-
Notifications
You must be signed in to change notification settings - Fork 7
/
example_config.txt
382 lines (287 loc) · 12.5 KB
/
example_config.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
# This is an example config file for the Ceen CLI module
# All lines starting with a # are comments, and # marks the rest of the line as a comment
# Blank lines are ignored
#
# Core properties
#
# The path where relative paths are treated, defaults to CWD
#basepath .
# Paths to probe for .dll and .exe files that will be attempted loaded as assemblies
# this makes it simpler to define types without requiring the assembly name
# If this is enabled (default) it will auto-load all assemblies in
# "basepath", "assemblypath" and the "Ceen.Httpd.Cli.dll" folder
#autoloadassemblies true
# Additional paths to use when attempting to load assemblies
#assemblypath /test:/test2
# Use app-domains to load executing assemblies,
# such that they can be reloaded without restarting
# the server
# Changes to this property has no effect on a running instance
#isolatedappdomain true
# Use isolated processes to load executing assemblies
# this takes precedence over isolatedappdomains
# Changes to this property has no effect on a running instance
#isolatedprocesses false
# Watch the configuration file for changes,
# and reload if that happens
#watchconfigfile false
# To create a self-signed certificate with OpenSSL:
# > openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privkey.key -out certificate.crt
#
# Then convert it to pcks12 for use with Ceen.Httpd
# > openssl pkcs12 -export -in certificate.crt -inkey privkey.key -out certificate.pfx
# Path to the certificate to use for SSL requests, environment variables are expanded
#certificatepath certificate.pfx
# The password used to open the SSL certificate, environment variables are expanded
#certificatepassword mypassword
# The ports the server listens on
#httpport 80
#httpsport 443
# The IP address to listen on for HTTP, can also be "any" or "loopback"
#httpaddress loopback
# The IP adress to listen on for HTTPS, can also be "any" or "loopback"
#httpsaddress loopback
#
# HTTP configuration
#
# Number of unacked requests
# Beware: changing the backlog causes the socket
# to rebind and may cause lost requests during the restart
#SocketBacklog 5
# The maxximum number of request header lines
#MaxRequestLineSize 8192
# The maximum size of a HTTP request header
#MaxRequestHeaderSize 65536
# Maximum number of active requests, will throttle new requests after this
#MaxActiveRequests 50000
# The maximum size of a form post when using url encoding (5mb)
#MaxUrlEncodedFormSize 5242880
# Automatically parse form data into a multipart stream
#AutoParseMultipartFormData true
# Maximum size of a post request, including header (100mb)
# Can use either an absolute number in bytes, or a size with a suffix
#MaxPostSize 100mb
# Support the X-HTTP-Method header
#AllowHttpMethodOverride "true"
# Support proxy redirect headers
#AllowedSourceIPHeaderValue "X-Forwarded-For"
#AllowedSourceIPHeaderValue "X-Real-IP"
# Number of seconds to allow a request to linger
#RequestIdleTimeoutSeconds 5
# Maximum number of seconds to wait for the client to finish the header
#RequestHeaderReadTimeoutSeconds 10
# Maximum HTTP requests from a client over the same TCP connection
#KeepAliveMaxRequests 30
# Maximum number of seconds between each HTTP request on the same connection
#KeepAliveTimeoutSeconds 10
# Maximum number of seconds for processing a request
#MaxProcessingTimeSeconds 30
# Require that the client has a valid SSL certificate
#SSLRequireClientCert false
# Check if the client certificate has been revoked, if supplied
#SSLCheckCertificateRevocation true
# The allowed SSL protocols
#SSLEnabledProtocols "Tls11|Tls12"
# Suppress default mime types
#IgnoreDefaultMimeTypes false
# Suppress default headers
#SupressDefaultHeaders false
# Set a new mime type
#mime .xyz "application/xyz"
# Set a mime type to serve files without extensions
#mime "" "application/octet-stream"
# Set a default mime type to serve all
#mime "*" "application/octet-stream"
# Set a default header
#header "X-My-Header" "Special Header Value"
# Set the default documents
#index index.html
#index index.htm
#
# Set up loggers
#
# Log Common Log Format output to stdout
#logger Ceen.Httpd.Logging.CLFStdOut
# Log Common Log Format output to stderr
#logger Ceen.Httpd.Logging.CLFStdErr
# Log exceptions to stderr
#logger Ceen.Httpd.Logging.StdErrErrors
# Log exceptions to stdout
#logger Ceen.Httpd.Logging.StdOutErrors
# Log CLF to syslog, requires SyslogNet.Client in GAC or assembly path
# Only works on Linux
#logger Ceen.Httpd.Logging.SyslogLogger
# Log CLF to log4net, requires log4net in GAC or assembly path
#logger Ceen.Httpd.Logging.Log4netCLFLogger
# Log CLF to a file
#logger Ceen.Httpd.CLFLogger "/path/to/file"
# Log CLF to a file, setting combinedformat = true and logcookies to false
#logger Ceen.Httpd.CLFLogger "/path/to/file" true false
# Custom log method, must implement Ceen.Httpd.ILogger
#logger MyNamespace.MyLogger "constructor arg1" "constructor arg2" "..."
# Setting some properties on the logger
#set ExtendedLogging true
#set maxfilesize 1024
#
# Set up routes and handlers
#
# Add session state
#handler "" Ceen.Httpd.Handler.SessionHandler
# Or, add session state only to .htm and .html documents
#handler "*.htm" Ceen.Httpd.Handler.SessionHandler
#handler "*.html" Ceen.Httpd.Handler.SessionHandler
# A custom handler, must implement Ceen.IHttpModule
#handler "/data" MyNamespace.MyHandler "constructor arg1" "constructor arg2" "..."
#set ExtendedLogging true
#set maxfilesize 1024
# Serve local files
#serve "/index" "/path/to/index"
#serve "/" "/path/to/files"
# Or manually invoked, useful when deriving from FileHandler
#handler "[/index(/.*)?]" Ceen.Httpd.Handler.FileHandler "/path/to/index"
#set pathprefix /index
#handler "" Ceen.Httpd.Handler.FileHandler "/path/to/files"
# Redirect paths
#redirect "/about" "http://www.example.com"
#set statuscode 301
#set statusmessage "Moved Permanently"
# Internal redirects, invisible to the client, are also supported
#redirect "/example" "/html/example.html"
#set internalredirect true
# A custom route using Ceen.Mvc, loading an assembly
#route MyAssemblyName
# A custom route using Ceen.Mvc, loading an assembly with a default type
#route MyAssemblyName MyNamespace.MyClass
# Name of the controller group in the template
#set ControllerGroupName "controller"
# Name of the action group in the template
#set ActionGroupName "action"
# The default routing match template
#set Template "{controller}/{action=index}"
# Routes are case-sensitive by default
#set CaseSensitive false
# Names are converted to lower-case
#set LowerCaseNames true
# Hide the default controller so it cannot be reached directly
#set HideDefaultController true
# Hide the default action so it cannot be reached directly
#set HideDefaultAction true
# Turn on debug printing to stdout after building the route map
#set Debug false
# If you prefer a less automatic wiring, you can manually specify all the routes
# Create a new wire-up controller (optional, a default version is always created)
# Using `wireroute` allows you to set non-default values for the controller
# wireroute
#set ControllerGroupName "controller"
# Then add each route, each type will be created once.
# Multiple routes can be mapped to the same method
# NOTE: for overloaded methods, the parameter types must be specified
# NOTE: it is not possible to set options on the controllers
#wire GET /api/v1/help MyNamespace.MyClass.HelpMethod
#wire * /api/v1/test MyNamespace.MyClass.TestMethod
#wire GET|PUT|POST|HEAD /api/v1/profile MyNamespace.MyClass.ProfileMethod
# Route arguments are supported and will be mapped to method arguments
# First line shows how to specifies the types, selecting which overload to use
#wire GET /api/v1/item/{id} MyNamespace.MyClass.ItemMethod Ceen.IHttpContext int
#wire GET /api/v1/item/{id}/detail MyNamespace.MyClass.DetailMethod
# Controllers can be mapped to a pathprefix,
# ignoring their interface path and controller name
# NOTE: it is not possible to set options on the controllers
#wirecontroller /api/v1/item MyNamespace.MyClass
#wirecontroller /api/v1/users MyNamespace.MyClass
#
# CORS support
#
# The CORSHandler makes it easy to add Cross Origin Resource Sharing support to the API
# Start by adding the handler early in the config file, and let let it handle the API calls
#handler "/api/*" Ceen.Httpd.Handler.CORSHandler
# Then set the allowed methods
#set AllowedMethods "GET, PUT, DELETE, POST, PATCH"
# For a production setup, limit the allowed origins
# default is using "*", meaning allow all origins
#set AllowedOrigins "example.com,www.example.com,*.example.com"
# Optionally set the headers allowed for CORS requests
#set AllowedHeaders "Content-Type,My-Custom-Header"
# Optionally report some extra headers for CORS requests
#set ExtraHeaders "X-Served-By: my-cool-server, Access-Control-Extra: 1234"
#
# Login and XSRF handling
#
# All the basic settings are found in the Ceen.Httpd.Handler.Login.LoginSettings handler, which does nothing
# You can set options for login handling via this handler, it does not matter if it is invoked or not.
#module Ceen.Httpd.Security.Login.LoginSettings
#set XSRFErrorStatusMessage 403
#set XSRFErrorStatusCode "XSRF token invalid or missing"
#set XSRFErrorRedirectUrl ""
#set HijackErrorStatusMessage 403
#set HijackErrorStatusCode "Login token hijacking detected, someone else has used your identity"
#set HijackErrorRedirectUrl ""
#set LoginErrorStatusCode 403
#set LoginErrorStatusMessage "Not logged in"
#set LoginErrorRedirectUrl ""
#set LongTermDurationSeconds 5184000
#set LoginSuccessStatusCode 200
#set LoginSuccessStatusMessage "OK"
#set LoginSuccessRedirectUrl ""
#set ShortTermExpirationSeconds 900
#set UseLongTermCookieStorage true
#set UseXSRFTokens true
#set XSRFHeaderName "X-XSRF-Token"
#set XSRFCookieName "xsrf-token"
#set AuthSessionCookieName "ceen-auth-session-token"
#set AuthCookieName "ceen-auth-token"
# The supported modules are
# Performs login by sending a POST with the username and password
#handler "/api/*" Ceen.Security.Login.LoginHandler
# Deletes all cookies from server and client
#handler "/logout" Ceen.Security.Login.LogoutHandler
# Checks if the login is correct and sets the UserID string on the request
#handler "/api/*" Ceen.Security.Login.LoginRequiredHandler
# Creates and sets an XSRF token by cookie on all html requests
#handler "/*.html" Ceen.Security.Login.XSRFTokenGeneratorHandler
# Verifies the XSRF token header on each request
#handler "/api/*" Ceen.Security.Login.XSRFTokenRequiredHandler
# The login modules require a storage module to be present
# For simple setups, a memory storage module can be used,
# and for more persistent storage, a database can be used
# To use the memory module to store settings, simply load it:
#module Ceen.Security.Login.MemoryStorageModule
# The database module will default to using SQLite, and store the data locally
# The three booleans indicate that the module will handle: cookies+xsrf, long-term cookies, and authentication
#module Ceen.Httpd Ceen.Security.Login.DatabaseStorageModule true true true
#set ConnectionString "sessiondata.sqlite"
#set ConnectionClass "sqlite"
# Other database connections are also supported, either by the special
# ConnectionClass value "odbc" or by the fully qualified assembly name
# of the class implementing System.Data.IDbConnection
# The DatabaseStorageModule supports subclassing for even more customization
# Each of the login modules can override the default settings in LoginSettingsModule.
# This allows overrides to perform different. For example, it is possible to set the XSRF cookie name
# in settings, and a default redirect handling for all pages, but a specific for others.
#
# Example:
#
#module Ceen.Security.Login.LoginSettingsModule
#set XSRFCookieName "my-xsrf-token"
#set XSRFErrorStatusCode 302
#set XSRFErrorStatusMessage "Found"
#set XSRFErrorRedirectUrl "/"
#
#module Ceen.Security.Login.MemoryStorageModule
#
#handler "/api/*" Ceen.Security.Login.XSRFTokenRequiredHandler
#set XSRFErrorStatusCode 403
#set XSRFErrorStatusMessage "XSRF token expired"
#set XSRFErrorRedirectUrl ""
#
#handler "/*.html" Ceen.Security.Login.XSRFTokenRequiredHandler
#set XSRFErrorStatusCode 302
#set XSRFErrorStatusMessage "Found"
#set XSRFErrorRedirectUrl "/xsrf-expired-explanation"
#
#handler "*" Ceen.Security.Login.XSRFTokenRequiredHandler
# In the example, all calls to /api/ with an expired XSRF token will return a 403 code,
# and all others will perform a 302 redirect to /, except those ending in .html, which
# will be redirected to /xsrf-expired-explanation
# All will use the same xsrf cookie name: "my-xsrf-token"
# The loading of the MemoryStorageModule will cause it to be the default storage unit for XSRF tokens