.69 KB

config.md

File metadata and controls

25 lines (21 loc) · 7.69 KB

Gateway Server Configuration

This is the documentation of the legacy standalone Gateway Server. This server is deprecated and will be removed at some point. You should use the Caddy module instead.

The Vulcain Gateway Server follows the twelve-factor app methodology and is configurable using environment variables:

Variable Description
UPSTREAM the URL of the API
OPENAPI_FILE the path to an OpenAPI v3 file containing Link definitions
MAX_PUSHES the maximum number of resources to push (0 to disabled and only generate Link preload headers)
EARLY_HINTS instructs the gateway server to send Preload hints in 103 Early Hints response. Enabling this setting is usually useless because the gateway server doesn't supports JSON streaming yet, consequently the server will have to wait for the full JSON response to be received from upstream before being able to compute the Link headers to send. When the full response is available, we can send the final response directly. Better send Early Hints responses as soon as possible, directly from the upstream application. The proxy will forward them even if this option is not enabled.
ACME_CERT_DIR the directory where to store Let's Encrypt certificates
ACME_HOSTS a comma separated list of hosts for which Let's Encrypt certificates must be issued
ADDR the address to listen on (example: 127.0.0.1:3000, default to :http or :https depending if HTTPS is enabled or not). Note that Let's Encrypt only supports the default port: to use Let's Encrypt, do not set this variable.
CERT_FILE a cert file (to use a custom certificate)
KEY_FILE a key file (to use a custom certificate)
COMPRESS set to 0 to disable HTTP compression support (default to enabled)
DEBUG set to 1 to enable the debug mode, dangerous, don't enable in production (logs updates' content, why an update is not send to a specific subscriber and recovery stack traces)
READ_TIMEOUT maximum duration for reading the entire request, including the body, set to 0s to disable (default), example: 2m
SUBSCRIBER_JWT_KEY must contain the secret key to valid subscribers' JWT, can be omitted if JWT_KEY is set
WRITE_TIMEOUT maximum duration before timing out writes of the response, set to 0s to disable (default), example: 2m

If ACME_HOSTS or both CERT_FILE and KEY_FILE are provided, an HTTPS server supporting HTTP/2 connection will be started. If not, an HTTP server will be started (not compatible with HTTP/2 Server Push, and not secure).