section.config.json
Reference
Learn about the section.config.json
file that is used to configure workloads on Section.
Key | Value | Required | Description |
---|---|---|---|
proxychain | obj[] | Yes | Array of module objects in the proxy chain. The first accepts the incoming request from the ingress and the last passes it to the egress. |
proxychain > name | string | No | Module directory name (e.g. varnish ). |
proxychain > image | string | No | Module directory image (e.g. varnish:7.0.2 ). |
environments | obj | Yes | Environment objects. |
environments > <environment_name> | obj | Yes | Environment name (e.g. Production ). |
environments > <environment_name> > origin | obj | Yes | Environment origin object used for handling incoming and outgoing HTTP traffic. |
environments > <environment_name> > origin > address | string | Yes | Origin address. Accepts a fully qualified domain name or an IP address (e.g. www.example.com or 123.456.789.10 ). |
environments > <environment_name> > origin > host_header | string | No | Host request header override. Forwards the value received from the client otherwise. |
environments > <environment_name> > origin > disable_keepalive | bool | No | Whether to disable persistent connections. |
environments > <environment_name> > origin > http_port | 80 , 443 , 5080 , 5443 , 8080 , or 8443 int | No | HTTP port override. Default is 80 . |
environments > <environment_name> > origin > https_port | 80 , 443 , 5080 , 5443 , 8080 , or 8443 int | No | HTTPS port override. Default is 443 . |
environments > <environment_name> > origin > upstream_response_timeout_seconds | 1 -600 int | No | The number of seconds that egress waits for a response from the origin before a timeout. Default is 120 . |
environments > <environment_name> > origin > keepalive_seconds | 1 -240 int | No | The number of seconds that a persistent connection should remain open. Idle connections will be closed after 60 seconds otherwise. |
environments > <environment_name> > origin > tls_name | string | No | Server name override passed through SNI when establishing a connection, which is used to verify the certificate of the upstream HTTPS server. |
environments > <environment_name> > origin > enable_sni | bool | No | Whether to pass the server name through TLS/SNI when establishing a connection with the upstream HTTPS server. |
environments > <environment_name> > origin > verify_certificate | bool | No | Whether to verify the upstream HTTPS server certificate. |
environments > <environment_name> > origin > proxy_acme_challenge | bool | No | Whether to pass the DNS ACME challenge certificate. |
environments > <environment_name> > origin > remove_request_headers | string[] | No | Array of request headers to remove. |
environments > <environment_name> > origin > maintain_upstream_content_encoding | bool | No | Whether to maintain the content encoding as received upstream. Responses with a Content-Type of text/plain , text/css , application/json , application/x-javascript , text/xml , application/xml , application/xml+rss , text/javascript , text/html , application/javascript , text/json , or text/x-json will be compressed with Gzip otherwise. |
environments > <environment_name> > non_https_response_code | 301 , 302 , 303 , 307 , 308 , 400 , or 409 string | No | Response code to return if an HTTP request is made. Redirect-related response codes will have the Location response header added. |
environments > <environment_name> > ip_blacklist | string[] | No | Array of IPv4 addresses to block at the edge proxy. |
environments > <environment_name> > alternate_origins | obj | No | Object containing alternate origin objects. |
environments > <environment_name> > alternate_origins > <alternate_origin_name> | obj | No | Alternate origin object that can contain the same values as the origin object. In order for egress to route requests to the alternate origin, the Section-Origin request header must be set with a value matching the <alternate_origin_name> . |
section.config.json
Example
section.config.json
{
"proxychain": [
{
"name": "openresty",
"image": "openresty:latest"
},
{
"name": "varnish",
"image": "varnish:7.0.2"
}
],
"environments": {
"Production": {
"origin": {
"address": "123.456.789.10",
"host_header": "www.example.com",
"disable_keepalive": false,
"http_port": 80,
"https_port": 443,
"upstream_response_timeout_seconds": 120,
"keepalive_seconds": 60,
"tls_name": "example",
"enable_sni": true,
"verify_certificate": false,
"proxy_acme_challenge": false,
"remove_request_headers": [
"X-Forwarded-For"
],
"maintain_upstream_content_encoding": false
},
"non_https_response_code": "302",
"ip_blacklist": [
"234.567.89.10"
],
"alternate_origins": {
"status": {
"address": "123.456.789.11",
"host_header": "status.example.com",
"disable_keepalive": false,
"http_port": 80,
"https_port": 443,
"upstream_response_timeout_seconds": 120,
"keepalive_seconds": 60,
"tls_name": "example",
"verify_certificate": false,
"proxy_acme_challenge": false,
"remove_request_headers": [
"X-Forwarded-For"
],
"maintain_upstream_content_encoding": false
}
}
}
}
}