Skip to main content
Classic

section.config.json Reference

Learn about the section.config.json file that is used to configure workloads on Section.

KeyValueRequiredDescription
proxychainobj[]YesArray of module objects in the proxy chain. The first accepts the incoming request from the ingress and the last passes it to the egress.
proxychain > namestringNoModule directory name (e.g. varnish).
proxychain > imagestringNoModule directory image (e.g. varnish:7.0.2).
environmentsobjYesEnvironment objects.
environments > <environment_name>objYesEnvironment name (e.g. Production).
environments > <environment_name> > originobjYesEnvironment origin object used for handling incoming and outgoing HTTP traffic.
environments > <environment_name> > origin > addressstringYesOrigin address. Accepts a fully qualified domain name or an IP address (e.g. www.example.com or 123.456.789.10).
environments > <environment_name> > origin > host_headerstringNoHost request header override. Forwards the value received from the client otherwise.
environments > <environment_name> > origin > disable_keepaliveboolNoWhether to disable persistent connections.
environments > <environment_name> > origin > http_port80, 443, 5080, 5443, 8080, or 8443
int
NoHTTP port override. Default is 80.
environments > <environment_name> > origin > https_port80, 443, 5080, 5443, 8080, or 8443
int
NoHTTPS port override. Default is 443.
environments > <environment_name> > origin > upstream_response_timeout_seconds1-600
int
NoThe number of seconds that egress waits for a response from the origin before a timeout. Default is 120.
environments > <environment_name> > origin > keepalive_seconds1-240
int
NoThe number of seconds that a persistent connection should remain open. Idle connections will be closed after 60 seconds otherwise.
environments > <environment_name> > origin > tls_namestringNoServer name override passed through SNI when establishing a connection, which is used to verify the certificate of the upstream HTTPS server.
environments > <environment_name> > origin > enable_sniboolNoWhether to pass the server name through TLS/SNI when establishing a connection with the upstream HTTPS server.
environments > <environment_name> > origin > verify_certificateboolNoWhether to verify the upstream HTTPS server certificate.
environments > <environment_name> > origin > proxy_acme_challengeboolNoWhether to pass the DNS ACME challenge certificate.
environments > <environment_name> > origin > remove_request_headersstring[]NoArray of request headers to remove.
environments > <environment_name> > origin > maintain_upstream_content_encodingboolNoWhether to maintain the content encoding as received upstream. Responses with a Content-Type of text/plain, text/css, application/json, application/x-javascript, text/xml, application/xml, application/xml+rss, text/javascript, text/html, application/javascript, text/json, or text/x-json will be compressed with Gzip otherwise.
environments > <environment_name> > non_https_response_code301, 302, 303, 307, 308, 400, or 409
string
NoResponse code to return if an HTTP request is made. Redirect-related response codes will have the Location response header added.
environments > <environment_name> > ip_blackliststring[]NoArray of IPv4 addresses to block at the edge proxy.
environments > <environment_name> > alternate_originsobjNoObject containing alternate origin objects.
environments > <environment_name> > alternate_origins > <alternate_origin_name>objNoAlternate origin object that can contain the same values as the origin object. In order for egress to route requests to the alternate origin, the Section-Origin request header must be set with a value matching the <alternate_origin_name>.

section.config.json Example‚Äč

section.config.json
{
"proxychain": [
{
"name": "openresty",
"image": "openresty:latest"
},
{
"name": "varnish",
"image": "varnish:7.0.2"
}
],
"environments": {
"Production": {
"origin": {
"address": "123.456.789.10",
"host_header": "www.example.com",
"disable_keepalive": false,
"http_port": 80,
"https_port": 443,
"upstream_response_timeout_seconds": 120,
"keepalive_seconds": 60,
"tls_name": "example",
"enable_sni": true,
"verify_certificate": false,
"proxy_acme_challenge": false,
"remove_request_headers": [
"X-Forwarded-For"
],
"maintain_upstream_content_encoding": false
},
"non_https_response_code": "302",
"ip_blacklist": [
"234.567.89.10"
],
"alternate_origins": {
"status": {
"address": "123.456.789.11",
"host_header": "status.example.com",
"disable_keepalive": false,
"http_port": 80,
"https_port": 443,
"upstream_response_timeout_seconds": 120,
"keepalive_seconds": 60,
"tls_name": "example",
"verify_certificate": false,
"proxy_acme_challenge": false,
"remove_request_headers": [
"X-Forwarded-For"
],
"maintain_upstream_content_encoding": false
}
}
}
}
}