mirrors/caddy-website
1
0
Fork 0
mirror of https://github.com/caddyserver/website.git synced 2025-04-22 13:06:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Docs for v2.6.3 (#296)

Browse source
This commit is contained in:
Francis Lavoie 2023-02-08 17:10:09 -05:00 committed by GitHub
parent 24d9769d61
commit 7c99a9ab17
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 87 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

39
src/docs/markdown/caddyfile/options.md
View file

@ -61,6 +61,7 @@ Possible options are:
origins <origins...>
enforce_origin
}
persist_config off
log [name] {
output <writer_module> ...
format <encoder_module> ...
@ -106,6 +107,7 @@ Possible options are:
write <duration>
idle <duration>
}
trusted_proxies <module> ...
metrics
max_header_size <size>
log_credentials
@ -216,6 +218,12 @@ Customizes the [admin API endpoint](/docs/api). Accepts placeholders. If `off`,
- **enforce_origin** enables enforcement of the Origin header. (This is different from enforcing origins generally, which is always done.)
##### `persist_config`
Controls whether the current JSON config should be persisted to the [configuration directory](/docs/conventions#configuration-directory), to avoid losing config changes performed via the admin API. Currently, only the `off` option is supported. By default, the config is persisted.
##### `log`
Configures named loggers. The name can be passed to indicate a specific logger for which to customize the behavior. If no name is specified, the behavior of the `default` logger is modified. Multiple loggers with different names can be configured by using the `log` multiple times. You can read more about the `default` logger and an explanation of [how logging works in Caddy](/docs/logging).
@ -432,6 +440,37 @@ listener_wrappers {
- **idle** is a [duration value](/docs/conventions#durations) that sets the maximum time to wait for the next request when keep-alives are enabled. Defaults to 5 minutes to help avoid resource exhaustion.
##### `trusted_proxies`
Allows configuring IP ranges (CIDRs) of proxy servers from which requests should be trusted. By default, no proxies are trusted.
On its own, this configuration will not do anything, but it can be used to signal to handlers or matchers in HTTP routes that the request is trusted. See the [`reverse_proxy`](/docs/caddyfile/directives/reverse_proxy#defaults) handler for example, which uses this to trust sensitive incoming `X-Forwarded-*` headers.
Currently, only the `static` [IP source module](/docs/json/apps/http/servers/trusted_proxies) is included with the standard distribution of Caddy, but this can be [extended](/docs/extending-caddy) with plugins to maintain a dynamic list of IP ranges.
###### `static`
Takes a static (unchanging) list of IP ranges (CIDRs) to trust.
As a shortcut, `private_ranges` can be used to match all private IPv4 and IPv6 ranges. It's the same as specifying all of these ranges: `192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 fd00::/8 ::1`
```caddy-d
trusted_proxies static [private_ranges] <ranges...>
```
Here's a complete example, trusting an example IPv4 range and an IPv6 range:
```caddy
{
servers {
trusted_proxies static 12.34.56.0/24 1200:ab00::/32
}
}
```
##### `metrics`
Enables Prometheus metrics collection; necessary before scraping metrics. Note that metrics reduce performance on really busy servers. (Our community is working on improving this. Please get involved!)