mirror of
https://github.com/rustfs/rustfs.git
synced 2026-03-17 14:24:08 +00:00
cb468fb32f
Co-authored-by: majinghe <42570491+majinghe@users.noreply.github.com> Co-authored-by: GatewayJ <835269233@qq.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> Co-authored-by: heihutu <30542132+heihutu@users.noreply.github.com>
53 lines
2.0 KiB
Plaintext
53 lines
2.0 KiB
Plaintext
# Trusted Proxy Configuration
|
|
# Enable the trusted proxy middleware (default: true)
|
|
RUSTFS_TRUSTED_PROXY_ENABLED=true
|
|
|
|
# Comma-separated list of trusted CIDR ranges (default includes localhost and private networks)
|
|
RUSTFS_TRUSTED_PROXY_NETWORKS=127.0.0.1,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,fd00::/8
|
|
|
|
# Additional trusted networks to append to the default list
|
|
RUSTFS_TRUSTED_PROXY_EXTRA_NETWORKS=
|
|
|
|
# Validation strategy: strict, lenient, or hop_by_hop (default: hop_by_hop)
|
|
RUSTFS_TRUSTED_PROXY_VALIDATION_MODE=hop_by_hop
|
|
|
|
# Enable support for RFC 7239 "Forwarded" header (default: true)
|
|
RUSTFS_TRUSTED_PROXY_ENABLE_RFC7239=true
|
|
|
|
# Maximum allowed proxy hops (default: 10)
|
|
RUSTFS_TRUSTED_PROXY_MAX_HOPS=10
|
|
|
|
# Check for continuity in the proxy chain (default: true)
|
|
RUSTFS_TRUSTED_PROXY_CHAIN_CONTINUITY_CHECK=true
|
|
|
|
# Log details about failed validations (default: true)
|
|
RUSTFS_TRUSTED_PROXY_LOG_FAILED_VALIDATIONS=true
|
|
|
|
# Cache Configuration
|
|
# Max entries in the validation cache (default: 10000)
|
|
RUSTFS_TRUSTED_PROXY_CACHE_CAPACITY=10000
|
|
# Cache TTL in seconds (default: 300)
|
|
RUSTFS_TRUSTED_PROXY_CACHE_TTL_SECONDS=300
|
|
# Cache cleanup interval in seconds (default: 60)
|
|
RUSTFS_TRUSTED_PROXY_CACHE_CLEANUP_INTERVAL=60
|
|
|
|
# Monitoring Configuration
|
|
# Enable Prometheus metrics collection (default: true)
|
|
RUSTFS_TRUSTED_PROXY_METRICS_ENABLED=true
|
|
# Log level for the proxy module (default: info)
|
|
RUSTFS_TRUSTED_PROXY_LOG_LEVEL=info
|
|
# Enable structured JSON logging (default: false)
|
|
RUSTFS_TRUSTED_PROXY_STRUCTURED_LOGGING=false
|
|
# Enable distributed tracing (default: true)
|
|
RUSTFS_TRUSTED_PROXY_TRACING_ENABLED=true
|
|
|
|
# Cloud Integration
|
|
# Enable auto-discovery of cloud IP ranges (default: false)
|
|
RUSTFS_TRUSTED_PROXY_CLOUD_METADATA_ENABLED=false
|
|
# Timeout for cloud metadata requests in seconds (default: 5)
|
|
RUSTFS_TRUSTED_PROXY_CLOUD_METADATA_TIMEOUT=5
|
|
# Enable Cloudflare IP range integration (default: false)
|
|
RUSTFS_TRUSTED_PROXY_CLOUDFLARE_IPS_ENABLED=false
|
|
# Force a specific cloud provider (aws, azure, gcp) instead of auto-detection
|
|
RUSTFS_TRUSTED_PROXY_CLOUD_PROVIDER_FORCE=
|