98 lines
2.9 KiB
YAML
98 lines
2.9 KiB
YAML
apisix:
|
|
node_listen: ${{APISIX_NODE_LISTEN}} # APISIX listening port
|
|
enable_heartbeat: true
|
|
enable_admin: true
|
|
enable_admin_cors: true
|
|
enable_debug: false
|
|
enable_dev_mode: false # when set to true, sets Nginx worker_processes to 1
|
|
enable_reuseport: true # when set to true, enables nginx SO_REUSEPORT switch
|
|
enable_ipv6: true
|
|
config_center: etcd # use etcd to store configuration
|
|
|
|
allow_admin: # see: http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
|
|
- 0.0.0.0/0
|
|
port_admin: ${{APISIX_PORT_ADMIN}}
|
|
|
|
# default token used when calling the Admin API
|
|
# it is recommended to modify this value in production
|
|
# when disabled, Admin API won't require any authentication
|
|
admin_key:
|
|
# admin: full access to configuration data
|
|
- name: "admin"
|
|
key: edd1c9f034335f136f87ad84b625c8f1
|
|
role: admin
|
|
# viewer: can only view the configuration data
|
|
- name: "viewer"
|
|
key: 4054f7cf07e344346cd3f287985e76a2
|
|
role: viewer
|
|
# dns_resolver:
|
|
# - 127.0.0.1
|
|
dns_resolver_valid: 30
|
|
resolver_timeout: 5
|
|
|
|
nginx_config: # template configuration to generate nginx.conf
|
|
error_log: "/dev/stderr"
|
|
error_log_level: "warn" # warn, error
|
|
worker_rlimit_nofile: 20480 # number of files a worker process can open. Should be larger than worker_connections
|
|
event:
|
|
worker_connections: 10620
|
|
http:
|
|
access_log: "/dev/stdout"
|
|
keepalive_timeout: 60s # timeout for which a keep-alive client connection will stay open on the server side
|
|
client_header_timeout: 60s # timeout for reading client request header, then 408 (Request Time-out) error is returned to the client
|
|
client_body_timeout: 60s # timeout for reading client request body, then 408 (Request Time-out) error is returned to the client
|
|
send_timeout: 10s # timeout for transmitting a response to the client, then the connection is closed
|
|
underscores_in_headers: "on" # enables the use of underscores in client request header fields
|
|
real_ip_header: "X-Real-IP" # see: http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header
|
|
real_ip_from: # see: http://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from
|
|
- 127.0.0.1
|
|
- 'unix:'
|
|
|
|
etcd:
|
|
host:
|
|
- ${{APISIX_ETCD_URL}}
|
|
prefix: "/apisix" # APISIX configurations prefix
|
|
timeout: 30 # in seconds
|
|
plugins: # list of APISIX Plugins
|
|
- api-breaker
|
|
- authz-keycloak
|
|
- basic-auth
|
|
- batch-requests
|
|
- consumer-restriction
|
|
- cors
|
|
- echo
|
|
- fault-injection
|
|
- grpc-transcode
|
|
- hmac-auth
|
|
- http-logger
|
|
- ip-restriction
|
|
- jwt-auth
|
|
- kafka-logger
|
|
- key-auth
|
|
- limit-conn
|
|
- limit-count
|
|
- limit-req
|
|
- node-status
|
|
- openid-connect
|
|
- prometheus
|
|
- proxy-cache
|
|
- proxy-mirror
|
|
- proxy-rewrite
|
|
- redirect
|
|
- referer-restriction
|
|
- request-id
|
|
- request-validation
|
|
- response-rewrite
|
|
- serverless-post-function
|
|
- serverless-pre-function
|
|
- sls-logger
|
|
- syslog
|
|
- tcp-logger
|
|
- udp-logger
|
|
- uri-blocker
|
|
- wolf-rbac
|
|
- zipkin
|
|
- traffic-split
|
|
stream_plugins:
|
|
- mqtt-proxy
|