A collection for specifying DNS names for master site web servers, requests to which the webserver routes under special scenarios: issuing externally hosted static and proxying http and websocket requests.
The use of TLS certificates and regular automatic discharge using the service is supported LetsEncrypt.
When creating routes, port type bindings can be used to perform different routing for open ports, and ports with TLS certificates.
For example, you can redirect all unprotected connections to the TLS port in this way.
This is also available for basic domain names and IP addresses, so this functionality is an alternative to the 'ports_mode' parameter of the microservice ws.
Table 1. Class fields
| Field |
Description |
|
|
|
DNS-name or ip address routed to the server or servers of the site.
|
|
An indication of inclusion. Default true.
|
|
A descending sorted list of routing rules. An array of objects containing fields:
-
port_type - The type of port to which the rule applies (open or TLS). Possible values:
-
'all' - for all port types. Applies by default.
-
'http' - for open ports only.
-
'https' - for TLS ports only.
-
path - the path in the URL from which the route is valid. For all handlers except redirects, the value at the end is forced to include an arbitrary residual path mask "/[…]" if not specified in the value itself. Redirections, on the other hand, work strictly on the specified path. Examples of correct paths:
-
paths - an array of paths in the URL, expanding the route into multiple routes of the same type. Applies similarly to the 'path' parameter in case the 'path' parameter is not specified.
-
handler - handler type. Additional specific fields are defined for each handler. Handlers available:
-
'static' - outputs statics from the specified directory. Additional handler parameters:
-
directory. The root directory with static content to issue. The directory must be specified via the alias ":SYNC/common/", ":GLOBALSHARE/", ":SITESHARE/", or ":LOCAL/". The content is addressed by relative paths mapped to the specified path.
-
'redirect' - redirects to a constant path, producing a 3xx response. Additional handler parameters:
-
'redirect_regex' - redirects to the path computed with the regular expression, producing a 3xx response. Additional handler parameters:
-
http_code - Response code 3xx. Default 302.
-
location_match - A regular expression to select the replacement location in the path received in the query. By default ".*" is the entire value.
-
location_replacement - The value substituted at the location detected by the regular expression. Default "" - replace with empty.
-
'error' - sends a response with an error. Additional handler parameters:
-
http_code - The response code is 4xx-6xx. Default 500.
-
content_type - The type of content returned. A header is added to the response only if a non-empty value for the 'body' parameter is specified. By default "application/octet-stream".
-
body - Answer Body. By default, an empty string is an answer with no body.
-
'proxy_http' and 'proxy_websocket' - proxies http requests and websocket connections to the specified hostname. If the path ends with a slash, it redirects all child paths of the directory, if not, it redirects only the specified resource. Additional handler parameters:
-
host - destination hostname,
-
port - port of call,
-
tls - tls utilization mode. Value options: true, false, "auto" (automatic detection based on port, default), "same" (identical to the original request).
-
add_path - static path segment added to the beginning of the path of the redirected request. The default is empty. For example, for a route with path = "/[…]" the value add_path = "/abc/def" will redirect the incoming page request "/x/1.txt" to the specified web server page "/abc/def/x/1.txt". The '$path$' pattern may be specified, in which case the original path without end slashes is substituted.
-
'proxy_http_ex' and 'proxy_websocket_ex' - proxies http requests or websocket connections to the hostname and port specified in the requested path. The path specified in the 'path' field must contain the bindings "/:domain/" and "/:port/". If the path ends with a slash, it redirects all child paths of the directory, if not, it redirects only the specified resource. Additional handler parameters:
-
tls - tls utilization mode. Value options: true, false, "auto" (automatic detection based on port, default), "same" (identical to the original request).
-
add_path - static path segment added to the beginning of the path of the redirected request. The default is empty. For example, for a route with path = "/[…]" the value add_path = "/abc/def" will redirect the incoming page request "/x/1.txt" to the specified web server page "/abc/def/x/1.txt". The '$path$' pattern may be specified, in which case the original path without end slashes is substituted.
|
|
Flag to enable automatic LetsEncrypt certificate issuance. Defaults to false. Makes sense only for domain names.
Certificate issuance is performed by the microservice mware. The following package is used for certificate issuance 'acme.sh'.
Before a request to LetsEncrypt, the availability of the domain name and its correct addressing to the current site are checked (secondary check is performed using an external proxy server).
The operation is skipped if one of the conditions is met:
-
no email is set in the master domain settings for acme;
-
certificate_pem field certificate uploaded by administrator;
-
The previously issued LetsEncrypt certificate is still valid for the next week.
|
|
PEM-certificate content. Loaded by the administrator or filled in automatically after certificate issuance. Used when TLS requests are received.
Certificate application is performed by microservice instances of ws when requests for the configured DNS name are received.
|