@enjoys/context-engine 1.0.7 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/data/commands/dockerfile.json +66 -0
- package/data/commands/lua.json +66 -0
- package/data/commands/manifest.json +3 -0
- package/data/commands/sql.json +34 -0
- package/data/completion/caddy.json +1589 -0
- package/data/completion/dockerfile.json +1062 -313
- package/data/completion/lua.json +2283 -617
- package/data/completion/nginx.json +804 -1
- package/data/completion/redis-cli.json +3405 -0
- package/data/completion/sql.json +2684 -552
- package/data/defination/caddy.json +428 -0
- package/data/defination/dockerfile.json +211 -29
- package/data/defination/lua.json +875 -125
- package/data/defination/nginx.json +164 -1
- package/data/defination/redis-cli.json +1853 -0
- package/data/defination/sql.json +998 -326
- package/data/hover/caddy.json +458 -0
- package/data/hover/dockerfile.json +180 -42
- package/data/hover/lua.json +775 -69
- package/data/hover/nginx.json +760 -0
- package/data/hover/redis-cli.json +1088 -0
- package/data/hover/sql.json +1119 -76
- package/data/manifest.json +14 -2
- package/package.json +1 -1
|
@@ -0,0 +1,428 @@
|
|
|
1
|
+
{
|
|
2
|
+
"language": "caddy",
|
|
3
|
+
"definitions": {
|
|
4
|
+
"reverse_proxy": {
|
|
5
|
+
"signature": "reverse_proxy [match] <upstreams...>",
|
|
6
|
+
"description": "Proxies requests to one or more backends with optional load balancing, health checking, header manipulation, and transport configuration. Supports HTTP/1.1, HTTP/2, and h2c upstreams.",
|
|
7
|
+
"type": "directive",
|
|
8
|
+
"module": "http.handlers.reverse_proxy"
|
|
9
|
+
},
|
|
10
|
+
"file_server": {
|
|
11
|
+
"signature": "file_server [browse] [match]",
|
|
12
|
+
"description": "Serves static files from the site root. Optionally enables directory browsing. Can hide files and set index files.",
|
|
13
|
+
"type": "directive",
|
|
14
|
+
"module": "http.handlers.file_server"
|
|
15
|
+
},
|
|
16
|
+
"respond": {
|
|
17
|
+
"signature": "respond [match] <status|body> [status]",
|
|
18
|
+
"description": "Returns a static response to the client. Can set status codes, response bodies, and headers. Useful for health check endpoints and simple responses.",
|
|
19
|
+
"type": "directive",
|
|
20
|
+
"module": "http.handlers.static_response"
|
|
21
|
+
},
|
|
22
|
+
"rewrite": {
|
|
23
|
+
"signature": "rewrite [match] <to>",
|
|
24
|
+
"description": "Internally rewrites the request URI. The client is unaware of the rewrite. Does not cause a redirect. Useful for clean URLs and SPA routing.",
|
|
25
|
+
"type": "directive",
|
|
26
|
+
"module": "http.handlers.rewrite"
|
|
27
|
+
},
|
|
28
|
+
"redir": {
|
|
29
|
+
"signature": "redir [match] <to> [code]",
|
|
30
|
+
"description": "Sends an HTTP redirect to the client. Supports permanent (301), temporary (302), and other redirect codes. Accepts placeholders in the target URL.",
|
|
31
|
+
"type": "directive",
|
|
32
|
+
"module": "http.handlers.static_response"
|
|
33
|
+
},
|
|
34
|
+
"root": {
|
|
35
|
+
"signature": "root [match] <path>",
|
|
36
|
+
"description": "Sets the root directory for file-related operations (file_server, try_files, etc.). Can use placeholders. Typically used with a wildcard matcher.",
|
|
37
|
+
"type": "directive",
|
|
38
|
+
"module": "http.handlers.vars"
|
|
39
|
+
},
|
|
40
|
+
"try_files": {
|
|
41
|
+
"signature": "try_files <files...>",
|
|
42
|
+
"description": "Rewrites the request URI to the first file that exists on disk. Essential for SPAs and PHP applications. Checks files in order and rewrites to the last entry as default.",
|
|
43
|
+
"type": "directive",
|
|
44
|
+
"module": "http.handlers.rewrite"
|
|
45
|
+
},
|
|
46
|
+
"encode": {
|
|
47
|
+
"signature": "encode [match] <encodings...>",
|
|
48
|
+
"description": "Encodes/compresses responses using the specified encodings. Supports gzip and zstd. Respects Accept-Encoding from clients. Can configure minimum response size.",
|
|
49
|
+
"type": "directive",
|
|
50
|
+
"module": "http.handlers.encode"
|
|
51
|
+
},
|
|
52
|
+
"header": {
|
|
53
|
+
"signature": "header [match] [[+|-|?]<field> [value|regexp] [replacement]]",
|
|
54
|
+
"description": "Manipulates HTTP response headers. Can set (+), delete (-), or add (?) headers. Supports deferred mode for headers set after handler execution. Supports regex replacement.",
|
|
55
|
+
"type": "directive",
|
|
56
|
+
"module": "http.handlers.headers"
|
|
57
|
+
},
|
|
58
|
+
"basicauth": {
|
|
59
|
+
"signature": "basicauth [match] [realm] { <user> <hashed_password> }",
|
|
60
|
+
"description": "Enables HTTP Basic Authentication for request matching. Passwords must be hashed (bcrypt). Use 'caddy hash-password' to generate hashes. Supports realm configuration.",
|
|
61
|
+
"type": "directive",
|
|
62
|
+
"module": "http.handlers.authentication"
|
|
63
|
+
},
|
|
64
|
+
"log": {
|
|
65
|
+
"signature": "log { output ... ; format ... }",
|
|
66
|
+
"description": "Enables and configures structured access logging. Supports file output with rolling, JSON and console formats, log sampling, and filtering. Logs include request and response details.",
|
|
67
|
+
"type": "directive",
|
|
68
|
+
"module": "http.handlers.log"
|
|
69
|
+
},
|
|
70
|
+
"tls": {
|
|
71
|
+
"signature": "tls [email|internal] { ... }",
|
|
72
|
+
"description": "Configures TLS for the site. Manages automatic HTTPS via ACME, supports custom certificates, DNS challenges for wildcards, client authentication, protocol versions, and cipher suites.",
|
|
73
|
+
"type": "directive",
|
|
74
|
+
"module": "tls"
|
|
75
|
+
},
|
|
76
|
+
"handle": {
|
|
77
|
+
"signature": "handle [match] { ... }",
|
|
78
|
+
"description": "Groups directives into a mutually exclusive handler block. Only the first matching handle block executes. Similar to location blocks in nginx. Handles are evaluated in order.",
|
|
79
|
+
"type": "directive",
|
|
80
|
+
"module": "http.handlers.subroute"
|
|
81
|
+
},
|
|
82
|
+
"handle_path": {
|
|
83
|
+
"signature": "handle_path <path_prefix> { ... }",
|
|
84
|
+
"description": "Like handle, but strips the matched path prefix before executing the contained directives. Useful when proxying to backends that don't expect the prefix.",
|
|
85
|
+
"type": "directive",
|
|
86
|
+
"module": "http.handlers.subroute"
|
|
87
|
+
},
|
|
88
|
+
"route": {
|
|
89
|
+
"signature": "route [match] { ... }",
|
|
90
|
+
"description": "Executes contained directives in the exact literal order. Caddy normally reorders directives for safety, but route preserves the order. Use when ordering matters.",
|
|
91
|
+
"type": "directive",
|
|
92
|
+
"module": "http.handlers.subroute"
|
|
93
|
+
},
|
|
94
|
+
"import": {
|
|
95
|
+
"signature": "import <pattern|snippet_name> [args...]",
|
|
96
|
+
"description": "Includes a snippet defined elsewhere or imports an external file. Supports glob patterns for importing multiple files. Arguments can be passed to parameterized snippets.",
|
|
97
|
+
"type": "directive",
|
|
98
|
+
"module": "caddyfile"
|
|
99
|
+
},
|
|
100
|
+
"templates": {
|
|
101
|
+
"signature": "templates [match]",
|
|
102
|
+
"description": "Enables server-side template evaluation for responses. Supports Go template actions with access to request data, environment variables, and more. Templates are evaluated in the response body.",
|
|
103
|
+
"type": "directive",
|
|
104
|
+
"module": "http.handlers.templates"
|
|
105
|
+
},
|
|
106
|
+
"php_fastcgi": {
|
|
107
|
+
"signature": "php_fastcgi [match] <gateways...>",
|
|
108
|
+
"description": "Shortcut for a common PHP-FPM configuration. Combines reverse_proxy with FastCGI transport, try_files, and URI rewriting for PHP applications. Supports multiple FPM backends.",
|
|
109
|
+
"type": "directive",
|
|
110
|
+
"module": "http.handlers.reverse_proxy"
|
|
111
|
+
},
|
|
112
|
+
"handle_errors": {
|
|
113
|
+
"signature": "handle_errors { ... }",
|
|
114
|
+
"description": "Defines handlers for HTTP error responses. Allows custom error pages per status code. Has access to {err.status_code} and {err.status_text} placeholders.",
|
|
115
|
+
"type": "directive",
|
|
116
|
+
"module": "http.handlers.error"
|
|
117
|
+
},
|
|
118
|
+
"abort": {
|
|
119
|
+
"signature": "abort [match]",
|
|
120
|
+
"description": "Immediately closes the client connection without sending any response. Useful for blocking scanners and unwanted clients.",
|
|
121
|
+
"type": "directive",
|
|
122
|
+
"module": "http.handlers.static_response"
|
|
123
|
+
},
|
|
124
|
+
"error": {
|
|
125
|
+
"signature": "error [match] <message> <status>",
|
|
126
|
+
"description": "Triggers an HTTP error with the specified message and status code. Can be caught by handle_errors. Useful for access control and custom error flows.",
|
|
127
|
+
"type": "directive",
|
|
128
|
+
"module": "http.handlers.error"
|
|
129
|
+
},
|
|
130
|
+
"uri": {
|
|
131
|
+
"signature": "uri [match] <strip_prefix|strip_suffix|replace|path_regexp> <args...>",
|
|
132
|
+
"description": "Manipulates the request URI. Can strip prefixes/suffixes, do string replacement, or apply regex-based path rewriting. Changes are internal only.",
|
|
133
|
+
"type": "directive",
|
|
134
|
+
"module": "http.handlers.rewrite"
|
|
135
|
+
},
|
|
136
|
+
"vars": {
|
|
137
|
+
"signature": "vars [match] { <key> <value> }",
|
|
138
|
+
"description": "Sets custom variables in the request context. Variables can be referenced later using {vars.key} placeholders.",
|
|
139
|
+
"type": "directive",
|
|
140
|
+
"module": "http.handlers.vars"
|
|
141
|
+
},
|
|
142
|
+
"map": {
|
|
143
|
+
"signature": "map [match] <source> <destinations...> { ... }",
|
|
144
|
+
"description": "Maps an input value to one or more output variables based on matching rules. Supports exact matches, regex, and a default fallback. Evaluates lazily.",
|
|
145
|
+
"type": "directive",
|
|
146
|
+
"module": "http.handlers.map"
|
|
147
|
+
},
|
|
148
|
+
"bind": {
|
|
149
|
+
"signature": "bind <hosts...>",
|
|
150
|
+
"description": "Specifies the network interface addresses to bind the listener to. Useful for multi-homed servers. Accepts IP addresses or hostnames.",
|
|
151
|
+
"type": "directive",
|
|
152
|
+
"module": "caddy.listeners"
|
|
153
|
+
},
|
|
154
|
+
"metrics": {
|
|
155
|
+
"signature": "metrics [match] [path]",
|
|
156
|
+
"description": "Enables Prometheus-compatible metrics endpoint. Exports request counts, durations, and other server metrics. Default path is /metrics.",
|
|
157
|
+
"type": "directive",
|
|
158
|
+
"module": "http.handlers.metrics"
|
|
159
|
+
},
|
|
160
|
+
"tracing": {
|
|
161
|
+
"signature": "tracing { span <name> }",
|
|
162
|
+
"description": "Enables distributed tracing using OpenTelemetry. Adds trace context to requests and exports spans to a configured collector.",
|
|
163
|
+
"type": "directive",
|
|
164
|
+
"module": "http.handlers.tracing"
|
|
165
|
+
},
|
|
166
|
+
"acme_server": {
|
|
167
|
+
"signature": "acme_server [match]",
|
|
168
|
+
"description": "Runs a built-in ACME server (Certificate Authority). Can issue certificates to internal clients. Useful for development and internal PKI.",
|
|
169
|
+
"type": "directive",
|
|
170
|
+
"module": "http.handlers.acme_server"
|
|
171
|
+
},
|
|
172
|
+
"path": {
|
|
173
|
+
"signature": "path <patterns...>",
|
|
174
|
+
"description": "Matches requests whose URI path matches the given patterns. Supports wildcards (*). Used in named matchers: @name path /api/*",
|
|
175
|
+
"type": "matcher",
|
|
176
|
+
"module": "http.matchers.path"
|
|
177
|
+
},
|
|
178
|
+
"host": {
|
|
179
|
+
"signature": "host <hosts...>",
|
|
180
|
+
"description": "Matches requests by the Host header. Useful for routing in wildcard or multi-site configurations.",
|
|
181
|
+
"type": "matcher",
|
|
182
|
+
"module": "http.matchers.host"
|
|
183
|
+
},
|
|
184
|
+
"method": {
|
|
185
|
+
"signature": "method <methods...>",
|
|
186
|
+
"description": "Matches requests by HTTP method (GET, POST, PUT, DELETE, etc.). Can specify multiple methods.",
|
|
187
|
+
"type": "matcher",
|
|
188
|
+
"module": "http.matchers.method"
|
|
189
|
+
},
|
|
190
|
+
"header_matcher": {
|
|
191
|
+
"signature": "header <field> <value>",
|
|
192
|
+
"description": "Matches requests that have a header matching the given field and value. Value supports wildcards. Commonly used to detect WebSocket upgrades.",
|
|
193
|
+
"type": "matcher",
|
|
194
|
+
"module": "http.matchers.header"
|
|
195
|
+
},
|
|
196
|
+
"query": {
|
|
197
|
+
"signature": "query <key>=<value>",
|
|
198
|
+
"description": "Matches requests by query string parameters. Multiple key=value pairs can be specified.",
|
|
199
|
+
"type": "matcher",
|
|
200
|
+
"module": "http.matchers.query"
|
|
201
|
+
},
|
|
202
|
+
"remote_ip": {
|
|
203
|
+
"signature": "remote_ip <ranges...>",
|
|
204
|
+
"description": "Matches requests by client IP address. Supports CIDR notation. Useful for IP-based access control.",
|
|
205
|
+
"type": "matcher",
|
|
206
|
+
"module": "http.matchers.remote_ip"
|
|
207
|
+
},
|
|
208
|
+
"protocol": {
|
|
209
|
+
"signature": "protocol <http|https>",
|
|
210
|
+
"description": "Matches requests by protocol scheme (HTTP or HTTPS).",
|
|
211
|
+
"type": "matcher",
|
|
212
|
+
"module": "http.matchers.protocol"
|
|
213
|
+
},
|
|
214
|
+
"expression": {
|
|
215
|
+
"signature": "expression <cel_expr>",
|
|
216
|
+
"description": "Matches requests using a Common Expression Language (CEL) expression. Provides full access to request properties for complex matching logic.",
|
|
217
|
+
"type": "matcher",
|
|
218
|
+
"module": "http.matchers.expression"
|
|
219
|
+
},
|
|
220
|
+
"file": {
|
|
221
|
+
"signature": "file { try_files <files...> }",
|
|
222
|
+
"description": "Matches requests based on file existence on disk. Used to route to static files vs dynamic handlers. Checks for file paths in order.",
|
|
223
|
+
"type": "matcher",
|
|
224
|
+
"module": "http.matchers.file"
|
|
225
|
+
},
|
|
226
|
+
"not": {
|
|
227
|
+
"signature": "not <matcher>",
|
|
228
|
+
"description": "Negates another matcher. Matches if the inner matcher does NOT match. Useful for exclusionary routing.",
|
|
229
|
+
"type": "matcher",
|
|
230
|
+
"module": "http.matchers.not"
|
|
231
|
+
},
|
|
232
|
+
"email_option": {
|
|
233
|
+
"signature": "email <address>",
|
|
234
|
+
"description": "Global option. Sets the email address for ACME certificate registration. Used by Let's Encrypt and other ACME CAs for certificate expiry notifications.",
|
|
235
|
+
"type": "global_option",
|
|
236
|
+
"module": "caddy"
|
|
237
|
+
},
|
|
238
|
+
"acme_ca_option": {
|
|
239
|
+
"signature": "acme_ca <url>",
|
|
240
|
+
"description": "Global option. Sets the ACME Certificate Authority URL. Defaults to Let's Encrypt production. Set to staging URL for testing.",
|
|
241
|
+
"type": "global_option",
|
|
242
|
+
"module": "caddy"
|
|
243
|
+
},
|
|
244
|
+
"acme_dns_option": {
|
|
245
|
+
"signature": "acme_dns <provider> [args...]",
|
|
246
|
+
"description": "Global option. Global DNS challenge configuration for ACME. Applies to all sites. Use when server is not publicly accessible or for wildcard certs.",
|
|
247
|
+
"type": "global_option",
|
|
248
|
+
"module": "caddy"
|
|
249
|
+
},
|
|
250
|
+
"admin_option": {
|
|
251
|
+
"signature": "admin <address|off>",
|
|
252
|
+
"description": "Global option. Configures the admin API endpoint. Can be disabled with 'off'. Default is localhost:2019. Controls runtime configuration changes.",
|
|
253
|
+
"type": "global_option",
|
|
254
|
+
"module": "caddy.admin"
|
|
255
|
+
},
|
|
256
|
+
"auto_https_option": {
|
|
257
|
+
"signature": "auto_https <off|disable_redirects|disable_certs|ignore_loaded_certs>",
|
|
258
|
+
"description": "Global option. Controls Caddy's automatic HTTPS behavior. Can disable automatic redirects, certificate management, or both.",
|
|
259
|
+
"type": "global_option",
|
|
260
|
+
"module": "caddy"
|
|
261
|
+
},
|
|
262
|
+
"grace_period_option": {
|
|
263
|
+
"signature": "grace_period <duration>",
|
|
264
|
+
"description": "Global option. Sets the maximum time to wait for active connections to close during a graceful shutdown.",
|
|
265
|
+
"type": "global_option",
|
|
266
|
+
"module": "caddy"
|
|
267
|
+
},
|
|
268
|
+
"servers_option": {
|
|
269
|
+
"signature": "servers { ... }",
|
|
270
|
+
"description": "Global option. Configures listener server settings like protocol options, timeouts, max header size, and listener wrappers.",
|
|
271
|
+
"type": "global_option",
|
|
272
|
+
"module": "caddy"
|
|
273
|
+
},
|
|
274
|
+
"ocsp_stapling_option": {
|
|
275
|
+
"signature": "ocsp_stapling off",
|
|
276
|
+
"description": "Global option. Disables OCSP stapling globally. Caddy staples OCSP responses by default.",
|
|
277
|
+
"type": "global_option",
|
|
278
|
+
"module": "caddy"
|
|
279
|
+
},
|
|
280
|
+
"storage_option": {
|
|
281
|
+
"signature": "storage <module> { ... }",
|
|
282
|
+
"description": "Global option. Configures the storage backend for TLS certificates and other data. Default is file_system. Supports consul, dynamodb, redis, etc.",
|
|
283
|
+
"type": "global_option",
|
|
284
|
+
"module": "caddy.storage"
|
|
285
|
+
},
|
|
286
|
+
"order_option": {
|
|
287
|
+
"signature": "order <directive> <before|after|first|last> [other_directive]",
|
|
288
|
+
"description": "Global option. Changes the default evaluation order of HTTP directives. Use when custom or third-party directives need specific ordering.",
|
|
289
|
+
"type": "global_option",
|
|
290
|
+
"module": "caddy"
|
|
291
|
+
},
|
|
292
|
+
"local_certs_option": {
|
|
293
|
+
"signature": "local_certs",
|
|
294
|
+
"description": "Global option. Uses locally-trusted certificates instead of publicly-trusted ones. Ideal for development environments. Generates and trusts a local CA.",
|
|
295
|
+
"type": "global_option",
|
|
296
|
+
"module": "caddy"
|
|
297
|
+
},
|
|
298
|
+
"skip_install_trust_option": {
|
|
299
|
+
"signature": "skip_install_trust",
|
|
300
|
+
"description": "Global option. Prevents Caddy from installing its root CA certificate into the system trust store. Useful in containers or restricted environments.",
|
|
301
|
+
"type": "global_option",
|
|
302
|
+
"module": "caddy"
|
|
303
|
+
},
|
|
304
|
+
"{http.request.*}": {
|
|
305
|
+
"signature": "{http.request.*}",
|
|
306
|
+
"description": "Request placeholders provide access to all aspects of the incoming HTTP request: URI, host, method, headers, remote address, TLS info, and more.",
|
|
307
|
+
"type": "placeholder",
|
|
308
|
+
"module": "http"
|
|
309
|
+
},
|
|
310
|
+
"{http.response.*}": {
|
|
311
|
+
"signature": "{http.response.*}",
|
|
312
|
+
"description": "Response placeholders provide access to the HTTP response being written, including status code and headers.",
|
|
313
|
+
"type": "placeholder",
|
|
314
|
+
"module": "http"
|
|
315
|
+
},
|
|
316
|
+
"{env.*}": {
|
|
317
|
+
"signature": "{env.VAR_NAME}",
|
|
318
|
+
"description": "Environment variable placeholders. Access any environment variable by name. Commonly used for secrets in TLS DNS challenges and other sensitive configuration.",
|
|
319
|
+
"type": "placeholder",
|
|
320
|
+
"module": "caddy"
|
|
321
|
+
},
|
|
322
|
+
"{err.*}": {
|
|
323
|
+
"signature": "{err.status_code} / {err.status_text}",
|
|
324
|
+
"description": "Error placeholders available within handle_errors blocks. Provide the HTTP error status code and status text.",
|
|
325
|
+
"type": "placeholder",
|
|
326
|
+
"module": "http.handlers.error"
|
|
327
|
+
},
|
|
328
|
+
"site_address": {
|
|
329
|
+
"signature": "<scheme>://<host>:<port>",
|
|
330
|
+
"description": "A site address defines which requests a site block handles. Components are optional. Can be a domain (auto-HTTPS), port (:8080), IP, or full URL. Wildcard subdomains use *.domain.",
|
|
331
|
+
"type": "concept",
|
|
332
|
+
"module": "caddyfile"
|
|
333
|
+
},
|
|
334
|
+
"directive_ordering": {
|
|
335
|
+
"signature": "Directive evaluation order",
|
|
336
|
+
"description": "Caddy reorders directives for safety and correctness. The standard order is: map, root, header, redir, rewrite, uri, try_files, basicauth, handle, handle_path, route, respond, reverse_proxy, php_fastcgi, file_server, encode, templates, log. Use the 'order' global option or 'route' to override.",
|
|
337
|
+
"type": "concept",
|
|
338
|
+
"module": "caddyfile"
|
|
339
|
+
},
|
|
340
|
+
"snippets": {
|
|
341
|
+
"signature": "(snippet_name) { ... }",
|
|
342
|
+
"description": "Reusable configuration blocks defined at the top level using parenthesized names. Inserted with the 'import' directive. Support positional arguments via {args[0]}, {args[1]}, etc.",
|
|
343
|
+
"type": "concept",
|
|
344
|
+
"module": "caddyfile"
|
|
345
|
+
},
|
|
346
|
+
"named_matchers": {
|
|
347
|
+
"signature": "@name <matcher> <args...>",
|
|
348
|
+
"description": "Named matchers define reusable request matching rules. Referenced with @name in directives. Can combine multiple matchers in a block for AND logic. Support path, host, method, header, query, remote_ip, protocol, expression, file, and not.",
|
|
349
|
+
"type": "concept",
|
|
350
|
+
"module": "http.matchers"
|
|
351
|
+
},
|
|
352
|
+
"environment_variables": {
|
|
353
|
+
"signature": "{env.VAR_NAME} or {$VAR_NAME}",
|
|
354
|
+
"description": "Environment variables can be referenced in the Caddyfile using {env.VAR_NAME} or {$VAR_NAME} (with optional default: {$VAR:default}). Evaluated at config load time for {$} syntax, or at request time for {env.} syntax.",
|
|
355
|
+
"type": "concept",
|
|
356
|
+
"module": "caddy"
|
|
357
|
+
},
|
|
358
|
+
"forward_auth": {
|
|
359
|
+
"type": "directive",
|
|
360
|
+
"module": "http.handlers.forward_auth",
|
|
361
|
+
"signature": "forward_auth [match] <upstreams...> { ... }",
|
|
362
|
+
"description": "Delegates authentication to an external service. Sends a subrequest and copies configured response headers on success. If the auth service returns non-2xx, its response is returned to the client."
|
|
363
|
+
},
|
|
364
|
+
"request_header": {
|
|
365
|
+
"type": "directive",
|
|
366
|
+
"module": "http.handlers.request_header",
|
|
367
|
+
"signature": "request_header [match] [[+|-]field [value|regexp replacement]]",
|
|
368
|
+
"description": "Manipulates HTTP request headers. Can set (+), delete (-), or replace header values. Supports regex replacement."
|
|
369
|
+
},
|
|
370
|
+
"request_body": {
|
|
371
|
+
"type": "directive",
|
|
372
|
+
"module": "http.handlers.request_body",
|
|
373
|
+
"signature": "request_body [match] { max_size <size> }",
|
|
374
|
+
"description": "Configures request body handling. Can set maximum body size to prevent abuse."
|
|
375
|
+
},
|
|
376
|
+
"push": {
|
|
377
|
+
"type": "directive",
|
|
378
|
+
"module": "http.handlers.push",
|
|
379
|
+
"signature": "push <resource...>",
|
|
380
|
+
"description": "Configures HTTP/2 server push of resources."
|
|
381
|
+
},
|
|
382
|
+
"copy_response": {
|
|
383
|
+
"type": "directive",
|
|
384
|
+
"module": "http.handlers.copy_response",
|
|
385
|
+
"signature": "copy_response [status]",
|
|
386
|
+
"description": "Copies status code and body from a handled request. Commonly used in handle_errors or intercept blocks."
|
|
387
|
+
},
|
|
388
|
+
"copy_response_headers": {
|
|
389
|
+
"type": "directive",
|
|
390
|
+
"module": "http.handlers.copy_response_headers",
|
|
391
|
+
"signature": "copy_response_headers { include|exclude <fields...> }",
|
|
392
|
+
"description": "Copies response headers from a handled request, with optional include/exclude filter."
|
|
393
|
+
},
|
|
394
|
+
"intercept": {
|
|
395
|
+
"type": "directive",
|
|
396
|
+
"module": "http.handlers.intercept",
|
|
397
|
+
"signature": "intercept { ... }",
|
|
398
|
+
"description": "Intercepts responses from upstream handlers to modify or replace them. Supports matchers on response status codes and headers."
|
|
399
|
+
},
|
|
400
|
+
"on_demand_tls": {
|
|
401
|
+
"type": "global_option",
|
|
402
|
+
"signature": "on_demand_tls { ask <url> [interval <duration>] [burst <n>] }",
|
|
403
|
+
"description": "Configures on-demand TLS certificate issuance. The 'ask' endpoint is consulted to verify if a certificate should be obtained for a given domain."
|
|
404
|
+
},
|
|
405
|
+
"log_level_option": {
|
|
406
|
+
"type": "global_option",
|
|
407
|
+
"signature": "log { level <level> }",
|
|
408
|
+
"description": "Set the default log level globally. Options: DEBUG, INFO, WARN, ERROR, PANIC, FATAL."
|
|
409
|
+
},
|
|
410
|
+
"pki_option": {
|
|
411
|
+
"type": "global_option",
|
|
412
|
+
"signature": "pki { ca [name] { ... } }",
|
|
413
|
+
"description": "Configure the built-in PKI for internal certificate management."
|
|
414
|
+
},
|
|
415
|
+
"{http.request.tls.*}": {
|
|
416
|
+
"type": "placeholder",
|
|
417
|
+
"description": "TLS request placeholders: {http.request.tls.version}, {http.request.tls.cipher_suite}, {http.request.tls.server_name}."
|
|
418
|
+
},
|
|
419
|
+
"{http.request.cookie.*}": {
|
|
420
|
+
"type": "placeholder",
|
|
421
|
+
"description": "Access cookie values via {http.request.cookie.<name>}."
|
|
422
|
+
},
|
|
423
|
+
"{http.reverse_proxy.*}": {
|
|
424
|
+
"type": "placeholder",
|
|
425
|
+
"description": "Reverse proxy placeholders: upstream.hostport, upstream.host, upstream.port, upstream.latency, header.*."
|
|
426
|
+
}
|
|
427
|
+
}
|
|
428
|
+
}
|