mirror/ULib
1
0
Fork 0
mirror of https://github.com/stefanocasazza/ULib.git synced 2025-10-05 19:18:01 +08:00
Code Issues Releases Wiki Activity
372f0558e7
ULib/tests/examples/RA/userver/etc/RA.cfg
stefanocasazza bcdc99a8ac some fix + xxhash
2016-06-08 16:10:01 +02:00

120 lines
6.1 KiB
INI
Raw Blame History

# ----------------------------------------------------------------------------------------------------------------------------------------
# userver - configuration parameters
# ----------------------------------------------------------------------------------------------------------------------------------------
# ENABLE_IPV6 flag to indicate use of ipv6
# SERVER host name or ip address for the listening socket
# PORT port number for the listening socket
# SOCKET_NAME file name for the listening socket
# IP_ADDRESS public ip address of host for the interface connected to the Internet (autodetected if not specified)
# ALLOWED_IP client address IP-based access control (IPADDR[/MASK])
#
# USE_TCP_OPTIMIZATION flag indicating the use of TCP/IP options to optimize data transmission (NODELAY, DEFER_ACCEPT, QUICKACK)
#
# PID_FILE write pid on file indicated
# WELCOME_MSG message of welcome to send initially to client
# RUN_AS_USER downgrade security to that user account
# DOCUMENT_ROOT The directory out of which you will serve your documents
#
# LOG_FILE locations for file log
# LOG_FILE_SZ memory size for file log
# LOG_MSG_SIZE limit length of print network message to LOG_MSG_SIZE chars (default 128)
#
# PLUGIN list of plugins to load, a flexible way to add specific functionality to the server
# PLUGIN_DIR directory of plugins to load
#
# REQ_TIMEOUT timeout for request from client
# MAX_KEEP_ALIVE Specifies the maximum number of requests that can be served through a Keep-Alive (Persistent) session.
# (Value <= 1 will disable Keep-Alive)
#
# DH_FILE DH param
# CERT_FILE certificate of server
# KEY_FILE private key of server
# PASSWORD password for private key of server
# CA_FILE locations of trusted CA certificates used in the verification
# CA_PATH locations of trusted CA certificates used in the verification
#
# VERIFY_MODE mode of verification (SSL_VERIFY_NONE=0, SSL_VERIFY_PEER=1, SSL_VERIFY_FAIL_IF_NO_PEER_CERT=2, SSL_VERIFY_CLIENT_ONCE=4)
# ----------------------------------------------------------------------------------------------------------------------------------------
# how to verify peer certificates. The possible values of this setting are:
#
# SSL_VERIFY_NONE - do not verify anything
# SSL_VERIFY_PEER - verify the peer certificate, if one is presented
# SSL_VERIFY_FAIL_IF_NO_PEER_CERT - require a peer certificate, fail if one is not presented
#
# SSL/TLS servers will usually set VERIFY_MODE to SSL_VERIFY_NONE.
# SSL/TLS clients will usually set VERIFY_MODE to SSL_VERIFY_FAIL_IF_NO_PEER_CERT.
# ----------------------------------------------------------------------------------------------------------------------------------------
#
# PREFORK_CHILD number of child server processes created at startup ( 0 - serialize, no forking
# 1 - classic, forking after accept client)
# >1 - pool of process serialize plus monitoring process)
# ----------------------------------------------------------------------------------------------------------------------------------------
userver {
USE_TCP_OPTIMIZATION yes
PID_FILE /var/run/RA.pid
RUN_AS_USER ra
DOCUMENT_ROOT /srv/RA/www
LOG_FILE /var/log/RA.log
LOG_MSG_SIZE -1
# LOG_FILE_SZ 1M
PLUGIN "ssi http"
REQ_TIMEOUT 300
MAX_KEEP_ALIVE 1024
PREFORK_CHILD 2
}
# ------------------------------------------------------------------------------------------------------------------------------------------
# http - plugin parameters
# ------------------------------------------------------------------------------------------------------------------------------------------
# ALIAS vector of URI redirection (request -> alias)
# REWRITE_RULE_NF vector of URI rewrite rule applied after checks that files do not exist (regex1 -> uri1 ...)
#
# ENABLE_INOTIFY enable automatic update of document root image with inotify
# CACHE_FILE_MASK mask (DOS regexp) of pathfile that be cached in memory
#
# VIRTUAL_HOST flag to activate practice of maintaining more than one server on one machine,
# as differentiated by their apparent hostname
# DIGEST_AUTHENTICATION flag authentication method (yes = digest, no = basic)
#
# ENABLE_CACHING_BY_PROXY_SERVERS enable caching by proxy servers (add Cache control: public directive)
#
# URI_PROTECTED_MASK mask (DOS regexp) of URI protected from prying eyes
# URI_PROTECTED_ALLOWED_IP list of comma separated client address for IP-based access control (IPADDR[/MASK]) for URI_PROTECTED_MASK
#
# URI_REQUEST_CERT_MASK mask (DOS regexp) of URI where client must comunicate a certificate in the SSL connection
#
# This directive gives greater control over abnormal client request behavior, which may be useful for avoiding some forms of denial-of-service attacks
#
# LIMIT_REQUEST_BODY restricts the total size of the HTTP request body sent from the client
# REQUEST_READ_TIMEOUT set timeout for receiving requests
# ------------------------------------------------------------------------------------------------------------------------------------------
http {
# URI_PROTECTED_MASK /card-generation
DIGEST_AUTHENTICATION yes
}
# -----------------------------------------------------------------------------------------------------
# ssi - plugin parameters
# -----------------------------------------------------------------------------------------------------
# ENVIRONMENT path of file configuration environment for SSI
#
# SSI_AUTOMATIC_ALIASING special SSI HTML file that is recognized automatically as alias of all
# uri request without suffix (generally cause navigation directory not working)
# -----------------------------------------------------------------------------------------------------
ssi {
ENVIRONMENT ~/etc/environment.conf
SSI_AUTOMATIC_ALIASING index.shtml
}
Reference in New Issue View Git Blame Copy Permalink