From 33ee2f5760b6134553ef4d26ce7180765a9a3e7f Mon Sep 17 00:00:00 2001 From: Lucy Hochkamp Date: Thu, 16 Oct 2025 12:18:36 +0200 Subject: [PATCH] meow --- instances/theseus/configuration.nix | 3 - modules/desktop/wpaperd.nix | 26 +- modules/module-list.nix | 4 +- modules/presets/development.nix | 6 +- .../{authentik.nix => authentik/default.nix} | 4 +- modules/services/caddy/caddy-config.nix | 5 + modules/services/caddy/caddy_schema.json | 10711 ++++++++++++++++ .../services/{caddy.nix => caddy/default.nix} | 51 +- modules/services/caddy/json-schema.nix | 144 + 9 files changed, 10909 insertions(+), 45 deletions(-) rename modules/services/{authentik.nix => authentik/default.nix} (98%) create mode 100644 modules/services/caddy/caddy-config.nix create mode 100644 modules/services/caddy/caddy_schema.json rename modules/services/{caddy.nix => caddy/default.nix} (61%) create mode 100644 modules/services/caddy/json-schema.nix diff --git a/instances/theseus/configuration.nix b/instances/theseus/configuration.nix index 6a6d664e..96d46ee9 100644 --- a/instances/theseus/configuration.nix +++ b/instances/theseus/configuration.nix @@ -54,9 +54,6 @@ in gimp3 anytype monero-gui - orca-slicer - unstable.kicad - dune3d pencil2d python311Packages.brother-ql ptouch-print diff --git a/modules/desktop/wpaperd.nix b/modules/desktop/wpaperd.nix index 00f9730c..4822846c 100644 --- a/modules/desktop/wpaperd.nix +++ b/modules/desktop/wpaperd.nix @@ -62,25 +62,21 @@ in export SWWW_TRANSITION="fade" export SWWW_TRANSITION_DURATION="1" # export SWWW_TRANSITION_STEP="90" - - # queue of images to show - images=( $(find $DIR -type f | shuf) ) - function get_img() { - item=''${images[0]} - images=("''${images[@]:1}") - if [[ ''${#images[@]} == 0 ]]; then - images=( $(find $DIR -type f | shuf) ) - fi - echo $item - } - + + images=( ) # array of randomized images while true; do - img=$(get_img) for d in ''$(swww query | sed -nE 's/^: ([^:]+).*/\1/p'); do # see swww-query(1) - swww img --resize "''$RESIZE_TYPE" --outputs "''$d" "''$img" + if [[ ''${#images[@]} == 0 ]]; then + images=( $(find $DIR -regextype posix-extended -type f -regex '.*\.(jpg|jpeg|gif|png|bmp|dds|exr|ico|tga|tiff|webp)$' | shuf) ) # fill queue if arr empty (rust image crate supported formats) + fi + + swww img --resize "''$RESIZE_TYPE" --outputs "''$d" "''${images[0]}" # show first image of arr + + images=("''${images[@]:1}") # pop first image of arr + done - sleep "''${DEFAULT_INTERVAL}" + sleep "''${DEFAULT_INTERVAL}" || true # pkill sleep for next wallpaper xd done ''; # restartTriggers = [wpaperdConf]; diff --git a/modules/module-list.nix b/modules/module-list.nix index 1faedaaa..ba53f42e 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -23,8 +23,8 @@ ./presets/gui.nix ./presets/server.nix ./presets/home-manager.nix - ./services/authentik.nix - ./services/caddy.nix + ./services/authentik + ./services/caddy ./services/monitoring.nix ./services/wireguard.nix ./system/impermanence.nix diff --git a/modules/presets/development.nix b/modules/presets/development.nix index fcd46abe..d108b771 100644 --- a/modules/presets/development.nix +++ b/modules/presets/development.nix @@ -10,7 +10,7 @@ let in { options.xyno.presets.development.enable = - mkEnableOption "enables xynos configs for a development machine"; + mkEnableOption "enables xynos configs for a development/workstation machine"; config = mkIf cfg.enable { home-manager.users.${config.xyno.system.user.name} = mkIf config.xyno.presets.home-manager.enable ( { ... }: @@ -25,6 +25,10 @@ in virtualisation.podman.enable = true; environment.systemPackages = with pkgs; [ + orca-slicer + unstable.kicad + freecad + dune3d jetbrains.rider # android-studio nixpkgs-manual diff --git a/modules/services/authentik.nix b/modules/services/authentik/default.nix similarity index 98% rename from modules/services/authentik.nix rename to modules/services/authentik/default.nix index 67314897..53d1e466 100644 --- a/modules/services/authentik.nix +++ b/modules/services/authentik/default.nix @@ -45,7 +45,7 @@ let terranixConfig = inputs.terranix.lib.terranixConfiguration { system = pkgs.system; modules = [ - ./authentik/provider.nix + ./provider.nix { inherit (cfg) oauthApps @@ -192,7 +192,7 @@ in }; sops.secrets."authentik/env" = { - sopsFile = ../../instances/${config.networking.hostName}/secrets/authentik.yaml; + sopsFile = ../../../instances/${config.networking.hostName}/secrets/authentik.yaml; }; services.caddy.extraConfig = '' diff --git a/modules/services/caddy/caddy-config.nix b/modules/services/caddy/caddy-config.nix new file mode 100644 index 00000000..ac52b3d9 --- /dev/null +++ b/modules/services/caddy/caddy-config.nix @@ -0,0 +1,5 @@ +{ json, lib, ...}: with lib; +types.submodule { + freeformType = json.type; + +} diff --git a/modules/services/caddy/caddy_schema.json b/modules/services/caddy/caddy_schema.json new file mode 100644 index 00000000..55fcb087 --- /dev/null +++ b/modules/services/caddy/caddy_schema.json @@ -0,0 +1,10711 @@ +{ + "title": "Caddy v2 autogenerated JSON schema \nhttps://github.com/abiosoft/caddy-json-schema", + "description": ": object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Config\nConfig is the top (or beginning) of the Caddy configuration structure.\nCaddy config is expressed natively as a JSON document. If you prefer\nnot to work with JSON directly, there are [many config adapters](/docs/config-adapters)\navailable that can convert various inputs into Caddy JSON.\n\nMany parts of this config are extensible through the use of Caddy modules.\nFields which have a json.RawMessage type and which appear as dots (•••) in\nthe online docs can be fulfilled by modules in a certain module\nnamespace. The docs show which modules can be used in a given place.\n\nWhenever a module is used, its name must be given either inline as part of\nthe module, or as the key to the module's value. The docs will make it clear\nwhich to use.\n\nGenerally, all config settings are optional, as it is Caddy convention to\nhave good, documented default values. If a parameter is required, the docs\nshould say so.\n\nGo programs which are directly building a Config struct value should take\ncare to populate the JSON-encodable fields of the struct (i.e. the fields\nwith `json` struct tags) if employing the module lifecycle (e.g. Provision\nmethod calls).\n\n", + "markdownDescription": ": `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Config) \nConfig is the top (or beginning) of the Caddy configuration structure.\nCaddy config is expressed natively as a JSON document. If you prefer\nnot to work with JSON directly, there are [many config adapters](/docs/config-adapters)\navailable that can convert various inputs into Caddy JSON.\n\nMany parts of this config are extensible through the use of Caddy modules.\nFields which have a json.RawMessage type and which appear as dots (•••) in\nthe online docs can be fulfilled by modules in a certain module\nnamespace. The docs show which modules can be used in a given place.\n\nWhenever a module is used, its name must be given either inline as part of\nthe module, or as the key to the module's value. The docs will make it clear\nwhich to use.\n\nGenerally, all config settings are optional, as it is Caddy convention to\nhave good, documented default values. If a parameter is required, the docs\nshould say so.\n\nGo programs which are directly building a Config struct value should take\ncare to populate the JSON-encodable fields of the struct (i.e. the fields\nwith `json` struct tags) if employing the module lifecycle (e.g. Provision\nmethod calls).\n \n", + "type": "object", + "definitions": { + "admin.api.load": { + "description": "load: object\nModule: admin.api.load", + "markdownDescription": "load: `object` \nModule: `admin.api.load`", + "type": "object" + }, + "admin.api.metrics": { + "description": "metrics: object\nModule: admin.api.metrics\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/metrics#AdminMetrics", + "markdownDescription": "metrics: `object` \nModule: `admin.api.metrics` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/metrics#AdminMetrics)", + "type": "object" + }, + "admin.api.pki": { + "description": "pki: object\nModule: admin.api.pki", + "markdownDescription": "pki: `object` \nModule: `admin.api.pki`", + "type": "object" + }, + "admin.api.reverse_proxy": { + "description": "reverse_proxy: object\nModule: admin.api.reverse_proxy", + "markdownDescription": "reverse_proxy: `object` \nModule: `admin.api.reverse_proxy`", + "type": "object" + }, + "caddy.adapters.caddyfile": { + "description": "caddyfile: object\nModule: caddy.adapters.caddyfile", + "markdownDescription": "caddyfile: `object` \nModule: `caddy.adapters.caddyfile`", + "type": "object" + }, + "caddy.config_loaders.http": { + "description": "http: object\nModule: caddy.config_loaders.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/caddyconfig#HTTPLoader\nHTTPLoader can load Caddy configs over HTTP(S).\n\nIf the response is not a JSON config, a config adapter must be specified\neither in the loader config (`adapter`), or in the Content-Type HTTP header\nreturned in the HTTP response from the server. The Content-Type header is\nread just like the admin API's `/load` endpoint. If you don't have control\nover the HTTP server (but can still trust its response), you can override\nthe Content-Type header by setting the `adapter` property in this config.\n\n", + "markdownDescription": "http: `object` \nModule: `caddy.config_loaders.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/caddyconfig#HTTPLoader) \nHTTPLoader can load Caddy configs over HTTP(S).\n\nIf the response is not a JSON config, a config adapter must be specified\neither in the loader config (`adapter`), or in the Content-Type HTTP header\nreturned in the HTTP response from the server. The Content-Type header is\nread just like the admin API's `/load` endpoint. If you don't have control\nover the HTTP server (but can still trust its response), you can override\nthe Content-Type header by setting the `adapter` property in this config.\n \n", + "type": "object", + "properties": { + "adapter": { + "description": "adapter: string\nModule: caddy.config_loaders.http\nThe name of the config adapter to use, if any. Only needed\nif the HTTP response is not a JSON config and if the server's\nContent-Type header is missing or incorrect.\n", + "markdownDescription": "adapter: `string` \nModule: `caddy.config_loaders.http` \nThe name of the config adapter to use, if any. Only needed\nif the HTTP response is not a JSON config and if the server's\nContent-Type header is missing or incorrect. \n", + "type": "string" + }, + "header": { + "description": "header: object\nModule: caddy.config_loaders.http\nHTTP headers to add to the request.\n", + "markdownDescription": "header: `object` \nModule: `caddy.config_loaders.http` \nHTTP headers to add to the request. \n", + "type": "object", + "additionalProperties": { + "description": "HTTP headers to add to the request.\n", + "markdownDescription": "HTTP headers to add to the request. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "method": { + "description": "method: string\nModule: caddy.config_loaders.http\nThe method for the request. Default: GET\n", + "markdownDescription": "method: `string` \nModule: `caddy.config_loaders.http` \nThe method for the request. Default: GET \n", + "type": "string" + }, + "timeout": { + "description": "timeout: number\nModule: caddy.config_loaders.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nMaximum time allowed for a complete connection and request.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "timeout: `number` \nModule: `caddy.config_loaders.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nMaximum time allowed for a complete connection and request.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "tls": { + "description": "tls: object\nModule: caddy.config_loaders.http\n", + "markdownDescription": "tls: `object` \nModule: `caddy.config_loaders.http` \n", + "type": "object", + "properties": { + "client_certificate_file": { + "description": "client_certificate_file: string\nModule: caddy.config_loaders.http\n", + "markdownDescription": "client_certificate_file: `string` \nModule: `caddy.config_loaders.http` \n", + "type": "string" + }, + "client_certificate_key_file": { + "description": "client_certificate_key_file: string\nModule: caddy.config_loaders.http\n", + "markdownDescription": "client_certificate_key_file: `string` \nModule: `caddy.config_loaders.http` \n", + "type": "string" + }, + "root_ca_pem_files": { + "description": "root_ca_pem_files: array\nModule: caddy.config_loaders.http\n", + "markdownDescription": "root_ca_pem_files: `array` \nModule: `caddy.config_loaders.http` \n", + "type": "array", + "items": { + "type": "string" + } + }, + "use_server_identity": { + "description": "use_server_identity: boolean\nModule: caddy.config_loaders.http\n", + "markdownDescription": "use_server_identity: `boolean` \nModule: `caddy.config_loaders.http` \n", + "type": "boolean" + } + } + }, + "url": { + "description": "url: string\nModule: caddy.config_loaders.http\nThe URL of the request.\n", + "markdownDescription": "url: `string` \nModule: `caddy.config_loaders.http` \nThe URL of the request. \n", + "type": "string" + } + } + }, + "caddy.filesystems": { + "description": "filesystems: object\nModule: caddy.filesystems\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyfs#Filesystems", + "markdownDescription": "filesystems: `object` \nModule: `caddy.filesystems` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyfs#Filesystems)", + "type": "object", + "properties": { + "filesystems": { + "description": "filesystems: array\nModule: caddy.filesystems\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyfs#Filesystems", + "markdownDescription": "filesystems: `array` \nModule: `caddy.filesystems` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyfs#Filesystems)", + "type": "array", + "items": { + "type": "object", + "properties": { + "file_system": { + "description": "file_system: any\nModule: caddy.fs", + "markdownDescription": "file_system: `any` \nModule: `caddy.fs`" + }, + "name": { + "description": "name: string\nModule: caddy.filesystems\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyfs#Filesystems", + "markdownDescription": "name: `string` \nModule: `caddy.filesystems` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyfs#Filesystems)", + "type": "string" + } + } + } + } + } + }, + "caddy.listeners.http_redirect": { + "description": "http_redirect: object\nModule: caddy.listeners.http_redirect\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#HTTPRedirectListenerWrapper\nHTTPRedirectListenerWrapper provides HTTP-\u003eHTTPS redirects for\nconnections that come on the TLS port as an HTTP request,\nby detecting using the first few bytes that it's not a TLS\nhandshake, but instead an HTTP request.\n\nThis is especially useful when using a non-standard HTTPS port.\nA user may simply type the address in their browser without the\nhttps:// scheme, which would cause the browser to attempt the\nconnection over HTTP, but this would cause a \"Client sent an\nHTTP request to an HTTPS server\" error response.\n\nThis listener wrapper must be placed BEFORE the \"tls\" listener\nwrapper, for it to work properly.\n\n", + "markdownDescription": "http_redirect: `object` \nModule: `caddy.listeners.http_redirect` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#HTTPRedirectListenerWrapper) \nHTTPRedirectListenerWrapper provides HTTP-\u003eHTTPS redirects for\nconnections that come on the TLS port as an HTTP request,\nby detecting using the first few bytes that it's not a TLS\nhandshake, but instead an HTTP request.\n\nThis is especially useful when using a non-standard HTTPS port.\nA user may simply type the address in their browser without the\nhttps:// scheme, which would cause the browser to attempt the\nconnection over HTTP, but this would cause a \"Client sent an\nHTTP request to an HTTPS server\" error response.\n\nThis listener wrapper must be placed BEFORE the \"tls\" listener\nwrapper, for it to work properly.\n \n", + "type": "object", + "properties": { + "max_header_bytes": { + "description": "max_header_bytes: number\nModule: caddy.listeners.http_redirect\nMaxHeaderBytes is the maximum size to parse from a client's\nHTTP request headers. Default: 1 MB\n", + "markdownDescription": "max_header_bytes: `number` \nModule: `caddy.listeners.http_redirect` \nMaxHeaderBytes is the maximum size to parse from a client's\nHTTP request headers. Default: 1 MB \n", + "type": "number" + } + } + }, + "caddy.listeners.proxy_protocol": { + "description": "proxy_protocol: object\nModule: caddy.listeners.proxy_protocol\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/proxyprotocol#ListenerWrapper\nListenerWrapper provides PROXY protocol support to Caddy by implementing\nthe caddy.ListenerWrapper interface. If a connection is received via Unix\nsocket, it's trusted. Otherwise, it's checked against the Allow/Deny lists,\nthen it's handled by the FallbackPolicy.\n\nIt must be loaded before the `tls` listener because the PROXY protocol\nencapsulates the TLS data.\n\nCredit goes to https://github.com/mastercactapus/caddy2-proxyprotocol for having\ninitially implemented this as a plugin.\n\n", + "markdownDescription": "proxy_protocol: `object` \nModule: `caddy.listeners.proxy_protocol` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/proxyprotocol#ListenerWrapper) \nListenerWrapper provides PROXY protocol support to Caddy by implementing\nthe caddy.ListenerWrapper interface. If a connection is received via Unix\nsocket, it's trusted. Otherwise, it's checked against the Allow/Deny lists,\nthen it's handled by the FallbackPolicy.\n\nIt must be loaded before the `tls` listener because the PROXY protocol\nencapsulates the TLS data.\n\nCredit goes to https://github.com/mastercactapus/caddy2-proxyprotocol for having\ninitially implemented this as a plugin.\n \n", + "type": "object", + "properties": { + "allow": { + "description": "allow: array\nModule: caddy.listeners.proxy_protocol\nAllow is an optional list of CIDR ranges to\nallow/require PROXY headers from.\n", + "markdownDescription": "allow: `array` \nModule: `caddy.listeners.proxy_protocol` \nAllow is an optional list of CIDR ranges to\nallow/require PROXY headers from. \n", + "type": "array", + "items": { + "description": "Allow is an optional list of CIDR ranges to\nallow/require PROXY headers from.\n", + "markdownDescription": "Allow is an optional list of CIDR ranges to\nallow/require PROXY headers from. \n", + "type": "string" + } + }, + "deny": { + "description": "deny: array\nModule: caddy.listeners.proxy_protocol\nDeny is an optional list of CIDR ranges to\ndeny PROXY headers from.\n", + "markdownDescription": "deny: `array` \nModule: `caddy.listeners.proxy_protocol` \nDeny is an optional list of CIDR ranges to\ndeny PROXY headers from. \n", + "type": "array", + "items": { + "description": "Deny is an optional list of CIDR ranges to\ndeny PROXY headers from.\n", + "markdownDescription": "Deny is an optional list of CIDR ranges to\ndeny PROXY headers from. \n", + "type": "string" + } + }, + "fallback_policy": { + "description": "fallback_policy: number\nModule: caddy.listeners.proxy_protocol\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/proxyprotocol#Policy\nFallbackPolicy specifies the policy to use if the downstream\nIP address is not in the Allow list nor is in the Deny list.\n\nNOTE: The generated docs which describe the value of this\nfield is wrong because of how this type unmarshals JSON in a\ncustom way. The field expects a string, not a number.\n\nAccepted values are: IGNORE, USE, REJECT, REQUIRE, SKIP\n\n- IGNORE: address from PROXY header, but accept connection\n\n- USE: address from PROXY header\n\n- REJECT: connection when PROXY header is sent\n Note: even though the first read on the connection returns an error if\n a PROXY header is present, subsequent reads do not. It is the task of\n the code using the connection to handle that case properly.\n\n- REQUIRE: connection to send PROXY header, reject if not present\n Note: even though the first read on the connection returns an error if\n a PROXY header is not present, subsequent reads do not. It is the task\n of the code using the connection to handle that case properly.\n\n- SKIP: accepts a connection without requiring the PROXY header.\n Note: an example usage can be found in the SkipProxyHeaderForCIDR\n function.\n\nDefault: IGNORE\n\nPolicy definitions are here: https://pkg.go.dev/github.com/pires/go-proxyproto@v0.7.0#Policy\n", + "markdownDescription": "fallback_policy: `number` \nModule: `caddy.listeners.proxy_protocol` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/proxyprotocol#Policy) \nFallbackPolicy specifies the policy to use if the downstream\nIP address is not in the Allow list nor is in the Deny list.\n\nNOTE: The generated docs which describe the value of this\nfield is wrong because of how this type unmarshals JSON in a\ncustom way. The field expects a string, not a number.\n\nAccepted values are: IGNORE, USE, REJECT, REQUIRE, SKIP\n\n- IGNORE: address from PROXY header, but accept connection\n\n- USE: address from PROXY header\n\n- REJECT: connection when PROXY header is sent\n Note: even though the first read on the connection returns an error if\n a PROXY header is present, subsequent reads do not. It is the task of\n the code using the connection to handle that case properly.\n\n- REQUIRE: connection to send PROXY header, reject if not present\n Note: even though the first read on the connection returns an error if\n a PROXY header is not present, subsequent reads do not. It is the task\n of the code using the connection to handle that case properly.\n\n- SKIP: accepts a connection without requiring the PROXY header.\n Note: an example usage can be found in the SkipProxyHeaderForCIDR\n function.\n\nDefault: IGNORE\n\nPolicy definitions are here: https://pkg.go.dev/github.com/pires/go-proxyproto@v0.7.0#Policy \n", + "type": "number" + }, + "timeout": { + "description": "timeout: number\nModule: caddy.listeners.proxy_protocol\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nTimeout specifies an optional maximum time for\nthe PROXY header to be received.\nIf zero, timeout is disabled. Default is 5s.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "timeout: `number` \nModule: `caddy.listeners.proxy_protocol` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nTimeout specifies an optional maximum time for\nthe PROXY header to be received.\nIf zero, timeout is disabled. Default is 5s.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + }, + "caddy.listeners.tls": { + "description": "tls: object\nModule: caddy.listeners.tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#tlsPlaceholderWrapper\ntlsPlaceholderWrapper is a no-op listener wrapper that marks\nwhere the TLS listener should be in a chain of listener wrappers.\nIt should only be used if another listener wrapper must be placed\nin front of the TLS handshake.\n\n", + "markdownDescription": "tls: `object` \nModule: `caddy.listeners.tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#tlsPlaceholderWrapper) \ntlsPlaceholderWrapper is a no-op listener wrapper that marks\nwhere the TLS listener should be in a chain of listener wrappers.\nIt should only be used if another listener wrapper must be placed\nin front of the TLS handshake.\n \n", + "type": "object" + }, + "caddy.logging.cores.mock": { + "description": "mock: object\nModule: caddy.logging.cores.mock\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#MockCore", + "markdownDescription": "mock: `object` \nModule: `caddy.logging.cores.mock` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#MockCore)", + "type": "object" + }, + "caddy.logging.encoders.append": { + "description": "append: object\nModule: caddy.logging.encoders.append\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#AppendEncoder\nAppendEncoder can be used to add fields to all log entries\nthat pass through it. It is a wrapper around another\nencoder, which it uses to actually encode the log entries.\nIt is most useful for adding information about the Caddy\ninstance that is producing the log entries, possibly via\nan environment variable.\n\n", + "markdownDescription": "append: `object` \nModule: `caddy.logging.encoders.append` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#AppendEncoder) \nAppendEncoder can be used to add fields to all log entries\nthat pass through it. It is a wrapper around another\nencoder, which it uses to actually encode the log entries.\nIt is most useful for adding information about the Caddy\ninstance that is producing the log entries, possibly via\nan environment variable.\n \n", + "type": "object", + "properties": { + "fields": { + "description": "fields: object\nModule: caddy.logging.encoders.append\nA map of field names to their values. The values\ncan be global placeholders (e.g. env vars), or constants.\nNote that the encoder does not run as part of an HTTP\nrequest context, so request placeholders are not available.\n", + "markdownDescription": "fields: `object` \nModule: `caddy.logging.encoders.append` \nA map of field names to their values. The values\ncan be global placeholders (e.g. env vars), or constants.\nNote that the encoder does not run as part of an HTTP\nrequest context, so request placeholders are not available. \n", + "type": "object", + "additionalProperties": { + "description": "A map of field names to their values. The values\ncan be global placeholders (e.g. env vars), or constants.\nNote that the encoder does not run as part of an HTTP\nrequest context, so request placeholders are not available.\n", + "markdownDescription": "A map of field names to their values. The values\ncan be global placeholders (e.g. env vars), or constants.\nNote that the encoder does not run as part of an HTTP\nrequest context, so request placeholders are not available. \n" + } + }, + "wrap": { + "description": "wrap: object\nModule: caddy.logging.encoders\nThe underlying encoder that actually encodes the\nlog entries. If not specified, defaults to \"json\",\nunless the output is a terminal, in which case\nit defaults to \"console\".\n", + "markdownDescription": "wrap: `object` \nModule: `caddy.logging.encoders` \nThe underlying encoder that actually encodes the\nlog entries. If not specified, defaults to \"json\",\nunless the output is a terminal, in which case\nit defaults to \"console\". \n", + "type": "object", + "required": [ + "format" + ], + "allOf": [ + { + "if": { + "properties": { + "format": { + "const": "append" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.append" + } + }, + { + "if": { + "properties": { + "format": { + "const": "console" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.console" + } + }, + { + "if": { + "properties": { + "format": { + "const": "filter" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter" + } + }, + { + "if": { + "properties": { + "format": { + "const": "json" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.json" + } + }, + { + "properties": { + "format": { + "description": "key to identify wrap module.\nformat: string\nModule: caddy.logging.encoders", + "markdownDescription": "key to identify `wrap` module. \nformat: `string` \nModule: `caddy.logging.encoders`", + "type": "string", + "enum": [ + "append", + "console", + "filter", + "json" + ] + } + } + } + ] + } + } + }, + "caddy.logging.encoders.console": { + "description": "console: object\nModule: caddy.logging.encoders.console\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#ConsoleEncoder\nConsoleEncoder encodes log entries that are mostly human-readable.\n\n", + "markdownDescription": "console: `object` \nModule: `caddy.logging.encoders.console` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#ConsoleEncoder) \nConsoleEncoder encodes log entries that are mostly human-readable.\n \n", + "type": "object", + "properties": { + "caller_key": { + "description": "caller_key: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "caller_key: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "duration_format": { + "description": "duration_format: string\nModule: caddy.logging.encoders.console\nRecognized values are: s/second/seconds, ns/nano/nanos, ms/milli/millis, string.\nEmpty and unrecognized value default to seconds.\n", + "markdownDescription": "duration_format: `string` \nModule: `caddy.logging.encoders.console` \nRecognized values are: s/second/seconds, ns/nano/nanos, ms/milli/millis, string.\nEmpty and unrecognized value default to seconds. \n", + "type": "string" + }, + "level_format": { + "description": "level_format: string\nModule: caddy.logging.encoders.console\nRecognized values are: lower, upper, color.\nEmpty and unrecognized value default to lower.\n", + "markdownDescription": "level_format: `string` \nModule: `caddy.logging.encoders.console` \nRecognized values are: lower, upper, color.\nEmpty and unrecognized value default to lower. \n", + "type": "string" + }, + "level_key": { + "description": "level_key: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "level_key: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "line_ending": { + "description": "line_ending: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "line_ending: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "message_key": { + "description": "message_key: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "message_key: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "name_key": { + "description": "name_key: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "name_key: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "stacktrace_key": { + "description": "stacktrace_key: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "stacktrace_key: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "time_format": { + "description": "time_format: string\nModule: caddy.logging.encoders.console\nRecognized values are: unix_seconds_float, unix_milli_float, unix_nano, iso8601, rfc3339, rfc3339_nano, wall, wall_milli, wall_nano, common_log.\nThe value may also be custom format per the Go `time` package layout specification, as described [here](https://pkg.go.dev/time#pkg-constants).\n", + "markdownDescription": "time_format: `string` \nModule: `caddy.logging.encoders.console` \nRecognized values are: unix_seconds_float, unix_milli_float, unix_nano, iso8601, rfc3339, rfc3339_nano, wall, wall_milli, wall_nano, common_log.\nThe value may also be custom format per the Go `time` package layout specification, as described [here](https://pkg.go.dev/time#pkg-constants). \n", + "type": "string" + }, + "time_key": { + "description": "time_key: string\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "time_key: `string` \nModule: `caddy.logging.encoders.console` \n", + "type": "string" + }, + "time_local": { + "description": "time_local: boolean\nModule: caddy.logging.encoders.console\n", + "markdownDescription": "time_local: `boolean` \nModule: `caddy.logging.encoders.console` \n", + "type": "boolean" + } + } + }, + "caddy.logging.encoders.filter": { + "description": "filter: object\nModule: caddy.logging.encoders.filter\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#FilterEncoder\nFilterEncoder can filter (manipulate) fields on\nlog entries before they are actually encoded by\nan underlying encoder.\n\n", + "markdownDescription": "filter: `object` \nModule: `caddy.logging.encoders.filter` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#FilterEncoder) \nFilterEncoder can filter (manipulate) fields on\nlog entries before they are actually encoded by\nan underlying encoder.\n \n", + "type": "object", + "properties": { + "fields": { + "description": "fields: object\nModule: caddy.logging.encoders.filter\nA map of field names to their filters. Note that this\nis not a module map; the keys are field names.\n\nNested fields can be referenced by representing a\nlayer of nesting with `\u003e`. In other words, for an\nobject like `{\"a\":{\"b\":0}}`, the inner field can\nbe referenced as `a\u003eb`.\n\nThe following fields are fundamental to the log and\ncannot be filtered because they are added by the\nunderlying logging library as special cases: ts,\nlevel, logger, and msg.\n", + "markdownDescription": "fields: `object` \nModule: `caddy.logging.encoders.filter` \nA map of field names to their filters. Note that this\nis not a module map; the keys are field names.\n\nNested fields can be referenced by representing a\nlayer of nesting with `\u003e`. In other words, for an\nobject like `{\"a\":{\"b\":0}}`, the inner field can\nbe referenced as `a\u003eb`.\n\nThe following fields are fundamental to the log and\ncannot be filtered because they are added by the\nunderlying logging library as special cases: ts,\nlevel, logger, and msg. \n", + "type": "object", + "additionalProperties": { + "required": [ + "filter" + ], + "allOf": [ + { + "if": { + "properties": { + "filter": { + "const": "cookie" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.cookie" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "delete" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.delete" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "hash" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.hash" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "ip_mask" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.ip_mask" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "query" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.query" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "regexp" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.regexp" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "rename" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.rename" + } + }, + { + "if": { + "properties": { + "filter": { + "const": "replace" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter.replace" + } + }, + { + "properties": { + "filter": { + "description": "key to identify fields module.\nfilter: string\nModule: caddy.logging.encoders.filter", + "markdownDescription": "key to identify `fields` module. \nfilter: `string` \nModule: `caddy.logging.encoders.filter`", + "type": "string", + "enum": [ + "cookie", + "delete", + "hash", + "ip_mask", + "query", + "regexp", + "rename", + "replace" + ] + } + } + } + ] + } + }, + "wrap": { + "description": "wrap: object\nModule: caddy.logging.encoders\nThe underlying encoder that actually encodes the\nlog entries. If not specified, defaults to \"json\",\nunless the output is a terminal, in which case\nit defaults to \"console\".\n", + "markdownDescription": "wrap: `object` \nModule: `caddy.logging.encoders` \nThe underlying encoder that actually encodes the\nlog entries. If not specified, defaults to \"json\",\nunless the output is a terminal, in which case\nit defaults to \"console\". \n", + "type": "object", + "required": [ + "format" + ], + "allOf": [ + { + "if": { + "properties": { + "format": { + "const": "append" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.append" + } + }, + { + "if": { + "properties": { + "format": { + "const": "console" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.console" + } + }, + { + "if": { + "properties": { + "format": { + "const": "filter" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter" + } + }, + { + "if": { + "properties": { + "format": { + "const": "json" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.json" + } + }, + { + "properties": { + "format": { + "description": "key to identify wrap module.\nformat: string\nModule: caddy.logging.encoders", + "markdownDescription": "key to identify `wrap` module. \nformat: `string` \nModule: `caddy.logging.encoders`", + "type": "string", + "enum": [ + "append", + "console", + "filter", + "json" + ] + } + } + } + ] + } + } + }, + "caddy.logging.encoders.filter.cookie": { + "description": "cookie: object\nModule: caddy.logging.encoders.filter.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter", + "markdownDescription": "cookie: `object` \nModule: `caddy.logging.encoders.filter.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter)", + "type": "object", + "properties": { + "actions": { + "description": "actions: array\nModule: caddy.logging.encoders.filter.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter", + "markdownDescription": "actions: `array` \nModule: `caddy.logging.encoders.filter.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter)", + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "description": "name: string\nModule: caddy.logging.encoders.filter.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter", + "markdownDescription": "name: `string` \nModule: `caddy.logging.encoders.filter.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter)", + "type": "string" + }, + "type": { + "description": "type: string\nModule: caddy.logging.encoders.filter.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter", + "markdownDescription": "type: `string` \nModule: `caddy.logging.encoders.filter.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter)", + "type": "string" + }, + "value": { + "description": "value: string\nModule: caddy.logging.encoders.filter.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter", + "markdownDescription": "value: `string` \nModule: `caddy.logging.encoders.filter.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#CookieFilter)", + "type": "string" + } + } + } + } + } + }, + "caddy.logging.encoders.filter.delete": { + "description": "delete: object\nModule: caddy.logging.encoders.filter.delete\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#DeleteFilter", + "markdownDescription": "delete: `object` \nModule: `caddy.logging.encoders.filter.delete` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#DeleteFilter)", + "type": "object" + }, + "caddy.logging.encoders.filter.hash": { + "description": "hash: object\nModule: caddy.logging.encoders.filter.hash\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#HashFilter", + "markdownDescription": "hash: `object` \nModule: `caddy.logging.encoders.filter.hash` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#HashFilter)", + "type": "object" + }, + "caddy.logging.encoders.filter.ip_mask": { + "description": "ip_mask: object\nModule: caddy.logging.encoders.filter.ip_mask\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#IPMaskFilter", + "markdownDescription": "ip_mask: `object` \nModule: `caddy.logging.encoders.filter.ip_mask` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#IPMaskFilter)", + "type": "object", + "properties": { + "ipv4_cidr": { + "description": "ipv4_cidr: number\nModule: caddy.logging.encoders.filter.ip_mask\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#IPMaskFilter", + "markdownDescription": "ipv4_cidr: `number` \nModule: `caddy.logging.encoders.filter.ip_mask` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#IPMaskFilter)", + "type": "number" + }, + "ipv6_cidr": { + "description": "ipv6_cidr: number\nModule: caddy.logging.encoders.filter.ip_mask\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#IPMaskFilter", + "markdownDescription": "ipv6_cidr: `number` \nModule: `caddy.logging.encoders.filter.ip_mask` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#IPMaskFilter)", + "type": "number" + } + } + }, + "caddy.logging.encoders.filter.query": { + "description": "query: object\nModule: caddy.logging.encoders.filter.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter", + "markdownDescription": "query: `object` \nModule: `caddy.logging.encoders.filter.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter)", + "type": "object", + "properties": { + "actions": { + "description": "actions: array\nModule: caddy.logging.encoders.filter.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter", + "markdownDescription": "actions: `array` \nModule: `caddy.logging.encoders.filter.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter)", + "type": "array", + "items": { + "type": "object", + "properties": { + "parameter": { + "description": "parameter: string\nModule: caddy.logging.encoders.filter.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter", + "markdownDescription": "parameter: `string` \nModule: `caddy.logging.encoders.filter.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter)", + "type": "string" + }, + "type": { + "description": "type: string\nModule: caddy.logging.encoders.filter.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter", + "markdownDescription": "type: `string` \nModule: `caddy.logging.encoders.filter.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter)", + "type": "string" + }, + "value": { + "description": "value: string\nModule: caddy.logging.encoders.filter.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter", + "markdownDescription": "value: `string` \nModule: `caddy.logging.encoders.filter.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#QueryFilter)", + "type": "string" + } + } + } + } + } + }, + "caddy.logging.encoders.filter.regexp": { + "description": "regexp: object\nModule: caddy.logging.encoders.filter.regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RegexpFilter", + "markdownDescription": "regexp: `object` \nModule: `caddy.logging.encoders.filter.regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RegexpFilter)", + "type": "object", + "properties": { + "regexp": { + "description": "regexp: string\nModule: caddy.logging.encoders.filter.regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RegexpFilter", + "markdownDescription": "regexp: `string` \nModule: `caddy.logging.encoders.filter.regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RegexpFilter)", + "type": "string" + }, + "value": { + "description": "value: string\nModule: caddy.logging.encoders.filter.regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RegexpFilter", + "markdownDescription": "value: `string` \nModule: `caddy.logging.encoders.filter.regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RegexpFilter)", + "type": "string" + } + } + }, + "caddy.logging.encoders.filter.rename": { + "description": "rename: object\nModule: caddy.logging.encoders.filter.rename\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RenameFilter", + "markdownDescription": "rename: `object` \nModule: `caddy.logging.encoders.filter.rename` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RenameFilter)", + "type": "object", + "properties": { + "name": { + "description": "name: string\nModule: caddy.logging.encoders.filter.rename\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RenameFilter", + "markdownDescription": "name: `string` \nModule: `caddy.logging.encoders.filter.rename` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#RenameFilter)", + "type": "string" + } + } + }, + "caddy.logging.encoders.filter.replace": { + "description": "replace: object\nModule: caddy.logging.encoders.filter.replace\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#ReplaceFilter", + "markdownDescription": "replace: `object` \nModule: `caddy.logging.encoders.filter.replace` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#ReplaceFilter)", + "type": "object", + "properties": { + "value": { + "description": "value: string\nModule: caddy.logging.encoders.filter.replace\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#ReplaceFilter", + "markdownDescription": "value: `string` \nModule: `caddy.logging.encoders.filter.replace` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#ReplaceFilter)", + "type": "string" + } + } + }, + "caddy.logging.encoders.json": { + "description": "json: object\nModule: caddy.logging.encoders.json\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#JSONEncoder\nJSONEncoder encodes entries as JSON.\n\n", + "markdownDescription": "json: `object` \nModule: `caddy.logging.encoders.json` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#JSONEncoder) \nJSONEncoder encodes entries as JSON.\n \n", + "type": "object", + "properties": { + "caller_key": { + "description": "caller_key: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "caller_key: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "duration_format": { + "description": "duration_format: string\nModule: caddy.logging.encoders.json\nRecognized values are: s/second/seconds, ns/nano/nanos, ms/milli/millis, string.\nEmpty and unrecognized value default to seconds.\n", + "markdownDescription": "duration_format: `string` \nModule: `caddy.logging.encoders.json` \nRecognized values are: s/second/seconds, ns/nano/nanos, ms/milli/millis, string.\nEmpty and unrecognized value default to seconds. \n", + "type": "string" + }, + "level_format": { + "description": "level_format: string\nModule: caddy.logging.encoders.json\nRecognized values are: lower, upper, color.\nEmpty and unrecognized value default to lower.\n", + "markdownDescription": "level_format: `string` \nModule: `caddy.logging.encoders.json` \nRecognized values are: lower, upper, color.\nEmpty and unrecognized value default to lower. \n", + "type": "string" + }, + "level_key": { + "description": "level_key: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "level_key: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "line_ending": { + "description": "line_ending: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "line_ending: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "message_key": { + "description": "message_key: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "message_key: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "name_key": { + "description": "name_key: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "name_key: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "stacktrace_key": { + "description": "stacktrace_key: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "stacktrace_key: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "time_format": { + "description": "time_format: string\nModule: caddy.logging.encoders.json\nRecognized values are: unix_seconds_float, unix_milli_float, unix_nano, iso8601, rfc3339, rfc3339_nano, wall, wall_milli, wall_nano, common_log.\nThe value may also be custom format per the Go `time` package layout specification, as described [here](https://pkg.go.dev/time#pkg-constants).\n", + "markdownDescription": "time_format: `string` \nModule: `caddy.logging.encoders.json` \nRecognized values are: unix_seconds_float, unix_milli_float, unix_nano, iso8601, rfc3339, rfc3339_nano, wall, wall_milli, wall_nano, common_log.\nThe value may also be custom format per the Go `time` package layout specification, as described [here](https://pkg.go.dev/time#pkg-constants). \n", + "type": "string" + }, + "time_key": { + "description": "time_key: string\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "time_key: `string` \nModule: `caddy.logging.encoders.json` \n", + "type": "string" + }, + "time_local": { + "description": "time_local: boolean\nModule: caddy.logging.encoders.json\n", + "markdownDescription": "time_local: `boolean` \nModule: `caddy.logging.encoders.json` \n", + "type": "boolean" + } + } + }, + "caddy.logging.writers.discard": { + "description": "discard: object\nModule: caddy.logging.writers.discard\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#DiscardWriter\nDiscardWriter discards all writes.\n\n", + "markdownDescription": "discard: `object` \nModule: `caddy.logging.writers.discard` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#DiscardWriter) \nDiscardWriter discards all writes.\n \n", + "type": "object" + }, + "caddy.logging.writers.file": { + "description": "file: object\nModule: caddy.logging.writers.file\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#FileWriter\nFileWriter can write logs to files. By default, log files\nare rotated (\"rolled\") when they get large, and old log\nfiles get deleted, to ensure that the process does not\nexhaust disk space.\n\n", + "markdownDescription": "file: `object` \nModule: `caddy.logging.writers.file` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#FileWriter) \nFileWriter can write logs to files. By default, log files\nare rotated (\"rolled\") when they get large, and old log\nfiles get deleted, to ensure that the process does not\nexhaust disk space.\n \n", + "type": "object", + "properties": { + "filename": { + "description": "filename: string\nModule: caddy.logging.writers.file\nFilename is the name of the file to write.\n", + "markdownDescription": "filename: `string` \nModule: `caddy.logging.writers.file` \nFilename is the name of the file to write. \n", + "type": "string" + }, + "mode": { + "description": "mode: number\nModule: caddy.logging.writers.file\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#fileMode\nThe file permissions mode.\n0600 by default.\n\n\nfileMode is a string made of 1 to 4 octal digits representing\na numeric mode as specified with the `chmod` unix command.\n`\"0777\"` and `\"777\"` are thus equivalent values.\n", + "markdownDescription": "mode: `number` \nModule: `caddy.logging.writers.file` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#fileMode) \nThe file permissions mode.\n0600 by default.\n\n\nfileMode is a string made of 1 to 4 octal digits representing\na numeric mode as specified with the `chmod` unix command.\n`\"0777\"` and `\"777\"` are thus equivalent values. \n", + "type": "number" + }, + "roll": { + "description": "roll: boolean\nModule: caddy.logging.writers.file\nRoll toggles log rolling or rotation, which is\nenabled by default.\n", + "markdownDescription": "roll: `boolean` \nModule: `caddy.logging.writers.file` \nRoll toggles log rolling or rotation, which is\nenabled by default. \n", + "type": "boolean" + }, + "roll_gzip": { + "description": "roll_gzip: boolean\nModule: caddy.logging.writers.file\nWhether to compress rolled files. Default: true\n", + "markdownDescription": "roll_gzip: `boolean` \nModule: `caddy.logging.writers.file` \nWhether to compress rolled files. Default: true \n", + "type": "boolean" + }, + "roll_keep": { + "description": "roll_keep: number\nModule: caddy.logging.writers.file\nThe maximum number of rolled log files to keep.\nDefault: 10\n", + "markdownDescription": "roll_keep: `number` \nModule: `caddy.logging.writers.file` \nThe maximum number of rolled log files to keep.\nDefault: 10 \n", + "type": "number" + }, + "roll_keep_days": { + "description": "roll_keep_days: number\nModule: caddy.logging.writers.file\nHow many days to keep rolled log files. Default: 90\n", + "markdownDescription": "roll_keep_days: `number` \nModule: `caddy.logging.writers.file` \nHow many days to keep rolled log files. Default: 90 \n", + "type": "number" + }, + "roll_local_time": { + "description": "roll_local_time: boolean\nModule: caddy.logging.writers.file\nWhether to use local timestamps in rolled filenames.\nDefault: false\n", + "markdownDescription": "roll_local_time: `boolean` \nModule: `caddy.logging.writers.file` \nWhether to use local timestamps in rolled filenames.\nDefault: false \n", + "type": "boolean" + }, + "roll_size_mb": { + "description": "roll_size_mb: number\nModule: caddy.logging.writers.file\nWhen a log file reaches approximately this size,\nit will be rotated.\n", + "markdownDescription": "roll_size_mb: `number` \nModule: `caddy.logging.writers.file` \nWhen a log file reaches approximately this size,\nit will be rotated. \n", + "type": "number" + } + } + }, + "caddy.logging.writers.net": { + "description": "net: object\nModule: caddy.logging.writers.net\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#NetWriter\nNetWriter implements a log writer that outputs to a network socket. If\nthe socket goes down, it will dump logs to stderr while it attempts to\nreconnect.\n\n", + "markdownDescription": "net: `object` \nModule: `caddy.logging.writers.net` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/logging#NetWriter) \nNetWriter implements a log writer that outputs to a network socket. If\nthe socket goes down, it will dump logs to stderr while it attempts to\nreconnect.\n \n", + "type": "object", + "properties": { + "address": { + "description": "address: string\nModule: caddy.logging.writers.net\nThe address of the network socket to which to connect.\n", + "markdownDescription": "address: `string` \nModule: `caddy.logging.writers.net` \nThe address of the network socket to which to connect. \n", + "type": "string" + }, + "dial_timeout": { + "description": "dial_timeout: number\nModule: caddy.logging.writers.net\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe timeout to wait while connecting to the socket.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "dial_timeout: `number` \nModule: `caddy.logging.writers.net` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe timeout to wait while connecting to the socket.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "soft_start": { + "description": "soft_start: boolean\nModule: caddy.logging.writers.net\nIf enabled, allow connections errors when first opening the\nwriter. The error and subsequent log entries will be reported\nto stderr instead until a connection can be re-established.\n", + "markdownDescription": "soft_start: `boolean` \nModule: `caddy.logging.writers.net` \nIf enabled, allow connections errors when first opening the\nwriter. The error and subsequent log entries will be reported\nto stderr instead until a connection can be re-established. \n", + "type": "boolean" + } + } + }, + "caddy.logging.writers.stderr": { + "description": "stderr: object\nModule: caddy.logging.writers.stderr\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#StderrWriter\nStderrWriter writes logs to standard error.\n\n", + "markdownDescription": "stderr: `object` \nModule: `caddy.logging.writers.stderr` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#StderrWriter) \nStderrWriter writes logs to standard error.\n \n", + "type": "object" + }, + "caddy.logging.writers.stdout": { + "description": "stdout: object\nModule: caddy.logging.writers.stdout\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#StdoutWriter\nStdoutWriter writes logs to standard out.\n\n", + "markdownDescription": "stdout: `object` \nModule: `caddy.logging.writers.stdout` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#StdoutWriter) \nStdoutWriter writes logs to standard out.\n \n", + "type": "object" + }, + "caddy.network_proxy.none": { + "description": "none: object\nModule: caddy.network_proxy.none\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/internal/network#ProxyFromNone", + "markdownDescription": "none: `object` \nModule: `caddy.network_proxy.none` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/internal/network#ProxyFromNone)", + "type": "object" + }, + "caddy.network_proxy.url": { + "description": "url: object\nModule: caddy.network_proxy.url\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/internal/network#ProxyFromURL", + "markdownDescription": "url: `object` \nModule: `caddy.network_proxy.url` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/internal/network#ProxyFromURL)", + "type": "object", + "properties": { + "url": { + "description": "url: string\nModule: caddy.network_proxy.url\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/internal/network#ProxyFromURL", + "markdownDescription": "url: `string` \nModule: `caddy.network_proxy.url` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/internal/network#ProxyFromURL)", + "type": "string" + } + } + }, + "caddy.storage.file_system": { + "description": "file_system: object\nModule: caddy.storage.file_system\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/filestorage#FileStorage\nFileStorage is a certmagic.Storage wrapper for certmagic.FileStorage.\n\n", + "markdownDescription": "file_system: `object` \nModule: `caddy.storage.file_system` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/filestorage#FileStorage) \nFileStorage is a certmagic.Storage wrapper for certmagic.FileStorage.\n \n", + "type": "object", + "properties": { + "root": { + "description": "root: string\nModule: caddy.storage.file_system\nThe base path to the folder used for storage.\n", + "markdownDescription": "root: `string` \nModule: `caddy.storage.file_system` \nThe base path to the folder used for storage. \n", + "type": "string" + } + } + }, + "dns.providers.desec": { + "description": "desec: object\nModule: dns.providers.desec\nhttps://pkg.go.dev/github.com/caddy-dns/desec#Provider\nProvider lets Caddy read and manipulate DNS records hosted by this DNS provider.\n\n", + "markdownDescription": "desec: `object` \nModule: `dns.providers.desec` \n[godoc](https://pkg.go.dev/github.com/caddy-dns/desec#Provider) \nProvider lets Caddy read and manipulate DNS records hosted by this DNS provider.\n \n", + "type": "object", + "properties": { + "token": { + "description": "token: string\nModule: dns.providers.desec\nToken is a token created on https://desec.io/tokens. A basic token without the permission\nto manage tokens is sufficient.\n", + "markdownDescription": "token: `string` \nModule: `dns.providers.desec` \nToken is a token created on https://desec.io/tokens. A basic token without the permission\nto manage tokens is sufficient. \n", + "type": "string" + } + } + }, + "events": { + "description": "events: object\nModule: events\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyevents#App\nApp implements a global eventing system within Caddy.\nModules can emit and subscribe to events, providing\nhooks into deep parts of the code base that aren't\notherwise accessible. Events provide information about\nwhat and when things are happening, and this facility\nallows handlers to take action when events occur,\nadd information to the event's metadata, and even\ncontrol program flow in some cases.\n\nEvents are propagated in a DOM-like fashion. An event\nemitted from module `a.b.c` (the \"origin\") will first\ninvoke handlers listening to `a.b.c`, then `a.b`,\nthen `a`, then those listening regardless of origin.\nIf a handler returns the special error Aborted, then\npropagation immediately stops and the event is marked\nas aborted. Emitters may optionally choose to adjust\nprogram flow based on an abort.\n\nModules can subscribe to events by origin and/or name.\nA handler is invoked only if it is subscribed to the\nevent by name and origin. Subscriptions should be\nregistered during the provisioning phase, before apps\nare started.\n\nEvent handlers are fired synchronously as part of the\nregular flow of the program. This allows event handlers\nto control the flow of the program if the origin permits\nit and also allows handlers to convey new information\nback into the origin module before it continues.\nIn essence, event handlers are similar to HTTP\nmiddleware handlers.\n\nEvent bindings/subscribers are unordered; i.e.\nevent handlers are invoked in an arbitrary order.\nEvent handlers should not rely on the logic of other\nhandlers to succeed.\n\nThe entirety of this app module is EXPERIMENTAL and\nsubject to change. Pay attention to release notes.\n\n", + "markdownDescription": "events: `object` \nModule: `events` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyevents#App) \nApp implements a global eventing system within Caddy.\nModules can emit and subscribe to events, providing\nhooks into deep parts of the code base that aren't\notherwise accessible. Events provide information about\nwhat and when things are happening, and this facility\nallows handlers to take action when events occur,\nadd information to the event's metadata, and even\ncontrol program flow in some cases.\n\nEvents are propagated in a DOM-like fashion. An event\nemitted from module `a.b.c` (the \"origin\") will first\ninvoke handlers listening to `a.b.c`, then `a.b`,\nthen `a`, then those listening regardless of origin.\nIf a handler returns the special error Aborted, then\npropagation immediately stops and the event is marked\nas aborted. Emitters may optionally choose to adjust\nprogram flow based on an abort.\n\nModules can subscribe to events by origin and/or name.\nA handler is invoked only if it is subscribed to the\nevent by name and origin. Subscriptions should be\nregistered during the provisioning phase, before apps\nare started.\n\nEvent handlers are fired synchronously as part of the\nregular flow of the program. This allows event handlers\nto control the flow of the program if the origin permits\nit and also allows handlers to convey new information\nback into the origin module before it continues.\nIn essence, event handlers are similar to HTTP\nmiddleware handlers.\n\nEvent bindings/subscribers are unordered; i.e.\nevent handlers are invoked in an arbitrary order.\nEvent handlers should not rely on the logic of other\nhandlers to succeed.\n\nThe entirety of this app module is EXPERIMENTAL and\nsubject to change. Pay attention to release notes.\n \n", + "type": "object", + "properties": { + "subscriptions": { + "description": "subscriptions: array\nModule: events\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyevents#Subscription\nSubscriptions bind handlers to one or more events\neither globally or scoped to specific modules or module\nnamespaces.\n\n\nSubscription represents binding of one or more handlers to\none or more events.\n", + "markdownDescription": "subscriptions: `array` \nModule: `events` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyevents#Subscription) \nSubscriptions bind handlers to one or more events\neither globally or scoped to specific modules or module\nnamespaces.\n\n\nSubscription represents binding of one or more handlers to\none or more events. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyevents#Subscription\nSubscriptions bind handlers to one or more events\neither globally or scoped to specific modules or module\nnamespaces.\n\n\nSubscription represents binding of one or more handlers to\none or more events.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyevents#Subscription) \nSubscriptions bind handlers to one or more events\neither globally or scoped to specific modules or module\nnamespaces.\n\n\nSubscription represents binding of one or more handlers to\none or more events. \n", + "type": "object", + "properties": { + "events": { + "description": "events: array\nModule: events\nThe name(s) of the event(s) to bind to. Default: all events.\n", + "markdownDescription": "events: `array` \nModule: `events` \nThe name(s) of the event(s) to bind to. Default: all events. \n", + "type": "array", + "items": { + "description": "The name(s) of the event(s) to bind to. Default: all events.\n", + "markdownDescription": "The name(s) of the event(s) to bind to. Default: all events. \n", + "type": "string" + } + }, + "handlers": { + "description": "handlers: any\nModule: events.handlers\nThe event handler modules. These implement the actual\nbehavior to invoke when an event occurs. At least one\nhandler is required.\n", + "markdownDescription": "handlers: `any` \nModule: `events.handlers` \nThe event handler modules. These implement the actual\nbehavior to invoke when an event occurs. At least one\nhandler is required. \n" + }, + "modules": { + "description": "modules: array\nModule: events\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleID\nThe ID or namespace of the module(s) from which events\noriginate to listen to for events. Default: all modules.\n\nEvents propagate up, so events emitted by module \"a.b.c\"\nwill also trigger the event for \"a.b\" and \"a\". Thus, to\nreceive all events from \"a.b.c\" and \"a.b.d\", for example,\none can subscribe to either \"a.b\" or all of \"a\" entirely.\n\n\nModuleID is a string that uniquely identifies a Caddy module. A\nmodule ID is lightly structured. It consists of dot-separated\nlabels which form a simple hierarchy from left to right. The last\nlabel is the module name, and the labels before that constitute\nthe namespace (or scope).\n\nThus, a module ID has the form: \u003cnamespace\u003e.\u003cname\u003e\n\nAn ID with no dot has the empty namespace, which is appropriate\nfor app modules (these are \"top-level\" modules that Caddy core\nloads and runs).\n\nModule IDs should be lowercase and use underscores (_) instead of\nspaces.\n\nExamples of valid IDs:\n- http\n- http.handlers.file_server\n- caddy.logging.encoders.json\n", + "markdownDescription": "modules: `array` \nModule: `events` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleID) \nThe ID or namespace of the module(s) from which events\noriginate to listen to for events. Default: all modules.\n\nEvents propagate up, so events emitted by module \"a.b.c\"\nwill also trigger the event for \"a.b\" and \"a\". Thus, to\nreceive all events from \"a.b.c\" and \"a.b.d\", for example,\none can subscribe to either \"a.b\" or all of \"a\" entirely.\n\n\nModuleID is a string that uniquely identifies a Caddy module. A\nmodule ID is lightly structured. It consists of dot-separated\nlabels which form a simple hierarchy from left to right. The last\nlabel is the module name, and the labels before that constitute\nthe namespace (or scope).\n\nThus, a module ID has the form: \u003cnamespace\u003e.\u003cname\u003e\n\nAn ID with no dot has the empty namespace, which is appropriate\nfor app modules (these are \"top-level\" modules that Caddy core\nloads and runs).\n\nModule IDs should be lowercase and use underscores (_) instead of\nspaces.\n\nExamples of valid IDs:\n- http\n- http.handlers.file_server\n- caddy.logging.encoders.json \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleID\nThe ID or namespace of the module(s) from which events\noriginate to listen to for events. Default: all modules.\n\nEvents propagate up, so events emitted by module \"a.b.c\"\nwill also trigger the event for \"a.b\" and \"a\". Thus, to\nreceive all events from \"a.b.c\" and \"a.b.d\", for example,\none can subscribe to either \"a.b\" or all of \"a\" entirely.\n\n\nModuleID is a string that uniquely identifies a Caddy module. A\nmodule ID is lightly structured. It consists of dot-separated\nlabels which form a simple hierarchy from left to right. The last\nlabel is the module name, and the labels before that constitute\nthe namespace (or scope).\n\nThus, a module ID has the form: \u003cnamespace\u003e.\u003cname\u003e\n\nAn ID with no dot has the empty namespace, which is appropriate\nfor app modules (these are \"top-level\" modules that Caddy core\nloads and runs).\n\nModule IDs should be lowercase and use underscores (_) instead of\nspaces.\n\nExamples of valid IDs:\n- http\n- http.handlers.file_server\n- caddy.logging.encoders.json\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleID) \nThe ID or namespace of the module(s) from which events\noriginate to listen to for events. Default: all modules.\n\nEvents propagate up, so events emitted by module \"a.b.c\"\nwill also trigger the event for \"a.b\" and \"a\". Thus, to\nreceive all events from \"a.b.c\" and \"a.b.d\", for example,\none can subscribe to either \"a.b\" or all of \"a\" entirely.\n\n\nModuleID is a string that uniquely identifies a Caddy module. A\nmodule ID is lightly structured. It consists of dot-separated\nlabels which form a simple hierarchy from left to right. The last\nlabel is the module name, and the labels before that constitute\nthe namespace (or scope).\n\nThus, a module ID has the form: \u003cnamespace\u003e.\u003cname\u003e\n\nAn ID with no dot has the empty namespace, which is appropriate\nfor app modules (these are \"top-level\" modules that Caddy core\nloads and runs).\n\nModule IDs should be lowercase and use underscores (_) instead of\nspaces.\n\nExamples of valid IDs:\n- http\n- http.handlers.file_server\n- caddy.logging.encoders.json \n", + "type": "string" + } + } + } + } + } + } + }, + "http": { + "description": "http: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#App\nApp is a robust, production-ready HTTP server.\n\nHTTPS is enabled by default if host matchers with qualifying names are used\nin any of routes; certificates are automatically provisioned and renewed.\nAdditionally, automatic HTTPS will also enable HTTPS for servers that listen\nonly on the HTTPS port but which do not have any TLS connection policies\ndefined by adding a good, default TLS connection policy.\n\nIn HTTP routes, additional placeholders are available (replace any `*`):\n\nPlaceholder | Description\n------------|---------------\n`{http.request.body}` | The request body (⚠️ inefficient; use only for debugging)\n`{http.request.cookie.*}` | HTTP request cookie\n`{http.request.duration}` | Time up to now spent handling the request (after decoding headers from client)\n`{http.request.duration_ms}` | Same as 'duration', but in milliseconds.\n`{http.request.uuid}` | The request unique identifier\n`{http.request.header.*}` | Specific request header field\n`{http.request.host}` | The host part of the request's Host header\n`{http.request.host.labels.*}` | Request host labels (0-based from right); e.g. for foo.example.com: 0=com, 1=example, 2=foo\n`{http.request.hostport}` | The host and port from the request's Host header\n`{http.request.method}` | The request method\n`{http.request.orig_method}` | The request's original method\n`{http.request.orig_uri}` | The request's original URI\n`{http.request.orig_uri.path}` | The request's original path\n`{http.request.orig_uri.path.*}` | Parts of the original path, split by `/` (0-based from left)\n`{http.request.orig_uri.path.dir}` | The request's original directory\n`{http.request.orig_uri.path.file}` | The request's original filename\n`{http.request.orig_uri.query}` | The request's original query string (without `?`)\n`{http.request.port}` | The port part of the request's Host header\n`{http.request.proto}` | The protocol of the request\n`{http.request.local.host}` | The host (IP) part of the local address the connection arrived on\n`{http.request.local.port}` | The port part of the local address the connection arrived on\n`{http.request.local}` | The local address the connection arrived on\n`{http.request.remote.host}` | The host (IP) part of the remote client's address\n`{http.request.remote.port}` | The port part of the remote client's address\n`{http.request.remote}` | The address of the remote client\n`{http.request.scheme}` | The request scheme, typically `http` or `https`\n`{http.request.tls.version}` | The TLS version name\n`{http.request.tls.cipher_suite}` | The TLS cipher suite\n`{http.request.tls.resumed}` | The TLS connection resumed a previous connection\n`{http.request.tls.proto}` | The negotiated next protocol\n`{http.request.tls.proto_mutual}` | The negotiated next protocol was advertised by the server\n`{http.request.tls.server_name}` | The server name requested by the client, if any\n`{http.request.tls.client.fingerprint}` | The SHA256 checksum of the client certificate\n`{http.request.tls.client.public_key}` | The public key of the client certificate.\n`{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key.\n`{http.request.tls.client.certificate_pem}` | The PEM-encoded value of the certificate.\n`{http.request.tls.client.certificate_der_base64}` | The base64-encoded value of the certificate.\n`{http.request.tls.client.issuer}` | The issuer DN of the client certificate\n`{http.request.tls.client.serial}` | The serial number of the client certificate\n`{http.request.tls.client.subject}` | The subject DN of the client certificate\n`{http.request.tls.client.san.dns_names.*}` | SAN DNS names(index optional)\n`{http.request.tls.client.san.emails.*}` | SAN email addresses (index optional)\n`{http.request.tls.client.san.ips.*}` | SAN IP addresses (index optional)\n`{http.request.tls.client.san.uris.*}` | SAN URIs (index optional)\n`{http.request.uri}` | The full request URI\n`{http.request.uri.path}` | The path component of the request URI\n`{http.request.uri.path.*}` | Parts of the path, split by `/` (0-based from left)\n`{http.request.uri.path.dir}` | The directory, excluding leaf filename\n`{http.request.uri.path.file}` | The filename of the path, excluding directory\n`{http.request.uri.query}` | The query string (without `?`)\n`{http.request.uri.query.*}` | Individual query string value\n`{http.response.header.*}` | Specific response header field\n`{http.vars.*}` | Custom variables in the HTTP handler chain\n`{http.shutting_down}` | True if the HTTP app is shutting down\n`{http.time_until_shutdown}` | Time until HTTP server shutdown, if scheduled\n\n", + "markdownDescription": "http: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#App) \nApp is a robust, production-ready HTTP server.\n\nHTTPS is enabled by default if host matchers with qualifying names are used\nin any of routes; certificates are automatically provisioned and renewed.\nAdditionally, automatic HTTPS will also enable HTTPS for servers that listen\nonly on the HTTPS port but which do not have any TLS connection policies\ndefined by adding a good, default TLS connection policy.\n\nIn HTTP routes, additional placeholders are available (replace any `*`):\n\nPlaceholder | Description\n------------|---------------\n`{http.request.body}` | The request body (⚠️ inefficient; use only for debugging)\n`{http.request.cookie.*}` | HTTP request cookie\n`{http.request.duration}` | Time up to now spent handling the request (after decoding headers from client)\n`{http.request.duration_ms}` | Same as 'duration', but in milliseconds.\n`{http.request.uuid}` | The request unique identifier\n`{http.request.header.*}` | Specific request header field\n`{http.request.host}` | The host part of the request's Host header\n`{http.request.host.labels.*}` | Request host labels (0-based from right); e.g. for foo.example.com: 0=com, 1=example, 2=foo\n`{http.request.hostport}` | The host and port from the request's Host header\n`{http.request.method}` | The request method\n`{http.request.orig_method}` | The request's original method\n`{http.request.orig_uri}` | The request's original URI\n`{http.request.orig_uri.path}` | The request's original path\n`{http.request.orig_uri.path.*}` | Parts of the original path, split by `/` (0-based from left)\n`{http.request.orig_uri.path.dir}` | The request's original directory\n`{http.request.orig_uri.path.file}` | The request's original filename\n`{http.request.orig_uri.query}` | The request's original query string (without `?`)\n`{http.request.port}` | The port part of the request's Host header\n`{http.request.proto}` | The protocol of the request\n`{http.request.local.host}` | The host (IP) part of the local address the connection arrived on\n`{http.request.local.port}` | The port part of the local address the connection arrived on\n`{http.request.local}` | The local address the connection arrived on\n`{http.request.remote.host}` | The host (IP) part of the remote client's address\n`{http.request.remote.port}` | The port part of the remote client's address\n`{http.request.remote}` | The address of the remote client\n`{http.request.scheme}` | The request scheme, typically `http` or `https`\n`{http.request.tls.version}` | The TLS version name\n`{http.request.tls.cipher_suite}` | The TLS cipher suite\n`{http.request.tls.resumed}` | The TLS connection resumed a previous connection\n`{http.request.tls.proto}` | The negotiated next protocol\n`{http.request.tls.proto_mutual}` | The negotiated next protocol was advertised by the server\n`{http.request.tls.server_name}` | The server name requested by the client, if any\n`{http.request.tls.client.fingerprint}` | The SHA256 checksum of the client certificate\n`{http.request.tls.client.public_key}` | The public key of the client certificate.\n`{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key.\n`{http.request.tls.client.certificate_pem}` | The PEM-encoded value of the certificate.\n`{http.request.tls.client.certificate_der_base64}` | The base64-encoded value of the certificate.\n`{http.request.tls.client.issuer}` | The issuer DN of the client certificate\n`{http.request.tls.client.serial}` | The serial number of the client certificate\n`{http.request.tls.client.subject}` | The subject DN of the client certificate\n`{http.request.tls.client.san.dns_names.*}` | SAN DNS names(index optional)\n`{http.request.tls.client.san.emails.*}` | SAN email addresses (index optional)\n`{http.request.tls.client.san.ips.*}` | SAN IP addresses (index optional)\n`{http.request.tls.client.san.uris.*}` | SAN URIs (index optional)\n`{http.request.uri}` | The full request URI\n`{http.request.uri.path}` | The path component of the request URI\n`{http.request.uri.path.*}` | Parts of the path, split by `/` (0-based from left)\n`{http.request.uri.path.dir}` | The directory, excluding leaf filename\n`{http.request.uri.path.file}` | The filename of the path, excluding directory\n`{http.request.uri.query}` | The query string (without `?`)\n`{http.request.uri.query.*}` | Individual query string value\n`{http.response.header.*}` | Specific response header field\n`{http.vars.*}` | Custom variables in the HTTP handler chain\n`{http.shutting_down}` | True if the HTTP app is shutting down\n`{http.time_until_shutdown}` | Time until HTTP server shutdown, if scheduled\n \n", + "type": "object", + "properties": { + "grace_period": { + "description": "grace_period: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nGracePeriod is how long to wait for active connections when shutting\ndown the servers. During the grace period, no new connections are\naccepted, idle connections are closed, and active connections will\nbe given the full length of time to become idle and close.\nOnce the grace period is over, connections will be forcefully closed.\nIf zero, the grace period is eternal. Default: 0.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "grace_period: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nGracePeriod is how long to wait for active connections when shutting\ndown the servers. During the grace period, no new connections are\naccepted, idle connections are closed, and active connections will\nbe given the full length of time to become idle and close.\nOnce the grace period is over, connections will be forcefully closed.\nIf zero, the grace period is eternal. Default: 0.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "http_port": { + "description": "http_port: number\nModule: http\nHTTPPort specifies the port to use for HTTP (as opposed to HTTPS),\nwhich is used when setting up HTTP-\u003eHTTPS redirects or ACME HTTP\nchallenge solvers. Default: 80.\n", + "markdownDescription": "http_port: `number` \nModule: `http` \nHTTPPort specifies the port to use for HTTP (as opposed to HTTPS),\nwhich is used when setting up HTTP-\u003eHTTPS redirects or ACME HTTP\nchallenge solvers. Default: 80. \n", + "type": "number" + }, + "https_port": { + "description": "https_port: number\nModule: http\nHTTPSPort specifies the port to use for HTTPS, which is used when\nsolving the ACME TLS-ALPN challenges, or whenever HTTPS is needed\nbut no specific port number is given. Default: 443.\n", + "markdownDescription": "https_port: `number` \nModule: `http` \nHTTPSPort specifies the port to use for HTTPS, which is used when\nsolving the ACME TLS-ALPN challenges, or whenever HTTPS is needed\nbut no specific port number is given. Default: 443. \n", + "type": "number" + }, + "metrics": { + "description": "metrics: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Metrics\nIf set, metrics observations will be enabled.\nThis setting is EXPERIMENTAL and subject to change.\n\n\nMetrics configures metrics observations.\nEXPERIMENTAL and subject to change or removal.\n", + "markdownDescription": "metrics: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Metrics) \nIf set, metrics observations will be enabled.\nThis setting is EXPERIMENTAL and subject to change.\n\n\nMetrics configures metrics observations.\nEXPERIMENTAL and subject to change or removal. \n", + "type": "object", + "properties": { + "per_host": { + "description": "per_host: boolean\nModule: http\nEnable per-host metrics. Enabling this option may\nincur high-memory consumption, depending on the number of hosts\nmanaged by Caddy.\n", + "markdownDescription": "per_host: `boolean` \nModule: `http` \nEnable per-host metrics. Enabling this option may\nincur high-memory consumption, depending on the number of hosts\nmanaged by Caddy. \n", + "type": "boolean" + } + } + }, + "servers": { + "description": "servers: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Server\nServers is the list of servers, keyed by arbitrary names chosen\nat your discretion for your own convenience; the keys do not\naffect functionality.\n\n\nServer describes an HTTP server.\n", + "markdownDescription": "servers: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Server) \nServers is the list of servers, keyed by arbitrary names chosen\nat your discretion for your own convenience; the keys do not\naffect functionality.\n\n\nServer describes an HTTP server. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Server\nServers is the list of servers, keyed by arbitrary names chosen\nat your discretion for your own convenience; the keys do not\naffect functionality.\n\n\nServer describes an HTTP server.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Server) \nServers is the list of servers, keyed by arbitrary names chosen\nat your discretion for your own convenience; the keys do not\naffect functionality.\n\n\nServer describes an HTTP server. \n", + "properties": { + "automatic_https": { + "description": "automatic_https: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#AutoHTTPSConfig\nAutoHTTPS configures or disables automatic HTTPS within this server.\nHTTPS is enabled automatically and by default when qualifying names\nare present in a Host matcher and/or when the server is listening\nonly on the HTTPS port.\n\n\nAutoHTTPSConfig is used to disable automatic HTTPS\nor certain aspects of it for a specific server.\nHTTPS is enabled automatically and by default when\nqualifying hostnames are available from the config.\n", + "markdownDescription": "automatic_https: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#AutoHTTPSConfig) \nAutoHTTPS configures or disables automatic HTTPS within this server.\nHTTPS is enabled automatically and by default when qualifying names\nare present in a Host matcher and/or when the server is listening\nonly on the HTTPS port.\n\n\nAutoHTTPSConfig is used to disable automatic HTTPS\nor certain aspects of it for a specific server.\nHTTPS is enabled automatically and by default when\nqualifying hostnames are available from the config. \n", + "type": "object", + "properties": { + "disable": { + "description": "disable: boolean\nModule: http\nIf true, automatic HTTPS will be entirely disabled,\nincluding certificate management and redirects.\n", + "markdownDescription": "disable: `boolean` \nModule: `http` \nIf true, automatic HTTPS will be entirely disabled,\nincluding certificate management and redirects. \n", + "type": "boolean" + }, + "disable_certificates": { + "description": "disable_certificates: boolean\nModule: http\nIf true, automatic certificate management will be\ndisabled, but other auto-HTTPS features will\nremain enabled.\n", + "markdownDescription": "disable_certificates: `boolean` \nModule: `http` \nIf true, automatic certificate management will be\ndisabled, but other auto-HTTPS features will\nremain enabled. \n", + "type": "boolean" + }, + "disable_redirects": { + "description": "disable_redirects: boolean\nModule: http\nIf true, only automatic HTTP-\u003eHTTPS redirects will\nbe disabled, but other auto-HTTPS features will\nremain enabled.\n", + "markdownDescription": "disable_redirects: `boolean` \nModule: `http` \nIf true, only automatic HTTP-\u003eHTTPS redirects will\nbe disabled, but other auto-HTTPS features will\nremain enabled. \n", + "type": "boolean" + }, + "ignore_loaded_certificates": { + "description": "ignore_loaded_certificates: boolean\nModule: http\nBy default, automatic HTTPS will obtain and renew\ncertificates for qualifying hostnames. However, if\na certificate with a matching SAN is already loaded\ninto the cache, certificate management will not be\nenabled. To force automated certificate management\nregardless of loaded certificates, set this to true.\n", + "markdownDescription": "ignore_loaded_certificates: `boolean` \nModule: `http` \nBy default, automatic HTTPS will obtain and renew\ncertificates for qualifying hostnames. However, if\na certificate with a matching SAN is already loaded\ninto the cache, certificate management will not be\nenabled. To force automated certificate management\nregardless of loaded certificates, set this to true. \n", + "type": "boolean" + }, + "skip": { + "description": "skip: array\nModule: http\nHosts/domain names listed here will not be included\nin automatic HTTPS (they will not have certificates\nloaded nor redirects applied).\n", + "markdownDescription": "skip: `array` \nModule: `http` \nHosts/domain names listed here will not be included\nin automatic HTTPS (they will not have certificates\nloaded nor redirects applied). \n", + "type": "array", + "items": { + "description": "Hosts/domain names listed here will not be included\nin automatic HTTPS (they will not have certificates\nloaded nor redirects applied).\n", + "markdownDescription": "Hosts/domain names listed here will not be included\nin automatic HTTPS (they will not have certificates\nloaded nor redirects applied). \n", + "type": "string" + } + }, + "skip_certificates": { + "description": "skip_certificates: array\nModule: http\nHosts/domain names listed here will still be enabled\nfor automatic HTTPS (unless in the Skip list), except\nthat certificates will not be provisioned and managed\nfor these names.\n", + "markdownDescription": "skip_certificates: `array` \nModule: `http` \nHosts/domain names listed here will still be enabled\nfor automatic HTTPS (unless in the Skip list), except\nthat certificates will not be provisioned and managed\nfor these names. \n", + "type": "array", + "items": { + "description": "Hosts/domain names listed here will still be enabled\nfor automatic HTTPS (unless in the Skip list), except\nthat certificates will not be provisioned and managed\nfor these names.\n", + "markdownDescription": "Hosts/domain names listed here will still be enabled\nfor automatic HTTPS (unless in the Skip list), except\nthat certificates will not be provisioned and managed\nfor these names. \n", + "type": "string" + } + } + } + }, + "client_ip_headers": { + "description": "client_ip_headers: array\nModule: http\nThe headers from which the client IP address could be\nread from. These will be considered in order, with the\nfirst good value being used as the client IP.\nBy default, only `X-Forwarded-For` is considered.\n\nThis depends on `trusted_proxies` being configured and\nthe request being validated as coming from a trusted\nproxy, otherwise the client IP will be set to the direct\nremote IP address.\n", + "markdownDescription": "client_ip_headers: `array` \nModule: `http` \nThe headers from which the client IP address could be\nread from. These will be considered in order, with the\nfirst good value being used as the client IP.\nBy default, only `X-Forwarded-For` is considered.\n\nThis depends on `trusted_proxies` being configured and\nthe request being validated as coming from a trusted\nproxy, otherwise the client IP will be set to the direct\nremote IP address. \n", + "type": "array", + "items": { + "description": "The headers from which the client IP address could be\nread from. These will be considered in order, with the\nfirst good value being used as the client IP.\nBy default, only `X-Forwarded-For` is considered.\n\nThis depends on `trusted_proxies` being configured and\nthe request being validated as coming from a trusted\nproxy, otherwise the client IP will be set to the direct\nremote IP address.\n", + "markdownDescription": "The headers from which the client IP address could be\nread from. These will be considered in order, with the\nfirst good value being used as the client IP.\nBy default, only `X-Forwarded-For` is considered.\n\nThis depends on `trusted_proxies` being configured and\nthe request being validated as coming from a trusted\nproxy, otherwise the client IP will be set to the direct\nremote IP address. \n", + "type": "string" + } + }, + "enable_full_duplex": { + "description": "enable_full_duplex: boolean\nModule: http\nEnable full-duplex communication for HTTP/1 requests.\nOnly has an effect if Caddy was built with Go 1.21 or later.\n\nFor HTTP/1 requests, the Go HTTP server by default consumes any\nunread portion of the request body before beginning to write the\nresponse, preventing handlers from concurrently reading from the\nrequest and writing the response. Enabling this option disables\nthis behavior and permits handlers to continue to read from the\nrequest while concurrently writing the response.\n\nFor HTTP/2 requests, the Go HTTP server always permits concurrent\nreads and responses, so this option has no effect.\n\nTest thoroughly with your HTTP clients, as some older clients may\nnot support full-duplex HTTP/1 which can cause them to deadlock.\nSee https://github.com/golang/go/issues/57786 for more info.\n\nTODO: This is an EXPERIMENTAL feature. Subject to change or removal.\n", + "markdownDescription": "enable_full_duplex: `boolean` \nModule: `http` \nEnable full-duplex communication for HTTP/1 requests.\nOnly has an effect if Caddy was built with Go 1.21 or later.\n\nFor HTTP/1 requests, the Go HTTP server by default consumes any\nunread portion of the request body before beginning to write the\nresponse, preventing handlers from concurrently reading from the\nrequest and writing the response. Enabling this option disables\nthis behavior and permits handlers to continue to read from the\nrequest while concurrently writing the response.\n\nFor HTTP/2 requests, the Go HTTP server always permits concurrent\nreads and responses, so this option has no effect.\n\nTest thoroughly with your HTTP clients, as some older clients may\nnot support full-duplex HTTP/1 which can cause them to deadlock.\nSee https://github.com/golang/go/issues/57786 for more info.\n\nTODO: This is an EXPERIMENTAL feature. Subject to change or removal. \n", + "type": "boolean" + }, + "errors": { + "description": "errors: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#HTTPErrorConfig\nErrors is how this server will handle errors returned from any\nof the handlers in the primary routes. If the primary handler\nchain returns an error, the error along with its recommended\nstatus code are bubbled back up to the HTTP server which\nexecutes a separate error route, specified using this property.\nThe error routes work exactly like the normal routes.\n\n\nHTTPErrorConfig determines how to handle errors\nfrom the HTTP handlers.\n", + "markdownDescription": "errors: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#HTTPErrorConfig) \nErrors is how this server will handle errors returned from any\nof the handlers in the primary routes. If the primary handler\nchain returns an error, the error along with its recommended\nstatus code are bubbled back up to the HTTP server which\nexecutes a separate error route, specified using this property.\nThe error routes work exactly like the normal routes.\n\n\nHTTPErrorConfig determines how to handle errors\nfrom the HTTP handlers. \n", + "type": "object", + "properties": { + "routes": { + "description": "routes: array\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "routes: `array` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "properties": { + "group": { + "description": "group: string\nModule: http\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "reverse_proxy", + "templates", + "copy_response", + "headers", + "invoke", + "metrics", + "push", + "acme_server", + "authentication", + "encode", + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + } + } + }, + "idle_timeout": { + "description": "idle_timeout: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nIdleTimeout is the maximum time to wait for the next request\nwhen keep-alives are enabled. If zero, a default timeout of\n5m is applied to help avoid resource exhaustion.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "idle_timeout: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nIdleTimeout is the maximum time to wait for the next request\nwhen keep-alives are enabled. If zero, a default timeout of\n5m is applied to help avoid resource exhaustion.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "keepalive_interval": { + "description": "keepalive_interval: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nKeepAliveInterval is the interval at which TCP keepalive packets\nare sent to keep the connection alive at the TCP layer when no other\ndata is being transmitted. The default is 15s.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "keepalive_interval: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nKeepAliveInterval is the interval at which TCP keepalive packets\nare sent to keep the connection alive at the TCP layer when no other\ndata is being transmitted. The default is 15s.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "listen": { + "description": "listen: array\nModule: http\nSocket addresses to which to bind listeners. Accepts\n[network addresses](/docs/conventions#network-addresses)\nthat may include port ranges. Listener addresses must\nbe unique; they cannot be repeated across all defined\nservers.\n", + "markdownDescription": "listen: `array` \nModule: `http` \nSocket addresses to which to bind listeners. Accepts\n[network addresses](/docs/conventions#network-addresses)\nthat may include port ranges. Listener addresses must\nbe unique; they cannot be repeated across all defined\nservers. \n", + "type": "array", + "items": { + "description": "Socket addresses to which to bind listeners. Accepts\n[network addresses](/docs/conventions#network-addresses)\nthat may include port ranges. Listener addresses must\nbe unique; they cannot be repeated across all defined\nservers.\n", + "markdownDescription": "Socket addresses to which to bind listeners. Accepts\n[network addresses](/docs/conventions#network-addresses)\nthat may include port ranges. Listener addresses must\nbe unique; they cannot be repeated across all defined\nservers. \n", + "type": "string" + } + }, + "listen_protocols": { + "description": "listen_protocols: array\nModule: http\nListenProtocols overrides Protocols for each parallel address in Listen.\nA nil value or element indicates that Protocols will be used instead.\n", + "markdownDescription": "listen_protocols: `array` \nModule: `http` \nListenProtocols overrides Protocols for each parallel address in Listen.\nA nil value or element indicates that Protocols will be used instead. \n", + "type": "array", + "items": { + "description": "ListenProtocols overrides Protocols for each parallel address in Listen.\nA nil value or element indicates that Protocols will be used instead.\n", + "markdownDescription": "ListenProtocols overrides Protocols for each parallel address in Listen.\nA nil value or element indicates that Protocols will be used instead. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "listener_wrappers": { + "description": "listener_wrappers: array\nModule: caddy.listeners\nA list of listener wrapper modules, which can modify the behavior\nof the base listener. They are applied in the given order.\n", + "markdownDescription": "listener_wrappers: `array` \nModule: `caddy.listeners` \nA list of listener wrapper modules, which can modify the behavior\nof the base listener. They are applied in the given order. \n", + "type": "array", + "items": { + "description": "A list of listener wrapper modules, which can modify the behavior\nof the base listener. They are applied in the given order.\n", + "markdownDescription": "A list of listener wrapper modules, which can modify the behavior\nof the base listener. They are applied in the given order. \n", + "required": [ + "wrapper" + ], + "allOf": [ + { + "if": { + "properties": { + "wrapper": { + "const": "http_redirect" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.listeners.http_redirect" + } + }, + { + "if": { + "properties": { + "wrapper": { + "const": "proxy_protocol" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.listeners.proxy_protocol" + } + }, + { + "if": { + "properties": { + "wrapper": { + "const": "tls" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.listeners.tls" + } + }, + { + "properties": { + "wrapper": { + "description": "key to identify listener_wrappers module.\nwrapper: string\nModule: caddy.listeners", + "markdownDescription": "key to identify `listener_wrappers` module. \nwrapper: `string` \nModule: `caddy.listeners`", + "type": "string", + "enum": [ + "http_redirect", + "proxy_protocol", + "tls" + ] + } + } + } + ] + } + }, + "logs": { + "description": "logs: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ServerLogConfig\nEnables access logging and configures how access logs are handled\nin this server. To minimally enable access logs, simply set this\nto a non-null, empty struct.\n\n\nServerLogConfig describes a server's logging configuration. If\nenabled without customization, all requests to this server are\nlogged to the default logger; logger destinations may be\ncustomized per-request-host.\n", + "markdownDescription": "logs: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ServerLogConfig) \nEnables access logging and configures how access logs are handled\nin this server. To minimally enable access logs, simply set this\nto a non-null, empty struct.\n\n\nServerLogConfig describes a server's logging configuration. If\nenabled without customization, all requests to this server are\nlogged to the default logger; logger destinations may be\ncustomized per-request-host. \n", + "type": "object", + "properties": { + "default_logger_name": { + "description": "default_logger_name: string\nModule: http\nThe default logger name for all logs emitted by this server for\nhostnames that are not in the logger_names map.\n", + "markdownDescription": "default_logger_name: `string` \nModule: `http` \nThe default logger name for all logs emitted by this server for\nhostnames that are not in the logger_names map. \n", + "type": "string" + }, + "logger_names": { + "description": "logger_names: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StringArray\nLoggerNames maps request hostnames to one or more custom logger\nnames. For example, a mapping of `\"example.com\": [\"example\"]` would\ncause access logs from requests with a Host of example.com to be\nemitted by a logger named \"http.log.access.example\". If there are\nmultiple logger names, then the log will be emitted to all of them.\nIf the logger name is an empty, the default logger is used, i.e.\nthe logger \"http.log.access\".\n\nKeys must be hostnames (without ports), and may contain wildcards\nto match subdomains. The value is an array of logger names.\n\nFor backwards compatibility, if the value is a string, it is treated\nas a single-element array.\n\n\nStringArray is a slices of strings, but also accepts\na single string as a value when JSON unmarshaling,\nconverting it to a slice of one string.\n", + "markdownDescription": "logger_names: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StringArray) \nLoggerNames maps request hostnames to one or more custom logger\nnames. For example, a mapping of `\"example.com\": [\"example\"]` would\ncause access logs from requests with a Host of example.com to be\nemitted by a logger named \"http.log.access.example\". If there are\nmultiple logger names, then the log will be emitted to all of them.\nIf the logger name is an empty, the default logger is used, i.e.\nthe logger \"http.log.access\".\n\nKeys must be hostnames (without ports), and may contain wildcards\nto match subdomains. The value is an array of logger names.\n\nFor backwards compatibility, if the value is a string, it is treated\nas a single-element array.\n\n\nStringArray is a slices of strings, but also accepts\na single string as a value when JSON unmarshaling,\nconverting it to a slice of one string. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StringArray\nLoggerNames maps request hostnames to one or more custom logger\nnames. For example, a mapping of `\"example.com\": [\"example\"]` would\ncause access logs from requests with a Host of example.com to be\nemitted by a logger named \"http.log.access.example\". If there are\nmultiple logger names, then the log will be emitted to all of them.\nIf the logger name is an empty, the default logger is used, i.e.\nthe logger \"http.log.access\".\n\nKeys must be hostnames (without ports), and may contain wildcards\nto match subdomains. The value is an array of logger names.\n\nFor backwards compatibility, if the value is a string, it is treated\nas a single-element array.\n\n\nStringArray is a slices of strings, but also accepts\na single string as a value when JSON unmarshaling,\nconverting it to a slice of one string.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StringArray) \nLoggerNames maps request hostnames to one or more custom logger\nnames. For example, a mapping of `\"example.com\": [\"example\"]` would\ncause access logs from requests with a Host of example.com to be\nemitted by a logger named \"http.log.access.example\". If there are\nmultiple logger names, then the log will be emitted to all of them.\nIf the logger name is an empty, the default logger is used, i.e.\nthe logger \"http.log.access\".\n\nKeys must be hostnames (without ports), and may contain wildcards\nto match subdomains. The value is an array of logger names.\n\nFor backwards compatibility, if the value is a string, it is treated\nas a single-element array.\n\n\nStringArray is a slices of strings, but also accepts\na single string as a value when JSON unmarshaling,\nconverting it to a slice of one string. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "should_log_credentials": { + "description": "should_log_credentials: boolean\nModule: http\nIf true, credentials that are otherwise omitted, will be logged.\nThe definition of credentials is defined by https://fetch.spec.whatwg.org/#credentials,\nand this includes some request and response headers, i.e `Cookie`,\n`Set-Cookie`, `Authorization`, and `Proxy-Authorization`.\n", + "markdownDescription": "should_log_credentials: `boolean` \nModule: `http` \nIf true, credentials that are otherwise omitted, will be logged.\nThe definition of credentials is defined by https://fetch.spec.whatwg.org/#credentials,\nand this includes some request and response headers, i.e `Cookie`,\n`Set-Cookie`, `Authorization`, and `Proxy-Authorization`. \n", + "type": "boolean" + }, + "skip_hosts": { + "description": "skip_hosts: array\nModule: http\nBy default, all requests to this server will be logged if\naccess logging is enabled. This field lists the request\nhosts for which access logging should be disabled.\n", + "markdownDescription": "skip_hosts: `array` \nModule: `http` \nBy default, all requests to this server will be logged if\naccess logging is enabled. This field lists the request\nhosts for which access logging should be disabled. \n", + "type": "array", + "items": { + "description": "By default, all requests to this server will be logged if\naccess logging is enabled. This field lists the request\nhosts for which access logging should be disabled.\n", + "markdownDescription": "By default, all requests to this server will be logged if\naccess logging is enabled. This field lists the request\nhosts for which access logging should be disabled. \n", + "type": "string" + } + }, + "skip_unmapped_hosts": { + "description": "skip_unmapped_hosts: boolean\nModule: http\nIf true, requests to any host not appearing in the\nlogger_names map will not be logged.\n", + "markdownDescription": "skip_unmapped_hosts: `boolean` \nModule: `http` \nIf true, requests to any host not appearing in the\nlogger_names map will not be logged. \n", + "type": "boolean" + }, + "trace": { + "description": "trace: boolean\nModule: http\nLog each individual handler that is invoked.\nRequires that the log emit at DEBUG level.\n\nNOTE: This may log the configuration of your\nHTTP handler modules; do not enable this in\ninsecure contexts when there is sensitive\ndata in the configuration.\n\nEXPERIMENTAL: Subject to change or removal.\n", + "markdownDescription": "trace: `boolean` \nModule: `http` \nLog each individual handler that is invoked.\nRequires that the log emit at DEBUG level.\n\nNOTE: This may log the configuration of your\nHTTP handler modules; do not enable this in\ninsecure contexts when there is sensitive\ndata in the configuration.\n\nEXPERIMENTAL: Subject to change or removal. \n", + "type": "boolean" + } + } + }, + "max_header_bytes": { + "description": "max_header_bytes: number\nModule: http\nMaxHeaderBytes is the maximum size to parse from a client's\nHTTP request headers.\n", + "markdownDescription": "max_header_bytes: `number` \nModule: `http` \nMaxHeaderBytes is the maximum size to parse from a client's\nHTTP request headers. \n", + "type": "number" + }, + "metrics": { + "description": "metrics: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Metrics\nIf set, metrics observations will be enabled.\nThis setting is EXPERIMENTAL and subject to change.\nDEPRECATED: Use the app-level `metrics` field.\n\n\nMetrics configures metrics observations.\nEXPERIMENTAL and subject to change or removal.\n", + "markdownDescription": "metrics: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Metrics) \nIf set, metrics observations will be enabled.\nThis setting is EXPERIMENTAL and subject to change.\nDEPRECATED: Use the app-level `metrics` field.\n\n\nMetrics configures metrics observations.\nEXPERIMENTAL and subject to change or removal. \n", + "type": "object", + "properties": { + "per_host": { + "description": "per_host: boolean\nModule: http\nEnable per-host metrics. Enabling this option may\nincur high-memory consumption, depending on the number of hosts\nmanaged by Caddy.\n", + "markdownDescription": "per_host: `boolean` \nModule: `http` \nEnable per-host metrics. Enabling this option may\nincur high-memory consumption, depending on the number of hosts\nmanaged by Caddy. \n", + "type": "boolean" + } + } + }, + "named_routes": { + "description": "named_routes: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nNamedRoutes describes a mapping of reusable routes that can be\ninvoked by their name. This can be used to optimize memory usage\nwhen the same route is needed for many subroutes, by having\nthe handlers and matchers be only provisioned once, but used from\nmany places. These routes are not executed unless they are invoked\nfrom another route.\n\nEXPERIMENTAL: Subject to change or removal.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "named_routes: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nNamedRoutes describes a mapping of reusable routes that can be\ninvoked by their name. This can be used to optimize memory usage\nwhen the same route is needed for many subroutes, by having\nthe handlers and matchers be only provisioned once, but used from\nmany places. These routes are not executed unless they are invoked\nfrom another route.\n\nEXPERIMENTAL: Subject to change or removal.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nNamedRoutes describes a mapping of reusable routes that can be\ninvoked by their name. This can be used to optimize memory usage\nwhen the same route is needed for many subroutes, by having\nthe handlers and matchers be only provisioned once, but used from\nmany places. These routes are not executed unless they are invoked\nfrom another route.\n\nEXPERIMENTAL: Subject to change or removal.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nNamedRoutes describes a mapping of reusable routes that can be\ninvoked by their name. This can be used to optimize memory usage\nwhen the same route is needed for many subroutes, by having\nthe handlers and matchers be only provisioned once, but used from\nmany places. These routes are not executed unless they are invoked\nfrom another route.\n\nEXPERIMENTAL: Subject to change or removal.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "properties": { + "group": { + "description": "group: string\nModule: http\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "authentication", + "encode", + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error", + "reverse_proxy", + "templates", + "copy_response", + "headers", + "invoke", + "metrics", + "push", + "acme_server" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + }, + "protocols": { + "description": "protocols: array\nModule: http\nProtocols specifies which HTTP protocols to enable.\nSupported values are:\n\n- `h1` (HTTP/1.1)\n- `h2` (HTTP/2)\n- `h2c` (cleartext HTTP/2)\n- `h3` (HTTP/3)\n\nIf enabling `h2` or `h2c`, `h1` must also be enabled;\nthis is due to current limitations in the Go standard\nlibrary.\n\nHTTP/2 operates only over TLS (HTTPS). HTTP/3 opens\na UDP socket to serve QUIC connections.\n\nH2C operates over plain TCP if the client supports it;\nhowever, because this is not implemented by the Go\nstandard library, other server options are not compatible\nand will not be applied to H2C requests. Do not enable this\nonly to achieve maximum client compatibility. In practice,\nvery few clients implement H2C, and even fewer require it.\nEnabling H2C can be useful for serving/proxying gRPC\nif encryption is not possible or desired.\n\nWe recommend for most users to simply let Caddy use the\ndefault settings.\n\nDefault: `[h1 h2 h3]`\n", + "markdownDescription": "protocols: `array` \nModule: `http` \nProtocols specifies which HTTP protocols to enable.\nSupported values are:\n\n- `h1` (HTTP/1.1)\n- `h2` (HTTP/2)\n- `h2c` (cleartext HTTP/2)\n- `h3` (HTTP/3)\n\nIf enabling `h2` or `h2c`, `h1` must also be enabled;\nthis is due to current limitations in the Go standard\nlibrary.\n\nHTTP/2 operates only over TLS (HTTPS). HTTP/3 opens\na UDP socket to serve QUIC connections.\n\nH2C operates over plain TCP if the client supports it;\nhowever, because this is not implemented by the Go\nstandard library, other server options are not compatible\nand will not be applied to H2C requests. Do not enable this\nonly to achieve maximum client compatibility. In practice,\nvery few clients implement H2C, and even fewer require it.\nEnabling H2C can be useful for serving/proxying gRPC\nif encryption is not possible or desired.\n\nWe recommend for most users to simply let Caddy use the\ndefault settings.\n\nDefault: `[h1 h2 h3]` \n", + "type": "array", + "items": { + "description": "Protocols specifies which HTTP protocols to enable.\nSupported values are:\n\n- `h1` (HTTP/1.1)\n- `h2` (HTTP/2)\n- `h2c` (cleartext HTTP/2)\n- `h3` (HTTP/3)\n\nIf enabling `h2` or `h2c`, `h1` must also be enabled;\nthis is due to current limitations in the Go standard\nlibrary.\n\nHTTP/2 operates only over TLS (HTTPS). HTTP/3 opens\na UDP socket to serve QUIC connections.\n\nH2C operates over plain TCP if the client supports it;\nhowever, because this is not implemented by the Go\nstandard library, other server options are not compatible\nand will not be applied to H2C requests. Do not enable this\nonly to achieve maximum client compatibility. In practice,\nvery few clients implement H2C, and even fewer require it.\nEnabling H2C can be useful for serving/proxying gRPC\nif encryption is not possible or desired.\n\nWe recommend for most users to simply let Caddy use the\ndefault settings.\n\nDefault: `[h1 h2 h3]`\n", + "markdownDescription": "Protocols specifies which HTTP protocols to enable.\nSupported values are:\n\n- `h1` (HTTP/1.1)\n- `h2` (HTTP/2)\n- `h2c` (cleartext HTTP/2)\n- `h3` (HTTP/3)\n\nIf enabling `h2` or `h2c`, `h1` must also be enabled;\nthis is due to current limitations in the Go standard\nlibrary.\n\nHTTP/2 operates only over TLS (HTTPS). HTTP/3 opens\na UDP socket to serve QUIC connections.\n\nH2C operates over plain TCP if the client supports it;\nhowever, because this is not implemented by the Go\nstandard library, other server options are not compatible\nand will not be applied to H2C requests. Do not enable this\nonly to achieve maximum client compatibility. In practice,\nvery few clients implement H2C, and even fewer require it.\nEnabling H2C can be useful for serving/proxying gRPC\nif encryption is not possible or desired.\n\nWe recommend for most users to simply let Caddy use the\ndefault settings.\n\nDefault: `[h1 h2 h3]` \n", + "type": "string" + } + }, + "read_header_timeout": { + "description": "read_header_timeout: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nReadHeaderTimeout is like ReadTimeout but for request headers.\nDefault is 1 minute.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "read_header_timeout: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nReadHeaderTimeout is like ReadTimeout but for request headers.\nDefault is 1 minute.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "read_timeout": { + "description": "read_timeout: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to allow a read from a client's upload. Setting this\nto a short, non-zero value can mitigate slowloris attacks, but\nmay also affect legitimately slow clients.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "read_timeout: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to allow a read from a client's upload. Setting this\nto a short, non-zero value can mitigate slowloris attacks, but\nmay also affect legitimately slow clients.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "routes": { + "description": "routes: array\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nRoutes describes how this server will handle requests.\nRoutes are executed sequentially. First a route's matchers\nare evaluated, then its grouping. If it matches and has\nnot been mutually-excluded by its grouping, then its\nhandlers are executed sequentially. The sequence of invoked\nhandlers comprises a compiled middleware chain that flows\nfrom each matching route and its handlers to the next.\n\nBy default, all unrouted requests receive a 200 OK response\nto indicate the server is working.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "routes: `array` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nRoutes describes how this server will handle requests.\nRoutes are executed sequentially. First a route's matchers\nare evaluated, then its grouping. If it matches and has\nnot been mutually-excluded by its grouping, then its\nhandlers are executed sequentially. The sequence of invoked\nhandlers comprises a compiled middleware chain that flows\nfrom each matching route and its handlers to the next.\n\nBy default, all unrouted requests receive a 200 OK response\nto indicate the server is working.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nRoutes describes how this server will handle requests.\nRoutes are executed sequentially. First a route's matchers\nare evaluated, then its grouping. If it matches and has\nnot been mutually-excluded by its grouping, then its\nhandlers are executed sequentially. The sequence of invoked\nhandlers comprises a compiled middleware chain that flows\nfrom each matching route and its handlers to the next.\n\nBy default, all unrouted requests receive a 200 OK response\nto indicate the server is working.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nRoutes describes how this server will handle requests.\nRoutes are executed sequentially. First a route's matchers\nare evaluated, then its grouping. If it matches and has\nnot been mutually-excluded by its grouping, then its\nhandlers are executed sequentially. The sequence of invoked\nhandlers comprises a compiled middleware chain that flows\nfrom each matching route and its handlers to the next.\n\nBy default, all unrouted requests receive a 200 OK response\nto indicate the server is working.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "properties": { + "group": { + "description": "group: string\nModule: http\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "headers", + "invoke", + "metrics", + "push", + "acme_server", + "authentication", + "encode", + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error", + "reverse_proxy", + "templates", + "copy_response" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + }, + "strict_sni_host": { + "description": "strict_sni_host: boolean\nModule: http\nIf true, will require that a request's Host header match\nthe value of the ServerName sent by the client's TLS\nClientHello; often a necessary safeguard when using TLS\nclient authentication.\n", + "markdownDescription": "strict_sni_host: `boolean` \nModule: `http` \nIf true, will require that a request's Host header match\nthe value of the ServerName sent by the client's TLS\nClientHello; often a necessary safeguard when using TLS\nclient authentication. \n", + "type": "boolean" + }, + "tls_connection_policies": { + "description": "tls_connection_policies: array\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ConnectionPolicy\nHow to handle TLS connections. At least one policy is\nrequired to enable HTTPS on this server if automatic\nHTTPS is disabled or does not apply.\n\n\nConnectionPolicy specifies the logic for handling a TLS handshake.\nAn empty policy is valid; safe and sensible defaults will be used.\n", + "markdownDescription": "tls_connection_policies: `array` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ConnectionPolicy) \nHow to handle TLS connections. At least one policy is\nrequired to enable HTTPS on this server if automatic\nHTTPS is disabled or does not apply.\n\n\nConnectionPolicy specifies the logic for handling a TLS handshake.\nAn empty policy is valid; safe and sensible defaults will be used. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ConnectionPolicy\nHow to handle TLS connections. At least one policy is\nrequired to enable HTTPS on this server if automatic\nHTTPS is disabled or does not apply.\n\n\nConnectionPolicy specifies the logic for handling a TLS handshake.\nAn empty policy is valid; safe and sensible defaults will be used.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ConnectionPolicy) \nHow to handle TLS connections. At least one policy is\nrequired to enable HTTPS on this server if automatic\nHTTPS is disabled or does not apply.\n\n\nConnectionPolicy specifies the logic for handling a TLS handshake.\nAn empty policy is valid; safe and sensible defaults will be used. \n", + "type": "object", + "properties": { + "alpn": { + "description": "alpn: array\nModule: http\nProtocols to use for Application-Layer Protocol\nNegotiation (ALPN) during the handshake.\n", + "markdownDescription": "alpn: `array` \nModule: `http` \nProtocols to use for Application-Layer Protocol\nNegotiation (ALPN) during the handshake. \n", + "type": "array", + "items": { + "description": "Protocols to use for Application-Layer Protocol\nNegotiation (ALPN) during the handshake.\n", + "markdownDescription": "Protocols to use for Application-Layer Protocol\nNegotiation (ALPN) during the handshake. \n", + "type": "string" + } + }, + "certificate_selection": { + "description": "certificate_selection: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CustomCertSelectionPolicy\nHow to choose a certificate if more than one matched\nthe given ServerName (SNI) value.\n\n\nCustomCertSelectionPolicy represents a policy for selecting the certificate\nused to complete a handshake when there may be multiple options. All fields\nspecified must match the candidate certificate for it to be chosen.\nThis was needed to solve https://github.com/caddyserver/caddy/issues/2588.\n", + "markdownDescription": "certificate_selection: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CustomCertSelectionPolicy) \nHow to choose a certificate if more than one matched\nthe given ServerName (SNI) value.\n\n\nCustomCertSelectionPolicy represents a policy for selecting the certificate\nused to complete a handshake when there may be multiple options. All fields\nspecified must match the candidate certificate for it to be chosen.\nThis was needed to solve https://github.com/caddyserver/caddy/issues/2588. \n", + "type": "object", + "properties": { + "all_tags": { + "description": "all_tags: array\nModule: http\nThe certificate must have all of the tags in the list.\n", + "markdownDescription": "all_tags: `array` \nModule: `http` \nThe certificate must have all of the tags in the list. \n", + "type": "array", + "items": { + "description": "The certificate must have all of the tags in the list.\n", + "markdownDescription": "The certificate must have all of the tags in the list. \n", + "type": "string" + } + }, + "any_tag": { + "description": "any_tag: array\nModule: http\nThe certificate must have at least one of the tags in the list.\n", + "markdownDescription": "any_tag: `array` \nModule: `http` \nThe certificate must have at least one of the tags in the list. \n", + "type": "array", + "items": { + "description": "The certificate must have at least one of the tags in the list.\n", + "markdownDescription": "The certificate must have at least one of the tags in the list. \n", + "type": "string" + } + }, + "public_key_algorithm": { + "description": "public_key_algorithm: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PublicKeyAlgorithm\nThe certificate must use this public key algorithm.\n\n\nPublicKeyAlgorithm is a JSON-unmarshalable wrapper type.\n", + "markdownDescription": "public_key_algorithm: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PublicKeyAlgorithm) \nThe certificate must use this public key algorithm.\n\n\nPublicKeyAlgorithm is a JSON-unmarshalable wrapper type. \n", + "type": "number" + }, + "serial_number": { + "description": "serial_number: array\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#bigInt\nThe certificate must have one of these serial numbers.\n\n\nbigInt is a big.Int type that interops with JSON encodings as a string.\n", + "markdownDescription": "serial_number: `array` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#bigInt) \nThe certificate must have one of these serial numbers.\n\n\nbigInt is a big.Int type that interops with JSON encodings as a string. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#bigInt\nThe certificate must have one of these serial numbers.\n\n\nbigInt is a big.Int type that interops with JSON encodings as a string.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#bigInt) \nThe certificate must have one of these serial numbers.\n\n\nbigInt is a big.Int type that interops with JSON encodings as a string. \n", + "type": "object" + } + }, + "subject_organization": { + "description": "subject_organization: array\nModule: http\nThe certificate must have one of these organization names.\n", + "markdownDescription": "subject_organization: `array` \nModule: `http` \nThe certificate must have one of these organization names. \n", + "type": "array", + "items": { + "description": "The certificate must have one of these organization names.\n", + "markdownDescription": "The certificate must have one of these organization names. \n", + "type": "string" + } + } + } + }, + "cipher_suites": { + "description": "cipher_suites: array\nModule: http\nThe list of cipher suites to support. Caddy's\ndefaults are modern and secure.\n", + "markdownDescription": "cipher_suites: `array` \nModule: `http` \nThe list of cipher suites to support. Caddy's\ndefaults are modern and secure. \n", + "type": "array", + "items": { + "description": "The list of cipher suites to support. Caddy's\ndefaults are modern and secure.\n", + "markdownDescription": "The list of cipher suites to support. Caddy's\ndefaults are modern and secure. \n", + "type": "string" + } + }, + "client_authentication": { + "description": "client_authentication: object\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ClientAuthentication\nEnables and configures TLS client authentication.\n\n\nClientAuthentication configures TLS client auth.\n", + "markdownDescription": "client_authentication: `object` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ClientAuthentication) \nEnables and configures TLS client authentication.\n\n\nClientAuthentication configures TLS client auth. \n", + "type": "object", + "properties": { + "ca": { + "description": "ca: object\nModule: tls.ca_pool.source\nCertificate authority module which provides the certificate pool of trusted certificates\n", + "markdownDescription": "ca: `object` \nModule: `tls.ca_pool.source` \nCertificate authority module which provides the certificate pool of trusted certificates \n", + "type": "object", + "required": [ + "provider" + ], + "allOf": [ + { + "if": { + "properties": { + "provider": { + "const": "file" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.file" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.http" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "inline" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.inline" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "pki_intermediate" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.pki_intermediate" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "pki_root" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.pki_root" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "storage" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.storage" + } + }, + { + "properties": { + "provider": { + "description": "key to identify ca module.\nprovider: string\nModule: tls.ca_pool.source", + "markdownDescription": "key to identify `ca` module. \nprovider: `string` \nModule: `tls.ca_pool.source`", + "type": "string", + "enum": [ + "file", + "http", + "inline", + "pki_intermediate", + "pki_root", + "storage" + ] + } + } + } + ] + }, + "mode": { + "description": "mode: string\nModule: http\nThe mode for authenticating the client. Allowed values are:\n\nMode | Description\n-----|---------------\n`request` | Ask clients for a certificate, but allow even if there isn't one; do not verify it\n`require` | Require clients to present a certificate, but do not verify it\n`verify_if_given` | Ask clients for a certificate; allow even if there isn't one, but verify it if there is\n`require_and_verify` | Require clients to present a valid certificate that is verified\n\nThe default mode is `require_and_verify` if any\nTrustedCACerts or TrustedCACertPEMFiles or TrustedLeafCerts\nare provided; otherwise, the default mode is `require`.\n", + "markdownDescription": "mode: `string` \nModule: `http` \nThe mode for authenticating the client. Allowed values are:\n\nMode | Description\n-----|---------------\n`request` | Ask clients for a certificate, but allow even if there isn't one; do not verify it\n`require` | Require clients to present a certificate, but do not verify it\n`verify_if_given` | Ask clients for a certificate; allow even if there isn't one, but verify it if there is\n`require_and_verify` | Require clients to present a valid certificate that is verified\n\nThe default mode is `require_and_verify` if any\nTrustedCACerts or TrustedCACertPEMFiles or TrustedLeafCerts\nare provided; otherwise, the default mode is `require`. \n", + "type": "string" + }, + "trusted_ca_certs": { + "description": "trusted_ca_certs: array\nModule: http\nDeprecated: Use the `ca` field with the `tls.ca_pool.source.inline` module instead.\nA list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected.\n", + "markdownDescription": "trusted_ca_certs: `array` \nModule: `http` \nDeprecated: Use the `ca` field with the `tls.ca_pool.source.inline` module instead.\nA list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected. \n", + "type": "array", + "items": { + "description": "Deprecated: Use the `ca` field with the `tls.ca_pool.source.inline` module instead.\nA list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected.\n", + "markdownDescription": "Deprecated: Use the `ca` field with the `tls.ca_pool.source.inline` module instead.\nA list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected. \n", + "type": "string" + } + }, + "trusted_ca_certs_pem_files": { + "description": "trusted_ca_certs_pem_files: array\nModule: http\nDeprecated: Use the `ca` field with the `tls.ca_pool.source.file` module instead.\nTrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected.\n", + "markdownDescription": "trusted_ca_certs_pem_files: `array` \nModule: `http` \nDeprecated: Use the `ca` field with the `tls.ca_pool.source.file` module instead.\nTrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected. \n", + "type": "array", + "items": { + "description": "Deprecated: Use the `ca` field with the `tls.ca_pool.source.file` module instead.\nTrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected.\n", + "markdownDescription": "Deprecated: Use the `ca` field with the `tls.ca_pool.source.file` module instead.\nTrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected. \n", + "type": "string" + } + }, + "trusted_leaf_certs": { + "description": "trusted_leaf_certs: array\nModule: http\nDeprecated: This field is deprecated and will be removed in\na future version. Please use the `validators` field instead\nwith the tls.client_auth.verifier.leaf module instead.\n\nA list of base64 DER-encoded client leaf certs\nto accept. If this list is not empty, client certs\nwhich are not in this list will be rejected.\n", + "markdownDescription": "trusted_leaf_certs: `array` \nModule: `http` \nDeprecated: This field is deprecated and will be removed in\na future version. Please use the `validators` field instead\nwith the tls.client_auth.verifier.leaf module instead.\n\nA list of base64 DER-encoded client leaf certs\nto accept. If this list is not empty, client certs\nwhich are not in this list will be rejected. \n", + "type": "array", + "items": { + "description": "Deprecated: This field is deprecated and will be removed in\na future version. Please use the `validators` field instead\nwith the tls.client_auth.verifier.leaf module instead.\n\nA list of base64 DER-encoded client leaf certs\nto accept. If this list is not empty, client certs\nwhich are not in this list will be rejected.\n", + "markdownDescription": "Deprecated: This field is deprecated and will be removed in\na future version. Please use the `validators` field instead\nwith the tls.client_auth.verifier.leaf module instead.\n\nA list of base64 DER-encoded client leaf certs\nto accept. If this list is not empty, client certs\nwhich are not in this list will be rejected. \n", + "type": "string" + } + }, + "verifiers": { + "description": "verifiers: array\nModule: tls.client_auth.verifier\nClient certificate verification modules. These can perform\ncustom client authentication checks, such as ensuring the\ncertificate is not revoked.\n", + "markdownDescription": "verifiers: `array` \nModule: `tls.client_auth.verifier` \nClient certificate verification modules. These can perform\ncustom client authentication checks, such as ensuring the\ncertificate is not revoked. \n", + "type": "array", + "items": { + "description": "Client certificate verification modules. These can perform\ncustom client authentication checks, such as ensuring the\ncertificate is not revoked.\n", + "markdownDescription": "Client certificate verification modules. These can perform\ncustom client authentication checks, such as ensuring the\ncertificate is not revoked. \n", + "required": [ + "verifier" + ], + "allOf": [ + { + "if": { + "properties": { + "verifier": { + "const": "leaf" + } + } + }, + "then": { + "$ref": "#/definitions/tls.client_auth.verifier.leaf" + } + }, + { + "properties": { + "verifier": { + "description": "key to identify verifiers module.\nverifier: string\nModule: tls.client_auth.verifier", + "markdownDescription": "key to identify `verifiers` module. \nverifier: `string` \nModule: `tls.client_auth.verifier`", + "type": "string", + "enum": [ + "leaf" + ] + } + } + } + ] + } + } + } + }, + "curves": { + "description": "curves: array\nModule: http\nThe list of elliptic curves to support. Caddy's\ndefaults are modern and secure.\n", + "markdownDescription": "curves: `array` \nModule: `http` \nThe list of elliptic curves to support. Caddy's\ndefaults are modern and secure. \n", + "type": "array", + "items": { + "description": "The list of elliptic curves to support. Caddy's\ndefaults are modern and secure.\n", + "markdownDescription": "The list of elliptic curves to support. Caddy's\ndefaults are modern and secure. \n", + "type": "string" + } + }, + "default_sni": { + "description": "default_sni: string\nModule: http\nDefaultSNI becomes the ServerName in a ClientHello if there\nis no policy configured for the empty SNI value.\n", + "markdownDescription": "default_sni: `string` \nModule: `http` \nDefaultSNI becomes the ServerName in a ClientHello if there\nis no policy configured for the empty SNI value. \n", + "type": "string" + }, + "drop": { + "description": "drop: boolean\nModule: http\nReject TLS connections. EXPERIMENTAL: May change.\n", + "markdownDescription": "drop: `boolean` \nModule: `http` \nReject TLS connections. EXPERIMENTAL: May change. \n", + "type": "boolean" + }, + "fallback_sni": { + "description": "fallback_sni: string\nModule: http\nFallbackSNI becomes the ServerName in a ClientHello if\nthe original ServerName doesn't match any certificates\nin the cache. The use cases for this are very niche;\ntypically if a client is a CDN and passes through the\nServerName of the downstream handshake but can accept\na certificate with the origin's hostname instead, then\nyou would set this to your origin's hostname. Note that\nCaddy must be managing a certificate for this name.\n\nThis feature is EXPERIMENTAL and subject to change or removal.\n", + "markdownDescription": "fallback_sni: `string` \nModule: `http` \nFallbackSNI becomes the ServerName in a ClientHello if\nthe original ServerName doesn't match any certificates\nin the cache. The use cases for this are very niche;\ntypically if a client is a CDN and passes through the\nServerName of the downstream handshake but can accept\na certificate with the origin's hostname instead, then\nyou would set this to your origin's hostname. Note that\nCaddy must be managing a certificate for this name.\n\nThis feature is EXPERIMENTAL and subject to change or removal. \n", + "type": "string" + }, + "handshake_context": { + "description": "handshake_context: any\nModule: tls.context\nA module that can manipulate the context passed into CertMagic's\ncertificate management functions during TLS handshakes.\nEXPERIMENTAL - subject to change or removal.\n", + "markdownDescription": "handshake_context: `any` \nModule: `tls.context` \nA module that can manipulate the context passed into CertMagic's\ncertificate management functions during TLS handshakes.\nEXPERIMENTAL - subject to change or removal. \n" + }, + "insecure_secrets_log": { + "description": "insecure_secrets_log: string\nModule: http\nAlso known as \"SSLKEYLOGFILE\", TLS secrets will be written to\nthis file in NSS key log format which can then be parsed by\nWireshark and other tools. This is INSECURE as it allows other\nprograms or tools to decrypt TLS connections. However, this\ncapability can be useful for debugging and troubleshooting.\n**ENABLING THIS LOG COMPROMISES SECURITY!**\n\nThis feature is EXPERIMENTAL and subject to change or removal.\n", + "markdownDescription": "insecure_secrets_log: `string` \nModule: `http` \nAlso known as \"SSLKEYLOGFILE\", TLS secrets will be written to\nthis file in NSS key log format which can then be parsed by\nWireshark and other tools. This is INSECURE as it allows other\nprograms or tools to decrypt TLS connections. However, this\ncapability can be useful for debugging and troubleshooting.\n**ENABLING THIS LOG COMPROMISES SECURITY!**\n\nThis feature is EXPERIMENTAL and subject to change or removal. \n", + "type": "string" + }, + "match": { + "description": "match: object\nModule: tls.handshake_match\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nHow to match this policy with a TLS ClientHello. If\nthis policy is the first to match, it will be used.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `object` \nModule: `tls.handshake_match` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nHow to match this policy with a TLS ClientHello. If\nthis policy is the first to match, it will be used.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "object", + "properties": { + "local_ip": { + "$ref": "#/definitions/tls.handshake_match.local_ip" + }, + "remote_ip": { + "$ref": "#/definitions/tls.handshake_match.remote_ip" + }, + "sni": { + "$ref": "#/definitions/tls.handshake_match.sni" + }, + "sni_regexp": { + "$ref": "#/definitions/tls.handshake_match.sni_regexp" + } + } + }, + "protocol_max": { + "description": "protocol_max: string\nModule: http\nMaximum TLS protocol version to allow. Default: `tls1.3`\n", + "markdownDescription": "protocol_max: `string` \nModule: `http` \nMaximum TLS protocol version to allow. Default: `tls1.3` \n", + "type": "string" + }, + "protocol_min": { + "description": "protocol_min: string\nModule: http\nMinimum TLS protocol version to allow. Default: `tls1.2`\n", + "markdownDescription": "protocol_min: `string` \nModule: `http` \nMinimum TLS protocol version to allow. Default: `tls1.2` \n", + "type": "string" + } + } + } + }, + "trusted_proxies": { + "description": "trusted_proxies: object\nModule: http.ip_sources\nA module which provides a source of IP ranges, from which\nrequests should be trusted. By default, no proxies are\ntrusted.\n\nOn its own, this configuration will not do anything,\nbut it can be used as a default set of ranges for\nhandlers or matchers in routes to pick up, instead\nof needing to configure each of them. See the\n`reverse_proxy` handler for example, which uses this\nto trust sensitive incoming `X-Forwarded-*` headers.\n", + "markdownDescription": "trusted_proxies: `object` \nModule: `http.ip_sources` \nA module which provides a source of IP ranges, from which\nrequests should be trusted. By default, no proxies are\ntrusted.\n\nOn its own, this configuration will not do anything,\nbut it can be used as a default set of ranges for\nhandlers or matchers in routes to pick up, instead\nof needing to configure each of them. See the\n`reverse_proxy` handler for example, which uses this\nto trust sensitive incoming `X-Forwarded-*` headers. \n", + "type": "object", + "required": [ + "source" + ], + "allOf": [ + { + "if": { + "properties": { + "source": { + "const": "static" + } + } + }, + "then": { + "$ref": "#/definitions/http.ip_sources.static" + } + }, + { + "properties": { + "source": { + "description": "key to identify trusted_proxies module.\nsource: string\nModule: http.ip_sources", + "markdownDescription": "key to identify `trusted_proxies` module. \nsource: `string` \nModule: `http.ip_sources`", + "type": "string", + "enum": [ + "static" + ] + } + } + } + ] + }, + "trusted_proxies_strict": { + "description": "trusted_proxies_strict: number\nModule: http\nIf greater than zero, enables strict ClientIPHeaders\n(default X-Forwarded-For) parsing. If enabled, the\nClientIPHeaders will be parsed from right to left, and\nthe first value that is both valid and doesn't match the\ntrusted proxy list will be used as client IP. If zero,\nthe ClientIPHeaders will be parsed from left to right,\nand the first value that is a valid IP address will be\nused as client IP.\n\nThis depends on `trusted_proxies` being configured.\nThis option is disabled by default.\n", + "markdownDescription": "trusted_proxies_strict: `number` \nModule: `http` \nIf greater than zero, enables strict ClientIPHeaders\n(default X-Forwarded-For) parsing. If enabled, the\nClientIPHeaders will be parsed from right to left, and\nthe first value that is both valid and doesn't match the\ntrusted proxy list will be used as client IP. If zero,\nthe ClientIPHeaders will be parsed from left to right,\nand the first value that is a valid IP address will be\nused as client IP.\n\nThis depends on `trusted_proxies` being configured.\nThis option is disabled by default. \n", + "type": "number" + }, + "write_timeout": { + "description": "write_timeout: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nWriteTimeout is how long to allow a write to a client. Note\nthat setting this to a small value when serving large files\nmay negatively affect legitimately slow clients.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "write_timeout: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nWriteTimeout is how long to allow a write to a client. Note\nthat setting this to a small value when serving large files\nmay negatively affect legitimately slow clients.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + } + }, + "shutdown_delay": { + "description": "shutdown_delay: number\nModule: http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nShutdownDelay is how long to wait before initiating the grace\nperiod. When this app is stopping (e.g. during a config reload or\nprocess exit), all servers will be shut down. Normally this immediately\ninitiates the grace period. However, if this delay is configured, servers\nwill not be shut down until the delay is over. During this time, servers\ncontinue to function normally and allow new connections. At the end, the\ngrace period will begin. This can be useful to allow downstream load\nbalancers time to move this instance out of the rotation without hiccups.\n\nWhen shutdown has been scheduled, placeholders {http.shutting_down} (bool)\nand {http.time_until_shutdown} (duration) may be useful for health checks.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "shutdown_delay: `number` \nModule: `http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nShutdownDelay is how long to wait before initiating the grace\nperiod. When this app is stopping (e.g. during a config reload or\nprocess exit), all servers will be shut down. Normally this immediately\ninitiates the grace period. However, if this delay is configured, servers\nwill not be shut down until the delay is over. During this time, servers\ncontinue to function normally and allow new connections. At the end, the\ngrace period will begin. This can be useful to allow downstream load\nbalancers time to move this instance out of the rotation without hiccups.\n\nWhen shutdown has been scheduled, placeholders {http.shutting_down} (bool)\nand {http.time_until_shutdown} (duration) may be useful for health checks.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + }, + "http.authentication.hashes.bcrypt": { + "description": "bcrypt: object\nModule: http.authentication.hashes.bcrypt\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#BcryptHash", + "markdownDescription": "bcrypt: `object` \nModule: `http.authentication.hashes.bcrypt` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#BcryptHash)", + "type": "object" + }, + "http.authentication.providers.http_basic": { + "description": "http_basic: object\nModule: http.authentication.providers.http_basic\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth", + "markdownDescription": "http_basic: `object` \nModule: `http.authentication.providers.http_basic` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth)", + "type": "object", + "properties": { + "accounts": { + "description": "accounts: array\nModule: http.authentication.providers.http_basic\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth", + "markdownDescription": "accounts: `array` \nModule: `http.authentication.providers.http_basic` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth)", + "type": "array", + "items": { + "type": "object", + "properties": { + "password": { + "description": "password: string\nModule: http.authentication.providers.http_basic\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth", + "markdownDescription": "password: `string` \nModule: `http.authentication.providers.http_basic` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth)", + "type": "string" + }, + "username": { + "description": "username: string\nModule: http.authentication.providers.http_basic\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth", + "markdownDescription": "username: `string` \nModule: `http.authentication.providers.http_basic` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth)", + "type": "string" + } + } + } + }, + "hash": { + "description": "hash: object\nModule: http.authentication.hashes", + "markdownDescription": "hash: `object` \nModule: `http.authentication.hashes`", + "type": "object", + "required": [ + "algorithm" + ], + "allOf": [ + { + "if": { + "properties": { + "algorithm": { + "const": "bcrypt" + } + } + }, + "then": { + "$ref": "#/definitions/http.authentication.hashes.bcrypt" + } + }, + { + "properties": { + "algorithm": { + "description": "key to identify hash module.\nalgorithm: string\nModule: http.authentication.hashes", + "markdownDescription": "key to identify `hash` module. \nalgorithm: `string` \nModule: `http.authentication.hashes`", + "type": "string", + "enum": [ + "bcrypt" + ] + } + } + } + ] + }, + "hash_cache": { + "description": "hash_cache: object\nModule: http.authentication.providers.http_basic\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth", + "markdownDescription": "hash_cache: `object` \nModule: `http.authentication.providers.http_basic` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth)", + "type": "object" + }, + "realm": { + "description": "realm: string\nModule: http.authentication.providers.http_basic\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth", + "markdownDescription": "realm: `string` \nModule: `http.authentication.providers.http_basic` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#HTTPBasicAuth)", + "type": "string" + } + } + }, + "http.encoders.gzip": { + "description": "gzip: object\nModule: http.encoders.gzip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#Gzip", + "markdownDescription": "gzip: `object` \nModule: `http.encoders.gzip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#Gzip)", + "type": "object", + "properties": { + "level": { + "description": "level: number\nModule: http.encoders.gzip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#Gzip", + "markdownDescription": "level: `number` \nModule: `http.encoders.gzip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#Gzip)", + "type": "number" + } + } + }, + "http.encoders.zstd": { + "description": "zstd: object\nModule: http.encoders.zstd\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#Zstd", + "markdownDescription": "zstd: `object` \nModule: `http.encoders.zstd` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#Zstd)", + "type": "object", + "properties": { + "level": { + "description": "level: string\nModule: http.encoders.zstd\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#Zstd", + "markdownDescription": "level: `string` \nModule: `http.encoders.zstd` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#Zstd)", + "type": "string" + } + } + }, + "http.handlers.acme_server": { + "description": "acme_server: object\nModule: http.handlers.acme_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#Handler\nHandler is an ACME server handler.\n\n", + "markdownDescription": "acme_server: `object` \nModule: `http.handlers.acme_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#Handler) \nHandler is an ACME server handler.\n \n", + "type": "object", + "properties": { + "ca": { + "description": "ca: string\nModule: http.handlers.acme_server\nThe ID of the CA to use for signing. This refers to\nthe ID given to the CA in the `pki` app. If omitted,\nthe default ID is \"local\".\n", + "markdownDescription": "ca: `string` \nModule: `http.handlers.acme_server` \nThe ID of the CA to use for signing. This refers to\nthe ID given to the CA in the `pki` app. If omitted,\nthe default ID is \"local\". \n", + "type": "string" + }, + "challenges": { + "description": "challenges: array\nModule: http.handlers.acme_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#ACMEChallenge\nSpecify the set of enabled ACME challenges. An empty or absent value\nmeans all challenges are enabled. Accepted values are:\n\"http-01\", \"dns-01\", \"tls-alpn-01\"\n\n\nACMEChallenge is an opaque string that represents supported ACME challenges.\n", + "markdownDescription": "challenges: `array` \nModule: `http.handlers.acme_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#ACMEChallenge) \nSpecify the set of enabled ACME challenges. An empty or absent value\nmeans all challenges are enabled. Accepted values are:\n\"http-01\", \"dns-01\", \"tls-alpn-01\"\n\n\nACMEChallenge is an opaque string that represents supported ACME challenges. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#ACMEChallenge\nSpecify the set of enabled ACME challenges. An empty or absent value\nmeans all challenges are enabled. Accepted values are:\n\"http-01\", \"dns-01\", \"tls-alpn-01\"\n\n\nACMEChallenge is an opaque string that represents supported ACME challenges.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#ACMEChallenge) \nSpecify the set of enabled ACME challenges. An empty or absent value\nmeans all challenges are enabled. Accepted values are:\n\"http-01\", \"dns-01\", \"tls-alpn-01\"\n\n\nACMEChallenge is an opaque string that represents supported ACME challenges. \n", + "type": "string" + } + }, + "host": { + "description": "host: string\nModule: http.handlers.acme_server\nThe hostname or IP address by which ACME clients\nwill access the server. This is used to populate\nthe ACME directory endpoint. If not set, the Host\nheader of the request will be used.\nCOMPATIBILITY NOTE / TODO: This property may go away in the\nfuture. Do not rely on this property long-term; check release notes.\n", + "markdownDescription": "host: `string` \nModule: `http.handlers.acme_server` \nThe hostname or IP address by which ACME clients\nwill access the server. This is used to populate\nthe ACME directory endpoint. If not set, the Host\nheader of the request will be used.\nCOMPATIBILITY NOTE / TODO: This property may go away in the\nfuture. Do not rely on this property long-term; check release notes. \n", + "type": "string" + }, + "lifetime": { + "description": "lifetime: number\nModule: http.handlers.acme_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe lifetime for issued certificates\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "lifetime: `number` \nModule: `http.handlers.acme_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe lifetime for issued certificates\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "path_prefix": { + "description": "path_prefix: string\nModule: http.handlers.acme_server\nThe path prefix under which to serve all ACME\nendpoints. All other requests will not be served\nby this handler and will be passed through to\nthe next one. Default: \"/acme/\".\nCOMPATIBILITY NOTE / TODO: This property may go away in the\nfuture, as it is currently only required due to\nlimitations in the underlying library. Do not rely\non this property long-term; check release notes.\n", + "markdownDescription": "path_prefix: `string` \nModule: `http.handlers.acme_server` \nThe path prefix under which to serve all ACME\nendpoints. All other requests will not be served\nby this handler and will be passed through to\nthe next one. Default: \"/acme/\".\nCOMPATIBILITY NOTE / TODO: This property may go away in the\nfuture, as it is currently only required due to\nlimitations in the underlying library. Do not rely\non this property long-term; check release notes. \n", + "type": "string" + }, + "policy": { + "description": "policy: object\nModule: http.handlers.acme_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#Policy\nThe policy to use for issuing certificates\n\n\nPolicy defines the criteria for the ACME server\nof when to issue a certificate. Refer to the\n[Certificate Issuance Policy](https://smallstep.com/docs/step-ca/policies/)\non Smallstep website for the evaluation criteria.\n", + "markdownDescription": "policy: `object` \nModule: `http.handlers.acme_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#Policy) \nThe policy to use for issuing certificates\n\n\nPolicy defines the criteria for the ACME server\nof when to issue a certificate. Refer to the\n[Certificate Issuance Policy](https://smallstep.com/docs/step-ca/policies/)\non Smallstep website for the evaluation criteria. \n", + "type": "object", + "properties": { + "allow": { + "description": "allow: object\nModule: http.handlers.acme_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#RuleSet\nIf a rule set is configured to allow a certain type of name,\nall other types of names are automatically denied.\n\n\nRuleSet is the specific set of SAN criteria for a certificate\nto be issued or denied.\n", + "markdownDescription": "allow: `object` \nModule: `http.handlers.acme_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#RuleSet) \nIf a rule set is configured to allow a certain type of name,\nall other types of names are automatically denied.\n\n\nRuleSet is the specific set of SAN criteria for a certificate\nto be issued or denied. \n", + "type": "object", + "properties": { + "domains": { + "description": "domains: array\nModule: http.handlers.acme_server\nDomains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain.\n", + "markdownDescription": "domains: `array` \nModule: `http.handlers.acme_server` \nDomains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain. \n", + "type": "array", + "items": { + "description": "Domains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain.\n", + "markdownDescription": "Domains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain. \n", + "type": "string" + } + }, + "ip_ranges": { + "description": "ip_ranges: array\nModule: http.handlers.acme_server\nIP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly.\n", + "markdownDescription": "ip_ranges: `array` \nModule: `http.handlers.acme_server` \nIP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly. \n", + "type": "array", + "items": { + "description": "IP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly.\n", + "markdownDescription": "IP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly. \n", + "type": "string" + } + } + } + }, + "allow_wildcard_names": { + "description": "allow_wildcard_names: boolean\nModule: http.handlers.acme_server\nIf set to true, the ACME server will allow issuing wildcard certificates.\n", + "markdownDescription": "allow_wildcard_names: `boolean` \nModule: `http.handlers.acme_server` \nIf set to true, the ACME server will allow issuing wildcard certificates. \n", + "type": "boolean" + }, + "deny": { + "description": "deny: object\nModule: http.handlers.acme_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#RuleSet\nIf a rule set is configured to deny a certain type of name,\nall other types of names are still allowed.\n\n\nRuleSet is the specific set of SAN criteria for a certificate\nto be issued or denied.\n", + "markdownDescription": "deny: `object` \nModule: `http.handlers.acme_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver#RuleSet) \nIf a rule set is configured to deny a certain type of name,\nall other types of names are still allowed.\n\n\nRuleSet is the specific set of SAN criteria for a certificate\nto be issued or denied. \n", + "type": "object", + "properties": { + "domains": { + "description": "domains: array\nModule: http.handlers.acme_server\nDomains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain.\n", + "markdownDescription": "domains: `array` \nModule: `http.handlers.acme_server` \nDomains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain. \n", + "type": "array", + "items": { + "description": "Domains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain.\n", + "markdownDescription": "Domains is a list of DNS domains that are allowed to be issued.\nIt can be in the form of FQDN for specific domain name, or\na wildcard domain name format, e.g. *.example.com, to allow\nsub-domains of a domain. \n", + "type": "string" + } + }, + "ip_ranges": { + "description": "ip_ranges: array\nModule: http.handlers.acme_server\nIP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly.\n", + "markdownDescription": "ip_ranges: `array` \nModule: `http.handlers.acme_server` \nIP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly. \n", + "type": "array", + "items": { + "description": "IP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly.\n", + "markdownDescription": "IP ranges in the form of CIDR notation or specific IP addresses\nto be approved or denied for certificates. Non-CIDR IP addresses\nare matched exactly. \n", + "type": "string" + } + } + } + } + } + }, + "resolvers": { + "description": "resolvers: array\nModule: http.handlers.acme_server\nThe addresses of DNS resolvers to use when looking up\nthe TXT records for solving DNS challenges.\nIt accepts [network addresses](/docs/conventions#network-addresses)\nwith port range of only 1. If the host is an IP address,\nit will be dialed directly to resolve the upstream server.\nIf the host is not an IP address, the addresses are resolved\nusing the [name resolution convention](https://golang.org/pkg/net/#hdr-Name_Resolution)\nof the Go standard library. If the array contains more\nthan 1 resolver address, one is chosen at random.\n", + "markdownDescription": "resolvers: `array` \nModule: `http.handlers.acme_server` \nThe addresses of DNS resolvers to use when looking up\nthe TXT records for solving DNS challenges.\nIt accepts [network addresses](/docs/conventions#network-addresses)\nwith port range of only 1. If the host is an IP address,\nit will be dialed directly to resolve the upstream server.\nIf the host is not an IP address, the addresses are resolved\nusing the [name resolution convention](https://golang.org/pkg/net/#hdr-Name_Resolution)\nof the Go standard library. If the array contains more\nthan 1 resolver address, one is chosen at random. \n", + "type": "array", + "items": { + "description": "The addresses of DNS resolvers to use when looking up\nthe TXT records for solving DNS challenges.\nIt accepts [network addresses](/docs/conventions#network-addresses)\nwith port range of only 1. If the host is an IP address,\nit will be dialed directly to resolve the upstream server.\nIf the host is not an IP address, the addresses are resolved\nusing the [name resolution convention](https://golang.org/pkg/net/#hdr-Name_Resolution)\nof the Go standard library. If the array contains more\nthan 1 resolver address, one is chosen at random.\n", + "markdownDescription": "The addresses of DNS resolvers to use when looking up\nthe TXT records for solving DNS challenges.\nIt accepts [network addresses](/docs/conventions#network-addresses)\nwith port range of only 1. If the host is an IP address,\nit will be dialed directly to resolve the upstream server.\nIf the host is not an IP address, the addresses are resolved\nusing the [name resolution convention](https://golang.org/pkg/net/#hdr-Name_Resolution)\nof the Go standard library. If the array contains more\nthan 1 resolver address, one is chosen at random. \n", + "type": "string" + } + }, + "sign_with_root": { + "description": "sign_with_root: boolean\nModule: http.handlers.acme_server\nIf true, the CA's root will be the issuer instead of\nthe intermediate. This is NOT recommended and should\nonly be used when devices/clients do not properly\nvalidate certificate chains. EXPERIMENTAL: Might be\nchanged or removed in the future.\n", + "markdownDescription": "sign_with_root: `boolean` \nModule: `http.handlers.acme_server` \nIf true, the CA's root will be the issuer instead of\nthe intermediate. This is NOT recommended and should\nonly be used when devices/clients do not properly\nvalidate certificate chains. EXPERIMENTAL: Might be\nchanged or removed in the future. \n", + "type": "boolean" + } + } + }, + "http.handlers.authentication": { + "description": "authentication: object\nModule: http.handlers.authentication\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#Authentication\nAuthentication is a middleware which provides user authentication.\nRejects requests with HTTP 401 if the request is not authenticated.\n\nAfter a successful authentication, the placeholder\n`{http.auth.user.id}` will be set to the username, and also\n`{http.auth.user.*}` placeholders may be set for any authentication\nmodules that provide user metadata.\n\nIts API is still experimental and may be subject to change.\n\n", + "markdownDescription": "authentication: `object` \nModule: `http.handlers.authentication` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth#Authentication) \nAuthentication is a middleware which provides user authentication.\nRejects requests with HTTP 401 if the request is not authenticated.\n\nAfter a successful authentication, the placeholder\n`{http.auth.user.id}` will be set to the username, and also\n`{http.auth.user.*}` placeholders may be set for any authentication\nmodules that provide user metadata.\n\nIts API is still experimental and may be subject to change.\n \n", + "type": "object", + "properties": { + "providers": { + "description": "providers: object\nModule: http.authentication.providers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nA set of authentication providers. If none are specified,\nall requests will always be unauthenticated.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "providers: `object` \nModule: `http.authentication.providers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nA set of authentication providers. If none are specified,\nall requests will always be unauthenticated.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "object", + "properties": { + "http_basic": { + "$ref": "#/definitions/http.authentication.providers.http_basic" + } + } + } + } + }, + "http.handlers.copy_response": { + "description": "copy_response: object\nModule: http.handlers.copy_response\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CopyResponseHandler\nCopyResponseHandler is a special HTTP handler which may\nonly be used within reverse_proxy's handle_response routes,\nto copy the proxy response. EXPERIMENTAL, subject to change.\n\n", + "markdownDescription": "copy_response: `object` \nModule: `http.handlers.copy_response` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CopyResponseHandler) \nCopyResponseHandler is a special HTTP handler which may\nonly be used within reverse_proxy's handle_response routes,\nto copy the proxy response. EXPERIMENTAL, subject to change.\n \n", + "type": "object", + "properties": { + "status_code": { + "description": "status_code: string\nModule: http.handlers.copy_response\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString\nTo write the upstream response's body but with a different\nstatus code, set this field to the desired status code.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned.\n", + "markdownDescription": "status_code: `string` \nModule: `http.handlers.copy_response` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString) \nTo write the upstream response's body but with a different\nstatus code, set this field to the desired status code.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned. \n", + "type": "string" + } + } + }, + "http.handlers.copy_response_headers": { + "description": "copy_response_headers: object\nModule: http.handlers.copy_response_headers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CopyResponseHeadersHandler\nCopyResponseHeadersHandler is a special HTTP handler which may\nonly be used within reverse_proxy's handle_response routes,\nto copy headers from the proxy response. EXPERIMENTAL;\nsubject to change.\n\n", + "markdownDescription": "copy_response_headers: `object` \nModule: `http.handlers.copy_response_headers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CopyResponseHeadersHandler) \nCopyResponseHeadersHandler is a special HTTP handler which may\nonly be used within reverse_proxy's handle_response routes,\nto copy headers from the proxy response. EXPERIMENTAL;\nsubject to change.\n \n", + "type": "object", + "properties": { + "exclude": { + "description": "exclude: array\nModule: http.handlers.copy_response_headers\nA list of header fields to skip copying from the response.\nCannot be defined at the same time as Include.\n", + "markdownDescription": "exclude: `array` \nModule: `http.handlers.copy_response_headers` \nA list of header fields to skip copying from the response.\nCannot be defined at the same time as Include. \n", + "type": "array", + "items": { + "description": "A list of header fields to skip copying from the response.\nCannot be defined at the same time as Include.\n", + "markdownDescription": "A list of header fields to skip copying from the response.\nCannot be defined at the same time as Include. \n", + "type": "string" + } + }, + "include": { + "description": "include: array\nModule: http.handlers.copy_response_headers\nA list of header fields to copy from the response.\nCannot be defined at the same time as Exclude.\n", + "markdownDescription": "include: `array` \nModule: `http.handlers.copy_response_headers` \nA list of header fields to copy from the response.\nCannot be defined at the same time as Exclude. \n", + "type": "array", + "items": { + "description": "A list of header fields to copy from the response.\nCannot be defined at the same time as Exclude.\n", + "markdownDescription": "A list of header fields to copy from the response.\nCannot be defined at the same time as Exclude. \n", + "type": "string" + } + } + } + }, + "http.handlers.encode": { + "description": "encode: object\nModule: http.handlers.encode\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode#Encode\nEncode is a middleware which can encode responses.\n\n", + "markdownDescription": "encode: `object` \nModule: `http.handlers.encode` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode#Encode) \nEncode is a middleware which can encode responses.\n \n", + "type": "object", + "properties": { + "encodings": { + "description": "encodings: object\nModule: http.encoders\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nSelection of compression algorithms to choose from. The best one\nwill be chosen based on the client's Accept-Encoding header.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "encodings: `object` \nModule: `http.encoders` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nSelection of compression algorithms to choose from. The best one\nwill be chosen based on the client's Accept-Encoding header.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "object", + "properties": { + "gzip": { + "$ref": "#/definitions/http.encoders.gzip" + }, + "zstd": { + "$ref": "#/definitions/http.encoders.zstd" + } + } + }, + "match": { + "description": "match: object\nModule: http.handlers.encode\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher\nOnly encode responses that match against this ResponseMmatcher.\nThe default is a collection of text-based Content-Type headers.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria.\n", + "markdownDescription": "match: `object` \nModule: `http.handlers.encode` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher) \nOnly encode responses that match against this ResponseMmatcher.\nThe default is a collection of text-based Content-Type headers.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria. \n", + "type": "object", + "properties": { + "headers": { + "description": "headers: object\nModule: http.handlers.encode\nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.encode` \nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "object", + "additionalProperties": { + "description": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "status_code": { + "description": "status_code: array\nModule: http.handlers.encode\nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "status_code: `array` \nModule: `http.handlers.encode` \nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "array", + "items": { + "description": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "number" + } + } + } + }, + "minimum_length": { + "description": "minimum_length: number\nModule: http.handlers.encode\nOnly encode responses that are at least this many bytes long.\n", + "markdownDescription": "minimum_length: `number` \nModule: `http.handlers.encode` \nOnly encode responses that are at least this many bytes long. \n", + "type": "number" + }, + "prefer": { + "description": "prefer: array\nModule: http.handlers.encode\nIf the client has no strong preference, choose these encodings in order.\n", + "markdownDescription": "prefer: `array` \nModule: `http.handlers.encode` \nIf the client has no strong preference, choose these encodings in order. \n", + "type": "array", + "items": { + "description": "If the client has no strong preference, choose these encodings in order.\n", + "markdownDescription": "If the client has no strong preference, choose these encodings in order. \n", + "type": "string" + } + } + } + }, + "http.handlers.error": { + "description": "error: object\nModule: http.handlers.error\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StaticError\nStaticError implements a simple handler that returns an error.\nThis handler returns an error value, but does not write a response.\nThis is useful when you want the server to act as if an error\noccurred; for example, to invoke your custom error handling logic.\n\nSince this handler does not write a response, the error information\nis for use by the server to know how to handle the error.\n\n", + "markdownDescription": "error: `object` \nModule: `http.handlers.error` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StaticError) \nStaticError implements a simple handler that returns an error.\nThis handler returns an error value, but does not write a response.\nThis is useful when you want the server to act as if an error\noccurred; for example, to invoke your custom error handling logic.\n\nSince this handler does not write a response, the error information\nis for use by the server to know how to handle the error.\n \n", + "type": "object", + "properties": { + "error": { + "description": "error: string\nModule: http.handlers.error\nThe error message. Optional. Default is no error message.\n", + "markdownDescription": "error: `string` \nModule: `http.handlers.error` \nThe error message. Optional. Default is no error message. \n", + "type": "string" + }, + "status_code": { + "description": "status_code: string\nModule: http.handlers.error\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString\nThe recommended HTTP status code. Can be either an integer or a\nstring if placeholders are needed. Optional. Default is 500.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned.\n", + "markdownDescription": "status_code: `string` \nModule: `http.handlers.error` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString) \nThe recommended HTTP status code. Can be either an integer or a\nstring if placeholders are needed. Optional. Default is 500.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned. \n", + "type": "string" + } + } + }, + "http.handlers.file_server": { + "description": "file_server: object\nModule: http.handlers.file_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver#FileServer\nFileServer implements a handler that serves static files.\n\nThe path of the file to serve is constructed by joining the site root\nand the sanitized request path. Any and all files within the root and\nlinks with targets outside the site root may therefore be accessed.\nFor example, with a site root of `/www`, requests to `/foo/bar.txt`\nwill serve the file at `/www/foo/bar.txt`.\n\nThe request path is sanitized using the Go standard library's\npath.Clean() function (https://pkg.go.dev/path#Clean) before being\njoined to the root. Request paths must be valid and well-formed.\n\nFor requests that access directories instead of regular files,\nCaddy will attempt to serve an index file if present. For example,\na request to `/dir/` will attempt to serve `/dir/index.html` if\nit exists. The index file names to try are configurable. If a\nrequested directory does not have an index file, Caddy writes a\n404 response. Alternatively, file browsing can be enabled with\nthe \"browse\" parameter which shows a list of files when directories\nare requested if no index file is present. If \"browse\" is enabled,\nCaddy may serve a JSON array of the directory listing when the `Accept`\nheader mentions `application/json` with the following structure:\n\n\t[{\n\t\t\"name\": \"\",\n\t\t\"size\": 0,\n\t\t\"url\": \"\",\n\t\t\"mod_time\": \"\",\n\t\t\"mode\": 0,\n\t\t\"is_dir\": false,\n\t\t\"is_symlink\": false\n\t}]\n\nwith the `url` being relative to the request path and `mod_time` in the RFC 3339 format\nwith sub-second precision. For any other value for the `Accept` header, the\nrespective browse template is executed with `Content-Type: text/html`.\n\nBy default, this handler will canonicalize URIs so that requests to\ndirectories end with a slash, but requests to regular files do not.\nThis is enforced with HTTP redirects automatically and can be disabled.\nCanonicalization redirects are not issued, however, if a URI rewrite\nmodified the last component of the path (the filename).\n\nThis handler sets the Etag and Last-Modified headers for static files.\nIt does not perform MIME sniffing to determine Content-Type based on\ncontents, but does use the extension (if known); see the Go docs for\ndetails: https://pkg.go.dev/mime#TypeByExtension\n\nThe file server properly handles requests with If-Match,\nIf-Unmodified-Since, If-Modified-Since, If-None-Match, Range, and\nIf-Range headers. It includes the file's modification time in the\nLast-Modified header of the response.\n\n", + "markdownDescription": "file_server: `object` \nModule: `http.handlers.file_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver#FileServer) \nFileServer implements a handler that serves static files.\n\nThe path of the file to serve is constructed by joining the site root\nand the sanitized request path. Any and all files within the root and\nlinks with targets outside the site root may therefore be accessed.\nFor example, with a site root of `/www`, requests to `/foo/bar.txt`\nwill serve the file at `/www/foo/bar.txt`.\n\nThe request path is sanitized using the Go standard library's\npath.Clean() function (https://pkg.go.dev/path#Clean) before being\njoined to the root. Request paths must be valid and well-formed.\n\nFor requests that access directories instead of regular files,\nCaddy will attempt to serve an index file if present. For example,\na request to `/dir/` will attempt to serve `/dir/index.html` if\nit exists. The index file names to try are configurable. If a\nrequested directory does not have an index file, Caddy writes a\n404 response. Alternatively, file browsing can be enabled with\nthe \"browse\" parameter which shows a list of files when directories\nare requested if no index file is present. If \"browse\" is enabled,\nCaddy may serve a JSON array of the directory listing when the `Accept`\nheader mentions `application/json` with the following structure:\n\n\t[{\n\t\t\"name\": \"\",\n\t\t\"size\": 0,\n\t\t\"url\": \"\",\n\t\t\"mod_time\": \"\",\n\t\t\"mode\": 0,\n\t\t\"is_dir\": false,\n\t\t\"is_symlink\": false\n\t}]\n\nwith the `url` being relative to the request path and `mod_time` in the RFC 3339 format\nwith sub-second precision. For any other value for the `Accept` header, the\nrespective browse template is executed with `Content-Type: text/html`.\n\nBy default, this handler will canonicalize URIs so that requests to\ndirectories end with a slash, but requests to regular files do not.\nThis is enforced with HTTP redirects automatically and can be disabled.\nCanonicalization redirects are not issued, however, if a URI rewrite\nmodified the last component of the path (the filename).\n\nThis handler sets the Etag and Last-Modified headers for static files.\nIt does not perform MIME sniffing to determine Content-Type based on\ncontents, but does use the extension (if known); see the Go docs for\ndetails: https://pkg.go.dev/mime#TypeByExtension\n\nThe file server properly handles requests with If-Match,\nIf-Unmodified-Since, If-Modified-Since, If-None-Match, Range, and\nIf-Range headers. It includes the file's modification time in the\nLast-Modified header of the response.\n \n", + "type": "object", + "properties": { + "browse": { + "description": "browse: object\nModule: http.handlers.file_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver#Browse\nEnables file listings if a directory was requested and no index\nfile is present.\n\n\nBrowse configures directory browsing.\n", + "markdownDescription": "browse: `object` \nModule: `http.handlers.file_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver#Browse) \nEnables file listings if a directory was requested and no index\nfile is present.\n\n\nBrowse configures directory browsing. \n", + "type": "object", + "properties": { + "file_limit": { + "description": "file_limit: number\nModule: http.handlers.file_server\nFileLimit limits the number of up to n DirEntry values in directory order.\n", + "markdownDescription": "file_limit: `number` \nModule: `http.handlers.file_server` \nFileLimit limits the number of up to n DirEntry values in directory order. \n", + "type": "number" + }, + "reveal_symlinks": { + "description": "reveal_symlinks: boolean\nModule: http.handlers.file_server\nDetermines whether or not targets of symlinks should be revealed.\n", + "markdownDescription": "reveal_symlinks: `boolean` \nModule: `http.handlers.file_server` \nDetermines whether or not targets of symlinks should be revealed. \n", + "type": "boolean" + }, + "sort": { + "description": "sort: array\nModule: http.handlers.file_server\nOverride the default sort.\nIt includes the following options:\n - sort_by: name(default), namedirfirst, size, time\n - order: asc(default), desc\neg.:\n - `sort time desc` will sort by time in descending order\n - `sort size` will sort by size in ascending order\nThe first option must be `sort_by` and the second option must be `order` (if exists).\n", + "markdownDescription": "sort: `array` \nModule: `http.handlers.file_server` \nOverride the default sort.\nIt includes the following options:\n - sort_by: name(default), namedirfirst, size, time\n - order: asc(default), desc\neg.:\n - `sort time desc` will sort by time in descending order\n - `sort size` will sort by size in ascending order\nThe first option must be `sort_by` and the second option must be `order` (if exists). \n", + "type": "array", + "items": { + "description": "Override the default sort.\nIt includes the following options:\n - sort_by: name(default), namedirfirst, size, time\n - order: asc(default), desc\neg.:\n - `sort time desc` will sort by time in descending order\n - `sort size` will sort by size in ascending order\nThe first option must be `sort_by` and the second option must be `order` (if exists).\n", + "markdownDescription": "Override the default sort.\nIt includes the following options:\n - sort_by: name(default), namedirfirst, size, time\n - order: asc(default), desc\neg.:\n - `sort time desc` will sort by time in descending order\n - `sort size` will sort by size in ascending order\nThe first option must be `sort_by` and the second option must be `order` (if exists). \n", + "type": "string" + } + }, + "template_file": { + "description": "template_file: string\nModule: http.handlers.file_server\nFilename of the template to use instead of the embedded browse template.\n", + "markdownDescription": "template_file: `string` \nModule: `http.handlers.file_server` \nFilename of the template to use instead of the embedded browse template. \n", + "type": "string" + } + } + }, + "canonical_uris": { + "description": "canonical_uris: boolean\nModule: http.handlers.file_server\nUse redirects to enforce trailing slashes for directories, or to\nremove trailing slash from URIs for files. Default is true.\n\nCanonicalization will not happen if the last element of the request's\npath (the filename) is changed in an internal rewrite, to avoid\nclobbering the explicit rewrite with implicit behavior.\n", + "markdownDescription": "canonical_uris: `boolean` \nModule: `http.handlers.file_server` \nUse redirects to enforce trailing slashes for directories, or to\nremove trailing slash from URIs for files. Default is true.\n\nCanonicalization will not happen if the last element of the request's\npath (the filename) is changed in an internal rewrite, to avoid\nclobbering the explicit rewrite with implicit behavior. \n", + "type": "boolean" + }, + "etag_file_extensions": { + "description": "etag_file_extensions: array\nModule: http.handlers.file_server\nList of file extensions to try to read Etags from.\nIf set, file Etags will be read from sidecar files\nwith any of these suffixes, instead of generating\nour own Etag.\n", + "markdownDescription": "etag_file_extensions: `array` \nModule: `http.handlers.file_server` \nList of file extensions to try to read Etags from.\nIf set, file Etags will be read from sidecar files\nwith any of these suffixes, instead of generating\nour own Etag. \n", + "type": "array", + "items": { + "description": "List of file extensions to try to read Etags from.\nIf set, file Etags will be read from sidecar files\nwith any of these suffixes, instead of generating\nour own Etag.\n", + "markdownDescription": "List of file extensions to try to read Etags from.\nIf set, file Etags will be read from sidecar files\nwith any of these suffixes, instead of generating\nour own Etag. \n", + "type": "string" + } + }, + "fs": { + "description": "fs: string\nModule: http.handlers.file_server\nThe file system implementation to use. By default, Caddy uses the local\ndisk file system.\n\nif a non default filesystem is used, it must be first be registered in the globals section.\n", + "markdownDescription": "fs: `string` \nModule: `http.handlers.file_server` \nThe file system implementation to use. By default, Caddy uses the local\ndisk file system.\n\nif a non default filesystem is used, it must be first be registered in the globals section. \n", + "type": "string" + }, + "hide": { + "description": "hide: array\nModule: http.handlers.file_server\nA list of files or folders to hide; the file server will pretend as if\nthey don't exist. Accepts globular patterns like `*.ext` or `/foo/*/bar`\nas well as placeholders. Because site roots can be dynamic, this list\nuses file system paths, not request paths. To clarify, the base of\nrelative paths is the current working directory, NOT the site root.\n\nEntries without a path separator (`/` or `\\` depending on OS) will match\nany file or directory of that name regardless of its path. To hide only a\nspecific file with a name that may not be unique, always use a path\nseparator. For example, to hide all files or folder trees named \"hidden\",\nput \"hidden\" in the list. To hide only ./hidden, put \"./hidden\" in the list.\n\nWhen possible, all paths are resolved to their absolute form before\ncomparisons are made. For maximum clarity and explictness, use complete,\nabsolute paths; or, for greater portability, use relative paths instead.\n", + "markdownDescription": "hide: `array` \nModule: `http.handlers.file_server` \nA list of files or folders to hide; the file server will pretend as if\nthey don't exist. Accepts globular patterns like `*.ext` or `/foo/*/bar`\nas well as placeholders. Because site roots can be dynamic, this list\nuses file system paths, not request paths. To clarify, the base of\nrelative paths is the current working directory, NOT the site root.\n\nEntries without a path separator (`/` or `\\` depending on OS) will match\nany file or directory of that name regardless of its path. To hide only a\nspecific file with a name that may not be unique, always use a path\nseparator. For example, to hide all files or folder trees named \"hidden\",\nput \"hidden\" in the list. To hide only ./hidden, put \"./hidden\" in the list.\n\nWhen possible, all paths are resolved to their absolute form before\ncomparisons are made. For maximum clarity and explictness, use complete,\nabsolute paths; or, for greater portability, use relative paths instead. \n", + "type": "array", + "items": { + "description": "A list of files or folders to hide; the file server will pretend as if\nthey don't exist. Accepts globular patterns like `*.ext` or `/foo/*/bar`\nas well as placeholders. Because site roots can be dynamic, this list\nuses file system paths, not request paths. To clarify, the base of\nrelative paths is the current working directory, NOT the site root.\n\nEntries without a path separator (`/` or `\\` depending on OS) will match\nany file or directory of that name regardless of its path. To hide only a\nspecific file with a name that may not be unique, always use a path\nseparator. For example, to hide all files or folder trees named \"hidden\",\nput \"hidden\" in the list. To hide only ./hidden, put \"./hidden\" in the list.\n\nWhen possible, all paths are resolved to their absolute form before\ncomparisons are made. For maximum clarity and explictness, use complete,\nabsolute paths; or, for greater portability, use relative paths instead.\n", + "markdownDescription": "A list of files or folders to hide; the file server will pretend as if\nthey don't exist. Accepts globular patterns like `*.ext` or `/foo/*/bar`\nas well as placeholders. Because site roots can be dynamic, this list\nuses file system paths, not request paths. To clarify, the base of\nrelative paths is the current working directory, NOT the site root.\n\nEntries without a path separator (`/` or `\\` depending on OS) will match\nany file or directory of that name regardless of its path. To hide only a\nspecific file with a name that may not be unique, always use a path\nseparator. For example, to hide all files or folder trees named \"hidden\",\nput \"hidden\" in the list. To hide only ./hidden, put \"./hidden\" in the list.\n\nWhen possible, all paths are resolved to their absolute form before\ncomparisons are made. For maximum clarity and explictness, use complete,\nabsolute paths; or, for greater portability, use relative paths instead. \n", + "type": "string" + } + }, + "index_names": { + "description": "index_names: array\nModule: http.handlers.file_server\nThe names of files to try as index files if a folder is requested.\nDefault: index.html, index.txt.\n", + "markdownDescription": "index_names: `array` \nModule: `http.handlers.file_server` \nThe names of files to try as index files if a folder is requested.\nDefault: index.html, index.txt. \n", + "type": "array", + "items": { + "description": "The names of files to try as index files if a folder is requested.\nDefault: index.html, index.txt.\n", + "markdownDescription": "The names of files to try as index files if a folder is requested.\nDefault: index.html, index.txt. \n", + "type": "string" + } + }, + "pass_thru": { + "description": "pass_thru: boolean\nModule: http.handlers.file_server\nIf pass-thru mode is enabled and a requested file is not found,\nit will invoke the next handler in the chain instead of returning\na 404 error. By default, this is false (disabled).\n", + "markdownDescription": "pass_thru: `boolean` \nModule: `http.handlers.file_server` \nIf pass-thru mode is enabled and a requested file is not found,\nit will invoke the next handler in the chain instead of returning\na 404 error. By default, this is false (disabled). \n", + "type": "boolean" + }, + "precompressed": { + "description": "precompressed: object\nModule: http.precompressed\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nSelection of encoders to use to check for precompressed files.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "precompressed: `object` \nModule: `http.precompressed` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nSelection of encoders to use to check for precompressed files.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "object", + "properties": { + "br": { + "$ref": "#/definitions/http.precompressed.br" + }, + "gzip": { + "$ref": "#/definitions/http.precompressed.gzip" + }, + "zstd": { + "$ref": "#/definitions/http.precompressed.zstd" + } + } + }, + "precompressed_order": { + "description": "precompressed_order: array\nModule: http.handlers.file_server\nIf the client has no strong preference (q-factor), choose these encodings in order.\nIf no order specified here, the first encoding from the Accept-Encoding header\nthat both client and server support is used\n", + "markdownDescription": "precompressed_order: `array` \nModule: `http.handlers.file_server` \nIf the client has no strong preference (q-factor), choose these encodings in order.\nIf no order specified here, the first encoding from the Accept-Encoding header\nthat both client and server support is used \n", + "type": "array", + "items": { + "description": "If the client has no strong preference (q-factor), choose these encodings in order.\nIf no order specified here, the first encoding from the Accept-Encoding header\nthat both client and server support is used\n", + "markdownDescription": "If the client has no strong preference (q-factor), choose these encodings in order.\nIf no order specified here, the first encoding from the Accept-Encoding header\nthat both client and server support is used \n", + "type": "string" + } + }, + "root": { + "description": "root: string\nModule: http.handlers.file_server\nThe path to the root of the site. Default is `{http.vars.root}` if set,\nor current working directory otherwise. This should be a trusted value.\n\nNote that a site root is not a sandbox. Although the file server does\nsanitize the request URI to prevent directory traversal, files (including\nlinks) within the site root may be directly accessed based on the request\npath. Files and folders within the root should be secure and trustworthy.\n", + "markdownDescription": "root: `string` \nModule: `http.handlers.file_server` \nThe path to the root of the site. Default is `{http.vars.root}` if set,\nor current working directory otherwise. This should be a trusted value.\n\nNote that a site root is not a sandbox. Although the file server does\nsanitize the request URI to prevent directory traversal, files (including\nlinks) within the site root may be directly accessed based on the request\npath. Files and folders within the root should be secure and trustworthy. \n", + "type": "string" + }, + "status_code": { + "description": "status_code: string\nModule: http.handlers.file_server\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString\nOverride the status code written when successfully serving a file.\nParticularly useful when explicitly serving a file as display for\nan error, like a 404 page. A placeholder may be used. By default,\nthe status code will typically be 200, or 206 for partial content.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned.\n", + "markdownDescription": "status_code: `string` \nModule: `http.handlers.file_server` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString) \nOverride the status code written when successfully serving a file.\nParticularly useful when explicitly serving a file as display for\nan error, like a 404 page. A placeholder may be used. By default,\nthe status code will typically be 200, or 206 for partial content.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned. \n", + "type": "string" + } + } + }, + "http.handlers.headers": { + "description": "headers: object\nModule: http.handlers.headers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Handler\nHandler is a middleware which modifies request and response headers.\n\nChanges to headers are applied immediately, except for the response\nheaders when Deferred is true or when Required is set. In those cases,\nthe changes are applied when the headers are written to the response.\nNote that deferred changes do not take effect if an error occurs later\nin the middleware chain.\n\nProperties in this module accept placeholders.\n\nResponse header operations can be conditioned upon response status code\nand/or other header values.\n\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.headers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Handler) \nHandler is a middleware which modifies request and response headers.\n\nChanges to headers are applied immediately, except for the response\nheaders when Deferred is true or when Required is set. In those cases,\nthe changes are applied when the headers are written to the response.\nNote that deferred changes do not take effect if an error occurs later\nin the middleware chain.\n\nProperties in this module accept placeholders.\n\nResponse header operations can be conditioned upon response status code\nand/or other header values.\n \n", + "type": "object", + "properties": { + "request": { + "description": "request: object\nModule: http.handlers.headers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#HeaderOps\nHeaderOps defines manipulations for HTTP headers.\n\n", + "markdownDescription": "request: `object` \nModule: `http.handlers.headers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#HeaderOps) \nHeaderOps defines manipulations for HTTP headers.\n \n", + "type": "object", + "properties": { + "add": { + "description": "add: object\nModule: http.handlers.headers\nAdds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "add: `object` \nModule: `http.handlers.headers` \nAdds HTTP headers; does not replace any existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Adds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "Adds HTTP headers; does not replace any existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "delete": { + "description": "delete: array\nModule: http.handlers.headers\nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.headers` \nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "array", + "items": { + "description": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "string" + } + }, + "replace": { + "description": "replace: object\nModule: http.handlers.headers\nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields.\n", + "markdownDescription": "replace: `object` \nModule: `http.handlers.headers` \nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "object", + "properties": { + "replace": { + "description": "replace: string\nModule: http.handlers.headers\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.headers` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.headers\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.headers` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.headers\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.headers` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + } + }, + "set": { + "description": "set: object\nModule: http.handlers.headers\nSets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "set: `object` \nModule: `http.handlers.headers` \nSets HTTP headers; replaces existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Sets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "Sets HTTP headers; replaces existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + } + } + }, + "response": { + "description": "response: object\nModule: http.handlers.headers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#RespHeaderOps\nRespHeaderOps defines manipulations for response headers.\n\n", + "markdownDescription": "response: `object` \nModule: `http.handlers.headers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#RespHeaderOps) \nRespHeaderOps defines manipulations for response headers.\n \n", + "type": "object", + "properties": { + "add": { + "description": "add: object\nModule: http.handlers.headers\nAdds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "add: `object` \nModule: `http.handlers.headers` \nAdds HTTP headers; does not replace any existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Adds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "Adds HTTP headers; does not replace any existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "deferred": { + "description": "deferred: boolean\nModule: http.handlers.headers\nIf true, header operations will be deferred until\nthey are written out. Superseded if Require is set.\nUsually you will need to set this to true if any\nfields are being deleted.\n", + "markdownDescription": "deferred: `boolean` \nModule: `http.handlers.headers` \nIf true, header operations will be deferred until\nthey are written out. Superseded if Require is set.\nUsually you will need to set this to true if any\nfields are being deleted. \n", + "type": "boolean" + }, + "delete": { + "description": "delete: array\nModule: http.handlers.headers\nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.headers` \nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "array", + "items": { + "description": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "string" + } + }, + "replace": { + "description": "replace: object\nModule: http.handlers.headers\nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields.\n", + "markdownDescription": "replace: `object` \nModule: `http.handlers.headers` \nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "object", + "properties": { + "replace": { + "description": "replace: string\nModule: http.handlers.headers\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.headers` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.headers\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.headers` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.headers\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.headers` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + } + }, + "require": { + "description": "require: object\nModule: http.handlers.headers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher\nIf set, header operations will be deferred until\nthey are written out and only performed if the\nresponse matches these criteria.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria.\n", + "markdownDescription": "require: `object` \nModule: `http.handlers.headers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher) \nIf set, header operations will be deferred until\nthey are written out and only performed if the\nresponse matches these criteria.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria. \n", + "type": "object", + "properties": { + "headers": { + "description": "headers: object\nModule: http.handlers.headers\nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.headers` \nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "object", + "additionalProperties": { + "description": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "status_code": { + "description": "status_code: array\nModule: http.handlers.headers\nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "status_code: `array` \nModule: `http.handlers.headers` \nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "array", + "items": { + "description": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "number" + } + } + } + }, + "set": { + "description": "set: object\nModule: http.handlers.headers\nSets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "set: `object` \nModule: `http.handlers.headers` \nSets HTTP headers; replaces existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Sets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "Sets HTTP headers; replaces existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + }, + "http.handlers.intercept": { + "description": "intercept: object\nModule: http.handlers.intercept\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/intercept#Intercept\nIntercept is a middleware that intercepts then replaces or modifies the original response.\nIt can, for instance, be used to implement X-Sendfile/X-Accel-Redirect-like features\nwhen using modules like FrankenPHP or Caddy Snake.\n\nEXPERIMENTAL: Subject to change or removal.\n\n", + "markdownDescription": "intercept: `object` \nModule: `http.handlers.intercept` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/intercept#Intercept) \nIntercept is a middleware that intercepts then replaces or modifies the original response.\nIt can, for instance, be used to implement X-Sendfile/X-Accel-Redirect-like features\nwhen using modules like FrankenPHP or Caddy Snake.\n\nEXPERIMENTAL: Subject to change or removal.\n \n", + "type": "object", + "properties": { + "handle_response": { + "description": "handle_response: array\nModule: http.handlers.intercept\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler\nList of handlers and their associated matchers to evaluate\nafter successful response generation.\nThe first handler that matches the original response will\nbe invoked. The original response body will not be\nwritten to the client;\nit is up to the handler to finish handling the response.\n\nThree new placeholders are available in this handler chain:\n- `{http.intercept.status_code}` The status code from the response\n- `{http.intercept.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar).\n", + "markdownDescription": "handle_response: `array` \nModule: `http.handlers.intercept` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler) \nList of handlers and their associated matchers to evaluate\nafter successful response generation.\nThe first handler that matches the original response will\nbe invoked. The original response body will not be\nwritten to the client;\nit is up to the handler to finish handling the response.\n\nThree new placeholders are available in this handler chain:\n- `{http.intercept.status_code}` The status code from the response\n- `{http.intercept.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar). \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler\nList of handlers and their associated matchers to evaluate\nafter successful response generation.\nThe first handler that matches the original response will\nbe invoked. The original response body will not be\nwritten to the client;\nit is up to the handler to finish handling the response.\n\nThree new placeholders are available in this handler chain:\n- `{http.intercept.status_code}` The status code from the response\n- `{http.intercept.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar).\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler) \nList of handlers and their associated matchers to evaluate\nafter successful response generation.\nThe first handler that matches the original response will\nbe invoked. The original response body will not be\nwritten to the client;\nit is up to the handler to finish handling the response.\n\nThree new placeholders are available in this handler chain:\n- `{http.intercept.status_code}` The status code from the response\n- `{http.intercept.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar). \n", + "type": "object", + "properties": { + "match": { + "description": "match: object\nModule: http.handlers.intercept\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher\nThe response matcher for this handler. If empty/nil,\nit always matches.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria.\n", + "markdownDescription": "match: `object` \nModule: `http.handlers.intercept` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher) \nThe response matcher for this handler. If empty/nil,\nit always matches.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria. \n", + "type": "object", + "properties": { + "headers": { + "description": "headers: object\nModule: http.handlers.intercept\nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.intercept` \nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "object", + "additionalProperties": { + "description": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "status_code": { + "description": "status_code: array\nModule: http.handlers.intercept\nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "status_code: `array` \nModule: `http.handlers.intercept` \nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "array", + "items": { + "description": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "number" + } + } + } + }, + "routes": { + "description": "routes: array\nModule: http.handlers.intercept\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "routes: `array` \nModule: `http.handlers.intercept` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "properties": { + "group": { + "description": "group: string\nModule: http.handlers.intercept\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http.handlers.intercept` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "copy_response", + "headers", + "invoke", + "metrics", + "push", + "acme_server", + "authentication", + "encode", + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error", + "reverse_proxy", + "templates" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http.handlers.intercept\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http.handlers.intercept` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + }, + "status_code": { + "description": "status_code: string\nModule: http.handlers.intercept\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString\nTo write the original response body but with a different\nstatus code, set this field to the desired status code.\nIf set, this takes priority over routes.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned.\n", + "markdownDescription": "status_code: `string` \nModule: `http.handlers.intercept` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString) \nTo write the original response body but with a different\nstatus code, set this field to the desired status code.\nIf set, this takes priority over routes.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned. \n", + "type": "string" + } + } + } + } + } + }, + "http.handlers.invoke": { + "description": "invoke: object\nModule: http.handlers.invoke\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Invoke\nInvoke implements a handler that compiles and executes a\nnamed route that was defined on the server.\n\nEXPERIMENTAL: Subject to change or removal.\n\n", + "markdownDescription": "invoke: `object` \nModule: `http.handlers.invoke` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Invoke) \nInvoke implements a handler that compiles and executes a\nnamed route that was defined on the server.\n\nEXPERIMENTAL: Subject to change or removal.\n \n", + "type": "object", + "properties": { + "name": { + "description": "name: string\nModule: http.handlers.invoke\nName is the key of the named route to execute\n", + "markdownDescription": "name: `string` \nModule: `http.handlers.invoke` \nName is the key of the named route to execute \n", + "type": "string" + } + } + }, + "http.handlers.log_append": { + "description": "log_append: object\nModule: http.handlers.log_append\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/logging#LogAppend\nLogAppend implements a middleware that takes a key and value, where\nthe key is the name of a log field and the value is a placeholder,\nor variable key, or constant value to use for that field.\n\n", + "markdownDescription": "log_append: `object` \nModule: `http.handlers.log_append` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/logging#LogAppend) \nLogAppend implements a middleware that takes a key and value, where\nthe key is the name of a log field and the value is a placeholder,\nor variable key, or constant value to use for that field.\n \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.log_append\nKey is the name of the log field.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.log_append` \nKey is the name of the log field. \n", + "type": "string" + }, + "value": { + "description": "value: string\nModule: http.handlers.log_append\nValue is the value to use for the log field.\nIf it is a placeholder (with surrounding `{}`),\nit will be evaluated when the log is written.\nIf the value is a key that exists in the `vars`\nmap, the value of that key will be used. Otherwise\nthe value will be used as-is as a constant string.\n", + "markdownDescription": "value: `string` \nModule: `http.handlers.log_append` \nValue is the value to use for the log field.\nIf it is a placeholder (with surrounding `{}`),\nit will be evaluated when the log is written.\nIf the value is a key that exists in the `vars`\nmap, the value of that key will be used. Otherwise\nthe value will be used as-is as a constant string. \n", + "type": "string" + } + } + }, + "http.handlers.map": { + "description": "map: object\nModule: http.handlers.map\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/map#Handler\nHandler implements a middleware that maps inputs to outputs. Specifically, it\ncompares a source value against the map inputs, and for one that matches, it\napplies the output values to each destination. Destinations become placeholder\nnames.\n\nMapped placeholders are not evaluated until they are used, so even for very\nlarge mappings, this handler is quite efficient.\n\n", + "markdownDescription": "map: `object` \nModule: `http.handlers.map` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/map#Handler) \nHandler implements a middleware that maps inputs to outputs. Specifically, it\ncompares a source value against the map inputs, and for one that matches, it\napplies the output values to each destination. Destinations become placeholder\nnames.\n\nMapped placeholders are not evaluated until they are used, so even for very\nlarge mappings, this handler is quite efficient.\n \n", + "type": "object", + "properties": { + "defaults": { + "description": "defaults: array\nModule: http.handlers.map\nIf no mappings match or if the mapped output is null/nil, the associated\ndefault output will be applied (optional).\n", + "markdownDescription": "defaults: `array` \nModule: `http.handlers.map` \nIf no mappings match or if the mapped output is null/nil, the associated\ndefault output will be applied (optional). \n", + "type": "array", + "items": { + "description": "If no mappings match or if the mapped output is null/nil, the associated\ndefault output will be applied (optional).\n", + "markdownDescription": "If no mappings match or if the mapped output is null/nil, the associated\ndefault output will be applied (optional). \n", + "type": "string" + } + }, + "destinations": { + "description": "destinations: array\nModule: http.handlers.map\nDestinations are the names of placeholders in which to store the outputs.\nDestination values should be wrapped in braces, for example, {my_placeholder}.\n", + "markdownDescription": "destinations: `array` \nModule: `http.handlers.map` \nDestinations are the names of placeholders in which to store the outputs.\nDestination values should be wrapped in braces, for example, {my_placeholder}. \n", + "type": "array", + "items": { + "description": "Destinations are the names of placeholders in which to store the outputs.\nDestination values should be wrapped in braces, for example, {my_placeholder}.\n", + "markdownDescription": "Destinations are the names of placeholders in which to store the outputs.\nDestination values should be wrapped in braces, for example, {my_placeholder}. \n", + "type": "string" + } + }, + "mappings": { + "description": "mappings: array\nModule: http.handlers.map\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/map#Mapping\nMappings from source values (inputs) to destination values (outputs).\nThe first matching, non-nil mapping will be applied.\n\n\nMapping describes a mapping from input to outputs.\n", + "markdownDescription": "mappings: `array` \nModule: `http.handlers.map` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/map#Mapping) \nMappings from source values (inputs) to destination values (outputs).\nThe first matching, non-nil mapping will be applied.\n\n\nMapping describes a mapping from input to outputs. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/map#Mapping\nMappings from source values (inputs) to destination values (outputs).\nThe first matching, non-nil mapping will be applied.\n\n\nMapping describes a mapping from input to outputs.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/map#Mapping) \nMappings from source values (inputs) to destination values (outputs).\nThe first matching, non-nil mapping will be applied.\n\n\nMapping describes a mapping from input to outputs. \n", + "type": "object", + "properties": { + "input": { + "description": "input: string\nModule: http.handlers.map\nThe input value to match. Must be distinct from other mappings.\nMutually exclusive to input_regexp.\n", + "markdownDescription": "input: `string` \nModule: `http.handlers.map` \nThe input value to match. Must be distinct from other mappings.\nMutually exclusive to input_regexp. \n", + "type": "string" + }, + "input_regexp": { + "description": "input_regexp: string\nModule: http.handlers.map\nThe input regular expression to match. Mutually exclusive to input.\n", + "markdownDescription": "input_regexp: `string` \nModule: `http.handlers.map` \nThe input regular expression to match. Mutually exclusive to input. \n", + "type": "string" + }, + "outputs": { + "description": "outputs: array\nModule: http.handlers.map\nUpon a match with the input, each output is positionally correlated\nwith each destination of the parent handler. An output that is null\n(nil) will be treated as if it was not mapped at all.\n", + "markdownDescription": "outputs: `array` \nModule: `http.handlers.map` \nUpon a match with the input, each output is positionally correlated\nwith each destination of the parent handler. An output that is null\n(nil) will be treated as if it was not mapped at all. \n", + "type": "array", + "items": { + "type": [ + "string", + "null" + ], + "description": "Upon a match with the input, each output is positionally correlated\nwith each destination of the parent handler. An output that is null\n(nil) will be treated as if it was not mapped at all.\n", + "markdownDescription": "Upon a match with the input, each output is positionally correlated\nwith each destination of the parent handler. An output that is null\n(nil) will be treated as if it was not mapped at all. \n" + } + } + } + } + }, + "source": { + "description": "source: string\nModule: http.handlers.map\nSource is the placeholder from which to get the input value.\n", + "markdownDescription": "source: `string` \nModule: `http.handlers.map` \nSource is the placeholder from which to get the input value. \n", + "type": "string" + } + } + }, + "http.handlers.metrics": { + "description": "metrics: object\nModule: http.handlers.metrics\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/metrics#Metrics\nMetrics is a module that serves a /metrics endpoint so that any gathered\nmetrics can be exposed for scraping. This module is configurable by end-users\nunlike AdminMetrics.\n\n", + "markdownDescription": "metrics: `object` \nModule: `http.handlers.metrics` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/metrics#Metrics) \nMetrics is a module that serves a /metrics endpoint so that any gathered\nmetrics can be exposed for scraping. This module is configurable by end-users\nunlike AdminMetrics.\n \n", + "type": "object", + "properties": { + "disable_openmetrics": { + "description": "disable_openmetrics: boolean\nModule: http.handlers.metrics\nDisable OpenMetrics negotiation, enabled by default. May be necessary if\nthe produced metrics cannot be parsed by the service scraping metrics.\n", + "markdownDescription": "disable_openmetrics: `boolean` \nModule: `http.handlers.metrics` \nDisable OpenMetrics negotiation, enabled by default. May be necessary if\nthe produced metrics cannot be parsed by the service scraping metrics. \n", + "type": "boolean" + } + } + }, + "http.handlers.push": { + "description": "push: object\nModule: http.handlers.push\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#Handler\nHandler is a middleware for HTTP/2 server push. Note that\nHTTP/2 server push has been deprecated by some clients and\nits use is discouraged unless you can accurately predict\nwhich resources actually need to be pushed to the client;\nit can be difficult to know what the client already has\ncached. Pushing unnecessary resources results in worse\nperformance. Consider using HTTP 103 Early Hints instead.\n\nThis handler supports pushing from Link headers; in other\nwords, if the eventual response has Link headers, this\nhandler will push the resources indicated by those headers,\neven without specifying any resources in its config.\n\n", + "markdownDescription": "push: `object` \nModule: `http.handlers.push` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#Handler) \nHandler is a middleware for HTTP/2 server push. Note that\nHTTP/2 server push has been deprecated by some clients and\nits use is discouraged unless you can accurately predict\nwhich resources actually need to be pushed to the client;\nit can be difficult to know what the client already has\ncached. Pushing unnecessary resources results in worse\nperformance. Consider using HTTP 103 Early Hints instead.\n\nThis handler supports pushing from Link headers; in other\nwords, if the eventual response has Link headers, this\nhandler will push the resources indicated by those headers,\neven without specifying any resources in its config.\n \n", + "type": "object", + "properties": { + "headers": { + "description": "headers: object\nModule: http.handlers.push\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#HeaderConfig\nHeaders to modify for the push requests.\n\n\nHeaderConfig configures headers for synthetic push requests.\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.push` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#HeaderConfig) \nHeaders to modify for the push requests.\n\n\nHeaderConfig configures headers for synthetic push requests. \n", + "type": "object", + "properties": { + "add": { + "description": "add: object\nModule: http.handlers.push\nAdds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "add: `object` \nModule: `http.handlers.push` \nAdds HTTP headers; does not replace any existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Adds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "Adds HTTP headers; does not replace any existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "delete": { + "description": "delete: array\nModule: http.handlers.push\nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.push` \nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "array", + "items": { + "description": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "string" + } + }, + "replace": { + "description": "replace: object\nModule: http.handlers.push\nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields.\n", + "markdownDescription": "replace: `object` \nModule: `http.handlers.push` \nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "object", + "properties": { + "replace": { + "description": "replace: string\nModule: http.handlers.push\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.push` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.push\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.push` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.push\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.push` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + } + }, + "set": { + "description": "set: object\nModule: http.handlers.push\nSets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "set: `object` \nModule: `http.handlers.push` \nSets HTTP headers; replaces existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Sets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "Sets HTTP headers; replaces existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + } + } + }, + "resources": { + "description": "resources: array\nModule: http.handlers.push\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#Resource\nThe resources to push.\n\n\nResource represents a request for a resource to push.\n", + "markdownDescription": "resources: `array` \nModule: `http.handlers.push` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#Resource) \nThe resources to push.\n\n\nResource represents a request for a resource to push. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#Resource\nThe resources to push.\n\n\nResource represents a request for a resource to push.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/push#Resource) \nThe resources to push.\n\n\nResource represents a request for a resource to push. \n", + "type": "object", + "properties": { + "method": { + "description": "method: string\nModule: http.handlers.push\nMethod is the request method, which must be GET or HEAD.\nDefault is GET.\n", + "markdownDescription": "method: `string` \nModule: `http.handlers.push` \nMethod is the request method, which must be GET or HEAD.\nDefault is GET. \n", + "type": "string" + }, + "target": { + "description": "target: string\nModule: http.handlers.push\nTarget is the path to the resource being pushed.\n", + "markdownDescription": "target: `string` \nModule: `http.handlers.push` \nTarget is the path to the resource being pushed. \n", + "type": "string" + } + } + } + } + } + }, + "http.handlers.request_body": { + "description": "request_body: object\nModule: http.handlers.request_body\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/requestbody#RequestBody\nRequestBody is a middleware for manipulating the request body.\n\n", + "markdownDescription": "request_body: `object` \nModule: `http.handlers.request_body` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/requestbody#RequestBody) \nRequestBody is a middleware for manipulating the request body.\n \n", + "type": "object", + "properties": { + "max_size": { + "description": "max_size: number\nModule: http.handlers.request_body\nThe maximum number of bytes to allow reading from the body by a later handler.\nIf more bytes are read, an error with HTTP status 413 is returned.\n", + "markdownDescription": "max_size: `number` \nModule: `http.handlers.request_body` \nThe maximum number of bytes to allow reading from the body by a later handler.\nIf more bytes are read, an error with HTTP status 413 is returned. \n", + "type": "number" + }, + "read_timeout": { + "description": "read_timeout: number\nModule: http.handlers.request_body\nhttps://pkg.go.dev/time#Duration\nEXPERIMENTAL. Subject to change/removal.\n\n\nA Duration represents the elapsed time between two instants\nas an int64 nanosecond count. The representation limits the\nlargest representable duration to approximately 290 years.\n", + "markdownDescription": "read_timeout: `number` \nModule: `http.handlers.request_body` \n[godoc](https://pkg.go.dev/time#Duration) \nEXPERIMENTAL. Subject to change/removal.\n\n\nA Duration represents the elapsed time between two instants\nas an int64 nanosecond count. The representation limits the\nlargest representable duration to approximately 290 years. \n", + "type": "number" + }, + "set": { + "description": "set: string\nModule: http.handlers.request_body\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/requestbody#RequestBody", + "markdownDescription": "set: `string` \nModule: `http.handlers.request_body` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/requestbody#RequestBody)", + "type": "string" + }, + "write_timeout": { + "description": "write_timeout: number\nModule: http.handlers.request_body\nhttps://pkg.go.dev/time#Duration\nEXPERIMENTAL. Subject to change/removal.\n\n\nA Duration represents the elapsed time between two instants\nas an int64 nanosecond count. The representation limits the\nlargest representable duration to approximately 290 years.\n", + "markdownDescription": "write_timeout: `number` \nModule: `http.handlers.request_body` \n[godoc](https://pkg.go.dev/time#Duration) \nEXPERIMENTAL. Subject to change/removal.\n\n\nA Duration represents the elapsed time between two instants\nas an int64 nanosecond count. The representation limits the\nlargest representable duration to approximately 290 years. \n", + "type": "number" + } + } + }, + "http.handlers.reverse_proxy": { + "description": "reverse_proxy: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#Handler\nHandler implements a highly configurable and production-ready reverse proxy.\n\nUpon proxying, this module sets the following placeholders (which can be used\nboth within and after this handler; for example, in response headers):\n\nPlaceholder | Description\n------------|-------------\n`{http.reverse_proxy.upstream.address}` | The full address to the upstream as given in the config\n`{http.reverse_proxy.upstream.hostport}` | The host:port of the upstream\n`{http.reverse_proxy.upstream.host}` | The host of the upstream\n`{http.reverse_proxy.upstream.port}` | The port of the upstream\n`{http.reverse_proxy.upstream.requests}` | The approximate current number of requests to the upstream\n`{http.reverse_proxy.upstream.max_requests}` | The maximum approximate number of requests allowed to the upstream\n`{http.reverse_proxy.upstream.fails}` | The number of recent failed requests to the upstream\n`{http.reverse_proxy.upstream.latency}` | How long it took the proxy upstream to write the response header.\n`{http.reverse_proxy.upstream.latency_ms}` | Same as 'latency', but in milliseconds.\n`{http.reverse_proxy.upstream.duration}` | Time spent proxying to the upstream, including writing response body to client.\n`{http.reverse_proxy.upstream.duration_ms}` | Same as 'upstream.duration', but in milliseconds.\n`{http.reverse_proxy.duration}` | Total time spent proxying, including selecting an upstream, retries, and writing response.\n`{http.reverse_proxy.duration_ms}` | Same as 'duration', but in milliseconds.\n`{http.reverse_proxy.retries}` | The number of retries actually performed to communicate with an upstream.\n\n", + "markdownDescription": "reverse_proxy: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#Handler) \nHandler implements a highly configurable and production-ready reverse proxy.\n\nUpon proxying, this module sets the following placeholders (which can be used\nboth within and after this handler; for example, in response headers):\n\nPlaceholder | Description\n------------|-------------\n`{http.reverse_proxy.upstream.address}` | The full address to the upstream as given in the config\n`{http.reverse_proxy.upstream.hostport}` | The host:port of the upstream\n`{http.reverse_proxy.upstream.host}` | The host of the upstream\n`{http.reverse_proxy.upstream.port}` | The port of the upstream\n`{http.reverse_proxy.upstream.requests}` | The approximate current number of requests to the upstream\n`{http.reverse_proxy.upstream.max_requests}` | The maximum approximate number of requests allowed to the upstream\n`{http.reverse_proxy.upstream.fails}` | The number of recent failed requests to the upstream\n`{http.reverse_proxy.upstream.latency}` | How long it took the proxy upstream to write the response header.\n`{http.reverse_proxy.upstream.latency_ms}` | Same as 'latency', but in milliseconds.\n`{http.reverse_proxy.upstream.duration}` | Time spent proxying to the upstream, including writing response body to client.\n`{http.reverse_proxy.upstream.duration_ms}` | Same as 'upstream.duration', but in milliseconds.\n`{http.reverse_proxy.duration}` | Total time spent proxying, including selecting an upstream, retries, and writing response.\n`{http.reverse_proxy.duration_ms}` | Same as 'duration', but in milliseconds.\n`{http.reverse_proxy.retries}` | The number of retries actually performed to communicate with an upstream.\n \n", + "type": "object", + "properties": { + "circuit_breaker": { + "description": "circuit_breaker: any\nModule: http.reverse_proxy.circuit_breakers\nA circuit breaker may be used to relieve pressure on a backend\nthat is beginning to exhibit symptoms of stress or latency.\nBy default, there is no circuit breaker.\n", + "markdownDescription": "circuit_breaker: `any` \nModule: `http.reverse_proxy.circuit_breakers` \nA circuit breaker may be used to relieve pressure on a backend\nthat is beginning to exhibit symptoms of stress or latency.\nBy default, there is no circuit breaker. \n" + }, + "dynamic_upstreams": { + "description": "dynamic_upstreams: object\nModule: http.reverse_proxy.upstreams\nA module for retrieving the list of upstreams dynamically. Dynamic\nupstreams are retrieved at every iteration of the proxy loop for\neach request (i.e. before every proxy attempt within every request).\nActive health checks do not work on dynamic upstreams, and passive\nhealth checks are only effective on dynamic upstreams if the proxy\nserver is busy enough that concurrent requests to the same backends\nare continuous. Instead of health checks for dynamic upstreams, it\nis recommended that the dynamic upstream module only return available\nbackends in the first place.\n", + "markdownDescription": "dynamic_upstreams: `object` \nModule: `http.reverse_proxy.upstreams` \nA module for retrieving the list of upstreams dynamically. Dynamic\nupstreams are retrieved at every iteration of the proxy loop for\neach request (i.e. before every proxy attempt within every request).\nActive health checks do not work on dynamic upstreams, and passive\nhealth checks are only effective on dynamic upstreams if the proxy\nserver is busy enough that concurrent requests to the same backends\nare continuous. Instead of health checks for dynamic upstreams, it\nis recommended that the dynamic upstream module only return available\nbackends in the first place. \n", + "type": "object", + "required": [ + "source" + ], + "allOf": [ + { + "if": { + "properties": { + "source": { + "const": "srv" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.upstreams.srv" + } + }, + { + "if": { + "properties": { + "source": { + "const": "a" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.upstreams.a" + } + }, + { + "if": { + "properties": { + "source": { + "const": "multi" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.upstreams.multi" + } + }, + { + "properties": { + "source": { + "description": "key to identify dynamic_upstreams module.\nsource: string\nModule: http.reverse_proxy.upstreams", + "markdownDescription": "key to identify `dynamic_upstreams` module. \nsource: `string` \nModule: `http.reverse_proxy.upstreams`", + "type": "string", + "enum": [ + "srv", + "a", + "multi" + ] + } + } + } + ] + }, + "flush_interval": { + "description": "flush_interval: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nAdjusts how often to flush the response buffer. By default,\nno periodic flushing is done. A negative value disables\nresponse buffering, and flushes immediately after each\nwrite to the client. This option is ignored when the upstream's\nresponse is recognized as a streaming response, or if its\ncontent length is -1; for such responses, writes are flushed\nto the client immediately.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "flush_interval: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nAdjusts how often to flush the response buffer. By default,\nno periodic flushing is done. A negative value disables\nresponse buffering, and flushes immediately after each\nwrite to the client. This option is ignored when the upstream's\nresponse is recognized as a streaming response, or if its\ncontent length is -1; for such responses, writes are flushed\nto the client immediately.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "handle_response": { + "description": "handle_response: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler\nList of handlers and their associated matchers to evaluate\nafter successful roundtrips. The first handler that matches\nthe response from a backend will be invoked. The response\nbody from the backend will not be written to the client;\nit is up to the handler to finish handling the response.\nIf passive health checks are enabled, any errors from the\nhandler chain will not affect the health status of the\nbackend.\n\nThree new placeholders are available in this handler chain:\n- `{http.reverse_proxy.status_code}` The status code from the response\n- `{http.reverse_proxy.status_text}` The status text from the response\n- `{http.reverse_proxy.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar).\n", + "markdownDescription": "handle_response: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler) \nList of handlers and their associated matchers to evaluate\nafter successful roundtrips. The first handler that matches\nthe response from a backend will be invoked. The response\nbody from the backend will not be written to the client;\nit is up to the handler to finish handling the response.\nIf passive health checks are enabled, any errors from the\nhandler chain will not affect the health status of the\nbackend.\n\nThree new placeholders are available in this handler chain:\n- `{http.reverse_proxy.status_code}` The status code from the response\n- `{http.reverse_proxy.status_text}` The status text from the response\n- `{http.reverse_proxy.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar). \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler\nList of handlers and their associated matchers to evaluate\nafter successful roundtrips. The first handler that matches\nthe response from a backend will be invoked. The response\nbody from the backend will not be written to the client;\nit is up to the handler to finish handling the response.\nIf passive health checks are enabled, any errors from the\nhandler chain will not affect the health status of the\nbackend.\n\nThree new placeholders are available in this handler chain:\n- `{http.reverse_proxy.status_code}` The status code from the response\n- `{http.reverse_proxy.status_text}` The status text from the response\n- `{http.reverse_proxy.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar).\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseHandler) \nList of handlers and their associated matchers to evaluate\nafter successful roundtrips. The first handler that matches\nthe response from a backend will be invoked. The response\nbody from the backend will not be written to the client;\nit is up to the handler to finish handling the response.\nIf passive health checks are enabled, any errors from the\nhandler chain will not affect the health status of the\nbackend.\n\nThree new placeholders are available in this handler chain:\n- `{http.reverse_proxy.status_code}` The status code from the response\n- `{http.reverse_proxy.status_text}` The status text from the response\n- `{http.reverse_proxy.header.*}` The headers from the response\n\n\nResponseHandler pairs a response matcher with custom handling\nlogic. Either the status code can be changed to something else\nwhile using the original response body, or, if a status code\nis not set, it can execute a custom route list; this is useful\nfor executing handler routes based on the properties of an HTTP\nresponse that has not been written out to the client yet.\n\nTo use this type, provision it at module load time, then when\nready to use, match the response against its matcher; if it\nmatches (or doesn't have a matcher), change the status code on\nthe response if configured; otherwise invoke the routes by\ncalling `rh.Routes.Compile(next).ServeHTTP(rw, req)` (or similar). \n", + "type": "object", + "properties": { + "match": { + "description": "match: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher\nThe response matcher for this handler. If empty/nil,\nit always matches.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria.\n", + "markdownDescription": "match: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher) \nThe response matcher for this handler. If empty/nil,\nit always matches.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria. \n", + "type": "object", + "properties": { + "headers": { + "description": "headers: object\nModule: http.handlers.reverse_proxy\nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.reverse_proxy` \nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "object", + "additionalProperties": { + "description": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "status_code": { + "description": "status_code: array\nModule: http.handlers.reverse_proxy\nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "status_code: `array` \nModule: `http.handlers.reverse_proxy` \nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "array", + "items": { + "description": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "number" + } + } + } + }, + "routes": { + "description": "routes: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "routes: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe list of HTTP routes to execute if no status code is\nspecified. If evaluated, the original response body\nwill not be written.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "properties": { + "group": { + "description": "group: string\nModule: http.handlers.reverse_proxy\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http.handlers.reverse_proxy` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "headers", + "invoke", + "metrics", + "push", + "acme_server", + "authentication", + "encode", + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error", + "reverse_proxy", + "templates", + "copy_response" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http.handlers.reverse_proxy\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http.handlers.reverse_proxy` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + }, + "status_code": { + "description": "status_code: string\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString\nTo write the original response body but with a different\nstatus code, set this field to the desired status code.\nIf set, this takes priority over routes.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned.\n", + "markdownDescription": "status_code: `string` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString) \nTo write the original response body but with a different\nstatus code, set this field to the desired status code.\nIf set, this takes priority over routes.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned. \n", + "type": "string" + } + } + } + }, + "headers": { + "description": "headers: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Handler\nHeaders manipulates headers between Caddy and the backend.\nBy default, all headers are passed-thru without changes,\nwith the exceptions of special hop-by-hop headers.\n\nX-Forwarded-For, X-Forwarded-Proto and X-Forwarded-Host\nare also set implicitly.\n\n\nHandler is a middleware which modifies request and response headers.\n\nChanges to headers are applied immediately, except for the response\nheaders when Deferred is true or when Required is set. In those cases,\nthe changes are applied when the headers are written to the response.\nNote that deferred changes do not take effect if an error occurs later\nin the middleware chain.\n\nProperties in this module accept placeholders.\n\nResponse header operations can be conditioned upon response status code\nand/or other header values.\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Handler) \nHeaders manipulates headers between Caddy and the backend.\nBy default, all headers are passed-thru without changes,\nwith the exceptions of special hop-by-hop headers.\n\nX-Forwarded-For, X-Forwarded-Proto and X-Forwarded-Host\nare also set implicitly.\n\n\nHandler is a middleware which modifies request and response headers.\n\nChanges to headers are applied immediately, except for the response\nheaders when Deferred is true or when Required is set. In those cases,\nthe changes are applied when the headers are written to the response.\nNote that deferred changes do not take effect if an error occurs later\nin the middleware chain.\n\nProperties in this module accept placeholders.\n\nResponse header operations can be conditioned upon response status code\nand/or other header values. \n", + "type": "object", + "properties": { + "request": { + "description": "request: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#HeaderOps\nHeaderOps defines manipulations for HTTP headers.\n\n", + "markdownDescription": "request: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#HeaderOps) \nHeaderOps defines manipulations for HTTP headers.\n \n", + "type": "object", + "properties": { + "add": { + "description": "add: object\nModule: http.handlers.reverse_proxy\nAdds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "add: `object` \nModule: `http.handlers.reverse_proxy` \nAdds HTTP headers; does not replace any existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Adds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "Adds HTTP headers; does not replace any existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "delete": { + "description": "delete: array\nModule: http.handlers.reverse_proxy\nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.reverse_proxy` \nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "array", + "items": { + "description": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "string" + } + }, + "replace": { + "description": "replace: object\nModule: http.handlers.reverse_proxy\nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields.\n", + "markdownDescription": "replace: `object` \nModule: `http.handlers.reverse_proxy` \nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "object", + "properties": { + "replace": { + "description": "replace: string\nModule: http.handlers.reverse_proxy\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.reverse_proxy` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.reverse_proxy\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.reverse_proxy` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.reverse_proxy\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.reverse_proxy` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + } + }, + "set": { + "description": "set: object\nModule: http.handlers.reverse_proxy\nSets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "set: `object` \nModule: `http.handlers.reverse_proxy` \nSets HTTP headers; replaces existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Sets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "Sets HTTP headers; replaces existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + } + } + }, + "response": { + "description": "response: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#RespHeaderOps\nRespHeaderOps defines manipulations for response headers.\n\n", + "markdownDescription": "response: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#RespHeaderOps) \nRespHeaderOps defines manipulations for response headers.\n \n", + "type": "object", + "properties": { + "add": { + "description": "add: object\nModule: http.handlers.reverse_proxy\nAdds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "add: `object` \nModule: `http.handlers.reverse_proxy` \nAdds HTTP headers; does not replace any existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Adds HTTP headers; does not replace any existing header fields.\n", + "markdownDescription": "Adds HTTP headers; does not replace any existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "deferred": { + "description": "deferred: boolean\nModule: http.handlers.reverse_proxy\nIf true, header operations will be deferred until\nthey are written out. Superseded if Require is set.\nUsually you will need to set this to true if any\nfields are being deleted.\n", + "markdownDescription": "deferred: `boolean` \nModule: `http.handlers.reverse_proxy` \nIf true, header operations will be deferred until\nthey are written out. Superseded if Require is set.\nUsually you will need to set this to true if any\nfields are being deleted. \n", + "type": "boolean" + }, + "delete": { + "description": "delete: array\nModule: http.handlers.reverse_proxy\nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.reverse_proxy` \nNames of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "array", + "items": { + "description": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring.\n", + "markdownDescription": "Names of HTTP header fields to delete. Basic wildcards are supported:\n\n- Start with `*` for all field names with the given suffix;\n- End with `*` for all field names with the given prefix;\n- Start and end with `*` for all field names containing a substring. \n", + "type": "string" + } + }, + "replace": { + "description": "replace: object\nModule: http.handlers.reverse_proxy\nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields.\n", + "markdownDescription": "replace: `object` \nModule: `http.handlers.reverse_proxy` \nPerforms in-situ substring replacements of HTTP headers.\nKeys are the field names on which to perform the associated replacements.\nIf the field name is `*`, the replacements are performed on all header fields. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement\nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/headers#Replacement) \nReplacement describes a string replacement,\neither a simple and fast substring search\nor a slower but more powerful regex search.\n \n", + "type": "object", + "properties": { + "replace": { + "description": "replace: string\nModule: http.handlers.reverse_proxy\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.reverse_proxy` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.reverse_proxy\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.reverse_proxy` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.reverse_proxy\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.reverse_proxy` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + } + }, + "require": { + "description": "require: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher\nIf set, header operations will be deferred until\nthey are written out and only performed if the\nresponse matches these criteria.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria.\n", + "markdownDescription": "require: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#ResponseMatcher) \nIf set, header operations will be deferred until\nthey are written out and only performed if the\nresponse matches these criteria.\n\n\nResponseMatcher is a type which can determine if an\nHTTP response matches some criteria. \n", + "type": "object", + "properties": { + "headers": { + "description": "headers: object\nModule: http.handlers.reverse_proxy\nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.reverse_proxy` \nIf set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "object", + "additionalProperties": { + "description": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/).\n", + "markdownDescription": "If set, each header specified must be one of the\nspecified values, with the same logic used by the\n[request header matcher](/docs/json/apps/http/servers/routes/match/header/). \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "status_code": { + "description": "status_code: array\nModule: http.handlers.reverse_proxy\nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "status_code: `array` \nModule: `http.handlers.reverse_proxy` \nIf set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "array", + "items": { + "description": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes).\n", + "markdownDescription": "If set, one of these status codes would be required.\nA one-digit status can be used to represent all codes\nin that class (e.g. 3 for all 3xx codes). \n", + "type": "number" + } + } + } + }, + "set": { + "description": "set: object\nModule: http.handlers.reverse_proxy\nSets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "set: `object` \nModule: `http.handlers.reverse_proxy` \nSets HTTP headers; replaces existing header fields. \n", + "type": "object", + "additionalProperties": { + "description": "Sets HTTP headers; replaces existing header fields.\n", + "markdownDescription": "Sets HTTP headers; replaces existing header fields. \n", + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + }, + "health_checks": { + "description": "health_checks: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HealthChecks\nHealth checks update the status of backends, whether they are\nup or down. Down backends will not be proxied to.\n\n\nHealthChecks configures active and passive health checks.\n", + "markdownDescription": "health_checks: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HealthChecks) \nHealth checks update the status of backends, whether they are\nup or down. Down backends will not be proxied to.\n\n\nHealthChecks configures active and passive health checks. \n", + "type": "object", + "properties": { + "active": { + "description": "active: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#ActiveHealthChecks\nActive health checks run in the background on a timer. To\nminimally enable active health checks, set either path or\nport (or both). Note that active health check status\n(healthy/unhealthy) is stored per-proxy-handler, not\nglobally; this allows different handlers to use different\ncriteria to decide what defines a healthy backend.\n\nActive health checks do not run for dynamic upstreams.\n\n\nActiveHealthChecks holds configuration related to active\nhealth checks (that is, health checks which occur in a\nbackground goroutine independently).\n", + "markdownDescription": "active: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#ActiveHealthChecks) \nActive health checks run in the background on a timer. To\nminimally enable active health checks, set either path or\nport (or both). Note that active health check status\n(healthy/unhealthy) is stored per-proxy-handler, not\nglobally; this allows different handlers to use different\ncriteria to decide what defines a healthy backend.\n\nActive health checks do not run for dynamic upstreams.\n\n\nActiveHealthChecks holds configuration related to active\nhealth checks (that is, health checks which occur in a\nbackground goroutine independently). \n", + "type": "object", + "properties": { + "body": { + "description": "body: string\nModule: http.handlers.reverse_proxy\nThe body to send with the health check request.\n", + "markdownDescription": "body: `string` \nModule: `http.handlers.reverse_proxy` \nThe body to send with the health check request. \n", + "type": "string" + }, + "expect_body": { + "description": "expect_body: string\nModule: http.handlers.reverse_proxy\nA regular expression against which to match the response\nbody of a healthy backend.\n", + "markdownDescription": "expect_body: `string` \nModule: `http.handlers.reverse_proxy` \nA regular expression against which to match the response\nbody of a healthy backend. \n", + "type": "string" + }, + "expect_status": { + "description": "expect_status: number\nModule: http.handlers.reverse_proxy\nThe HTTP status code to expect from a healthy backend.\n", + "markdownDescription": "expect_status: `number` \nModule: `http.handlers.reverse_proxy` \nThe HTTP status code to expect from a healthy backend. \n", + "type": "number" + }, + "fails": { + "description": "fails: number\nModule: http.handlers.reverse_proxy\nNumber of consecutive health check failures before marking\na previously healthy backend as unhealthy (default 1).\n", + "markdownDescription": "fails: `number` \nModule: `http.handlers.reverse_proxy` \nNumber of consecutive health check failures before marking\na previously healthy backend as unhealthy (default 1). \n", + "type": "number" + }, + "follow_redirects": { + "description": "follow_redirects: boolean\nModule: http.handlers.reverse_proxy\nWhether to follow HTTP redirects in response to active health checks (default off).\n", + "markdownDescription": "follow_redirects: `boolean` \nModule: `http.handlers.reverse_proxy` \nWhether to follow HTTP redirects in response to active health checks (default off). \n", + "type": "boolean" + }, + "headers": { + "description": "headers: object\nModule: http.handlers.reverse_proxy\nHTTP headers to set on health check requests.\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.reverse_proxy` \nHTTP headers to set on health check requests. \n", + "type": "object", + "additionalProperties": { + "description": "HTTP headers to set on health check requests.\n", + "markdownDescription": "HTTP headers to set on health check requests. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "interval": { + "description": "interval: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow frequently to perform active health checks (default 30s).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "interval: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow frequently to perform active health checks (default 30s).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "max_size": { + "description": "max_size: number\nModule: http.handlers.reverse_proxy\nThe maximum response body to download from the backend\nduring a health check.\n", + "markdownDescription": "max_size: `number` \nModule: `http.handlers.reverse_proxy` \nThe maximum response body to download from the backend\nduring a health check. \n", + "type": "number" + }, + "method": { + "description": "method: string\nModule: http.handlers.reverse_proxy\nThe HTTP method to use for health checks (default \"GET\").\n", + "markdownDescription": "method: `string` \nModule: `http.handlers.reverse_proxy` \nThe HTTP method to use for health checks (default \"GET\"). \n", + "type": "string" + }, + "passes": { + "description": "passes: number\nModule: http.handlers.reverse_proxy\nNumber of consecutive health check passes before marking\na previously unhealthy backend as healthy again (default 1).\n", + "markdownDescription": "passes: `number` \nModule: `http.handlers.reverse_proxy` \nNumber of consecutive health check passes before marking\na previously unhealthy backend as healthy again (default 1). \n", + "type": "number" + }, + "path": { + "description": "path: string\nModule: http.handlers.reverse_proxy\nDeprecated: Use 'uri' instead. This field will be removed. TODO: remove this field\n", + "markdownDescription": "path: `string` \nModule: `http.handlers.reverse_proxy` \nDeprecated: Use 'uri' instead. This field will be removed. TODO: remove this field \n", + "type": "string" + }, + "port": { + "description": "port: number\nModule: http.handlers.reverse_proxy\nThe port to use (if different from the upstream's dial\naddress) for health checks. If active upstream is set,\nthis value is ignored.\n", + "markdownDescription": "port: `number` \nModule: `http.handlers.reverse_proxy` \nThe port to use (if different from the upstream's dial\naddress) for health checks. If active upstream is set,\nthis value is ignored. \n", + "type": "number" + }, + "timeout": { + "description": "timeout: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to wait for a response from a backend before\nconsidering it unhealthy (default 5s).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "timeout: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to wait for a response from a backend before\nconsidering it unhealthy (default 5s).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "upstream": { + "description": "upstream: string\nModule: http.handlers.reverse_proxy\nThe host:port to use (if different from the upstream's dial address)\nfor health checks. This should be used in tandem with `health_header` and\n`{http.reverse_proxy.active.target_upstream}`. This can be helpful when\ncreating an intermediate service to do a more thorough health check.\nIf upstream is set, the active health check port is ignored.\n", + "markdownDescription": "upstream: `string` \nModule: `http.handlers.reverse_proxy` \nThe host:port to use (if different from the upstream's dial address)\nfor health checks. This should be used in tandem with `health_header` and\n`{http.reverse_proxy.active.target_upstream}`. This can be helpful when\ncreating an intermediate service to do a more thorough health check.\nIf upstream is set, the active health check port is ignored. \n", + "type": "string" + }, + "uri": { + "description": "uri: string\nModule: http.handlers.reverse_proxy\nThe URI (path and query) to use for health checks\n", + "markdownDescription": "uri: `string` \nModule: `http.handlers.reverse_proxy` \nThe URI (path and query) to use for health checks \n", + "type": "string" + } + } + }, + "passive": { + "description": "passive: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#PassiveHealthChecks\nPassive health checks monitor proxied requests for errors or timeouts.\nTo minimally enable passive health checks, specify at least an empty\nconfig object with fail_duration \u003e 0. Passive health check state is\nshared (stored globally), so a failure from one handler will be counted\nby all handlers; but the tolerances or standards for what defines\nhealthy/unhealthy backends is configured per-proxy-handler.\n\nPassive health checks technically do operate on dynamic upstreams,\nbut are only effective for very busy proxies where the list of\nupstreams is mostly stable. This is because the shared/global\nstate of upstreams is cleaned up when the upstreams are no longer\nused. Since dynamic upstreams are allocated dynamically at each\nrequest (specifically, each iteration of the proxy loop per request),\nthey are also cleaned up after every request. Thus, if there is a\nmoment when no requests are actively referring to a particular\nupstream host, the passive health check state will be reset because\nit will be garbage-collected. It is usually better for the dynamic\nupstream module to only return healthy, available backends instead.\n\n\nPassiveHealthChecks holds configuration related to passive\nhealth checks (that is, health checks which occur during\nthe normal flow of request proxying).\n", + "markdownDescription": "passive: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#PassiveHealthChecks) \nPassive health checks monitor proxied requests for errors or timeouts.\nTo minimally enable passive health checks, specify at least an empty\nconfig object with fail_duration \u003e 0. Passive health check state is\nshared (stored globally), so a failure from one handler will be counted\nby all handlers; but the tolerances or standards for what defines\nhealthy/unhealthy backends is configured per-proxy-handler.\n\nPassive health checks technically do operate on dynamic upstreams,\nbut are only effective for very busy proxies where the list of\nupstreams is mostly stable. This is because the shared/global\nstate of upstreams is cleaned up when the upstreams are no longer\nused. Since dynamic upstreams are allocated dynamically at each\nrequest (specifically, each iteration of the proxy loop per request),\nthey are also cleaned up after every request. Thus, if there is a\nmoment when no requests are actively referring to a particular\nupstream host, the passive health check state will be reset because\nit will be garbage-collected. It is usually better for the dynamic\nupstream module to only return healthy, available backends instead.\n\n\nPassiveHealthChecks holds configuration related to passive\nhealth checks (that is, health checks which occur during\nthe normal flow of request proxying). \n", + "type": "object", + "properties": { + "fail_duration": { + "description": "fail_duration: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to remember a failed request to a backend. A duration \u003e 0\nenables passive health checking. Default is 0.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "fail_duration: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to remember a failed request to a backend. A duration \u003e 0\nenables passive health checking. Default is 0.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "max_fails": { + "description": "max_fails: number\nModule: http.handlers.reverse_proxy\nThe number of failed requests within the FailDuration window to\nconsider a backend as \"down\". Must be \u003e= 1; default is 1. Requires\nthat FailDuration be \u003e 0.\n", + "markdownDescription": "max_fails: `number` \nModule: `http.handlers.reverse_proxy` \nThe number of failed requests within the FailDuration window to\nconsider a backend as \"down\". Must be \u003e= 1; default is 1. Requires\nthat FailDuration be \u003e 0. \n", + "type": "number" + }, + "unhealthy_latency": { + "description": "unhealthy_latency: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nCount the request as failed if the response takes at least this\nlong to receive.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "unhealthy_latency: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nCount the request as failed if the response takes at least this\nlong to receive.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "unhealthy_request_count": { + "description": "unhealthy_request_count: number\nModule: http.handlers.reverse_proxy\nLimits the number of simultaneous requests to a backend by\nmarking the backend as \"down\" if it has this many concurrent\nrequests or more.\n", + "markdownDescription": "unhealthy_request_count: `number` \nModule: `http.handlers.reverse_proxy` \nLimits the number of simultaneous requests to a backend by\nmarking the backend as \"down\" if it has this many concurrent\nrequests or more. \n", + "type": "number" + }, + "unhealthy_status": { + "description": "unhealthy_status: array\nModule: http.handlers.reverse_proxy\nCount the request as failed if the response comes back with\none of these status codes.\n", + "markdownDescription": "unhealthy_status: `array` \nModule: `http.handlers.reverse_proxy` \nCount the request as failed if the response comes back with\none of these status codes. \n", + "type": "array", + "items": { + "description": "Count the request as failed if the response comes back with\none of these status codes.\n", + "markdownDescription": "Count the request as failed if the response comes back with\none of these status codes. \n", + "type": "number" + } + } + } + } + } + }, + "load_balancing": { + "description": "load_balancing: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#LoadBalancing\nLoad balancing distributes load/requests between backends.\n\n\nLoadBalancing has parameters related to load balancing.\n", + "markdownDescription": "load_balancing: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#LoadBalancing) \nLoad balancing distributes load/requests between backends.\n\n\nLoadBalancing has parameters related to load balancing. \n", + "type": "object", + "properties": { + "retries": { + "description": "retries: number\nModule: http.handlers.reverse_proxy\nHow many times to retry selecting available backends for each\nrequest if the next available host is down. If try_duration is\nalso configured, then retries may stop early if the duration\nis reached. By default, retries are disabled (zero).\n", + "markdownDescription": "retries: `number` \nModule: `http.handlers.reverse_proxy` \nHow many times to retry selecting available backends for each\nrequest if the next available host is down. If try_duration is\nalso configured, then retries may stop early if the duration\nis reached. By default, retries are disabled (zero). \n", + "type": "number" + }, + "retry_match": { + "description": "retry_match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nA list of matcher sets that restricts with which requests retries are\nallowed. A request must match any of the given matcher sets in order\nto be retried if the connection to the upstream succeeded but the\nsubsequent round-trip failed. If the connection to the upstream failed,\na retry is always allowed. If unspecified, only GET requests will be\nallowed to be retried. Note that a retry is done with the next available\nhost according to the load balancing policy.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "retry_match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nA list of matcher sets that restricts with which requests retries are\nallowed. A request must match any of the given matcher sets in order\nto be retried if the connection to the upstream succeeded but the\nsubsequent round-trip failed. If the connection to the upstream failed,\na retry is always allowed. If unspecified, only GET requests will be\nallowed to be retried. Note that a retry is done with the next available\nhost according to the load balancing policy.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nA list of matcher sets that restricts with which requests retries are\nallowed. A request must match any of the given matcher sets in order\nto be retried if the connection to the upstream succeeded but the\nsubsequent round-trip failed. If the connection to the upstream failed,\na retry is always allowed. If unspecified, only GET requests will be\nallowed to be retried. Note that a retry is done with the next available\nhost according to the load balancing policy.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nA list of matcher sets that restricts with which requests retries are\nallowed. A request must match any of the given matcher sets in order\nto be retried if the connection to the upstream succeeded but the\nsubsequent round-trip failed. If the connection to the upstream failed,\na retry is always allowed. If unspecified, only GET requests will be\nallowed to be retried. Note that a retry is done with the next available\nhost according to the load balancing policy.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "selection_policy": { + "description": "selection_policy: object\nModule: http.reverse_proxy.selection_policies\nA selection policy is how to choose an available backend.\nThe default policy is random selection.\n", + "markdownDescription": "selection_policy: `object` \nModule: `http.reverse_proxy.selection_policies` \nA selection policy is how to choose an available backend.\nThe default policy is random selection. \n", + "type": "object", + "required": [ + "policy" + ], + "allOf": [ + { + "if": { + "properties": { + "policy": { + "const": "weighted_round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.weighted_round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "client_ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.client_ip_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "cookie" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.cookie" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "first" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.first" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "least_conn" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.least_conn" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "query" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.query" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random_choose" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random_choose" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "header" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.header" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.ip_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "uri_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.uri_hash" + } + }, + { + "properties": { + "policy": { + "description": "key to identify selection_policy module.\npolicy: string\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "key to identify `selection_policy` module. \npolicy: `string` \nModule: `http.reverse_proxy.selection_policies`", + "type": "string", + "enum": [ + "weighted_round_robin", + "client_ip_hash", + "cookie", + "first", + "least_conn", + "query", + "random", + "random_choose", + "round_robin", + "header", + "ip_hash", + "uri_hash" + ] + } + } + } + ] + }, + "try_duration": { + "description": "try_duration: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to try selecting available backends for each request\nif the next available host is down. Clients will wait for up\nto this long while the load balancer tries to find an available\nupstream host. If retries is also configured, tries may stop\nearly if the maximum retries is reached. By default, retries\nare disabled (zero duration).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "try_duration: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to try selecting available backends for each request\nif the next available host is down. Clients will wait for up\nto this long while the load balancer tries to find an available\nupstream host. If retries is also configured, tries may stop\nearly if the maximum retries is reached. By default, retries\nare disabled (zero duration).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "try_interval": { + "description": "try_interval: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to wait between selecting the next host from the pool.\nDefault is 250ms if try_duration is enabled, otherwise zero. Only\nrelevant when a request to an upstream host fails. Be aware that\nsetting this to 0 with a non-zero try_duration can cause the CPU\nto spin if all backends are down and latency is very low.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "try_interval: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to wait between selecting the next host from the pool.\nDefault is 250ms if try_duration is enabled, otherwise zero. Only\nrelevant when a request to an upstream host fails. Be aware that\nsetting this to 0 with a non-zero try_duration can cause the CPU\nto spin if all backends are down and latency is very low.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + }, + "request_buffers": { + "description": "request_buffers: number\nModule: http.handlers.reverse_proxy\nIf nonzero, the entire request body up to this size will be read\nand buffered in memory before being proxied to the backend. This\nshould be avoided if at all possible for performance reasons, but\ncould be useful if the backend is intolerant of read latency or\nchunked encodings.\n", + "markdownDescription": "request_buffers: `number` \nModule: `http.handlers.reverse_proxy` \nIf nonzero, the entire request body up to this size will be read\nand buffered in memory before being proxied to the backend. This\nshould be avoided if at all possible for performance reasons, but\ncould be useful if the backend is intolerant of read latency or\nchunked encodings. \n", + "type": "number" + }, + "response_buffers": { + "description": "response_buffers: number\nModule: http.handlers.reverse_proxy\nIf nonzero, the entire response body up to this size will be read\nand buffered in memory before being proxied to the client. This\nshould be avoided if at all possible for performance reasons, but\ncould be useful if the backend has tighter memory constraints.\n", + "markdownDescription": "response_buffers: `number` \nModule: `http.handlers.reverse_proxy` \nIf nonzero, the entire response body up to this size will be read\nand buffered in memory before being proxied to the client. This\nshould be avoided if at all possible for performance reasons, but\ncould be useful if the backend has tighter memory constraints. \n", + "type": "number" + }, + "rewrite": { + "description": "rewrite: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#Rewrite\nIf configured, rewrites the copy of the upstream request.\nAllows changing the request method and URI (path and query).\nSince the rewrite is applied to the copy, it does not persist\npast the reverse proxy handler.\nIf the method is changed to `GET` or `HEAD`, the request body\nwill not be copied to the backend. This allows a later request\nhandler -- either in a `handle_response` route, or after -- to\nread the body.\nBy default, no rewrite is performed, and the method and URI\nfrom the incoming request is used as-is for proxying.\n\n\nRewrite is a middleware which can rewrite/mutate HTTP requests.\n\nThe Method and URI properties are \"setters\" (the request URI\nwill be overwritten with the given values). Other properties are\n\"modifiers\" (they modify existing values in a differentiable\nway). It is atypical to combine the use of setters and\nmodifiers in a single rewrite.\n\nTo ensure consistent behavior, prefix and suffix stripping is\nperformed in the URL-decoded (unescaped, normalized) space by\ndefault except for the specific bytes where an escape sequence\nis used in the prefix or suffix pattern.\n\nFor all modifiers, paths are cleaned before being modified so that\nmultiple, consecutive slashes are collapsed into a single slash,\nand dot elements are resolved and removed. In the special case\nof a prefix, suffix, or substring containing \"//\" (repeated slashes),\nslashes will not be merged while cleaning the path so that\nthe rewrite can be interpreted literally.\n", + "markdownDescription": "rewrite: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#Rewrite) \nIf configured, rewrites the copy of the upstream request.\nAllows changing the request method and URI (path and query).\nSince the rewrite is applied to the copy, it does not persist\npast the reverse proxy handler.\nIf the method is changed to `GET` or `HEAD`, the request body\nwill not be copied to the backend. This allows a later request\nhandler -- either in a `handle_response` route, or after -- to\nread the body.\nBy default, no rewrite is performed, and the method and URI\nfrom the incoming request is used as-is for proxying.\n\n\nRewrite is a middleware which can rewrite/mutate HTTP requests.\n\nThe Method and URI properties are \"setters\" (the request URI\nwill be overwritten with the given values). Other properties are\n\"modifiers\" (they modify existing values in a differentiable\nway). It is atypical to combine the use of setters and\nmodifiers in a single rewrite.\n\nTo ensure consistent behavior, prefix and suffix stripping is\nperformed in the URL-decoded (unescaped, normalized) space by\ndefault except for the specific bytes where an escape sequence\nis used in the prefix or suffix pattern.\n\nFor all modifiers, paths are cleaned before being modified so that\nmultiple, consecutive slashes are collapsed into a single slash,\nand dot elements are resolved and removed. In the special case\nof a prefix, suffix, or substring containing \"//\" (repeated slashes),\nslashes will not be merged while cleaning the path so that\nthe rewrite can be interpreted literally. \n", + "type": "object", + "properties": { + "method": { + "description": "method: string\nModule: http.handlers.reverse_proxy\nChanges the request's HTTP verb.\n", + "markdownDescription": "method: `string` \nModule: `http.handlers.reverse_proxy` \nChanges the request's HTTP verb. \n", + "type": "string" + }, + "path_regexp": { + "description": "path_regexp: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer\nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression.\n", + "markdownDescription": "path_regexp: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer) \nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer\nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer) \nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression. \n", + "type": "object", + "properties": { + "find": { + "description": "find: string\nModule: http.handlers.reverse_proxy\nThe regular expression to find.\n", + "markdownDescription": "find: `string` \nModule: `http.handlers.reverse_proxy` \nThe regular expression to find. \n", + "type": "string" + }, + "replace": { + "description": "replace: string\nModule: http.handlers.reverse_proxy\nThe substring to replace with. Supports placeholders and\nregular expression capture groups.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.reverse_proxy` \nThe substring to replace with. Supports placeholders and\nregular expression capture groups. \n", + "type": "string" + } + } + } + }, + "query": { + "description": "query: object\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOps\nMutates the query string of the URI.\n\n\nqueryOps describes the operations to perform on query keys: add, set, rename and delete.\n", + "markdownDescription": "query: `object` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOps) \nMutates the query string of the URI.\n\n\nqueryOps describes the operations to perform on query keys: add, set, rename and delete. \n", + "type": "object", + "properties": { + "add": { + "description": "add: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist.\n", + "markdownDescription": "add: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.reverse_proxy\nA key in the query string. Note that query string keys may appear multiple times.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.reverse_proxy` \nA key in the query string. Note that query string keys may appear multiple times. \n", + "type": "string" + }, + "val": { + "description": "val: string\nModule: http.handlers.reverse_proxy\nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to.\n", + "markdownDescription": "val: `string` \nModule: `http.handlers.reverse_proxy` \nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to. \n", + "type": "string" + } + } + } + }, + "delete": { + "description": "delete: array\nModule: http.handlers.reverse_proxy\nDeletes a given query key by name.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.reverse_proxy` \nDeletes a given query key by name. \n", + "type": "array", + "items": { + "description": "Deletes a given query key by name.\n", + "markdownDescription": "Deletes a given query key by name. \n", + "type": "string" + } + }, + "rename": { + "description": "rename: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nRenames a query key from Key to Val, without affecting the value.\n", + "markdownDescription": "rename: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nRenames a query key from Key to Val, without affecting the value. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nRenames a query key from Key to Val, without affecting the value.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nRenames a query key from Key to Val, without affecting the value. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.reverse_proxy\nA key in the query string. Note that query string keys may appear multiple times.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.reverse_proxy` \nA key in the query string. Note that query string keys may appear multiple times. \n", + "type": "string" + }, + "val": { + "description": "val: string\nModule: http.handlers.reverse_proxy\nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to.\n", + "markdownDescription": "val: `string` \nModule: `http.handlers.reverse_proxy` \nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to. \n", + "type": "string" + } + } + } + }, + "replace": { + "description": "replace: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement\nReplaces query parameters.\n", + "markdownDescription": "replace: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement) \nReplaces query parameters. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement\nReplaces query parameters.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement) \nReplaces query parameters. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.reverse_proxy\nThe key to replace in the query string.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.reverse_proxy` \nThe key to replace in the query string. \n", + "type": "string" + }, + "replace": { + "description": "replace: string\nModule: http.handlers.reverse_proxy\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.reverse_proxy` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.reverse_proxy\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.reverse_proxy` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.reverse_proxy\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.reverse_proxy` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + }, + "set": { + "description": "set: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nSets query parameters; overwrites a query key with the given value.\n", + "markdownDescription": "set: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nSets query parameters; overwrites a query key with the given value. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nSets query parameters; overwrites a query key with the given value.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nSets query parameters; overwrites a query key with the given value. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.reverse_proxy\nA key in the query string. Note that query string keys may appear multiple times.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.reverse_proxy` \nA key in the query string. Note that query string keys may appear multiple times. \n", + "type": "string" + }, + "val": { + "description": "val: string\nModule: http.handlers.reverse_proxy\nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to.\n", + "markdownDescription": "val: `string` \nModule: `http.handlers.reverse_proxy` \nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to. \n", + "type": "string" + } + } + } + } + } + }, + "strip_path_prefix": { + "description": "strip_path_prefix: string\nModule: http.handlers.reverse_proxy\nStrips the given prefix from the beginning of the URI path.\nThe prefix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match.\n", + "markdownDescription": "strip_path_prefix: `string` \nModule: `http.handlers.reverse_proxy` \nStrips the given prefix from the beginning of the URI path.\nThe prefix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match. \n", + "type": "string" + }, + "strip_path_suffix": { + "description": "strip_path_suffix: string\nModule: http.handlers.reverse_proxy\nStrips the given suffix from the end of the URI path.\nThe suffix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match.\n", + "markdownDescription": "strip_path_suffix: `string` \nModule: `http.handlers.reverse_proxy` \nStrips the given suffix from the end of the URI path.\nThe suffix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match. \n", + "type": "string" + }, + "uri": { + "description": "uri: string\nModule: http.handlers.reverse_proxy\nChanges the request's URI, which consists of path and query string.\nOnly components of the URI that are specified will be changed.\nFor example, a value of \"/foo.html\" or \"foo.html\" will only change\nthe path and will preserve any existing query string. Similarly, a\nvalue of \"?a=b\" will only change the query string and will not affect\nthe path. Both can also be changed: \"/foo?a=b\" - this sets both the\npath and query string at the same time.\n\nYou can also use placeholders. For example, to preserve the existing\nquery string, you might use: \"?{http.request.uri.query}\u0026a=b\". Any\nkey-value pairs you add to the query string will not overwrite\nexisting values (individual pairs are append-only).\n\nTo clear the query string, explicitly set an empty one: \"?\"\n", + "markdownDescription": "uri: `string` \nModule: `http.handlers.reverse_proxy` \nChanges the request's URI, which consists of path and query string.\nOnly components of the URI that are specified will be changed.\nFor example, a value of \"/foo.html\" or \"foo.html\" will only change\nthe path and will preserve any existing query string. Similarly, a\nvalue of \"?a=b\" will only change the query string and will not affect\nthe path. Both can also be changed: \"/foo?a=b\" - this sets both the\npath and query string at the same time.\n\nYou can also use placeholders. For example, to preserve the existing\nquery string, you might use: \"?{http.request.uri.query}\u0026a=b\". Any\nkey-value pairs you add to the query string will not overwrite\nexisting values (individual pairs are append-only).\n\nTo clear the query string, explicitly set an empty one: \"?\" \n", + "type": "string" + }, + "uri_substring": { + "description": "uri_substring: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer\nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement.\n", + "markdownDescription": "uri_substring: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer) \nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer\nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer) \nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement. \n", + "type": "object", + "properties": { + "find": { + "description": "find: string\nModule: http.handlers.reverse_proxy\nA substring to find. Supports placeholders.\n", + "markdownDescription": "find: `string` \nModule: `http.handlers.reverse_proxy` \nA substring to find. Supports placeholders. \n", + "type": "string" + }, + "limit": { + "description": "limit: number\nModule: http.handlers.reverse_proxy\nMaximum number of replacements per string.\nSet to \u003c= 0 for no limit (default).\n", + "markdownDescription": "limit: `number` \nModule: `http.handlers.reverse_proxy` \nMaximum number of replacements per string.\nSet to \u003c= 0 for no limit (default). \n", + "type": "number" + }, + "replace": { + "description": "replace: string\nModule: http.handlers.reverse_proxy\nThe substring to replace with. Supports placeholders.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.reverse_proxy` \nThe substring to replace with. Supports placeholders. \n", + "type": "string" + } + } + } + } + } + }, + "stream_close_delay": { + "description": "stream_close_delay: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nIf nonzero, streaming requests such as WebSockets will not be\nclosed when the proxy config is unloaded, and instead the stream\nwill remain open until the delay is complete. In other words,\nenabling this prevents streams from closing when Caddy's config\nis reloaded. Enabling this may be a good idea to avoid a thundering\nherd of reconnecting clients which had their connections closed\nby the previous config closing. Default: no delay.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "stream_close_delay: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nIf nonzero, streaming requests such as WebSockets will not be\nclosed when the proxy config is unloaded, and instead the stream\nwill remain open until the delay is complete. In other words,\nenabling this prevents streams from closing when Caddy's config\nis reloaded. Enabling this may be a good idea to avoid a thundering\nherd of reconnecting clients which had their connections closed\nby the previous config closing. Default: no delay.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "stream_timeout": { + "description": "stream_timeout: number\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nIf nonzero, streaming requests such as WebSockets will be\nforcibly closed at the end of the timeout. Default: no timeout.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "stream_timeout: `number` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nIf nonzero, streaming requests such as WebSockets will be\nforcibly closed at the end of the timeout. Default: no timeout.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "transport": { + "description": "transport: object\nModule: http.reverse_proxy.transport\nConfigures the method of transport for the proxy. A transport\nis what performs the actual \"round trip\" to the backend.\nThe default transport is plaintext HTTP.\n", + "markdownDescription": "transport: `object` \nModule: `http.reverse_proxy.transport` \nConfigures the method of transport for the proxy. A transport\nis what performs the actual \"round trip\" to the backend.\nThe default transport is plaintext HTTP. \n", + "type": "object", + "required": [ + "protocol" + ], + "allOf": [ + { + "if": { + "properties": { + "protocol": { + "const": "fastcgi" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.transport.fastcgi" + } + }, + { + "if": { + "properties": { + "protocol": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.transport.http" + } + }, + { + "properties": { + "protocol": { + "description": "key to identify transport module.\nprotocol: string\nModule: http.reverse_proxy.transport", + "markdownDescription": "key to identify `transport` module. \nprotocol: `string` \nModule: `http.reverse_proxy.transport`", + "type": "string", + "enum": [ + "fastcgi", + "http" + ] + } + } + } + ] + }, + "trusted_proxies": { + "description": "trusted_proxies: array\nModule: http.handlers.reverse_proxy\nA list of IP ranges (supports CIDR notation) from which\nX-Forwarded-* header values should be trusted. By default,\nno proxies are trusted, so existing values will be ignored\nwhen setting these headers. If the proxy is trusted, then\nexisting values will be used when constructing the final\nheader values.\n", + "markdownDescription": "trusted_proxies: `array` \nModule: `http.handlers.reverse_proxy` \nA list of IP ranges (supports CIDR notation) from which\nX-Forwarded-* header values should be trusted. By default,\nno proxies are trusted, so existing values will be ignored\nwhen setting these headers. If the proxy is trusted, then\nexisting values will be used when constructing the final\nheader values. \n", + "type": "array", + "items": { + "description": "A list of IP ranges (supports CIDR notation) from which\nX-Forwarded-* header values should be trusted. By default,\nno proxies are trusted, so existing values will be ignored\nwhen setting these headers. If the proxy is trusted, then\nexisting values will be used when constructing the final\nheader values.\n", + "markdownDescription": "A list of IP ranges (supports CIDR notation) from which\nX-Forwarded-* header values should be trusted. By default,\nno proxies are trusted, so existing values will be ignored\nwhen setting these headers. If the proxy is trusted, then\nexisting values will be used when constructing the final\nheader values. \n", + "type": "string" + } + }, + "upstreams": { + "description": "upstreams: array\nModule: http.handlers.reverse_proxy\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#Upstream\nUpstreams is the static list of backends to proxy to.\n\n\nUpstream bridges this proxy's configuration to the\nstate of the backend host it is correlated with.\nUpstream values must not be copied.\n", + "markdownDescription": "upstreams: `array` \nModule: `http.handlers.reverse_proxy` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#Upstream) \nUpstreams is the static list of backends to proxy to.\n\n\nUpstream bridges this proxy's configuration to the\nstate of the backend host it is correlated with.\nUpstream values must not be copied. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#Upstream\nUpstreams is the static list of backends to proxy to.\n\n\nUpstream bridges this proxy's configuration to the\nstate of the backend host it is correlated with.\nUpstream values must not be copied.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#Upstream) \nUpstreams is the static list of backends to proxy to.\n\n\nUpstream bridges this proxy's configuration to the\nstate of the backend host it is correlated with.\nUpstream values must not be copied. \n", + "type": "object", + "properties": { + "dial": { + "description": "dial: string\nModule: http.handlers.reverse_proxy\nThe [network address](/docs/conventions#network-addresses)\nto dial to connect to the upstream. Must represent precisely\none socket (i.e. no port ranges). A valid network address\neither has a host and port or is a unix socket address.\n\nPlaceholders may be used to make the upstream dynamic, but be\naware of the health check implications of this: a single\nupstream that represents numerous (perhaps arbitrary) backends\ncan be considered down if one or enough of the arbitrary\nbackends is down. Also be aware of open proxy vulnerabilities.\n", + "markdownDescription": "dial: `string` \nModule: `http.handlers.reverse_proxy` \nThe [network address](/docs/conventions#network-addresses)\nto dial to connect to the upstream. Must represent precisely\none socket (i.e. no port ranges). A valid network address\neither has a host and port or is a unix socket address.\n\nPlaceholders may be used to make the upstream dynamic, but be\naware of the health check implications of this: a single\nupstream that represents numerous (perhaps arbitrary) backends\ncan be considered down if one or enough of the arbitrary\nbackends is down. Also be aware of open proxy vulnerabilities. \n", + "type": "string" + }, + "max_requests": { + "description": "max_requests: number\nModule: http.handlers.reverse_proxy\nThe maximum number of simultaneous requests to allow to\nthis upstream. If set, overrides the global passive health\ncheck UnhealthyRequestCount value.\n", + "markdownDescription": "max_requests: `number` \nModule: `http.handlers.reverse_proxy` \nThe maximum number of simultaneous requests to allow to\nthis upstream. If set, overrides the global passive health\ncheck UnhealthyRequestCount value. \n", + "type": "number" + } + } + } + }, + "verbose_logs": { + "description": "verbose_logs: boolean\nModule: http.handlers.reverse_proxy\nIf set, the proxy will write very detailed logs about its\ninner workings. Enable this only when debugging, as it\nwill produce a lot of output.\n\nEXPERIMENTAL: This feature is subject to change or removal.\n", + "markdownDescription": "verbose_logs: `boolean` \nModule: `http.handlers.reverse_proxy` \nIf set, the proxy will write very detailed logs about its\ninner workings. Enable this only when debugging, as it\nwill produce a lot of output.\n\nEXPERIMENTAL: This feature is subject to change or removal. \n", + "type": "boolean" + } + } + }, + "http.handlers.rewrite": { + "description": "rewrite: object\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#Rewrite\nRewrite is a middleware which can rewrite/mutate HTTP requests.\n\nThe Method and URI properties are \"setters\" (the request URI\nwill be overwritten with the given values). Other properties are\n\"modifiers\" (they modify existing values in a differentiable\nway). It is atypical to combine the use of setters and\nmodifiers in a single rewrite.\n\nTo ensure consistent behavior, prefix and suffix stripping is\nperformed in the URL-decoded (unescaped, normalized) space by\ndefault except for the specific bytes where an escape sequence\nis used in the prefix or suffix pattern.\n\nFor all modifiers, paths are cleaned before being modified so that\nmultiple, consecutive slashes are collapsed into a single slash,\nand dot elements are resolved and removed. In the special case\nof a prefix, suffix, or substring containing \"//\" (repeated slashes),\nslashes will not be merged while cleaning the path so that\nthe rewrite can be interpreted literally.\n\n", + "markdownDescription": "rewrite: `object` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#Rewrite) \nRewrite is a middleware which can rewrite/mutate HTTP requests.\n\nThe Method and URI properties are \"setters\" (the request URI\nwill be overwritten with the given values). Other properties are\n\"modifiers\" (they modify existing values in a differentiable\nway). It is atypical to combine the use of setters and\nmodifiers in a single rewrite.\n\nTo ensure consistent behavior, prefix and suffix stripping is\nperformed in the URL-decoded (unescaped, normalized) space by\ndefault except for the specific bytes where an escape sequence\nis used in the prefix or suffix pattern.\n\nFor all modifiers, paths are cleaned before being modified so that\nmultiple, consecutive slashes are collapsed into a single slash,\nand dot elements are resolved and removed. In the special case\nof a prefix, suffix, or substring containing \"//\" (repeated slashes),\nslashes will not be merged while cleaning the path so that\nthe rewrite can be interpreted literally.\n \n", + "type": "object", + "properties": { + "method": { + "description": "method: string\nModule: http.handlers.rewrite\nChanges the request's HTTP verb.\n", + "markdownDescription": "method: `string` \nModule: `http.handlers.rewrite` \nChanges the request's HTTP verb. \n", + "type": "string" + }, + "path_regexp": { + "description": "path_regexp: array\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer\nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression.\n", + "markdownDescription": "path_regexp: `array` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer) \nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer\nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#regexReplacer) \nPerforms regular expression replacements on the URI path.\n\n\nregexReplacer describes a replacement using a regular expression. \n", + "type": "object", + "properties": { + "find": { + "description": "find: string\nModule: http.handlers.rewrite\nThe regular expression to find.\n", + "markdownDescription": "find: `string` \nModule: `http.handlers.rewrite` \nThe regular expression to find. \n", + "type": "string" + }, + "replace": { + "description": "replace: string\nModule: http.handlers.rewrite\nThe substring to replace with. Supports placeholders and\nregular expression capture groups.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.rewrite` \nThe substring to replace with. Supports placeholders and\nregular expression capture groups. \n", + "type": "string" + } + } + } + }, + "query": { + "description": "query: object\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOps\nMutates the query string of the URI.\n\n\nqueryOps describes the operations to perform on query keys: add, set, rename and delete.\n", + "markdownDescription": "query: `object` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOps) \nMutates the query string of the URI.\n\n\nqueryOps describes the operations to perform on query keys: add, set, rename and delete. \n", + "type": "object", + "properties": { + "add": { + "description": "add: array\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist.\n", + "markdownDescription": "add: `array` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nAdds query parameters; does not overwrite an existing query field,\nand only appends an additional value for that key if any already exist. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.rewrite\nA key in the query string. Note that query string keys may appear multiple times.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.rewrite` \nA key in the query string. Note that query string keys may appear multiple times. \n", + "type": "string" + }, + "val": { + "description": "val: string\nModule: http.handlers.rewrite\nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to.\n", + "markdownDescription": "val: `string` \nModule: `http.handlers.rewrite` \nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to. \n", + "type": "string" + } + } + } + }, + "delete": { + "description": "delete: array\nModule: http.handlers.rewrite\nDeletes a given query key by name.\n", + "markdownDescription": "delete: `array` \nModule: `http.handlers.rewrite` \nDeletes a given query key by name. \n", + "type": "array", + "items": { + "description": "Deletes a given query key by name.\n", + "markdownDescription": "Deletes a given query key by name. \n", + "type": "string" + } + }, + "rename": { + "description": "rename: array\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nRenames a query key from Key to Val, without affecting the value.\n", + "markdownDescription": "rename: `array` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nRenames a query key from Key to Val, without affecting the value. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nRenames a query key from Key to Val, without affecting the value.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nRenames a query key from Key to Val, without affecting the value. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.rewrite\nA key in the query string. Note that query string keys may appear multiple times.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.rewrite` \nA key in the query string. Note that query string keys may appear multiple times. \n", + "type": "string" + }, + "val": { + "description": "val: string\nModule: http.handlers.rewrite\nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to.\n", + "markdownDescription": "val: `string` \nModule: `http.handlers.rewrite` \nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to. \n", + "type": "string" + } + } + } + }, + "replace": { + "description": "replace: array\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement\nReplaces query parameters.\n", + "markdownDescription": "replace: `array` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement) \nReplaces query parameters. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement\nReplaces query parameters.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsReplacement) \nReplaces query parameters. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.rewrite\nThe key to replace in the query string.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.rewrite` \nThe key to replace in the query string. \n", + "type": "string" + }, + "replace": { + "description": "replace: string\nModule: http.handlers.rewrite\nThe string with which to replace matches.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.rewrite` \nThe string with which to replace matches. \n", + "type": "string" + }, + "search": { + "description": "search: string\nModule: http.handlers.rewrite\nThe substring to search for.\n", + "markdownDescription": "search: `string` \nModule: `http.handlers.rewrite` \nThe substring to search for. \n", + "type": "string" + }, + "search_regexp": { + "description": "search_regexp: string\nModule: http.handlers.rewrite\nThe regular expression to search with.\n", + "markdownDescription": "search_regexp: `string` \nModule: `http.handlers.rewrite` \nThe regular expression to search with. \n", + "type": "string" + } + } + } + }, + "set": { + "description": "set: array\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nSets query parameters; overwrites a query key with the given value.\n", + "markdownDescription": "set: `array` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nSets query parameters; overwrites a query key with the given value. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments\nSets query parameters; overwrites a query key with the given value.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#queryOpsArguments) \nSets query parameters; overwrites a query key with the given value. \n", + "type": "object", + "properties": { + "key": { + "description": "key: string\nModule: http.handlers.rewrite\nA key in the query string. Note that query string keys may appear multiple times.\n", + "markdownDescription": "key: `string` \nModule: `http.handlers.rewrite` \nA key in the query string. Note that query string keys may appear multiple times. \n", + "type": "string" + }, + "val": { + "description": "val: string\nModule: http.handlers.rewrite\nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to.\n", + "markdownDescription": "val: `string` \nModule: `http.handlers.rewrite` \nThe value for the given operation; for add and set, this is\nsimply the value of the query, and for rename this is the\nquery key to rename to. \n", + "type": "string" + } + } + } + } + } + }, + "strip_path_prefix": { + "description": "strip_path_prefix: string\nModule: http.handlers.rewrite\nStrips the given prefix from the beginning of the URI path.\nThe prefix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match.\n", + "markdownDescription": "strip_path_prefix: `string` \nModule: `http.handlers.rewrite` \nStrips the given prefix from the beginning of the URI path.\nThe prefix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match. \n", + "type": "string" + }, + "strip_path_suffix": { + "description": "strip_path_suffix: string\nModule: http.handlers.rewrite\nStrips the given suffix from the end of the URI path.\nThe suffix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match.\n", + "markdownDescription": "strip_path_suffix: `string` \nModule: `http.handlers.rewrite` \nStrips the given suffix from the end of the URI path.\nThe suffix should be written in normalized (unescaped) form,\nbut if an escaping (`%xx`) is used, the path will be required\nto have that same escape at that position in order to match. \n", + "type": "string" + }, + "uri": { + "description": "uri: string\nModule: http.handlers.rewrite\nChanges the request's URI, which consists of path and query string.\nOnly components of the URI that are specified will be changed.\nFor example, a value of \"/foo.html\" or \"foo.html\" will only change\nthe path and will preserve any existing query string. Similarly, a\nvalue of \"?a=b\" will only change the query string and will not affect\nthe path. Both can also be changed: \"/foo?a=b\" - this sets both the\npath and query string at the same time.\n\nYou can also use placeholders. For example, to preserve the existing\nquery string, you might use: \"?{http.request.uri.query}\u0026a=b\". Any\nkey-value pairs you add to the query string will not overwrite\nexisting values (individual pairs are append-only).\n\nTo clear the query string, explicitly set an empty one: \"?\"\n", + "markdownDescription": "uri: `string` \nModule: `http.handlers.rewrite` \nChanges the request's URI, which consists of path and query string.\nOnly components of the URI that are specified will be changed.\nFor example, a value of \"/foo.html\" or \"foo.html\" will only change\nthe path and will preserve any existing query string. Similarly, a\nvalue of \"?a=b\" will only change the query string and will not affect\nthe path. Both can also be changed: \"/foo?a=b\" - this sets both the\npath and query string at the same time.\n\nYou can also use placeholders. For example, to preserve the existing\nquery string, you might use: \"?{http.request.uri.query}\u0026a=b\". Any\nkey-value pairs you add to the query string will not overwrite\nexisting values (individual pairs are append-only).\n\nTo clear the query string, explicitly set an empty one: \"?\" \n", + "type": "string" + }, + "uri_substring": { + "description": "uri_substring: array\nModule: http.handlers.rewrite\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer\nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement.\n", + "markdownDescription": "uri_substring: `array` \nModule: `http.handlers.rewrite` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer) \nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer\nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite#substrReplacer) \nPerforms substring replacements on the URI.\n\n\nsubstrReplacer describes either a simple and fast substring replacement. \n", + "type": "object", + "properties": { + "find": { + "description": "find: string\nModule: http.handlers.rewrite\nA substring to find. Supports placeholders.\n", + "markdownDescription": "find: `string` \nModule: `http.handlers.rewrite` \nA substring to find. Supports placeholders. \n", + "type": "string" + }, + "limit": { + "description": "limit: number\nModule: http.handlers.rewrite\nMaximum number of replacements per string.\nSet to \u003c= 0 for no limit (default).\n", + "markdownDescription": "limit: `number` \nModule: `http.handlers.rewrite` \nMaximum number of replacements per string.\nSet to \u003c= 0 for no limit (default). \n", + "type": "number" + }, + "replace": { + "description": "replace: string\nModule: http.handlers.rewrite\nThe substring to replace with. Supports placeholders.\n", + "markdownDescription": "replace: `string` \nModule: `http.handlers.rewrite` \nThe substring to replace with. Supports placeholders. \n", + "type": "string" + } + } + } + } + } + }, + "http.handlers.static_response": { + "description": "static_response: object\nModule: http.handlers.static_response\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StaticResponse\nStaticResponse implements a simple responder for static responses.\n\n", + "markdownDescription": "static_response: `object` \nModule: `http.handlers.static_response` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StaticResponse) \nStaticResponse implements a simple responder for static responses.\n \n", + "type": "object", + "properties": { + "abort": { + "description": "abort: boolean\nModule: http.handlers.static_response\nImmediately and forcefully closes the connection without\nwriting a response. Interrupts any other HTTP streams on\nthe same connection.\n", + "markdownDescription": "abort: `boolean` \nModule: `http.handlers.static_response` \nImmediately and forcefully closes the connection without\nwriting a response. Interrupts any other HTTP streams on\nthe same connection. \n", + "type": "boolean" + }, + "body": { + "description": "body: string\nModule: http.handlers.static_response\nThe response body. If non-empty, the Content-Type header may\nbe added automatically if it is not explicitly configured nor\nalready set on the response; the default value is\n\"text/plain; charset=utf-8\" unless the body is a valid JSON object\nor array, in which case the value will be \"application/json\".\nOther than those common special cases the Content-Type header\nshould be set explicitly if it is desired because MIME sniffing\nis disabled for safety.\n", + "markdownDescription": "body: `string` \nModule: `http.handlers.static_response` \nThe response body. If non-empty, the Content-Type header may\nbe added automatically if it is not explicitly configured nor\nalready set on the response; the default value is\n\"text/plain; charset=utf-8\" unless the body is a valid JSON object\nor array, in which case the value will be \"application/json\".\nOther than those common special cases the Content-Type header\nshould be set explicitly if it is desired because MIME sniffing\nis disabled for safety. \n", + "type": "string" + }, + "close": { + "description": "close: boolean\nModule: http.handlers.static_response\nIf true, the server will close the client's connection\nafter writing the response.\n", + "markdownDescription": "close: `boolean` \nModule: `http.handlers.static_response` \nIf true, the server will close the client's connection\nafter writing the response. \n", + "type": "boolean" + }, + "headers": { + "description": "headers: object\nModule: http.handlers.static_response\nHeader fields to set on the response; overwrites any existing\nheader fields of the same names after normalization.\n", + "markdownDescription": "headers: `object` \nModule: `http.handlers.static_response` \nHeader fields to set on the response; overwrites any existing\nheader fields of the same names after normalization. \n", + "type": "object", + "additionalProperties": { + "description": "Header fields to set on the response; overwrites any existing\nheader fields of the same names after normalization.\n", + "markdownDescription": "Header fields to set on the response; overwrites any existing\nheader fields of the same names after normalization. \n", + "type": "array", + "items": { + "type": "string" + } + } + }, + "status_code": { + "description": "status_code: string\nModule: http.handlers.static_response\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString\nThe HTTP status code to respond with. Can be an integer or,\nif needing to use a placeholder, a string.\n\nIf the status code is 103 (Early Hints), the response headers\nwill be written to the client immediately, the body will be\nignored, and the next handler will be invoked. This behavior\nis EXPERIMENTAL while RFC 8297 is a draft, and may be changed\nor removed.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned.\n", + "markdownDescription": "status_code: `string` \nModule: `http.handlers.static_response` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#WeakString) \nThe HTTP status code to respond with. Can be an integer or,\nif needing to use a placeholder, a string.\n\nIf the status code is 103 (Early Hints), the response headers\nwill be written to the client immediately, the body will be\nignored, and the next handler will be invoked. This behavior\nis EXPERIMENTAL while RFC 8297 is a draft, and may be changed\nor removed.\n\n\nWeakString is a type that unmarshals any JSON value\nas a string literal, with the following exceptions:\n\n1. actual string values are decoded as strings; and\n2. null is decoded as empty string;\n\nand provides methods for getting the value as various\nprimitive types. However, using this type removes any\ntype safety as far as deserializing JSON is concerned. \n", + "type": "string" + } + } + }, + "http.handlers.subroute": { + "description": "subroute: object\nModule: http.handlers.subroute\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Subroute\nSubroute implements a handler that compiles and executes routes.\nThis is useful for a batch of routes that all inherit the same\nmatchers, or for multiple routes that should be treated as a\nsingle route.\n\nYou can also use subroutes to handle errors from its handlers.\nFirst the primary routes will be executed, and if they return an\nerror, the errors routes will be executed; in that case, an error\nis only returned to the entry point at the server if there is an\nadditional error returned from the errors routes.\n\n", + "markdownDescription": "subroute: `object` \nModule: `http.handlers.subroute` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Subroute) \nSubroute implements a handler that compiles and executes routes.\nThis is useful for a batch of routes that all inherit the same\nmatchers, or for multiple routes that should be treated as a\nsingle route.\n\nYou can also use subroutes to handle errors from its handlers.\nFirst the primary routes will be executed, and if they return an\nerror, the errors routes will be executed; in that case, an error\nis only returned to the entry point at the server if there is an\nadditional error returned from the errors routes.\n \n", + "type": "object", + "properties": { + "errors": { + "description": "errors: object\nModule: http.handlers.subroute\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#HTTPErrorConfig\nIf the primary routes return an error, error handling\ncan be promoted to this configuration instead.\n\n\nHTTPErrorConfig determines how to handle errors\nfrom the HTTP handlers.\n", + "markdownDescription": "errors: `object` \nModule: `http.handlers.subroute` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#HTTPErrorConfig) \nIf the primary routes return an error, error handling\ncan be promoted to this configuration instead.\n\n\nHTTPErrorConfig determines how to handle errors\nfrom the HTTP handlers. \n", + "type": "object", + "properties": { + "routes": { + "description": "routes: array\nModule: http.handlers.subroute\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "routes: `array` \nModule: `http.handlers.subroute` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe routes to evaluate after the primary handler\nchain returns an error. In an error route, extra\nplaceholders are available:\n\nPlaceholder | Description\n------------|---------------\n`{http.error.status_code}` | The recommended HTTP status code\n`{http.error.status_text}` | The status text associated with the recommended status code\n`{http.error.message}` | The error message\n`{http.error.trace}` | The origin of the error\n`{http.error.id}` | An identifier for this occurrence of the error\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "properties": { + "group": { + "description": "group: string\nModule: http.handlers.subroute\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http.handlers.subroute` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "copy_response", + "headers", + "invoke", + "metrics", + "push", + "acme_server", + "authentication", + "encode", + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error", + "reverse_proxy", + "templates" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http.handlers.subroute\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http.handlers.subroute` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + } + } + }, + "routes": { + "description": "routes: array\nModule: http.handlers.subroute\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe primary list of routes to compile and execute.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "routes: `array` \nModule: `http.handlers.subroute` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe primary list of routes to compile and execute.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route\nThe primary list of routes to compile and execute.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#Route) \nThe primary list of routes to compile and execute.\n\n\nRoute consists of a set of rules for matching HTTP requests,\na list of handlers to execute, and optional flow control\nparameters which customize the handling of HTTP requests\nin a highly flexible and performant manner. \n", + "type": "object", + "properties": { + "group": { + "description": "group: string\nModule: http.handlers.subroute\nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed.\n", + "markdownDescription": "group: `string` \nModule: `http.handlers.subroute` \nGroup is an optional name for a group to which this\nroute belongs. Grouping a route makes it mutually\nexclusive with others in its group; if a route belongs\nto a group, only the first matching route in that group\nwill be executed. \n", + "type": "string" + }, + "handle": { + "description": "handle: array\nModule: http.handlers\nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "handle: `array` \nModule: `http.handlers` \nThe list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "type": "array", + "items": { + "description": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes.\n", + "markdownDescription": "The list of handlers for this route. Upon matching a request, they are chained\ntogether in a middleware fashion: requests flow from the first handler to the last\n(top of the list to the bottom), with the possibility that any handler could stop\nthe chain and/or return an error. Responses flow back through the chain (bottom of\nthe list to the top) as they are written out to the client.\n\nNot all handlers call the next handler in the chain. For example, the reverse_proxy\nhandler always sends a request upstream or returns an error. Thus, configuring\nhandlers after reverse_proxy in the same route is illogical, since they would never\nbe executed. You will want to put handlers which originate the response at the very\nend of your route(s). The documentation for a module should state whether it invokes\nthe next handler, but sometimes it is common sense.\n\nSome handlers manipulate the response. Remember that requests flow down the list, and\nresponses flow up the list.\n\nFor example, if you wanted to use both `templates` and `encode` handlers, you would\nneed to put `templates` after `encode` in your route, because responses flow up.\nThus, `templates` will be able to parse and execute the plain-text response as a\ntemplate, and then return it up to the `encode` handler which will then compress it\ninto a binary format.\n\nIf `templates` came before `encode`, then `encode` would write a compressed,\nbinary-encoded response to `templates` which would not be able to parse the response\nproperly.\n\nThe correct order, then, is this:\n\n [\n {\"handler\": \"encode\"},\n {\"handler\": \"templates\"},\n {\"handler\": \"file_server\"}\n ]\n\nThe request flows ⬇️ DOWN (`encode` -\u003e `templates` -\u003e `file_server`).\n\n1. First, `encode` will choose how to `encode` the response and wrap the response.\n2. Then, `templates` will wrap the response with a buffer.\n3. Finally, `file_server` will originate the content from a file.\n\nThe response flows ⬆️ UP (`file_server` -\u003e `templates` -\u003e `encode`):\n\n1. First, `file_server` will write the file to the response.\n2. That write will be buffered and then executed by `templates`.\n3. Lastly, the write from `templates` will flow into `encode` which will compress the stream.\n\nIf you think of routes in this way, it will be easy and even fun to solve the puzzle of writing correct routes. \n", + "required": [ + "handler" + ], + "allOf": [ + { + "if": { + "properties": { + "handler": { + "const": "file_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.file_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "intercept" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.intercept" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "log_append" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.log_append" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "request_body" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.request_body" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "map" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.map" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "rewrite" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.rewrite" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "static_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.static_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "subroute" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.subroute" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "tracing" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.tracing" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "vars" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.vars" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response_headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response_headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "error" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.error" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "reverse_proxy" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.reverse_proxy" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "templates" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.templates" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "copy_response" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.copy_response" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "headers" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.headers" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "invoke" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.invoke" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "metrics" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.metrics" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "push" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.push" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "acme_server" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.acme_server" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "authentication" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.authentication" + } + }, + { + "if": { + "properties": { + "handler": { + "const": "encode" + } + } + }, + "then": { + "$ref": "#/definitions/http.handlers.encode" + } + }, + { + "properties": { + "handler": { + "description": "key to identify handle module.\nhandler: string\nModule: http.handlers", + "markdownDescription": "key to identify `handle` module. \nhandler: `string` \nModule: `http.handlers`", + "type": "string", + "enum": [ + "file_server", + "intercept", + "log_append", + "request_body", + "map", + "rewrite", + "static_response", + "subroute", + "tracing", + "vars", + "copy_response_headers", + "error", + "reverse_proxy", + "templates", + "copy_response", + "headers", + "invoke", + "metrics", + "push", + "acme_server", + "authentication", + "encode" + ] + } + } + } + ] + } + }, + "match": { + "description": "match: array\nModule: http.matchers\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `array` \nModule: `http.matchers` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nThe matcher sets which will be used to qualify this\nroute for a request (essentially the \"if\" statement\nof this route). Each matcher set is OR'ed, but matchers\nwithin a set are AND'ed together.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "terminal": { + "description": "terminal: boolean\nModule: http.handlers.subroute\nIf true, no more routes will be executed after this one.\n", + "markdownDescription": "terminal: `boolean` \nModule: `http.handlers.subroute` \nIf true, no more routes will be executed after this one. \n", + "type": "boolean" + } + } + } + } + } + }, + "http.handlers.templates": { + "description": "templates: object\nModule: http.handlers.templates\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/templates#Templates\nTemplates is a middleware which executes response bodies as Go templates.\nThe syntax is documented in the Go standard library's\n[text/template package](https://golang.org/pkg/text/template/).\n\n⚠️ Template functions/actions are still experimental, so they are subject to change.\n\nCustom template functions can be registered by creating a plugin module under the `http.handlers.templates.functions.*` namespace that implements the `CustomFunctions` interface.\n\n[All Sprig functions](https://masterminds.github.io/sprig/) are supported.\n\nIn addition to the standard functions and the Sprig library, Caddy adds\nextra functions and data that are available to a template:\n\n##### `.Args`\n\nA slice of arguments passed to this page/context, for example\nas the result of a [`include`](#include).\n\n```\n{{index .Args 0}} // first argument\n```\n\n##### `.Cookie`\n\nGets the value of a cookie by name.\n\n```\n{{.Cookie \"cookiename\"}}\n```\n\n##### `env`\n\nGets an environment variable.\n\n```\n{{env \"VAR_NAME\"}}\n```\n\n##### `placeholder`\n\nGets an [placeholder variable](/docs/conventions#placeholders).\nThe braces (`{}`) have to be omitted.\n\n```\n{{placeholder \"http.request.uri.path\"}}\n{{placeholder \"http.error.status_code\"}}\n```\n\nAs a shortcut, `ph` is an alias for `placeholder`.\n\n```\n{{ph \"http.request.method\"}}\n```\n\n##### `.Host`\n\nReturns the hostname portion (no port) of the Host header of the HTTP request.\n\n```\n{{.Host}}\n```\n\n##### `httpInclude`\n\nIncludes the contents of another file, and renders it in-place,\nby making a virtual HTTP request (also known as a sub-request).\nThe URI path must exist on the same virtual server because the\nrequest does not use sockets; instead, the request is crafted in\nmemory and the handler is invoked directly for increased efficiency.\n\n```\n{{httpInclude \"/foo/bar?q=val\"}}\n```\n\n##### `import`\n\nReads and returns the contents of another file, and parses it\nas a template, adding any template definitions to the template\nstack. If there are no definitions, the filepath will be the\ndefinition name. Any `{{ define }}` blocks will be accessible by\n`{{ template }}` or `{{ block }}`. Imports must happen before the\ntemplate or block action is called. Note that the contents are\nNOT escaped, so you should only import trusted template files.\n\n**filename.html**\n```\n{{ define \"main\" }}\ncontent\n{{ end }}\n```\n\n**index.html**\n```\n{{ import \"/path/to/filename.html\" }}\n{{ template \"main\" }}\n```\n\n##### `include`\n\nIncludes the contents of another file, rendering it in-place.\nOptionally can pass key-value pairs as arguments to be accessed\nby the included file. Use [`.Args N`](#args) to access the N-th\nargument, 0-indexed. Note that the contents are NOT escaped, so\nyou should only include trusted template files.\n\n```\n{{include \"path/to/file.html\"}} // no arguments\n{{include \"path/to/file.html\" \"arg0\" 1 \"value 2\"}} // with arguments\n```\n\n##### `readFile`\n\nReads and returns the contents of another file, as-is.\nNote that the contents are NOT escaped, so you should\nonly read trusted files.\n\n```\n{{readFile \"path/to/file.html\"}}\n```\n\n##### `listFiles`\n\nReturns a list of the files in the given directory, which is relative\nto the template context's file root.\n\n```\n{{listFiles \"/mydir\"}}\n```\n\n##### `markdown`\n\nRenders the given Markdown text as HTML and returns it. This uses the\n[Goldmark](https://github.com/yuin/goldmark) library,\nwhich is CommonMark compliant. It also has these extensions\nenabled: GitHub Flavored Markdown, Footnote, and syntax\nhighlighting provided by [Chroma](https://github.com/alecthomas/chroma).\n\n```\n{{markdown \"My _markdown_ text\"}}\n```\n\n##### `.RemoteIP`\n\nReturns the connection's IP address.\n\n```\n{{.RemoteIP}}\n```\n\n##### `.ClientIP`\n\nReturns the real client's IP address, if `trusted_proxies` was configured,\notherwise returns the connection's IP address.\n\n```\n{{.ClientIP}}\n```\n\n##### `.Req`\n\nAccesses the current HTTP request, which has various fields, including:\n\n - `.Method` - the method\n - `.URL` - the URL, which in turn has component fields (Scheme, Host, Path, etc.)\n - `.Header` - the header fields\n - `.Host` - the Host or :authority header of the request\n\n```\n{{.Req.Header.Get \"User-Agent\"}}\n```\n\n##### `.OriginalReq`\n\nLike [`.Req`](#req), except it accesses the original HTTP\nrequest before rewrites or other internal modifications.\n\n##### `.RespHeader.Add`\n\nAdds a header field to the HTTP response.\n\n```\n{{.RespHeader.Add \"Field-Name\" \"val\"}}\n```\n\n##### `.RespHeader.Del`\n\nDeletes a header field on the HTTP response.\n\n```\n{{.RespHeader.Del \"Field-Name\"}}\n```\n\n##### `.RespHeader.Set`\n\nSets a header field on the HTTP response, replacing any existing value.\n\n```\n{{.RespHeader.Set \"Field-Name\" \"val\"}}\n```\n\n##### `httpError`\n\nReturns an error with the given status code to the HTTP handler chain.\n\n```\n{{if not (fileExists $includedFile)}}{{httpError 404}}{{end}}\n```\n\n##### `splitFrontMatter`\n\nSplits front matter out from the body. Front matter is metadata that\nappears at the very beginning of a file or string. Front matter can\nbe in YAML, TOML, or JSON formats:\n\n**TOML** front matter starts and ends with `+++`:\n\n```toml\n+++\ntemplate = \"blog\"\ntitle = \"Blog Homepage\"\nsitename = \"A Caddy site\"\n+++\n```\n\n**YAML** is surrounded by `---`:\n\n```yaml\n---\ntemplate: blog\ntitle: Blog Homepage\nsitename: A Caddy site\n---\n```\n\n**JSON** is simply `{` and `}`:\n\n```json\n{\n\"template\": \"blog\",\n\"title\": \"Blog Homepage\",\n\"sitename\": \"A Caddy site\"\n}\n```\n\nThe resulting front matter will be made available like so:\n\n- `.Meta` to access the metadata fields, for example: `{{$parsed.Meta.title}}`\n- `.Body` to access the body after the front matter, for example: `{{markdown $parsed.Body}}`\n\n##### `stripHTML`\n\nRemoves HTML from a string.\n\n```\n{{stripHTML \"Shows \u003cb\u003eonly\u003c/b\u003e text content\"}}\n```\n\n##### `humanize`\n\nTransforms size and time inputs to a human readable format.\nThis uses the [go-humanize](https://github.com/dustin/go-humanize) library.\n\nThe first argument must be a format type, and the last argument\nis the input, or the input can be piped in. The supported format\ntypes are:\n- **size** which turns an integer amount of bytes into a string like `2.3 MB`\n- **time** which turns a time string into a relative time string like `2 weeks ago`\n\nFor the `time` format, the layout for parsing the input can be configured\nby appending a colon `:` followed by the desired time layout. You can\nfind the documentation on time layouts [in Go's docs](https://pkg.go.dev/time#pkg-constants).\nThe default time layout is `RFC1123Z`, i.e. `Mon, 02 Jan 2006 15:04:05 -0700`.\n\n##### `pathEscape`\n\nPasses a string through `url.PathEscape`, replacing characters that have\nspecial meaning in URL path parameters (`?`, `\u0026`, `%`).\n\nUseful e.g. to include filenames containing these characters in URL path\nparameters, or use them as an `img` element's `src` attribute.\n\n```\n{{pathEscape \"50%_valid_filename?.jpg\"}}\n```\n\n```\n{{humanize \"size\" \"2048000\"}}\n{{placeholder \"http.response.header.Content-Length\" | humanize \"size\"}}\n{{humanize \"time\" \"Fri, 05 May 2022 15:04:05 +0200\"}}\n{{humanize \"time:2006-Jan-02\" \"2022-May-05\"}}\n```\n\n", + "markdownDescription": "templates: `object` \nModule: `http.handlers.templates` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/templates#Templates) \nTemplates is a middleware which executes response bodies as Go templates.\nThe syntax is documented in the Go standard library's\n[text/template package](https://golang.org/pkg/text/template/).\n\n⚠️ Template functions/actions are still experimental, so they are subject to change.\n\nCustom template functions can be registered by creating a plugin module under the `http.handlers.templates.functions.*` namespace that implements the `CustomFunctions` interface.\n\n[All Sprig functions](https://masterminds.github.io/sprig/) are supported.\n\nIn addition to the standard functions and the Sprig library, Caddy adds\nextra functions and data that are available to a template:\n\n##### `.Args`\n\nA slice of arguments passed to this page/context, for example\nas the result of a [`include`](#include).\n\n```\n{{index .Args 0}} // first argument\n```\n\n##### `.Cookie`\n\nGets the value of a cookie by name.\n\n```\n{{.Cookie \"cookiename\"}}\n```\n\n##### `env`\n\nGets an environment variable.\n\n```\n{{env \"VAR_NAME\"}}\n```\n\n##### `placeholder`\n\nGets an [placeholder variable](/docs/conventions#placeholders).\nThe braces (`{}`) have to be omitted.\n\n```\n{{placeholder \"http.request.uri.path\"}}\n{{placeholder \"http.error.status_code\"}}\n```\n\nAs a shortcut, `ph` is an alias for `placeholder`.\n\n```\n{{ph \"http.request.method\"}}\n```\n\n##### `.Host`\n\nReturns the hostname portion (no port) of the Host header of the HTTP request.\n\n```\n{{.Host}}\n```\n\n##### `httpInclude`\n\nIncludes the contents of another file, and renders it in-place,\nby making a virtual HTTP request (also known as a sub-request).\nThe URI path must exist on the same virtual server because the\nrequest does not use sockets; instead, the request is crafted in\nmemory and the handler is invoked directly for increased efficiency.\n\n```\n{{httpInclude \"/foo/bar?q=val\"}}\n```\n\n##### `import`\n\nReads and returns the contents of another file, and parses it\nas a template, adding any template definitions to the template\nstack. If there are no definitions, the filepath will be the\ndefinition name. Any `{{ define }}` blocks will be accessible by\n`{{ template }}` or `{{ block }}`. Imports must happen before the\ntemplate or block action is called. Note that the contents are\nNOT escaped, so you should only import trusted template files.\n\n**filename.html**\n```\n{{ define \"main\" }}\ncontent\n{{ end }}\n```\n\n**index.html**\n```\n{{ import \"/path/to/filename.html\" }}\n{{ template \"main\" }}\n```\n\n##### `include`\n\nIncludes the contents of another file, rendering it in-place.\nOptionally can pass key-value pairs as arguments to be accessed\nby the included file. Use [`.Args N`](#args) to access the N-th\nargument, 0-indexed. Note that the contents are NOT escaped, so\nyou should only include trusted template files.\n\n```\n{{include \"path/to/file.html\"}} // no arguments\n{{include \"path/to/file.html\" \"arg0\" 1 \"value 2\"}} // with arguments\n```\n\n##### `readFile`\n\nReads and returns the contents of another file, as-is.\nNote that the contents are NOT escaped, so you should\nonly read trusted files.\n\n```\n{{readFile \"path/to/file.html\"}}\n```\n\n##### `listFiles`\n\nReturns a list of the files in the given directory, which is relative\nto the template context's file root.\n\n```\n{{listFiles \"/mydir\"}}\n```\n\n##### `markdown`\n\nRenders the given Markdown text as HTML and returns it. This uses the\n[Goldmark](https://github.com/yuin/goldmark) library,\nwhich is CommonMark compliant. It also has these extensions\nenabled: GitHub Flavored Markdown, Footnote, and syntax\nhighlighting provided by [Chroma](https://github.com/alecthomas/chroma).\n\n```\n{{markdown \"My _markdown_ text\"}}\n```\n\n##### `.RemoteIP`\n\nReturns the connection's IP address.\n\n```\n{{.RemoteIP}}\n```\n\n##### `.ClientIP`\n\nReturns the real client's IP address, if `trusted_proxies` was configured,\notherwise returns the connection's IP address.\n\n```\n{{.ClientIP}}\n```\n\n##### `.Req`\n\nAccesses the current HTTP request, which has various fields, including:\n\n - `.Method` - the method\n - `.URL` - the URL, which in turn has component fields (Scheme, Host, Path, etc.)\n - `.Header` - the header fields\n - `.Host` - the Host or :authority header of the request\n\n```\n{{.Req.Header.Get \"User-Agent\"}}\n```\n\n##### `.OriginalReq`\n\nLike [`.Req`](#req), except it accesses the original HTTP\nrequest before rewrites or other internal modifications.\n\n##### `.RespHeader.Add`\n\nAdds a header field to the HTTP response.\n\n```\n{{.RespHeader.Add \"Field-Name\" \"val\"}}\n```\n\n##### `.RespHeader.Del`\n\nDeletes a header field on the HTTP response.\n\n```\n{{.RespHeader.Del \"Field-Name\"}}\n```\n\n##### `.RespHeader.Set`\n\nSets a header field on the HTTP response, replacing any existing value.\n\n```\n{{.RespHeader.Set \"Field-Name\" \"val\"}}\n```\n\n##### `httpError`\n\nReturns an error with the given status code to the HTTP handler chain.\n\n```\n{{if not (fileExists $includedFile)}}{{httpError 404}}{{end}}\n```\n\n##### `splitFrontMatter`\n\nSplits front matter out from the body. Front matter is metadata that\nappears at the very beginning of a file or string. Front matter can\nbe in YAML, TOML, or JSON formats:\n\n**TOML** front matter starts and ends with `+++`:\n\n```toml\n+++\ntemplate = \"blog\"\ntitle = \"Blog Homepage\"\nsitename = \"A Caddy site\"\n+++\n```\n\n**YAML** is surrounded by `---`:\n\n```yaml\n---\ntemplate: blog\ntitle: Blog Homepage\nsitename: A Caddy site\n---\n```\n\n**JSON** is simply `{` and `}`:\n\n```json\n{\n\"template\": \"blog\",\n\"title\": \"Blog Homepage\",\n\"sitename\": \"A Caddy site\"\n}\n```\n\nThe resulting front matter will be made available like so:\n\n- `.Meta` to access the metadata fields, for example: `{{$parsed.Meta.title}}`\n- `.Body` to access the body after the front matter, for example: `{{markdown $parsed.Body}}`\n\n##### `stripHTML`\n\nRemoves HTML from a string.\n\n```\n{{stripHTML \"Shows \u003cb\u003eonly\u003c/b\u003e text content\"}}\n```\n\n##### `humanize`\n\nTransforms size and time inputs to a human readable format.\nThis uses the [go-humanize](https://github.com/dustin/go-humanize) library.\n\nThe first argument must be a format type, and the last argument\nis the input, or the input can be piped in. The supported format\ntypes are:\n- **size** which turns an integer amount of bytes into a string like `2.3 MB`\n- **time** which turns a time string into a relative time string like `2 weeks ago`\n\nFor the `time` format, the layout for parsing the input can be configured\nby appending a colon `:` followed by the desired time layout. You can\nfind the documentation on time layouts [in Go's docs](https://pkg.go.dev/time#pkg-constants).\nThe default time layout is `RFC1123Z`, i.e. `Mon, 02 Jan 2006 15:04:05 -0700`.\n\n##### `pathEscape`\n\nPasses a string through `url.PathEscape`, replacing characters that have\nspecial meaning in URL path parameters (`?`, `\u0026`, `%`).\n\nUseful e.g. to include filenames containing these characters in URL path\nparameters, or use them as an `img` element's `src` attribute.\n\n```\n{{pathEscape \"50%_valid_filename?.jpg\"}}\n```\n\n```\n{{humanize \"size\" \"2048000\"}}\n{{placeholder \"http.response.header.Content-Length\" | humanize \"size\"}}\n{{humanize \"time\" \"Fri, 05 May 2022 15:04:05 +0200\"}}\n{{humanize \"time:2006-Jan-02\" \"2022-May-05\"}}\n```\n \n", + "type": "object", + "properties": { + "delimiters": { + "description": "delimiters: array\nModule: http.handlers.templates\nThe template action delimiters. If set, must be precisely two elements:\nthe opening and closing delimiters. Default: `[\"{{\", \"}}\"]`\n", + "markdownDescription": "delimiters: `array` \nModule: `http.handlers.templates` \nThe template action delimiters. If set, must be precisely two elements:\nthe opening and closing delimiters. Default: `[\"{{\", \"}}\"]` \n", + "type": "array", + "items": { + "description": "The template action delimiters. If set, must be precisely two elements:\nthe opening and closing delimiters. Default: `[\"{{\", \"}}\"]`\n", + "markdownDescription": "The template action delimiters. If set, must be precisely two elements:\nthe opening and closing delimiters. Default: `[\"{{\", \"}}\"]` \n", + "type": "string" + } + }, + "file_root": { + "description": "file_root: string\nModule: http.handlers.templates\nThe root path from which to load files. Required if template functions\naccessing the file system are used (such as include). Default is\n`{http.vars.root}` if set, or current working directory otherwise.\n", + "markdownDescription": "file_root: `string` \nModule: `http.handlers.templates` \nThe root path from which to load files. Required if template functions\naccessing the file system are used (such as include). Default is\n`{http.vars.root}` if set, or current working directory otherwise. \n", + "type": "string" + }, + "match": { + "description": "match: any\nModule: http.handlers.templates.functions\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nExtensions adds functions to the template's func map. These often\nact as components on web pages, for example.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "match: `any` \nModule: `http.handlers.templates.functions` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nExtensions adds functions to the template's func map. These often\nact as components on web pages, for example.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n" + }, + "mime_types": { + "description": "mime_types: array\nModule: http.handlers.templates\nThe MIME types for which to render templates. It is important to use\nthis if the route matchers do not exclude images or other binary files.\nDefault is text/plain, text/markdown, and text/html.\n", + "markdownDescription": "mime_types: `array` \nModule: `http.handlers.templates` \nThe MIME types for which to render templates. It is important to use\nthis if the route matchers do not exclude images or other binary files.\nDefault is text/plain, text/markdown, and text/html. \n", + "type": "array", + "items": { + "description": "The MIME types for which to render templates. It is important to use\nthis if the route matchers do not exclude images or other binary files.\nDefault is text/plain, text/markdown, and text/html.\n", + "markdownDescription": "The MIME types for which to render templates. It is important to use\nthis if the route matchers do not exclude images or other binary files.\nDefault is text/plain, text/markdown, and text/html. \n", + "type": "string" + } + } + } + }, + "http.handlers.tracing": { + "description": "tracing: object\nModule: http.handlers.tracing\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/tracing#Tracing\nTracing implements an HTTP handler that adds support for distributed tracing,\nusing OpenTelemetry. This module is responsible for the injection and\npropagation of the trace context. Configure this module via environment\nvariables (see https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/sdk-environment-variables.md).\nSome values can be overwritten in the configuration file.\n\n", + "markdownDescription": "tracing: `object` \nModule: `http.handlers.tracing` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/tracing#Tracing) \nTracing implements an HTTP handler that adds support for distributed tracing,\nusing OpenTelemetry. This module is responsible for the injection and\npropagation of the trace context. Configure this module via environment\nvariables (see https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/sdk-environment-variables.md).\nSome values can be overwritten in the configuration file.\n \n", + "type": "object", + "properties": { + "span": { + "description": "span: string\nModule: http.handlers.tracing\nSpanName is a span name. It should follow the naming guidelines here:\nhttps://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/trace/api.md#span\n", + "markdownDescription": "span: `string` \nModule: `http.handlers.tracing` \nSpanName is a span name. It should follow the naming guidelines here:\nhttps://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/trace/api.md#span \n", + "type": "string" + } + } + }, + "http.handlers.vars": { + "description": "vars: object\nModule: http.handlers.vars\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#VarsMiddleware\nVarsMiddleware is an HTTP middleware which sets variables to\nhave values that can be used in the HTTP request handler\nchain. The primary way to access variables is with placeholders,\nwhich have the form: `{http.vars.variable_name}`, or with\nthe `vars` and `vars_regexp` request matchers.\n\nThe key is the variable name, and the value is the value of the\nvariable. Both the name and value may use or contain placeholders.\n\n", + "markdownDescription": "vars: `object` \nModule: `http.handlers.vars` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#VarsMiddleware) \nVarsMiddleware is an HTTP middleware which sets variables to\nhave values that can be used in the HTTP request handler\nchain. The primary way to access variables is with placeholders,\nwhich have the form: `{http.vars.variable_name}`, or with\nthe `vars` and `vars_regexp` request matchers.\n\nThe key is the variable name, and the value is the value of the\nvariable. Both the name and value may use or contain placeholders.\n \n", + "type": "object", + "additionalProperties": {} + }, + "http.ip_sources.static": { + "description": "static: object\nModule: http.ip_sources.static\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StaticIPRange\nStaticIPRange provides a static range of IP address prefixes (CIDRs).\n\n", + "markdownDescription": "static: `object` \nModule: `http.ip_sources.static` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#StaticIPRange) \nStaticIPRange provides a static range of IP address prefixes (CIDRs).\n \n", + "type": "object", + "properties": { + "ranges": { + "description": "ranges: array\nModule: http.ip_sources.static\nA static list of IP ranges (supports CIDR notation).\n", + "markdownDescription": "ranges: `array` \nModule: `http.ip_sources.static` \nA static list of IP ranges (supports CIDR notation). \n", + "type": "array", + "items": { + "description": "A static list of IP ranges (supports CIDR notation).\n", + "markdownDescription": "A static list of IP ranges (supports CIDR notation). \n", + "type": "string" + } + } + } + }, + "http.matchers.client_ip": { + "description": "client_ip: object\nModule: http.matchers.client_ip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchClientIP\nMatchClientIP matches requests by the client IP address,\ni.e. the resolved address, considering trusted proxies.\n\n", + "markdownDescription": "client_ip: `object` \nModule: `http.matchers.client_ip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchClientIP) \nMatchClientIP matches requests by the client IP address,\ni.e. the resolved address, considering trusted proxies.\n \n", + "type": "object", + "properties": { + "ranges": { + "description": "ranges: array\nModule: http.matchers.client_ip\nThe IPs or CIDR ranges to match.\n", + "markdownDescription": "ranges: `array` \nModule: `http.matchers.client_ip` \nThe IPs or CIDR ranges to match. \n", + "type": "array", + "items": { + "description": "The IPs or CIDR ranges to match.\n", + "markdownDescription": "The IPs or CIDR ranges to match. \n", + "type": "string" + } + } + } + }, + "http.matchers.expression": { + "description": "expression: object\nModule: http.matchers.expression\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchExpression\nMatchExpression matches requests by evaluating a\n[CEL](https://github.com/google/cel-spec) expression.\nThis enables complex logic to be expressed using a comfortable,\nfamiliar syntax. Please refer to\n[the standard definitions of CEL functions and operators](https://github.com/google/cel-spec/blob/master/doc/langdef.md#standard-definitions).\n\nThis matcher's JSON interface is actually a string, not a struct.\nThe generated docs are not correct because this type has custom\nmarshaling logic.\n\nCOMPATIBILITY NOTE: This module is still experimental and is not\nsubject to Caddy's compatibility guarantee.\n\n", + "markdownDescription": "expression: `object` \nModule: `http.matchers.expression` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchExpression) \nMatchExpression matches requests by evaluating a\n[CEL](https://github.com/google/cel-spec) expression.\nThis enables complex logic to be expressed using a comfortable,\nfamiliar syntax. Please refer to\n[the standard definitions of CEL functions and operators](https://github.com/google/cel-spec/blob/master/doc/langdef.md#standard-definitions).\n\nThis matcher's JSON interface is actually a string, not a struct.\nThe generated docs are not correct because this type has custom\nmarshaling logic.\n\nCOMPATIBILITY NOTE: This module is still experimental and is not\nsubject to Caddy's compatibility guarantee.\n \n", + "type": "object", + "properties": { + "expr": { + "description": "expr: string\nModule: http.matchers.expression\nThe CEL expression to evaluate. Any Caddy placeholders\nwill be expanded and situated into proper CEL function\ncalls before evaluating.\n", + "markdownDescription": "expr: `string` \nModule: `http.matchers.expression` \nThe CEL expression to evaluate. Any Caddy placeholders\nwill be expanded and situated into proper CEL function\ncalls before evaluating. \n", + "type": "string" + }, + "name": { + "description": "name: string\nModule: http.matchers.expression\nName is an optional name for this matcher.\nThis is used to populate the name for regexp\nmatchers that appear in the expression.\n", + "markdownDescription": "name: `string` \nModule: `http.matchers.expression` \nName is an optional name for this matcher.\nThis is used to populate the name for regexp\nmatchers that appear in the expression. \n", + "type": "string" + } + } + }, + "http.matchers.file": { + "description": "file: object\nModule: http.matchers.file\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver#MatchFile\nMatchFile is an HTTP request matcher that can match\nrequests based upon file existence.\n\nUpon matching, three new placeholders will be made\navailable:\n\n- `{http.matchers.file.relative}` The root-relative\npath of the file. This is often useful when rewriting\nrequests.\n- `{http.matchers.file.absolute}` The absolute path\nof the matched file.\n- `{http.matchers.file.type}` Set to \"directory\" if\nthe matched file is a directory, \"file\" otherwise.\n- `{http.matchers.file.remainder}` Set to the remainder\nof the path if the path was split by `split_path`.\n\nEven though file matching may depend on the OS path\nseparator, the placeholder values always use /.\n\n", + "markdownDescription": "file: `object` \nModule: `http.matchers.file` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver#MatchFile) \nMatchFile is an HTTP request matcher that can match\nrequests based upon file existence.\n\nUpon matching, three new placeholders will be made\navailable:\n\n- `{http.matchers.file.relative}` The root-relative\npath of the file. This is often useful when rewriting\nrequests.\n- `{http.matchers.file.absolute}` The absolute path\nof the matched file.\n- `{http.matchers.file.type}` Set to \"directory\" if\nthe matched file is a directory, \"file\" otherwise.\n- `{http.matchers.file.remainder}` Set to the remainder\nof the path if the path was split by `split_path`.\n\nEven though file matching may depend on the OS path\nseparator, the placeholder values always use /.\n \n", + "type": "object", + "properties": { + "fs": { + "description": "fs: string\nModule: http.matchers.file\nThe file system implementation to use. By default, the\nlocal disk file system will be used.\n", + "markdownDescription": "fs: `string` \nModule: `http.matchers.file` \nThe file system implementation to use. By default, the\nlocal disk file system will be used. \n", + "type": "string" + }, + "root": { + "description": "root: string\nModule: http.matchers.file\nThe root directory, used for creating absolute\nfile paths, and required when working with\nrelative paths; if not specified, `{http.vars.root}`\nwill be used, if set; otherwise, the current\ndirectory is assumed. Accepts placeholders.\n", + "markdownDescription": "root: `string` \nModule: `http.matchers.file` \nThe root directory, used for creating absolute\nfile paths, and required when working with\nrelative paths; if not specified, `{http.vars.root}`\nwill be used, if set; otherwise, the current\ndirectory is assumed. Accepts placeholders. \n", + "type": "string" + }, + "split_path": { + "description": "split_path: array\nModule: http.matchers.file\nA list of delimiters to use to split the path in two\nwhen trying files. If empty, no splitting will\noccur, and the path will be tried as-is. For each\nsplit value, the left-hand side of the split,\nincluding the split value, will be the path tried.\nFor example, the path `/remote.php/dav/` using the\nsplit value `.php` would try the file `/remote.php`.\nEach delimiter must appear at the end of a URI path\ncomponent in order to be used as a split delimiter.\n", + "markdownDescription": "split_path: `array` \nModule: `http.matchers.file` \nA list of delimiters to use to split the path in two\nwhen trying files. If empty, no splitting will\noccur, and the path will be tried as-is. For each\nsplit value, the left-hand side of the split,\nincluding the split value, will be the path tried.\nFor example, the path `/remote.php/dav/` using the\nsplit value `.php` would try the file `/remote.php`.\nEach delimiter must appear at the end of a URI path\ncomponent in order to be used as a split delimiter. \n", + "type": "array", + "items": { + "description": "A list of delimiters to use to split the path in two\nwhen trying files. If empty, no splitting will\noccur, and the path will be tried as-is. For each\nsplit value, the left-hand side of the split,\nincluding the split value, will be the path tried.\nFor example, the path `/remote.php/dav/` using the\nsplit value `.php` would try the file `/remote.php`.\nEach delimiter must appear at the end of a URI path\ncomponent in order to be used as a split delimiter.\n", + "markdownDescription": "A list of delimiters to use to split the path in two\nwhen trying files. If empty, no splitting will\noccur, and the path will be tried as-is. For each\nsplit value, the left-hand side of the split,\nincluding the split value, will be the path tried.\nFor example, the path `/remote.php/dav/` using the\nsplit value `.php` would try the file `/remote.php`.\nEach delimiter must appear at the end of a URI path\ncomponent in order to be used as a split delimiter. \n", + "type": "string" + } + }, + "try_files": { + "description": "try_files: array\nModule: http.matchers.file\nThe list of files to try. Each path here is\nconsidered related to Root. If nil, the request\nURL's path will be assumed. Files and\ndirectories are treated distinctly, so to match\na directory, the filepath MUST end in a forward\nslash `/`. To match a regular file, there must\nbe no trailing slash. Accepts placeholders. If\nthe policy is \"first_exist\", then an error may\nbe triggered as a fallback by configuring \"=\"\nfollowed by a status code number,\nfor example \"=404\".\n", + "markdownDescription": "try_files: `array` \nModule: `http.matchers.file` \nThe list of files to try. Each path here is\nconsidered related to Root. If nil, the request\nURL's path will be assumed. Files and\ndirectories are treated distinctly, so to match\na directory, the filepath MUST end in a forward\nslash `/`. To match a regular file, there must\nbe no trailing slash. Accepts placeholders. If\nthe policy is \"first_exist\", then an error may\nbe triggered as a fallback by configuring \"=\"\nfollowed by a status code number,\nfor example \"=404\". \n", + "type": "array", + "items": { + "description": "The list of files to try. Each path here is\nconsidered related to Root. If nil, the request\nURL's path will be assumed. Files and\ndirectories are treated distinctly, so to match\na directory, the filepath MUST end in a forward\nslash `/`. To match a regular file, there must\nbe no trailing slash. Accepts placeholders. If\nthe policy is \"first_exist\", then an error may\nbe triggered as a fallback by configuring \"=\"\nfollowed by a status code number,\nfor example \"=404\".\n", + "markdownDescription": "The list of files to try. Each path here is\nconsidered related to Root. If nil, the request\nURL's path will be assumed. Files and\ndirectories are treated distinctly, so to match\na directory, the filepath MUST end in a forward\nslash `/`. To match a regular file, there must\nbe no trailing slash. Accepts placeholders. If\nthe policy is \"first_exist\", then an error may\nbe triggered as a fallback by configuring \"=\"\nfollowed by a status code number,\nfor example \"=404\". \n", + "type": "string" + } + }, + "try_policy": { + "description": "try_policy: string\nModule: http.matchers.file\nHow to choose a file in TryFiles. Can be:\n\n- first_exist\n- first_exist_fallback\n- smallest_size\n- largest_size\n- most_recently_modified\n\nDefault is first_exist.\n", + "markdownDescription": "try_policy: `string` \nModule: `http.matchers.file` \nHow to choose a file in TryFiles. Can be:\n\n- first_exist\n- first_exist_fallback\n- smallest_size\n- largest_size\n- most_recently_modified\n\nDefault is first_exist. \n", + "type": "string" + } + } + }, + "http.matchers.header": { + "description": "header: object\nModule: http.matchers.header\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchHeader\nMatchHeader matches requests by header fields. The key is the field\nname and the array is the list of field values. It performs fast,\nexact string comparisons of the field values. Fast prefix, suffix,\nand substring matches can also be done by suffixing, prefixing, or\nsurrounding the value with the wildcard `*` character, respectively.\nIf a list is null, the header must not exist. If the list is empty,\nthe field must simply exist, regardless of its value.\n\n**NOTE:** Notice that header values are arrays, not singular values. This is\nbecause repeated fields are valid in headers, and each one may have a\ndifferent value. This matcher will match for a field if any one of its configured\nvalues matches in the header. Backend applications relying on headers MUST take\ninto consideration that header field values are arrays and can have multiple\nvalues.\n\n", + "markdownDescription": "header: `object` \nModule: `http.matchers.header` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchHeader) \nMatchHeader matches requests by header fields. The key is the field\nname and the array is the list of field values. It performs fast,\nexact string comparisons of the field values. Fast prefix, suffix,\nand substring matches can also be done by suffixing, prefixing, or\nsurrounding the value with the wildcard `*` character, respectively.\nIf a list is null, the header must not exist. If the list is empty,\nthe field must simply exist, regardless of its value.\n\n**NOTE:** Notice that header values are arrays, not singular values. This is\nbecause repeated fields are valid in headers, and each one may have a\ndifferent value. This matcher will match for a field if any one of its configured\nvalues matches in the header. Backend applications relying on headers MUST take\ninto consideration that header field values are arrays and can have multiple\nvalues.\n \n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "http.matchers.header_regexp": { + "description": "header_regexp: object\nModule: http.matchers.header_regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp\nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n\n", + "markdownDescription": "header_regexp: `object` \nModule: `http.matchers.header_regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp) \nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp\nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp) \nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n \n", + "properties": { + "name": { + "description": "name: string\nModule: http.matchers.header_regexp\nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers.\n", + "markdownDescription": "name: `string` \nModule: `http.matchers.header_regexp` \nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers. \n", + "type": "string" + }, + "pattern": { + "description": "pattern: string\nModule: http.matchers.header_regexp\nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name.\n", + "markdownDescription": "pattern: `string` \nModule: `http.matchers.header_regexp` \nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name. \n", + "type": "string" + } + } + } + }, + "http.matchers.host": { + "description": "host: array\nModule: http.matchers.host\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchHost\nMatchHost matches requests by the Host value (case-insensitive).\n\nWhen used in a top-level HTTP route,\n[qualifying domain names](/docs/automatic-https#hostname-requirements)\nmay trigger [automatic HTTPS](/docs/automatic-https), which automatically\nprovisions and renews certificates for you. Before doing this, you\nshould ensure that DNS records for these domains are properly configured,\nespecially A/AAAA pointed at your server.\n\nAutomatic HTTPS can be\n[customized or disabled](/docs/modules/http#servers/automatic_https).\n\nWildcards (`*`) may be used to represent exactly one label of the\nhostname, in accordance with RFC 1034 (because host matchers are also\nused for automatic HTTPS which influences TLS certificates). Thus,\na host of `*` matches hosts like `localhost` or `internal` but not\n`example.com`. To catch all hosts, omit the host matcher entirely.\n\nThe wildcard can be useful for matching all subdomains, for example:\n`*.example.com` matches `foo.example.com` but not `foo.bar.example.com`.\n\nDuplicate entries will return an error.\n\n", + "markdownDescription": "host: `array` \nModule: `http.matchers.host` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchHost) \nMatchHost matches requests by the Host value (case-insensitive).\n\nWhen used in a top-level HTTP route,\n[qualifying domain names](/docs/automatic-https#hostname-requirements)\nmay trigger [automatic HTTPS](/docs/automatic-https), which automatically\nprovisions and renews certificates for you. Before doing this, you\nshould ensure that DNS records for these domains are properly configured,\nespecially A/AAAA pointed at your server.\n\nAutomatic HTTPS can be\n[customized or disabled](/docs/modules/http#servers/automatic_https).\n\nWildcards (`*`) may be used to represent exactly one label of the\nhostname, in accordance with RFC 1034 (because host matchers are also\nused for automatic HTTPS which influences TLS certificates). Thus,\na host of `*` matches hosts like `localhost` or `internal` but not\n`example.com`. To catch all hosts, omit the host matcher entirely.\n\nThe wildcard can be useful for matching all subdomains, for example:\n`*.example.com` matches `foo.example.com` but not `foo.bar.example.com`.\n\nDuplicate entries will return an error.\n \n", + "type": "array", + "items": { + "type": "string" + } + }, + "http.matchers.method": { + "description": "method: array\nModule: http.matchers.method\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchMethod\nMatchMethod matches requests by the method.\n\n", + "markdownDescription": "method: `array` \nModule: `http.matchers.method` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchMethod) \nMatchMethod matches requests by the method.\n \n", + "type": "array", + "items": { + "type": "string" + } + }, + "http.matchers.not": { + "description": "not: array\nModule: http.matchers.not\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchNot\nMatchNot matches requests by negating the results of its matcher\nsets. A single \"not\" matcher takes one or more matcher sets. Each\nmatcher set is OR'ed; in other words, if any matcher set returns\ntrue, the final result of the \"not\" matcher is false. Individual\nmatchers within a set work the same (i.e. different matchers in\nthe same set are AND'ed).\n\nNOTE: The generated docs which describe the structure of this\nmodule are wrong because of how this type unmarshals JSON in a\ncustom way. The correct structure is:\n\n```json\n[\n\t{},\n\t{}\n]\n```\n\nwhere each of the array elements is a matcher set, i.e. an\nobject keyed by matcher name.\n\n", + "markdownDescription": "not: `array` \nModule: `http.matchers.not` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchNot) \nMatchNot matches requests by negating the results of its matcher\nsets. A single \"not\" matcher takes one or more matcher sets. Each\nmatcher set is OR'ed; in other words, if any matcher set returns\ntrue, the final result of the \"not\" matcher is false. Individual\nmatchers within a set work the same (i.e. different matchers in\nthe same set are AND'ed).\n\nNOTE: The generated docs which describe the structure of this\nmodule are wrong because of how this type unmarshals JSON in a\ncustom way. The correct structure is:\n\n```json\n[\n\t{},\n\t{}\n]\n```\n\nwhere each of the array elements is a matcher set, i.e. an\nobject keyed by matcher name.\n \n", + "type": "array", + "items": { + "properties": { + "client_ip": { + "$ref": "#/definitions/http.matchers.client_ip" + }, + "expression": { + "$ref": "#/definitions/http.matchers.expression" + }, + "file": { + "$ref": "#/definitions/http.matchers.file" + }, + "header": { + "$ref": "#/definitions/http.matchers.header" + }, + "header_regexp": { + "$ref": "#/definitions/http.matchers.header_regexp" + }, + "host": { + "$ref": "#/definitions/http.matchers.host" + }, + "method": { + "$ref": "#/definitions/http.matchers.method" + }, + "not": { + "$ref": "#/definitions/http.matchers.not" + }, + "path": { + "$ref": "#/definitions/http.matchers.path" + }, + "path_regexp": { + "$ref": "#/definitions/http.matchers.path_regexp" + }, + "protocol": { + "$ref": "#/definitions/http.matchers.protocol" + }, + "query": { + "$ref": "#/definitions/http.matchers.query" + }, + "remote_ip": { + "$ref": "#/definitions/http.matchers.remote_ip" + }, + "tls": { + "$ref": "#/definitions/http.matchers.tls" + }, + "vars": { + "$ref": "#/definitions/http.matchers.vars" + }, + "vars_regexp": { + "$ref": "#/definitions/http.matchers.vars_regexp" + } + } + } + }, + "http.matchers.path": { + "description": "path: array\nModule: http.matchers.path\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchPath\nMatchPath case-insensitively matches requests by the URI's path. Path\nmatching is exact, not prefix-based, giving you more control and clarity\nover matching. Wildcards (`*`) may be used:\n\n- At the end only, for a prefix match (`/prefix/*`)\n- At the beginning only, for a suffix match (`*.suffix`)\n- On both sides only, for a substring match (`*/contains/*`)\n- In the middle, for a globular match (`/accounts/*/info`)\n\nSlashes are significant; i.e. `/foo*` matches `/foo`, `/foo/`, `/foo/bar`,\nand `/foobar`; but `/foo/*` does not match `/foo` or `/foobar`. Valid\npaths start with a slash `/`.\n\nBecause there are, in general, multiple possible escaped forms of any\npath, path matchers operate in unescaped space; that is, path matchers\nshould be written in their unescaped form to prevent ambiguities and\npossible security issues, as all request paths will be normalized to\ntheir unescaped forms before matcher evaluation.\n\nHowever, escape sequences in a match pattern are supported; they are\ncompared with the request's raw/escaped path for those bytes only.\nIn other words, a matcher of `/foo%2Fbar` will match a request path\nof precisely `/foo%2Fbar`, but not `/foo/bar`. It follows that matching\nthe literal percent sign (%) in normalized space can be done using the\nescaped form, `%25`.\n\nEven though wildcards (`*`) operate in the normalized space, the special\nescaped wildcard (`%*`), which is not a valid escape sequence, may be\nused in place of a span that should NOT be decoded; that is, `/bands/%*`\nwill match `/bands/AC%2fDC` whereas `/bands/*` will not.\n\nEven though path matching is done in normalized space, the special\nwildcard `%*` may be used in place of a span that should NOT be decoded;\nthat is, `/bands/%*/` will match `/bands/AC%2fDC/` whereas `/bands/*/`\nwill not.\n\nThis matcher is fast, so it does not support regular expressions or\ncapture groups. For slower but more powerful matching, use the\npath_regexp matcher. (Note that due to the special treatment of\nescape sequences in matcher patterns, they may perform slightly slower\nin high-traffic environments.)\n\n", + "markdownDescription": "path: `array` \nModule: `http.matchers.path` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchPath) \nMatchPath case-insensitively matches requests by the URI's path. Path\nmatching is exact, not prefix-based, giving you more control and clarity\nover matching. Wildcards (`*`) may be used:\n\n- At the end only, for a prefix match (`/prefix/*`)\n- At the beginning only, for a suffix match (`*.suffix`)\n- On both sides only, for a substring match (`*/contains/*`)\n- In the middle, for a globular match (`/accounts/*/info`)\n\nSlashes are significant; i.e. `/foo*` matches `/foo`, `/foo/`, `/foo/bar`,\nand `/foobar`; but `/foo/*` does not match `/foo` or `/foobar`. Valid\npaths start with a slash `/`.\n\nBecause there are, in general, multiple possible escaped forms of any\npath, path matchers operate in unescaped space; that is, path matchers\nshould be written in their unescaped form to prevent ambiguities and\npossible security issues, as all request paths will be normalized to\ntheir unescaped forms before matcher evaluation.\n\nHowever, escape sequences in a match pattern are supported; they are\ncompared with the request's raw/escaped path for those bytes only.\nIn other words, a matcher of `/foo%2Fbar` will match a request path\nof precisely `/foo%2Fbar`, but not `/foo/bar`. It follows that matching\nthe literal percent sign (%) in normalized space can be done using the\nescaped form, `%25`.\n\nEven though wildcards (`*`) operate in the normalized space, the special\nescaped wildcard (`%*`), which is not a valid escape sequence, may be\nused in place of a span that should NOT be decoded; that is, `/bands/%*`\nwill match `/bands/AC%2fDC` whereas `/bands/*` will not.\n\nEven though path matching is done in normalized space, the special\nwildcard `%*` may be used in place of a span that should NOT be decoded;\nthat is, `/bands/%*/` will match `/bands/AC%2fDC/` whereas `/bands/*/`\nwill not.\n\nThis matcher is fast, so it does not support regular expressions or\ncapture groups. For slower but more powerful matching, use the\npath_regexp matcher. (Note that due to the special treatment of\nescape sequences in matcher patterns, they may perform slightly slower\nin high-traffic environments.)\n \n", + "type": "array", + "items": { + "type": "string" + } + }, + "http.matchers.path_regexp": { + "description": "path_regexp: object\nModule: http.matchers.path_regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchPathRE\nMatchPathRE matches requests by a regular expression on the URI's path.\nPath matching is performed in the unescaped (decoded) form of the path.\n\nUpon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}`\nwhere `name` is the regular expression's name, and `capture_group` is either\nthe named or positional capture group from the expression itself. If no name\nis given, then the placeholder omits the name: `{http.regexp.capture_group}`\n(potentially leading to collisions).\n\n", + "markdownDescription": "path_regexp: `object` \nModule: `http.matchers.path_regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchPathRE) \nMatchPathRE matches requests by a regular expression on the URI's path.\nPath matching is performed in the unescaped (decoded) form of the path.\n\nUpon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}`\nwhere `name` is the regular expression's name, and `capture_group` is either\nthe named or positional capture group from the expression itself. If no name\nis given, then the placeholder omits the name: `{http.regexp.capture_group}`\n(potentially leading to collisions).\n \n", + "type": "object", + "properties": { + "name": { + "description": "name: string\nModule: http.matchers.path_regexp\nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers.\n", + "markdownDescription": "name: `string` \nModule: `http.matchers.path_regexp` \nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers. \n", + "type": "string" + }, + "pattern": { + "description": "pattern: string\nModule: http.matchers.path_regexp\nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name.\n", + "markdownDescription": "pattern: `string` \nModule: `http.matchers.path_regexp` \nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name. \n", + "type": "string" + } + } + }, + "http.matchers.protocol": { + "description": "protocol: string\nModule: http.matchers.protocol\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchProtocol\nMatchProtocol matches requests by protocol. Recognized values are\n\"http\", \"https\", and \"grpc\" for broad protocol matches, or specific\nHTTP versions can be specified like so: \"http/1\", \"http/1.1\",\n\"http/2\", \"http/3\", or minimum versions: \"http/2+\", etc.\n\n", + "markdownDescription": "protocol: `string` \nModule: `http.matchers.protocol` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchProtocol) \nMatchProtocol matches requests by protocol. Recognized values are\n\"http\", \"https\", and \"grpc\" for broad protocol matches, or specific\nHTTP versions can be specified like so: \"http/1\", \"http/1.1\",\n\"http/2\", \"http/3\", or minimum versions: \"http/2+\", etc.\n \n", + "type": "string" + }, + "http.matchers.query": { + "description": "query: object\nModule: http.matchers.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchQuery\nMatchQuery matches requests by the URI's query string. It takes a JSON object\nkeyed by the query keys, with an array of string values to match for that key.\nQuery key matches are exact, but wildcards may be used for value matches. Both\nkeys and values may be placeholders.\n\nAn example of the structure to match `?key=value\u0026topic=api\u0026query=something` is:\n\n```json\n{\n\t\"key\": [\"value\"],\n\t\"topic\": [\"api\"],\n\t\"query\": [\"*\"]\n}\n```\n\nInvalid query strings, including those with bad escapings or illegal characters\nlike semicolons, will fail to parse and thus fail to match.\n\n**NOTE:** Notice that query string values are arrays, not singular values. This is\nbecause repeated keys are valid in query strings, and each one may have a\ndifferent value. This matcher will match for a key if any one of its configured\nvalues is assigned in the query string. Backend applications relying on query\nstrings MUST take into consideration that query string values are arrays and can\nhave multiple values.\n\n", + "markdownDescription": "query: `object` \nModule: `http.matchers.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchQuery) \nMatchQuery matches requests by the URI's query string. It takes a JSON object\nkeyed by the query keys, with an array of string values to match for that key.\nQuery key matches are exact, but wildcards may be used for value matches. Both\nkeys and values may be placeholders.\n\nAn example of the structure to match `?key=value\u0026topic=api\u0026query=something` is:\n\n```json\n{\n\t\"key\": [\"value\"],\n\t\"topic\": [\"api\"],\n\t\"query\": [\"*\"]\n}\n```\n\nInvalid query strings, including those with bad escapings or illegal characters\nlike semicolons, will fail to parse and thus fail to match.\n\n**NOTE:** Notice that query string values are arrays, not singular values. This is\nbecause repeated keys are valid in query strings, and each one may have a\ndifferent value. This matcher will match for a key if any one of its configured\nvalues is assigned in the query string. Backend applications relying on query\nstrings MUST take into consideration that query string values are arrays and can\nhave multiple values.\n \n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "http.matchers.remote_ip": { + "description": "remote_ip: object\nModule: http.matchers.remote_ip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRemoteIP\nMatchRemoteIP matches requests by the remote IP address,\ni.e. the IP address of the direct connection to Caddy.\n\n", + "markdownDescription": "remote_ip: `object` \nModule: `http.matchers.remote_ip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRemoteIP) \nMatchRemoteIP matches requests by the remote IP address,\ni.e. the IP address of the direct connection to Caddy.\n \n", + "type": "object", + "properties": { + "ranges": { + "description": "ranges: array\nModule: http.matchers.remote_ip\nThe IPs or CIDR ranges to match.\n", + "markdownDescription": "ranges: `array` \nModule: `http.matchers.remote_ip` \nThe IPs or CIDR ranges to match. \n", + "type": "array", + "items": { + "description": "The IPs or CIDR ranges to match.\n", + "markdownDescription": "The IPs or CIDR ranges to match. \n", + "type": "string" + } + } + } + }, + "http.matchers.tls": { + "description": "tls: object\nModule: http.matchers.tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchTLS\nMatchTLS matches HTTP requests based on the underlying\nTLS connection state. If this matcher is specified but\nthe request did not come over TLS, it will never match.\nIf this matcher is specified but is empty and the request\ndid come in over TLS, it will always match.\n\n", + "markdownDescription": "tls: `object` \nModule: `http.matchers.tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchTLS) \nMatchTLS matches HTTP requests based on the underlying\nTLS connection state. If this matcher is specified but\nthe request did not come over TLS, it will never match.\nIf this matcher is specified but is empty and the request\ndid come in over TLS, it will always match.\n \n", + "type": "object", + "properties": { + "handshake_complete": { + "description": "handshake_complete: boolean\nModule: http.matchers.tls\nMatches if the TLS handshake has completed. QUIC 0-RTT early\ndata may arrive before the handshake completes. Generally, it\nis unsafe to replay these requests if they are not idempotent;\nadditionally, the remote IP of early data packets can more\neasily be spoofed. It is conventional to respond with HTTP 425\nToo Early if the request cannot risk being processed in this\nstate.\n", + "markdownDescription": "handshake_complete: `boolean` \nModule: `http.matchers.tls` \nMatches if the TLS handshake has completed. QUIC 0-RTT early\ndata may arrive before the handshake completes. Generally, it\nis unsafe to replay these requests if they are not idempotent;\nadditionally, the remote IP of early data packets can more\neasily be spoofed. It is conventional to respond with HTTP 425\nToo Early if the request cannot risk being processed in this\nstate. \n", + "type": "boolean" + } + } + }, + "http.matchers.vars": { + "description": "vars: object\nModule: http.matchers.vars\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#VarsMatcher\nVarsMatcher is an HTTP request matcher which can match\nrequests based on variables in the context or placeholder\nvalues. The key is the placeholder or name of the variable,\nand the values are possible values the variable can be in\norder to match (logical OR'ed).\n\nIf the key is surrounded by `{ }` it is assumed to be a\nplaceholder. Otherwise, it will be considered a variable\nname.\n\nPlaceholders in the keys are not expanded, but\nplaceholders in the values are.\n\n", + "markdownDescription": "vars: `object` \nModule: `http.matchers.vars` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#VarsMatcher) \nVarsMatcher is an HTTP request matcher which can match\nrequests based on variables in the context or placeholder\nvalues. The key is the placeholder or name of the variable,\nand the values are possible values the variable can be in\norder to match (logical OR'ed).\n\nIf the key is surrounded by `{ }` it is assumed to be a\nplaceholder. Otherwise, it will be considered a variable\nname.\n\nPlaceholders in the keys are not expanded, but\nplaceholders in the values are.\n \n", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "http.matchers.vars_regexp": { + "description": "vars_regexp: object\nModule: http.matchers.vars_regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp\nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n\n", + "markdownDescription": "vars_regexp: `object` \nModule: `http.matchers.vars_regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp) \nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp\nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp#MatchRegexp) \nMatchRegexp is an embedable type for matching\nusing regular expressions. It adds placeholders\nto the request's replacer.\n \n", + "properties": { + "name": { + "description": "name: string\nModule: http.matchers.vars_regexp\nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers.\n", + "markdownDescription": "name: `string` \nModule: `http.matchers.vars_regexp` \nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers. \n", + "type": "string" + }, + "pattern": { + "description": "pattern: string\nModule: http.matchers.vars_regexp\nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name.\n", + "markdownDescription": "pattern: `string` \nModule: `http.matchers.vars_regexp` \nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name. \n", + "type": "string" + } + } + } + }, + "http.precompressed.br": { + "description": "br: object\nModule: http.precompressed.br\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/brotli#BrotliPrecompressed", + "markdownDescription": "br: `object` \nModule: `http.precompressed.br` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/brotli#BrotliPrecompressed)", + "type": "object" + }, + "http.precompressed.gzip": { + "description": "gzip: object\nModule: http.precompressed.gzip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#GzipPrecompressed", + "markdownDescription": "gzip: `object` \nModule: `http.precompressed.gzip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#GzipPrecompressed)", + "type": "object", + "properties": { + "level": { + "description": "level: number\nModule: http.precompressed.gzip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#GzipPrecompressed", + "markdownDescription": "level: `number` \nModule: `http.precompressed.gzip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip#GzipPrecompressed)", + "type": "number" + } + } + }, + "http.precompressed.zstd": { + "description": "zstd: object\nModule: http.precompressed.zstd\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#ZstdPrecompressed", + "markdownDescription": "zstd: `object` \nModule: `http.precompressed.zstd` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#ZstdPrecompressed)", + "type": "object", + "properties": { + "level": { + "description": "level: string\nModule: http.precompressed.zstd\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#ZstdPrecompressed", + "markdownDescription": "level: `string` \nModule: `http.precompressed.zstd` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd#ZstdPrecompressed)", + "type": "string" + } + } + }, + "http.reverse_proxy.selection_policies.client_ip_hash": { + "description": "client_ip_hash: object\nModule: http.reverse_proxy.selection_policies.client_ip_hash\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#ClientIPHashSelection", + "markdownDescription": "client_ip_hash: `object` \nModule: `http.reverse_proxy.selection_policies.client_ip_hash` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#ClientIPHashSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.cookie": { + "description": "cookie: object\nModule: http.reverse_proxy.selection_policies.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection", + "markdownDescription": "cookie: `object` \nModule: `http.reverse_proxy.selection_policies.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection)", + "type": "object", + "properties": { + "fallback": { + "description": "fallback: object\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "fallback: `object` \nModule: `http.reverse_proxy.selection_policies`", + "type": "object", + "required": [ + "policy" + ], + "allOf": [ + { + "if": { + "properties": { + "policy": { + "const": "cookie" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.cookie" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "first" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.first" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "least_conn" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.least_conn" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "query" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.query" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random_choose" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random_choose" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "header" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.header" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.ip_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "uri_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.uri_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "weighted_round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.weighted_round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "client_ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.client_ip_hash" + } + }, + { + "properties": { + "policy": { + "description": "key to identify fallback module.\npolicy: string\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "key to identify `fallback` module. \npolicy: `string` \nModule: `http.reverse_proxy.selection_policies`", + "type": "string", + "enum": [ + "cookie", + "first", + "least_conn", + "query", + "random", + "random_choose", + "round_robin", + "header", + "ip_hash", + "uri_hash", + "weighted_round_robin", + "client_ip_hash" + ] + } + } + } + ] + }, + "max_age": { + "description": "max_age: number\nModule: http.reverse_proxy.selection_policies.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection", + "markdownDescription": "max_age: `number` \nModule: `http.reverse_proxy.selection_policies.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection)", + "type": "number" + }, + "name": { + "description": "name: string\nModule: http.reverse_proxy.selection_policies.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection", + "markdownDescription": "name: `string` \nModule: `http.reverse_proxy.selection_policies.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection)", + "type": "string" + }, + "secret": { + "description": "secret: string\nModule: http.reverse_proxy.selection_policies.cookie\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection", + "markdownDescription": "secret: `string` \nModule: `http.reverse_proxy.selection_policies.cookie` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#CookieHashSelection)", + "type": "string" + } + } + }, + "http.reverse_proxy.selection_policies.first": { + "description": "first: object\nModule: http.reverse_proxy.selection_policies.first\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#FirstSelection", + "markdownDescription": "first: `object` \nModule: `http.reverse_proxy.selection_policies.first` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#FirstSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.header": { + "description": "header: object\nModule: http.reverse_proxy.selection_policies.header\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HeaderHashSelection", + "markdownDescription": "header: `object` \nModule: `http.reverse_proxy.selection_policies.header` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HeaderHashSelection)", + "type": "object", + "properties": { + "fallback": { + "description": "fallback: object\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "fallback: `object` \nModule: `http.reverse_proxy.selection_policies`", + "type": "object", + "required": [ + "policy" + ], + "allOf": [ + { + "if": { + "properties": { + "policy": { + "const": "uri_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.uri_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "weighted_round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.weighted_round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "client_ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.client_ip_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "cookie" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.cookie" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "first" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.first" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "least_conn" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.least_conn" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "query" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.query" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random_choose" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random_choose" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "header" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.header" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.ip_hash" + } + }, + { + "properties": { + "policy": { + "description": "key to identify fallback module.\npolicy: string\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "key to identify `fallback` module. \npolicy: `string` \nModule: `http.reverse_proxy.selection_policies`", + "type": "string", + "enum": [ + "uri_hash", + "weighted_round_robin", + "client_ip_hash", + "cookie", + "first", + "least_conn", + "query", + "random", + "random_choose", + "round_robin", + "header", + "ip_hash" + ] + } + } + } + ] + }, + "field": { + "description": "field: string\nModule: http.reverse_proxy.selection_policies.header\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HeaderHashSelection", + "markdownDescription": "field: `string` \nModule: `http.reverse_proxy.selection_policies.header` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HeaderHashSelection)", + "type": "string" + } + } + }, + "http.reverse_proxy.selection_policies.ip_hash": { + "description": "ip_hash: object\nModule: http.reverse_proxy.selection_policies.ip_hash\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#IPHashSelection", + "markdownDescription": "ip_hash: `object` \nModule: `http.reverse_proxy.selection_policies.ip_hash` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#IPHashSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.least_conn": { + "description": "least_conn: object\nModule: http.reverse_proxy.selection_policies.least_conn\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#LeastConnSelection", + "markdownDescription": "least_conn: `object` \nModule: `http.reverse_proxy.selection_policies.least_conn` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#LeastConnSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.query": { + "description": "query: object\nModule: http.reverse_proxy.selection_policies.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#QueryHashSelection", + "markdownDescription": "query: `object` \nModule: `http.reverse_proxy.selection_policies.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#QueryHashSelection)", + "type": "object", + "properties": { + "fallback": { + "description": "fallback: object\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "fallback: `object` \nModule: `http.reverse_proxy.selection_policies`", + "type": "object", + "required": [ + "policy" + ], + "allOf": [ + { + "if": { + "properties": { + "policy": { + "const": "least_conn" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.least_conn" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "query" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.query" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "random_choose" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.random_choose" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "header" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.header" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.ip_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "uri_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.uri_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "weighted_round_robin" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.weighted_round_robin" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "client_ip_hash" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.client_ip_hash" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "cookie" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.cookie" + } + }, + { + "if": { + "properties": { + "policy": { + "const": "first" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.selection_policies.first" + } + }, + { + "properties": { + "policy": { + "description": "key to identify fallback module.\npolicy: string\nModule: http.reverse_proxy.selection_policies", + "markdownDescription": "key to identify `fallback` module. \npolicy: `string` \nModule: `http.reverse_proxy.selection_policies`", + "type": "string", + "enum": [ + "least_conn", + "query", + "random", + "random_choose", + "round_robin", + "header", + "ip_hash", + "uri_hash", + "weighted_round_robin", + "client_ip_hash", + "cookie", + "first" + ] + } + } + } + ] + }, + "key": { + "description": "key: string\nModule: http.reverse_proxy.selection_policies.query\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#QueryHashSelection", + "markdownDescription": "key: `string` \nModule: `http.reverse_proxy.selection_policies.query` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#QueryHashSelection)", + "type": "string" + } + } + }, + "http.reverse_proxy.selection_policies.random": { + "description": "random: object\nModule: http.reverse_proxy.selection_policies.random\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RandomSelection", + "markdownDescription": "random: `object` \nModule: `http.reverse_proxy.selection_policies.random` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RandomSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.random_choose": { + "description": "random_choose: object\nModule: http.reverse_proxy.selection_policies.random_choose\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RandomChoiceSelection", + "markdownDescription": "random_choose: `object` \nModule: `http.reverse_proxy.selection_policies.random_choose` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RandomChoiceSelection)", + "type": "object", + "properties": { + "choose": { + "description": "choose: number\nModule: http.reverse_proxy.selection_policies.random_choose\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RandomChoiceSelection", + "markdownDescription": "choose: `number` \nModule: `http.reverse_proxy.selection_policies.random_choose` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RandomChoiceSelection)", + "type": "number" + } + } + }, + "http.reverse_proxy.selection_policies.round_robin": { + "description": "round_robin: object\nModule: http.reverse_proxy.selection_policies.round_robin\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RoundRobinSelection", + "markdownDescription": "round_robin: `object` \nModule: `http.reverse_proxy.selection_policies.round_robin` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#RoundRobinSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.uri_hash": { + "description": "uri_hash: object\nModule: http.reverse_proxy.selection_policies.uri_hash\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#URIHashSelection", + "markdownDescription": "uri_hash: `object` \nModule: `http.reverse_proxy.selection_policies.uri_hash` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#URIHashSelection)", + "type": "object" + }, + "http.reverse_proxy.selection_policies.weighted_round_robin": { + "description": "weighted_round_robin: object\nModule: http.reverse_proxy.selection_policies.weighted_round_robin\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#WeightedRoundRobinSelection", + "markdownDescription": "weighted_round_robin: `object` \nModule: `http.reverse_proxy.selection_policies.weighted_round_robin` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#WeightedRoundRobinSelection)", + "type": "object", + "properties": { + "weights": { + "description": "weights: array\nModule: http.reverse_proxy.selection_policies.weighted_round_robin\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#WeightedRoundRobinSelection", + "markdownDescription": "weights: `array` \nModule: `http.reverse_proxy.selection_policies.weighted_round_robin` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#WeightedRoundRobinSelection)", + "type": "array", + "items": { + "type": "number" + } + } + } + }, + "http.reverse_proxy.transport.fastcgi": { + "description": "fastcgi: object\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "fastcgi: `object` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "object", + "properties": { + "capture_stderr": { + "description": "capture_stderr: boolean\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "capture_stderr: `boolean` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "boolean" + }, + "dial_timeout": { + "description": "dial_timeout: number\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "dial_timeout: `number` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "number" + }, + "env": { + "description": "env: object\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "env: `object` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "object", + "additionalProperties": {} + }, + "read_timeout": { + "description": "read_timeout: number\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "read_timeout: `number` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "number" + }, + "resolve_root_symlink": { + "description": "resolve_root_symlink: boolean\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "resolve_root_symlink: `boolean` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "boolean" + }, + "root": { + "description": "root: string\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "root: `string` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "string" + }, + "split_path": { + "description": "split_path: array\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "split_path: `array` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "array", + "items": { + "type": "string" + } + }, + "write_timeout": { + "description": "write_timeout: number\nModule: http.reverse_proxy.transport.fastcgi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport", + "markdownDescription": "write_timeout: `number` \nModule: `http.reverse_proxy.transport.fastcgi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi#Transport)", + "type": "number" + } + } + }, + "http.reverse_proxy.transport.http": { + "description": "http: object\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "http: `object` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "object", + "properties": { + "compression": { + "description": "compression: boolean\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "compression: `boolean` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "boolean" + }, + "dial_fallback_delay": { + "description": "dial_fallback_delay: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "dial_fallback_delay: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "dial_timeout": { + "description": "dial_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "dial_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "expect_continue_timeout": { + "description": "expect_continue_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "expect_continue_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "forward_proxy_url": { + "description": "forward_proxy_url: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "forward_proxy_url: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "keep_alive": { + "description": "keep_alive: object\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "keep_alive: `object` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "object", + "properties": { + "enabled": { + "description": "enabled: boolean\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "enabled: `boolean` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "boolean" + }, + "idle_timeout": { + "description": "idle_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "idle_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "max_idle_conns": { + "description": "max_idle_conns: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "max_idle_conns: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "max_idle_conns_per_host": { + "description": "max_idle_conns_per_host: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "max_idle_conns_per_host: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "probe_interval": { + "description": "probe_interval: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "probe_interval: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + } + } + }, + "local_address": { + "description": "local_address: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "local_address: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "max_conns_per_host": { + "description": "max_conns_per_host: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "max_conns_per_host: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "max_response_header_size": { + "description": "max_response_header_size: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "max_response_header_size: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "network_proxy": { + "description": "network_proxy: object\nModule: caddy.network_proxy", + "markdownDescription": "network_proxy: `object` \nModule: `caddy.network_proxy`", + "type": "object", + "required": [ + "from" + ], + "allOf": [ + { + "if": { + "properties": { + "from": { + "const": "none" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.network_proxy.none" + } + }, + { + "if": { + "properties": { + "from": { + "const": "url" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.network_proxy.url" + } + }, + { + "properties": { + "from": { + "description": "key to identify network_proxy module.\nfrom: string\nModule: caddy.network_proxy", + "markdownDescription": "key to identify `network_proxy` module. \nfrom: `string` \nModule: `caddy.network_proxy`", + "type": "string", + "enum": [ + "none", + "url" + ] + } + } + } + ] + }, + "proxy_protocol": { + "description": "proxy_protocol: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "proxy_protocol: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "read_buffer_size": { + "description": "read_buffer_size: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "read_buffer_size: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "read_timeout": { + "description": "read_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "read_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "resolver": { + "description": "resolver: object\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "resolver: `object` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "object", + "properties": { + "addresses": { + "description": "addresses: array\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "addresses: `array` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "response_header_timeout": { + "description": "response_header_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "response_header_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "tls": { + "description": "tls: object\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "tls: `object` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "object", + "properties": { + "ca": { + "description": "ca: object\nModule: tls.ca_pool.source", + "markdownDescription": "ca: `object` \nModule: `tls.ca_pool.source`", + "type": "object", + "required": [ + "provider" + ], + "allOf": [ + { + "if": { + "properties": { + "provider": { + "const": "file" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.file" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.http" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "inline" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.inline" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "pki_intermediate" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.pki_intermediate" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "pki_root" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.pki_root" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "storage" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.storage" + } + }, + { + "properties": { + "provider": { + "description": "key to identify ca module.\nprovider: string\nModule: tls.ca_pool.source", + "markdownDescription": "key to identify `ca` module. \nprovider: `string` \nModule: `tls.ca_pool.source`", + "type": "string", + "enum": [ + "file", + "http", + "inline", + "pki_intermediate", + "pki_root", + "storage" + ] + } + } + } + ] + }, + "client_certificate_automate": { + "description": "client_certificate_automate: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "client_certificate_automate: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "client_certificate_file": { + "description": "client_certificate_file: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "client_certificate_file: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "client_certificate_key_file": { + "description": "client_certificate_key_file: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "client_certificate_key_file: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "curves": { + "description": "curves: array\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "curves: `array` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "array", + "items": { + "type": "string" + } + }, + "except_ports": { + "description": "except_ports: array\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "except_ports: `array` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "array", + "items": { + "type": "string" + } + }, + "handshake_timeout": { + "description": "handshake_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "handshake_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "insecure_skip_verify": { + "description": "insecure_skip_verify: boolean\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "insecure_skip_verify: `boolean` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "boolean" + }, + "renegotiation": { + "description": "renegotiation: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "renegotiation: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + }, + "root_ca_pem_files": { + "description": "root_ca_pem_files: array\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "root_ca_pem_files: `array` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "array", + "items": { + "type": "string" + } + }, + "root_ca_pool": { + "description": "root_ca_pool: array\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "root_ca_pool: `array` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "array", + "items": { + "type": "string" + } + }, + "server_name": { + "description": "server_name: string\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "server_name: `string` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "string" + } + } + }, + "versions": { + "description": "versions: array\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "versions: `array` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "array", + "items": { + "type": "string" + } + }, + "write_buffer_size": { + "description": "write_buffer_size: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "write_buffer_size: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + }, + "write_timeout": { + "description": "write_timeout: number\nModule: http.reverse_proxy.transport.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport", + "markdownDescription": "write_timeout: `number` \nModule: `http.reverse_proxy.transport.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#HTTPTransport)", + "type": "number" + } + } + }, + "http.reverse_proxy.upstreams.a": { + "description": "a: object\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "a: `object` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "object", + "properties": { + "dial_fallback_delay": { + "description": "dial_fallback_delay: number\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "dial_fallback_delay: `number` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "number" + }, + "dial_timeout": { + "description": "dial_timeout: number\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "dial_timeout: `number` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "number" + }, + "name": { + "description": "name: string\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "name: `string` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "string" + }, + "port": { + "description": "port: string\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "port: `string` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "string" + }, + "refresh": { + "description": "refresh: number\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "refresh: `number` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "number" + }, + "resolver": { + "description": "resolver: object\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "resolver: `object` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "object", + "properties": { + "addresses": { + "description": "addresses: array\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "addresses: `array` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "versions": { + "description": "versions: object\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "versions: `object` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "object", + "properties": { + "ipv4": { + "description": "ipv4: boolean\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "ipv4: `boolean` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "boolean" + }, + "ipv6": { + "description": "ipv6: boolean\nModule: http.reverse_proxy.upstreams.a\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams", + "markdownDescription": "ipv6: `boolean` \nModule: `http.reverse_proxy.upstreams.a` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#AUpstreams)", + "type": "boolean" + } + } + } + } + }, + "http.reverse_proxy.upstreams.multi": { + "description": "multi: object\nModule: http.reverse_proxy.upstreams.multi\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#MultiUpstreams", + "markdownDescription": "multi: `object` \nModule: `http.reverse_proxy.upstreams.multi` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#MultiUpstreams)", + "type": "object", + "properties": { + "sources": { + "description": "sources: array\nModule: http.reverse_proxy.upstreams", + "markdownDescription": "sources: `array` \nModule: `http.reverse_proxy.upstreams`", + "type": "array", + "items": { + "required": [ + "source" + ], + "allOf": [ + { + "if": { + "properties": { + "source": { + "const": "a" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.upstreams.a" + } + }, + { + "if": { + "properties": { + "source": { + "const": "multi" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.upstreams.multi" + } + }, + { + "if": { + "properties": { + "source": { + "const": "srv" + } + } + }, + "then": { + "$ref": "#/definitions/http.reverse_proxy.upstreams.srv" + } + }, + { + "properties": { + "source": { + "description": "key to identify sources module.\nsource: string\nModule: http.reverse_proxy.upstreams", + "markdownDescription": "key to identify `sources` module. \nsource: `string` \nModule: `http.reverse_proxy.upstreams`", + "type": "string", + "enum": [ + "a", + "multi", + "srv" + ] + } + } + } + ] + } + } + } + }, + "http.reverse_proxy.upstreams.srv": { + "description": "srv: object\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "srv: `object` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "object", + "properties": { + "dial_fallback_delay": { + "description": "dial_fallback_delay: number\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "dial_fallback_delay: `number` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "number" + }, + "dial_timeout": { + "description": "dial_timeout: number\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "dial_timeout: `number` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "number" + }, + "grace_period": { + "description": "grace_period: number\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "grace_period: `number` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "number" + }, + "name": { + "description": "name: string\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "name: `string` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "string" + }, + "proto": { + "description": "proto: string\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "proto: `string` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "string" + }, + "refresh": { + "description": "refresh: number\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "refresh: `number` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "number" + }, + "resolver": { + "description": "resolver: object\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "resolver: `object` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "object", + "properties": { + "addresses": { + "description": "addresses: array\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "addresses: `array` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "service": { + "description": "service: string\nModule: http.reverse_proxy.upstreams.srv\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams", + "markdownDescription": "service: `string` \nModule: `http.reverse_proxy.upstreams.srv` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy#SRVUpstreams)", + "type": "string" + } + } + }, + "pki": { + "description": "pki: object\nModule: pki\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#PKI\nPKI provides Public Key Infrastructure facilities for Caddy.\n\nThis app can define certificate authorities (CAs) which are capable\nof signing certificates. Other modules can be configured to use\nthe CAs defined by this app for issuing certificates or getting\nkey information needed for establishing trust.\n\n", + "markdownDescription": "pki: `object` \nModule: `pki` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#PKI) \nPKI provides Public Key Infrastructure facilities for Caddy.\n\nThis app can define certificate authorities (CAs) which are capable\nof signing certificates. Other modules can be configured to use\nthe CAs defined by this app for issuing certificates or getting\nkey information needed for establishing trust.\n \n", + "type": "object", + "properties": { + "certificate_authorities": { + "description": "certificate_authorities: object\nModule: pki\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#CA\nThe certificate authorities to manage. Each CA is keyed by an\nID that is used to uniquely identify it from other CAs.\nAt runtime, the GetCA() method should be used instead to ensure\nthe default CA is provisioned if it hadn't already been.\nThe default CA ID is \"local\".\n\n\nCA describes a certificate authority, which consists of\nroot/signing certificates and various settings pertaining\nto the issuance of certificates and trusting them.\n", + "markdownDescription": "certificate_authorities: `object` \nModule: `pki` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#CA) \nThe certificate authorities to manage. Each CA is keyed by an\nID that is used to uniquely identify it from other CAs.\nAt runtime, the GetCA() method should be used instead to ensure\nthe default CA is provisioned if it hadn't already been.\nThe default CA ID is \"local\".\n\n\nCA describes a certificate authority, which consists of\nroot/signing certificates and various settings pertaining\nto the issuance of certificates and trusting them. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#CA\nThe certificate authorities to manage. Each CA is keyed by an\nID that is used to uniquely identify it from other CAs.\nAt runtime, the GetCA() method should be used instead to ensure\nthe default CA is provisioned if it hadn't already been.\nThe default CA ID is \"local\".\n\n\nCA describes a certificate authority, which consists of\nroot/signing certificates and various settings pertaining\nto the issuance of certificates and trusting them.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#CA) \nThe certificate authorities to manage. Each CA is keyed by an\nID that is used to uniquely identify it from other CAs.\nAt runtime, the GetCA() method should be used instead to ensure\nthe default CA is provisioned if it hadn't already been.\nThe default CA ID is \"local\".\n\n\nCA describes a certificate authority, which consists of\nroot/signing certificates and various settings pertaining\nto the issuance of certificates and trusting them. \n", + "properties": { + "install_trust": { + "description": "install_trust: boolean\nModule: pki\nWhether Caddy will attempt to install the CA's root\ninto the system trust store, as well as into Java\nand Mozilla Firefox trust stores. Default: true.\n", + "markdownDescription": "install_trust: `boolean` \nModule: `pki` \nWhether Caddy will attempt to install the CA's root\ninto the system trust store, as well as into Java\nand Mozilla Firefox trust stores. Default: true. \n", + "type": "boolean" + }, + "intermediate": { + "description": "intermediate: object\nModule: pki\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#KeyPair\nThe intermediate (signing) certificate; if null, one will be generated.\n\n\nKeyPair represents a public-private key pair, where the\npublic key is also called a certificate.\n", + "markdownDescription": "intermediate: `object` \nModule: `pki` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#KeyPair) \nThe intermediate (signing) certificate; if null, one will be generated.\n\n\nKeyPair represents a public-private key pair, where the\npublic key is also called a certificate. \n", + "type": "object", + "properties": { + "certificate": { + "description": "certificate: string\nModule: pki\nThe certificate. By default, this should be the path to\na PEM file unless format is something else.\n", + "markdownDescription": "certificate: `string` \nModule: `pki` \nThe certificate. By default, this should be the path to\na PEM file unless format is something else. \n", + "type": "string" + }, + "format": { + "description": "format: string\nModule: pki\nThe format in which the certificate and private\nkey are provided. Default: pem_file\n", + "markdownDescription": "format: `string` \nModule: `pki` \nThe format in which the certificate and private\nkey are provided. Default: pem_file \n", + "type": "string" + }, + "private_key": { + "description": "private_key: string\nModule: pki\nThe private key. By default, this should be the path to\na PEM file unless format is something else.\n", + "markdownDescription": "private_key: `string` \nModule: `pki` \nThe private key. By default, this should be the path to\na PEM file unless format is something else. \n", + "type": "string" + } + } + }, + "intermediate_common_name": { + "description": "intermediate_common_name: string\nModule: pki\nThe name to put in the CommonName field of the\nintermediate certificates.\n", + "markdownDescription": "intermediate_common_name: `string` \nModule: `pki` \nThe name to put in the CommonName field of the\nintermediate certificates. \n", + "type": "string" + }, + "intermediate_lifetime": { + "description": "intermediate_lifetime: number\nModule: pki\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe lifetime for the intermediate certificates\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "intermediate_lifetime: `number` \nModule: `pki` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe lifetime for the intermediate certificates\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "name": { + "description": "name: string\nModule: pki\nThe user-facing name of the certificate authority.\n", + "markdownDescription": "name: `string` \nModule: `pki` \nThe user-facing name of the certificate authority. \n", + "type": "string" + }, + "root": { + "description": "root: object\nModule: pki\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#KeyPair\nThe root certificate to use; if null, one will be generated.\n\n\nKeyPair represents a public-private key pair, where the\npublic key is also called a certificate.\n", + "markdownDescription": "root: `object` \nModule: `pki` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddypki#KeyPair) \nThe root certificate to use; if null, one will be generated.\n\n\nKeyPair represents a public-private key pair, where the\npublic key is also called a certificate. \n", + "type": "object", + "properties": { + "certificate": { + "description": "certificate: string\nModule: pki\nThe certificate. By default, this should be the path to\na PEM file unless format is something else.\n", + "markdownDescription": "certificate: `string` \nModule: `pki` \nThe certificate. By default, this should be the path to\na PEM file unless format is something else. \n", + "type": "string" + }, + "format": { + "description": "format: string\nModule: pki\nThe format in which the certificate and private\nkey are provided. Default: pem_file\n", + "markdownDescription": "format: `string` \nModule: `pki` \nThe format in which the certificate and private\nkey are provided. Default: pem_file \n", + "type": "string" + }, + "private_key": { + "description": "private_key: string\nModule: pki\nThe private key. By default, this should be the path to\na PEM file unless format is something else.\n", + "markdownDescription": "private_key: `string` \nModule: `pki` \nThe private key. By default, this should be the path to\na PEM file unless format is something else. \n", + "type": "string" + } + } + }, + "root_common_name": { + "description": "root_common_name: string\nModule: pki\nThe name to put in the CommonName field of the\nroot certificate.\n", + "markdownDescription": "root_common_name: `string` \nModule: `pki` \nThe name to put in the CommonName field of the\nroot certificate. \n", + "type": "string" + }, + "storage": { + "description": "storage: object\nModule: caddy.storage\nOptionally configure a separate storage module associated with this\nissuer, instead of using Caddy's global/default-configured storage.\nThis can be useful if you want to keep your signing keys in a\nseparate location from your leaf certificates.\n", + "markdownDescription": "storage: `object` \nModule: `caddy.storage` \nOptionally configure a separate storage module associated with this\nissuer, instead of using Caddy's global/default-configured storage.\nThis can be useful if you want to keep your signing keys in a\nseparate location from your leaf certificates. \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "file_system" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.storage.file_system" + } + }, + { + "properties": { + "module": { + "description": "key to identify storage module.\nmodule: string\nModule: caddy.storage", + "markdownDescription": "key to identify `storage` module. \nmodule: `string` \nModule: `caddy.storage`", + "type": "string", + "enum": [ + "file_system" + ] + } + } + } + ] + } + } + } + } + } + }, + "tls": { + "description": "tls: object\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS\nTLS provides TLS facilities including certificate\nloading and management, client auth, and more.\n\n", + "markdownDescription": "tls: `object` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS) \nTLS provides TLS facilities including certificate\nloading and management, client auth, and more.\n \n", + "type": "object", + "properties": { + "automation": { + "description": "automation: object\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomationConfig\nConfigures certificate automation.\n\n\nAutomationConfig governs the automated management of TLS certificates.\n", + "markdownDescription": "automation: `object` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomationConfig) \nConfigures certificate automation.\n\n\nAutomationConfig governs the automated management of TLS certificates. \n", + "type": "object", + "properties": { + "ocsp_interval": { + "description": "ocsp_interval: number\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nCaddy staples OCSP (and caches the response) for all\nqualifying certificates by default. This setting\nchanges how often it scans responses for freshness,\nand updates them if they are getting stale. Default: 1h\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "ocsp_interval: `number` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nCaddy staples OCSP (and caches the response) for all\nqualifying certificates by default. This setting\nchanges how often it scans responses for freshness,\nand updates them if they are getting stale. Default: 1h\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "on_demand": { + "description": "on_demand: object\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#OnDemandConfig\nOn-Demand TLS defers certificate operations to the\nmoment they are needed, e.g. during a TLS handshake.\nUseful when you don't know all the hostnames at\nconfig-time, or when you are not in control of the\ndomain names you are managing certificates for.\nIn 2015, Caddy became the first web server to\nimplement this experimental technology.\n\nNote that this field does not enable on-demand TLS;\nit only configures it for when it is used. To enable\nit, create an automation policy with `on_demand`.\n\n\nOnDemandConfig configures on-demand TLS, for obtaining\nneeded certificates at handshake-time. Because this\nfeature can easily be abused, Caddy must ask permission\nto your application whether a particular domain is allowed\nto have a certificate issued for it.\n", + "markdownDescription": "on_demand: `object` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#OnDemandConfig) \nOn-Demand TLS defers certificate operations to the\nmoment they are needed, e.g. during a TLS handshake.\nUseful when you don't know all the hostnames at\nconfig-time, or when you are not in control of the\ndomain names you are managing certificates for.\nIn 2015, Caddy became the first web server to\nimplement this experimental technology.\n\nNote that this field does not enable on-demand TLS;\nit only configures it for when it is used. To enable\nit, create an automation policy with `on_demand`.\n\n\nOnDemandConfig configures on-demand TLS, for obtaining\nneeded certificates at handshake-time. Because this\nfeature can easily be abused, Caddy must ask permission\nto your application whether a particular domain is allowed\nto have a certificate issued for it. \n", + "type": "object", + "properties": { + "ask": { + "description": "ask: string\nModule: tls\nDeprecated. WILL BE REMOVED SOON. Use 'permission' instead with the `http` module.\n", + "markdownDescription": "ask: `string` \nModule: `tls` \nDeprecated. WILL BE REMOVED SOON. Use 'permission' instead with the `http` module. \n", + "type": "string" + }, + "permission": { + "description": "permission: object\nModule: tls.permission\nREQUIRED. A module that will determine whether a\ncertificate is allowed to be loaded from storage\nor obtained from an issuer on demand.\n", + "markdownDescription": "permission: `object` \nModule: `tls.permission` \nREQUIRED. A module that will determine whether a\ncertificate is allowed to be loaded from storage\nor obtained from an issuer on demand. \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/tls.permission.http" + } + }, + { + "properties": { + "module": { + "description": "key to identify permission module.\nmodule: string\nModule: tls.permission", + "markdownDescription": "key to identify `permission` module. \nmodule: `string` \nModule: `tls.permission`", + "type": "string", + "enum": [ + "http" + ] + } + } + } + ] + } + } + }, + "policies": { + "description": "policies: array\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomationPolicy\nThe list of automation policies. The first policy matching\na certificate or subject name will be applied.\n\n\nAutomationPolicy designates the policy for automating the\nmanagement (obtaining, renewal, and revocation) of managed\nTLS certificates.\n\nAn AutomationPolicy value is not valid until it has been\nprovisioned; use the `AddAutomationPolicy()` method on the\nTLS app to properly provision a new policy.\n", + "markdownDescription": "policies: `array` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomationPolicy) \nThe list of automation policies. The first policy matching\na certificate or subject name will be applied.\n\n\nAutomationPolicy designates the policy for automating the\nmanagement (obtaining, renewal, and revocation) of managed\nTLS certificates.\n\nAn AutomationPolicy value is not valid until it has been\nprovisioned; use the `AddAutomationPolicy()` method on the\nTLS app to properly provision a new policy. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomationPolicy\nThe list of automation policies. The first policy matching\na certificate or subject name will be applied.\n\n\nAutomationPolicy designates the policy for automating the\nmanagement (obtaining, renewal, and revocation) of managed\nTLS certificates.\n\nAn AutomationPolicy value is not valid until it has been\nprovisioned; use the `AddAutomationPolicy()` method on the\nTLS app to properly provision a new policy.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomationPolicy) \nThe list of automation policies. The first policy matching\na certificate or subject name will be applied.\n\n\nAutomationPolicy designates the policy for automating the\nmanagement (obtaining, renewal, and revocation) of managed\nTLS certificates.\n\nAn AutomationPolicy value is not valid until it has been\nprovisioned; use the `AddAutomationPolicy()` method on the\nTLS app to properly provision a new policy. \n", + "type": "object", + "properties": { + "disable_ocsp_stapling": { + "description": "disable_ocsp_stapling: boolean\nModule: tls\nDisables OCSP stapling. Disabling OCSP stapling puts clients at\ngreater risk, reduces their privacy, and usually lowers client\nperformance. It is NOT recommended to disable this unless you\nare able to justify the costs.\nEXPERIMENTAL. Subject to change.\n", + "markdownDescription": "disable_ocsp_stapling: `boolean` \nModule: `tls` \nDisables OCSP stapling. Disabling OCSP stapling puts clients at\ngreater risk, reduces their privacy, and usually lowers client\nperformance. It is NOT recommended to disable this unless you\nare able to justify the costs.\nEXPERIMENTAL. Subject to change. \n", + "type": "boolean" + }, + "get_certificate": { + "description": "get_certificate: array\nModule: tls.get_certificate\nModules that can get a custom certificate to use for any\ngiven TLS handshake at handshake-time. Custom certificates\ncan be useful if another entity is managing certificates\nand Caddy need only get it and serve it. Specifying a Manager\nenables on-demand TLS, i.e. it has the side-effect of setting\nthe on_demand parameter to `true`.\n\nTODO: This is an EXPERIMENTAL feature. Subject to change or removal.\n", + "markdownDescription": "get_certificate: `array` \nModule: `tls.get_certificate` \nModules that can get a custom certificate to use for any\ngiven TLS handshake at handshake-time. Custom certificates\ncan be useful if another entity is managing certificates\nand Caddy need only get it and serve it. Specifying a Manager\nenables on-demand TLS, i.e. it has the side-effect of setting\nthe on_demand parameter to `true`.\n\nTODO: This is an EXPERIMENTAL feature. Subject to change or removal. \n", + "type": "array", + "items": { + "description": "Modules that can get a custom certificate to use for any\ngiven TLS handshake at handshake-time. Custom certificates\ncan be useful if another entity is managing certificates\nand Caddy need only get it and serve it. Specifying a Manager\nenables on-demand TLS, i.e. it has the side-effect of setting\nthe on_demand parameter to `true`.\n\nTODO: This is an EXPERIMENTAL feature. Subject to change or removal.\n", + "markdownDescription": "Modules that can get a custom certificate to use for any\ngiven TLS handshake at handshake-time. Custom certificates\ncan be useful if another entity is managing certificates\nand Caddy need only get it and serve it. Specifying a Manager\nenables on-demand TLS, i.e. it has the side-effect of setting\nthe on_demand parameter to `true`.\n\nTODO: This is an EXPERIMENTAL feature. Subject to change or removal. \n", + "required": [ + "via" + ], + "allOf": [ + { + "if": { + "properties": { + "via": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/tls.get_certificate.http" + } + }, + { + "if": { + "properties": { + "via": { + "const": "tailscale" + } + } + }, + "then": { + "$ref": "#/definitions/tls.get_certificate.tailscale" + } + }, + { + "properties": { + "via": { + "description": "key to identify get_certificate module.\nvia: string\nModule: tls.get_certificate", + "markdownDescription": "key to identify `get_certificate` module. \nvia: `string` \nModule: `tls.get_certificate`", + "type": "string", + "enum": [ + "http", + "tailscale" + ] + } + } + } + ] + } + }, + "issuers": { + "description": "issuers: array\nModule: tls.issuance\nThe modules that may issue certificates. Default: internal if all\nsubjects do not qualify for public certificates; otherwise acme and\nzerossl.\n", + "markdownDescription": "issuers: `array` \nModule: `tls.issuance` \nThe modules that may issue certificates. Default: internal if all\nsubjects do not qualify for public certificates; otherwise acme and\nzerossl. \n", + "type": "array", + "items": { + "description": "The modules that may issue certificates. Default: internal if all\nsubjects do not qualify for public certificates; otherwise acme and\nzerossl.\n", + "markdownDescription": "The modules that may issue certificates. Default: internal if all\nsubjects do not qualify for public certificates; otherwise acme and\nzerossl. \n", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "acme" + } + } + }, + "then": { + "$ref": "#/definitions/tls.issuance.acme" + } + }, + { + "if": { + "properties": { + "module": { + "const": "internal" + } + } + }, + "then": { + "$ref": "#/definitions/tls.issuance.internal" + } + }, + { + "if": { + "properties": { + "module": { + "const": "zerossl" + } + } + }, + "then": { + "$ref": "#/definitions/tls.issuance.zerossl" + } + }, + { + "properties": { + "module": { + "description": "key to identify issuers module.\nmodule: string\nModule: tls.issuance", + "markdownDescription": "key to identify `issuers` module. \nmodule: `string` \nModule: `tls.issuance`", + "type": "string", + "enum": [ + "acme", + "internal", + "zerossl" + ] + } + } + } + ] + } + }, + "key_type": { + "description": "key_type: string\nModule: tls\nThe type of key to generate for certificates.\nSupported values: `ed25519`, `p256`, `p384`, `rsa2048`, `rsa4096`.\n", + "markdownDescription": "key_type: `string` \nModule: `tls` \nThe type of key to generate for certificates.\nSupported values: `ed25519`, `p256`, `p384`, `rsa2048`, `rsa4096`. \n", + "type": "string" + }, + "must_staple": { + "description": "must_staple: boolean\nModule: tls\nIf true, certificates will be requested with MustStaple. Not all\nCAs support this, and there are potentially serious consequences\nof enabling this feature without proper threat modeling.\n", + "markdownDescription": "must_staple: `boolean` \nModule: `tls` \nIf true, certificates will be requested with MustStaple. Not all\nCAs support this, and there are potentially serious consequences\nof enabling this feature without proper threat modeling. \n", + "type": "boolean" + }, + "ocsp_overrides": { + "description": "ocsp_overrides: object\nModule: tls\nOverrides the URLs of OCSP responders embedded in certificates.\nEach key is a OCSP server URL to override, and its value is the\nreplacement. An empty value will disable querying of that server.\nEXPERIMENTAL. Subject to change.\n", + "markdownDescription": "ocsp_overrides: `object` \nModule: `tls` \nOverrides the URLs of OCSP responders embedded in certificates.\nEach key is a OCSP server URL to override, and its value is the\nreplacement. An empty value will disable querying of that server.\nEXPERIMENTAL. Subject to change. \n", + "type": "object", + "additionalProperties": { + "description": "Overrides the URLs of OCSP responders embedded in certificates.\nEach key is a OCSP server URL to override, and its value is the\nreplacement. An empty value will disable querying of that server.\nEXPERIMENTAL. Subject to change.\n", + "markdownDescription": "Overrides the URLs of OCSP responders embedded in certificates.\nEach key is a OCSP server URL to override, and its value is the\nreplacement. An empty value will disable querying of that server.\nEXPERIMENTAL. Subject to change. \n" + } + }, + "on_demand": { + "description": "on_demand: boolean\nModule: tls\nIf true, certificates will be managed \"on demand\"; that is, during\nTLS handshakes or when needed, as opposed to at startup or config\nload. This enables On-Demand TLS for this policy.\n", + "markdownDescription": "on_demand: `boolean` \nModule: `tls` \nIf true, certificates will be managed \"on demand\"; that is, during\nTLS handshakes or when needed, as opposed to at startup or config\nload. This enables On-Demand TLS for this policy. \n", + "type": "boolean" + }, + "renewal_window_ratio": { + "description": "renewal_window_ratio: object\nModule: tls\nHow long before a certificate's expiration to try renewing it,\nas a function of its total lifetime. As a general and conservative\nrule, it is a good idea to renew a certificate when it has about\n1/3 of its total lifetime remaining. This utilizes the majority\nof the certificate's lifetime while still saving time to\ntroubleshoot problems. However, for extremely short-lived certs,\nyou may wish to increase the ratio to ~1/2.\n", + "markdownDescription": "renewal_window_ratio: `object` \nModule: `tls` \nHow long before a certificate's expiration to try renewing it,\nas a function of its total lifetime. As a general and conservative\nrule, it is a good idea to renew a certificate when it has about\n1/3 of its total lifetime remaining. This utilizes the majority\nof the certificate's lifetime while still saving time to\ntroubleshoot problems. However, for extremely short-lived certs,\nyou may wish to increase the ratio to ~1/2. \n", + "type": "object" + }, + "reuse_private_keys": { + "description": "reuse_private_keys: boolean\nModule: tls\nIf true, private keys already existing in storage\nwill be reused. Otherwise, a new key will be\ncreated for every new certificate to mitigate\npinning and reduce the scope of key compromise.\nTEMPORARY: Key pinning is against industry best practices.\nThis property will likely be removed in the future.\nDo not rely on it forever; watch the release notes.\n", + "markdownDescription": "reuse_private_keys: `boolean` \nModule: `tls` \nIf true, private keys already existing in storage\nwill be reused. Otherwise, a new key will be\ncreated for every new certificate to mitigate\npinning and reduce the scope of key compromise.\nTEMPORARY: Key pinning is against industry best practices.\nThis property will likely be removed in the future.\nDo not rely on it forever; watch the release notes. \n", + "type": "boolean" + }, + "storage": { + "description": "storage: object\nModule: caddy.storage\nOptionally configure a separate storage module associated with this\nmanager, instead of using Caddy's global/default-configured storage.\n", + "markdownDescription": "storage: `object` \nModule: `caddy.storage` \nOptionally configure a separate storage module associated with this\nmanager, instead of using Caddy's global/default-configured storage. \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "file_system" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.storage.file_system" + } + }, + { + "properties": { + "module": { + "description": "key to identify storage module.\nmodule: string\nModule: caddy.storage", + "markdownDescription": "key to identify `storage` module. \nmodule: `string` \nModule: `caddy.storage`", + "type": "string", + "enum": [ + "file_system" + ] + } + } + } + ] + }, + "subjects": { + "description": "subjects: array\nModule: tls\nWhich subjects (hostnames or IP addresses) this policy applies to.\n\nThis list is a filter, not a command. In other words, it is used\nonly to filter whether this policy should apply to a subject that\nneeds a certificate; it does NOT command the TLS app to manage a\ncertificate for that subject. To have Caddy automate a certificate\nor specific subjects, use the \"automate\" certificate loader module\nof the TLS app.\n", + "markdownDescription": "subjects: `array` \nModule: `tls` \nWhich subjects (hostnames or IP addresses) this policy applies to.\n\nThis list is a filter, not a command. In other words, it is used\nonly to filter whether this policy should apply to a subject that\nneeds a certificate; it does NOT command the TLS app to manage a\ncertificate for that subject. To have Caddy automate a certificate\nor specific subjects, use the \"automate\" certificate loader module\nof the TLS app. \n", + "type": "array", + "items": { + "description": "Which subjects (hostnames or IP addresses) this policy applies to.\n\nThis list is a filter, not a command. In other words, it is used\nonly to filter whether this policy should apply to a subject that\nneeds a certificate; it does NOT command the TLS app to manage a\ncertificate for that subject. To have Caddy automate a certificate\nor specific subjects, use the \"automate\" certificate loader module\nof the TLS app.\n", + "markdownDescription": "Which subjects (hostnames or IP addresses) this policy applies to.\n\nThis list is a filter, not a command. In other words, it is used\nonly to filter whether this policy should apply to a subject that\nneeds a certificate; it does NOT command the TLS app to manage a\ncertificate for that subject. To have Caddy automate a certificate\nor specific subjects, use the \"automate\" certificate loader module\nof the TLS app. \n", + "type": "string" + } + } + } + } + }, + "renew_interval": { + "description": "renew_interval: number\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nEvery so often, Caddy will scan all loaded, managed\ncertificates for expiration. This setting changes how\nfrequently the scan for expiring certificates is\nperformed. Default: 10m\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "renew_interval: `number` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nEvery so often, Caddy will scan all loaded, managed\ncertificates for expiration. This setting changes how\nfrequently the scan for expiring certificates is\nperformed. Default: 10m\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "storage_clean_interval": { + "description": "storage_clean_interval: number\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow often to scan storage units for old or expired\nassets and remove them. These scans exert lots of\nreads (and list operations) on the storage module, so\nchoose a longer interval for large deployments.\nDefault: 24h\n\nStorage will always be cleaned when the process first\nstarts. Then, a new cleaning will be started this\nduration after the previous cleaning started if the\nprevious cleaning finished in less than half the time\nof this interval (otherwise next start will be skipped).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "storage_clean_interval: `number` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow often to scan storage units for old or expired\nassets and remove them. These scans exert lots of\nreads (and list operations) on the storage module, so\nchoose a longer interval for large deployments.\nDefault: 24h\n\nStorage will always be cleaned when the process first\nstarts. Then, a new cleaning will be started this\nduration after the previous cleaning started if the\nprevious cleaning finished in less than half the time\nof this interval (otherwise next start will be skipped).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + }, + "cache": { + "description": "cache: object\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertCacheOptions\nConfigures the in-memory certificate cache.\n\n\nCertCacheOptions configures the certificate cache.\n", + "markdownDescription": "cache: `object` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertCacheOptions) \nConfigures the in-memory certificate cache.\n\n\nCertCacheOptions configures the certificate cache. \n", + "type": "object", + "properties": { + "capacity": { + "description": "capacity: number\nModule: tls\nMaximum number of certificates to allow in the\ncache. If reached, certificates will be randomly\nevicted to make room for new ones. Default: 10,000\n", + "markdownDescription": "capacity: `number` \nModule: `tls` \nMaximum number of certificates to allow in the\ncache. If reached, certificates will be randomly\nevicted to make room for new ones. Default: 10,000 \n", + "type": "number" + } + } + }, + "certificates": { + "description": "certificates: object\nModule: tls.certificates\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nCertificates to load into memory for quick recall during\nTLS handshakes. Each key is the name of a certificate\nloader module.\n\nThe \"automate\" certificate loader module can be used to\nspecify a list of subjects that need certificates to be\nmanaged automatically. The first matching automation\npolicy will be applied to manage the certificate(s).\n\nAll loaded certificates get pooled\ninto the same cache and may be used to complete TLS\nhandshakes for the relevant server names (SNI).\nCertificates loaded manually (anything other than\n\"automate\") are not automatically managed and will\nhave to be refreshed manually before they expire.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "certificates: `object` \nModule: `tls.certificates` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nCertificates to load into memory for quick recall during\nTLS handshakes. Each key is the name of a certificate\nloader module.\n\nThe \"automate\" certificate loader module can be used to\nspecify a list of subjects that need certificates to be\nmanaged automatically. The first matching automation\npolicy will be applied to manage the certificate(s).\n\nAll loaded certificates get pooled\ninto the same cache and may be used to complete TLS\nhandshakes for the relevant server names (SNI).\nCertificates loaded manually (anything other than\n\"automate\") are not automatically managed and will\nhave to be refreshed manually before they expire.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "object", + "properties": { + "automate": { + "$ref": "#/definitions/tls.certificates.automate" + }, + "load_files": { + "$ref": "#/definitions/tls.certificates.load_files" + }, + "load_folders": { + "$ref": "#/definitions/tls.certificates.load_folders" + }, + "load_pem": { + "$ref": "#/definitions/tls.certificates.load_pem" + }, + "load_storage": { + "$ref": "#/definitions/tls.certificates.load_storage" + } + } + }, + "disable_ocsp_stapling": { + "description": "disable_ocsp_stapling: boolean\nModule: tls\nDisables OCSP stapling for manually-managed certificates only.\nTo configure OCSP stapling for automated certificates, use an\nautomation policy instead.\n\nDisabling OCSP stapling puts clients at greater risk, reduces their\nprivacy, and usually lowers client performance. It is NOT recommended\nto disable this unless you are able to justify the costs.\nEXPERIMENTAL. Subject to change.\n", + "markdownDescription": "disable_ocsp_stapling: `boolean` \nModule: `tls` \nDisables OCSP stapling for manually-managed certificates only.\nTo configure OCSP stapling for automated certificates, use an\nautomation policy instead.\n\nDisabling OCSP stapling puts clients at greater risk, reduces their\nprivacy, and usually lowers client performance. It is NOT recommended\nto disable this unless you are able to justify the costs.\nEXPERIMENTAL. Subject to change. \n", + "type": "boolean" + }, + "disable_storage_check": { + "description": "disable_storage_check: boolean\nModule: tls\nDisables checks in certmagic that the configured storage is ready\nand able to handle writing new content to it. These checks are\nintended to prevent information loss (newly issued certificates), but\ncan be expensive on the storage.\n\nDisabling these checks should only be done when the storage\ncan be trusted to have enough capacity and no other problems.\nEXPERIMENTAL. Subject to change.\n", + "markdownDescription": "disable_storage_check: `boolean` \nModule: `tls` \nDisables checks in certmagic that the configured storage is ready\nand able to handle writing new content to it. These checks are\nintended to prevent information loss (newly issued certificates), but\ncan be expensive on the storage.\n\nDisabling these checks should only be done when the storage\ncan be trusted to have enough capacity and no other problems.\nEXPERIMENTAL. Subject to change. \n", + "type": "boolean" + }, + "disable_storage_clean": { + "description": "disable_storage_clean: boolean\nModule: tls\nDisables the automatic cleanup of the storage backend.\nThis is useful when TLS is not being used to store certificates\nand the user wants run their server in a read-only mode.\n\nStorage cleaning creates two files: instance.uuid and last_clean.json.\nThe instance.uuid file is used to identify the instance of Caddy\nin a cluster. The last_clean.json file is used to store the last\ntime the storage was cleaned.\nEXPERIMENTAL. Subject to change.\n", + "markdownDescription": "disable_storage_clean: `boolean` \nModule: `tls` \nDisables the automatic cleanup of the storage backend.\nThis is useful when TLS is not being used to store certificates\nand the user wants run their server in a read-only mode.\n\nStorage cleaning creates two files: instance.uuid and last_clean.json.\nThe instance.uuid file is used to identify the instance of Caddy\nin a cluster. The last_clean.json file is used to store the last\ntime the storage was cleaned.\nEXPERIMENTAL. Subject to change. \n", + "type": "boolean" + }, + "dns": { + "description": "dns: object\nModule: dns.providers", + "markdownDescription": "dns: `object` \nModule: `dns.providers`", + "type": "object", + "required": [ + "name" + ], + "allOf": [ + { + "if": { + "properties": { + "name": { + "const": "desec" + } + } + }, + "then": { + "$ref": "#/definitions/dns.providers.desec" + } + }, + { + "properties": { + "name": { + "description": "key to identify dns module.\nname: string\nModule: dns.providers", + "markdownDescription": "key to identify `dns` module. \nname: `string` \nModule: `dns.providers`", + "type": "string", + "enum": [ + "desec" + ] + } + } + } + ] + }, + "encrypted_client_hello": { + "description": "encrypted_client_hello: object\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS", + "markdownDescription": "encrypted_client_hello: `object` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS)", + "type": "object", + "properties": { + "configs": { + "description": "configs: array\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS", + "markdownDescription": "configs: `array` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS)", + "type": "array", + "items": { + "type": "object", + "properties": { + "public_name": { + "description": "public_name: string\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS", + "markdownDescription": "public_name: `string` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS)", + "type": "string" + } + } + } + }, + "publication": { + "description": "publication: array\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS", + "markdownDescription": "publication: `array` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS)", + "type": "array", + "items": { + "type": "object", + "properties": { + "configs": { + "description": "configs: array\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS", + "markdownDescription": "configs: `array` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS)", + "type": "array", + "items": { + "type": "string" + } + }, + "domains": { + "description": "domains: array\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS", + "markdownDescription": "domains: `array` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLS)", + "type": "array", + "items": { + "type": "string" + } + }, + "publishers": { + "description": "publishers: object\nModule: tls.ech.publishers", + "markdownDescription": "publishers: `object` \nModule: `tls.ech.publishers`", + "type": "object", + "properties": { + "dns": { + "$ref": "#/definitions/tls.ech.publishers.dns" + } + } + } + } + } + } + } + }, + "session_tickets": { + "description": "session_tickets: object\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#SessionTicketService\nConfigures session ticket ephemeral keys (STEKs).\n\n\nSessionTicketService configures and manages TLS session tickets.\n", + "markdownDescription": "session_tickets: `object` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#SessionTicketService) \nConfigures session ticket ephemeral keys (STEKs).\n\n\nSessionTicketService configures and manages TLS session tickets. \n", + "type": "object", + "properties": { + "disable_rotation": { + "description": "disable_rotation: boolean\nModule: tls\nDisables STEK rotation.\n", + "markdownDescription": "disable_rotation: `boolean` \nModule: `tls` \nDisables STEK rotation. \n", + "type": "boolean" + }, + "disabled": { + "description": "disabled: boolean\nModule: tls\nDisables TLS session resumption by tickets.\n", + "markdownDescription": "disabled: `boolean` \nModule: `tls` \nDisables TLS session resumption by tickets. \n", + "type": "boolean" + }, + "key_source": { + "description": "key_source: object\nModule: tls.stek\nKeySource is the method by which Caddy produces or obtains\nTLS session ticket keys (STEKs). By default, Caddy generates\nthem internally using a secure pseudorandom source.\n", + "markdownDescription": "key_source: `object` \nModule: `tls.stek` \nKeySource is the method by which Caddy produces or obtains\nTLS session ticket keys (STEKs). By default, Caddy generates\nthem internally using a secure pseudorandom source. \n", + "type": "object", + "required": [ + "provider" + ], + "allOf": [ + { + "if": { + "properties": { + "provider": { + "const": "distributed" + } + } + }, + "then": { + "$ref": "#/definitions/tls.stek.distributed" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "standard" + } + } + }, + "then": { + "$ref": "#/definitions/tls.stek.standard" + } + }, + { + "properties": { + "provider": { + "description": "key to identify key_source module.\nprovider: string\nModule: tls.stek", + "markdownDescription": "key to identify `key_source` module. \nprovider: `string` \nModule: `tls.stek`", + "type": "string", + "enum": [ + "distributed", + "standard" + ] + } + } + } + ] + }, + "max_keys": { + "description": "max_keys: number\nModule: tls\nThe maximum number of keys to keep in rotation. Default: 4.\n", + "markdownDescription": "max_keys: `number` \nModule: `tls` \nThe maximum number of keys to keep in rotation. Default: 4. \n", + "type": "number" + }, + "rotation_interval": { + "description": "rotation_interval: number\nModule: tls\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow often Caddy rotates STEKs. Default: 12h.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "rotation_interval: `number` \nModule: `tls` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow often Caddy rotates STEKs. Default: 12h.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + } + } + }, + "tls.ca_pool.source.file": { + "description": "file: object\nModule: tls.ca_pool.source.file\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#FileCAPool\nFileCAPool generates trusted root certificates pool from the designated DER and PEM file\n\n", + "markdownDescription": "file: `object` \nModule: `tls.ca_pool.source.file` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#FileCAPool) \nFileCAPool generates trusted root certificates pool from the designated DER and PEM file\n \n", + "type": "object", + "properties": { + "pem_files": { + "description": "pem_files: array\nModule: tls.ca_pool.source.file\nTrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected.\n", + "markdownDescription": "pem_files: `array` \nModule: `tls.ca_pool.source.file` \nTrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected. \n", + "type": "array", + "items": { + "description": "TrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected.\n", + "markdownDescription": "TrustedCACertPEMFiles is a list of PEM file names\nfrom which to load certificates of trusted CAs.\nClient certificates which are not signed by any of\nthese CA certificates will be rejected. \n", + "type": "string" + } + } + } + }, + "tls.ca_pool.source.http": { + "description": "http: object\nModule: tls.ca_pool.source.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#HTTPCertPool\nThe HTTPCertPool fetches the trusted root certificates from HTTP(S)\nendpoints. The TLS connection properties can be customized, including custom\ntrusted root certificate. One example usage of this module is to get the trusted\ncertificates from another Caddy instance that is running the PKI app and ACME server.\n\n", + "markdownDescription": "http: `object` \nModule: `tls.ca_pool.source.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#HTTPCertPool) \nThe HTTPCertPool fetches the trusted root certificates from HTTP(S)\nendpoints. The TLS connection properties can be customized, including custom\ntrusted root certificate. One example usage of this module is to get the trusted\ncertificates from another Caddy instance that is running the PKI app and ACME server.\n \n", + "type": "object", + "properties": { + "endpoints": { + "description": "endpoints: array\nModule: tls.ca_pool.source.http\nthe list of URLs that respond with PEM-encoded certificates to trust.\n", + "markdownDescription": "endpoints: `array` \nModule: `tls.ca_pool.source.http` \nthe list of URLs that respond with PEM-encoded certificates to trust. \n", + "type": "array", + "items": { + "description": "the list of URLs that respond with PEM-encoded certificates to trust.\n", + "markdownDescription": "the list of URLs that respond with PEM-encoded certificates to trust. \n", + "type": "string" + } + }, + "tls": { + "description": "tls: object\nModule: tls.ca_pool.source.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLSConfig\nCustomize the TLS connection knobs to used during the HTTP call\n\n\nTLSConfig holds configuration related to the TLS configuration for the\ntransport/client.\ncopied from with minor modifications: modules/caddyhttp/reverseproxy/httptransport.go\n", + "markdownDescription": "tls: `object` \nModule: `tls.ca_pool.source.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLSConfig) \nCustomize the TLS connection knobs to used during the HTTP call\n\n\nTLSConfig holds configuration related to the TLS configuration for the\ntransport/client.\ncopied from with minor modifications: modules/caddyhttp/reverseproxy/httptransport.go \n", + "type": "object", + "properties": { + "ca": { + "description": "ca: object\nModule: tls.ca_pool.source\nProvides the guest module that provides the trusted certificate authority (CA) certificates\n", + "markdownDescription": "ca: `object` \nModule: `tls.ca_pool.source` \nProvides the guest module that provides the trusted certificate authority (CA) certificates \n", + "type": "object", + "required": [ + "provider" + ], + "allOf": [ + { + "if": { + "properties": { + "provider": { + "const": "file" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.file" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.http" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "inline" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.inline" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "pki_intermediate" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.pki_intermediate" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "pki_root" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.pki_root" + } + }, + { + "if": { + "properties": { + "provider": { + "const": "storage" + } + } + }, + "then": { + "$ref": "#/definitions/tls.ca_pool.source.storage" + } + }, + { + "properties": { + "provider": { + "description": "key to identify ca module.\nprovider: string\nModule: tls.ca_pool.source", + "markdownDescription": "key to identify `ca` module. \nprovider: `string` \nModule: `tls.ca_pool.source`", + "type": "string", + "enum": [ + "file", + "http", + "inline", + "pki_intermediate", + "pki_root", + "storage" + ] + } + } + } + ] + }, + "handshake_timeout": { + "description": "handshake_timeout: number\nModule: tls.ca_pool.source.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe duration to allow a TLS handshake to a server. Default: No timeout.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "handshake_timeout: `number` \nModule: `tls.ca_pool.source.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe duration to allow a TLS handshake to a server. Default: No timeout.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "insecure_skip_verify": { + "description": "insecure_skip_verify: boolean\nModule: tls.ca_pool.source.http\nIf true, TLS verification of server certificates will be disabled.\nThis is insecure and may be removed in the future. Do not use this\noption except in testing or local development environments.\n", + "markdownDescription": "insecure_skip_verify: `boolean` \nModule: `tls.ca_pool.source.http` \nIf true, TLS verification of server certificates will be disabled.\nThis is insecure and may be removed in the future. Do not use this\noption except in testing or local development environments. \n", + "type": "boolean" + }, + "renegotiation": { + "description": "renegotiation: string\nModule: tls.ca_pool.source.http\nTLS renegotiation level. TLS renegotiation is the act of performing\nsubsequent handshakes on a connection after the first.\nThe level can be:\n - \"never\": (the default) disables renegotiation.\n - \"once\": allows a remote server to request renegotiation once per connection.\n - \"freely\": allows a remote server to repeatedly request renegotiation.\n", + "markdownDescription": "renegotiation: `string` \nModule: `tls.ca_pool.source.http` \nTLS renegotiation level. TLS renegotiation is the act of performing\nsubsequent handshakes on a connection after the first.\nThe level can be:\n - \"never\": (the default) disables renegotiation.\n - \"once\": allows a remote server to request renegotiation once per connection.\n - \"freely\": allows a remote server to repeatedly request renegotiation. \n", + "type": "string" + }, + "server_name": { + "description": "server_name: string\nModule: tls.ca_pool.source.http\nThe server name used when verifying the certificate received in the TLS\nhandshake. By default, this will use the upstream address' host part.\nYou only need to override this if your upstream address does not match the\ncertificate the upstream is likely to use. For example if the upstream\naddress is an IP address, then you would need to configure this to the\nhostname being served by the upstream server. Currently, this does not\nsupport placeholders because the TLS config is not provisioned on each\nconnection, so a static value must be used.\n", + "markdownDescription": "server_name: `string` \nModule: `tls.ca_pool.source.http` \nThe server name used when verifying the certificate received in the TLS\nhandshake. By default, this will use the upstream address' host part.\nYou only need to override this if your upstream address does not match the\ncertificate the upstream is likely to use. For example if the upstream\naddress is an IP address, then you would need to configure this to the\nhostname being served by the upstream server. Currently, this does not\nsupport placeholders because the TLS config is not provisioned on each\nconnection, so a static value must be used. \n", + "type": "string" + } + } + } + } + }, + "tls.ca_pool.source.inline": { + "description": "inline: object\nModule: tls.ca_pool.source.inline\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#InlineCAPool\nInlineCAPool is a certificate authority pool provider coming from\na DER-encoded certificates in the config\n\n", + "markdownDescription": "inline: `object` \nModule: `tls.ca_pool.source.inline` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#InlineCAPool) \nInlineCAPool is a certificate authority pool provider coming from\na DER-encoded certificates in the config\n \n", + "type": "object", + "properties": { + "trusted_ca_certs": { + "description": "trusted_ca_certs: array\nModule: tls.ca_pool.source.inline\nA list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected.\n", + "markdownDescription": "trusted_ca_certs: `array` \nModule: `tls.ca_pool.source.inline` \nA list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected. \n", + "type": "array", + "items": { + "description": "A list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected.\n", + "markdownDescription": "A list of base64 DER-encoded CA certificates\nagainst which to validate client certificates.\nClient certs which are not signed by any of\nthese CAs will be rejected. \n", + "type": "string" + } + } + } + }, + "tls.ca_pool.source.pki_intermediate": { + "description": "pki_intermediate: object\nModule: tls.ca_pool.source.pki_intermediate\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PKIIntermediateCAPool\nPKIIntermediateCAPool extracts the trusted intermediate certificates from Caddy's native 'pki' app\n\n", + "markdownDescription": "pki_intermediate: `object` \nModule: `tls.ca_pool.source.pki_intermediate` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PKIIntermediateCAPool) \nPKIIntermediateCAPool extracts the trusted intermediate certificates from Caddy's native 'pki' app\n \n", + "type": "object", + "properties": { + "authority": { + "description": "authority: array\nModule: tls.ca_pool.source.pki_intermediate\nList of the Authority names that are configured in the `pki` app whose intermediate certificates are trusted\n", + "markdownDescription": "authority: `array` \nModule: `tls.ca_pool.source.pki_intermediate` \nList of the Authority names that are configured in the `pki` app whose intermediate certificates are trusted \n", + "type": "array", + "items": { + "description": "List of the Authority names that are configured in the `pki` app whose intermediate certificates are trusted\n", + "markdownDescription": "List of the Authority names that are configured in the `pki` app whose intermediate certificates are trusted \n", + "type": "string" + } + } + } + }, + "tls.ca_pool.source.pki_root": { + "description": "pki_root: object\nModule: tls.ca_pool.source.pki_root\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PKIRootCAPool\nPKIRootCAPool extracts the trusted root certificates from Caddy's native 'pki' app\n\n", + "markdownDescription": "pki_root: `object` \nModule: `tls.ca_pool.source.pki_root` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PKIRootCAPool) \nPKIRootCAPool extracts the trusted root certificates from Caddy's native 'pki' app\n \n", + "type": "object", + "properties": { + "authority": { + "description": "authority: array\nModule: tls.ca_pool.source.pki_root\nList of the Authority names that are configured in the `pki` app whose root certificates are trusted\n", + "markdownDescription": "authority: `array` \nModule: `tls.ca_pool.source.pki_root` \nList of the Authority names that are configured in the `pki` app whose root certificates are trusted \n", + "type": "array", + "items": { + "description": "List of the Authority names that are configured in the `pki` app whose root certificates are trusted\n", + "markdownDescription": "List of the Authority names that are configured in the `pki` app whose root certificates are trusted \n", + "type": "string" + } + } + } + }, + "tls.ca_pool.source.storage": { + "description": "storage: object\nModule: tls.ca_pool.source.storage\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#StoragePool\nStoragePool extracts the trusted certificates root from Caddy storage\n\n", + "markdownDescription": "storage: `object` \nModule: `tls.ca_pool.source.storage` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#StoragePool) \nStoragePool extracts the trusted certificates root from Caddy storage\n \n", + "type": "object", + "properties": { + "pem_keys": { + "description": "pem_keys: array\nModule: tls.ca_pool.source.storage\nThe storage key/index to the location of the certificates\n", + "markdownDescription": "pem_keys: `array` \nModule: `tls.ca_pool.source.storage` \nThe storage key/index to the location of the certificates \n", + "type": "array", + "items": { + "description": "The storage key/index to the location of the certificates\n", + "markdownDescription": "The storage key/index to the location of the certificates \n", + "type": "string" + } + }, + "storage": { + "description": "storage: object\nModule: caddy.storage\nThe storage module where the trusted root certificates are stored. Absent\nexplicit storage implies the use of Caddy default storage.\n", + "markdownDescription": "storage: `object` \nModule: `caddy.storage` \nThe storage module where the trusted root certificates are stored. Absent\nexplicit storage implies the use of Caddy default storage. \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "file_system" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.storage.file_system" + } + }, + { + "properties": { + "module": { + "description": "key to identify storage module.\nmodule: string\nModule: caddy.storage", + "markdownDescription": "key to identify `storage` module. \nmodule: `string` \nModule: `caddy.storage`", + "type": "string", + "enum": [ + "file_system" + ] + } + } + } + ] + } + } + }, + "tls.certificates.automate": { + "description": "automate: array\nModule: tls.certificates.automate\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomateLoader\nAutomateLoader will automatically manage certificates for the names in the\nlist, including obtaining and renewing certificates. Automated certificates\nare managed according to their matching automation policy, configured\nelsewhere in this app.\n\nTechnically, this is a no-op certificate loader module that is treated as\na special case: it uses this app's automation features to load certificates\nfor the list of hostnames, rather than loading certificates manually. But\nthe end result is the same: certificates for these subject names will be\nloaded into the in-memory cache and may then be used.\n\n", + "markdownDescription": "automate: `array` \nModule: `tls.certificates.automate` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#AutomateLoader) \nAutomateLoader will automatically manage certificates for the names in the\nlist, including obtaining and renewing certificates. Automated certificates\nare managed according to their matching automation policy, configured\nelsewhere in this app.\n\nTechnically, this is a no-op certificate loader module that is treated as\na special case: it uses this app's automation features to load certificates\nfor the list of hostnames, rather than loading certificates manually. But\nthe end result is the same: certificates for these subject names will be\nloaded into the in-memory cache and may then be used.\n \n", + "type": "array", + "items": { + "type": "string" + } + }, + "tls.certificates.load_files": { + "description": "load_files: array\nModule: tls.certificates.load_files\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair\nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk.\n\n", + "markdownDescription": "load_files: `array` \nModule: `tls.certificates.load_files` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair) \nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair\nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair) \nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk.\n \n", + "type": "object", + "properties": { + "certificate": { + "description": "certificate: string\nModule: tls.certificates.load_files\nPath to the certificate (public key) file.\n", + "markdownDescription": "certificate: `string` \nModule: `tls.certificates.load_files` \nPath to the certificate (public key) file. \n", + "type": "string" + }, + "format": { + "description": "format: string\nModule: tls.certificates.load_files\nThe format of the cert and key. Can be \"pem\". Default: \"pem\"\n", + "markdownDescription": "format: `string` \nModule: `tls.certificates.load_files` \nThe format of the cert and key. Can be \"pem\". Default: \"pem\" \n", + "type": "string" + }, + "key": { + "description": "key: string\nModule: tls.certificates.load_files\nPath to the private key file.\n", + "markdownDescription": "key: `string` \nModule: `tls.certificates.load_files` \nPath to the private key file. \n", + "type": "string" + }, + "tags": { + "description": "tags: array\nModule: tls.certificates.load_files\nArbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates.\n", + "markdownDescription": "tags: `array` \nModule: `tls.certificates.load_files` \nArbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates. \n", + "type": "array", + "items": { + "description": "Arbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates.\n", + "markdownDescription": "Arbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates. \n", + "type": "string" + } + } + } + } + }, + "tls.certificates.load_folders": { + "description": "load_folders: array\nModule: tls.certificates.load_folders\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#FolderLoader\nFolderLoader loads certificates and their associated keys from disk\nby recursively walking the specified directories, looking for PEM\nfiles which contain both a certificate and a key.\n\n", + "markdownDescription": "load_folders: `array` \nModule: `tls.certificates.load_folders` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#FolderLoader) \nFolderLoader loads certificates and their associated keys from disk\nby recursively walking the specified directories, looking for PEM\nfiles which contain both a certificate and a key.\n \n", + "type": "array", + "items": { + "type": "string" + } + }, + "tls.certificates.load_pem": { + "description": "load_pem: array\nModule: tls.certificates.load_pem\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyPEMPair\nCertKeyPEMPair pairs certificate and key PEM blocks.\n\n", + "markdownDescription": "load_pem: `array` \nModule: `tls.certificates.load_pem` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyPEMPair) \nCertKeyPEMPair pairs certificate and key PEM blocks.\n \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyPEMPair\nCertKeyPEMPair pairs certificate and key PEM blocks.\n\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyPEMPair) \nCertKeyPEMPair pairs certificate and key PEM blocks.\n \n", + "type": "object", + "properties": { + "certificate": { + "description": "certificate: string\nModule: tls.certificates.load_pem\nThe certificate (public key) in PEM format.\n", + "markdownDescription": "certificate: `string` \nModule: `tls.certificates.load_pem` \nThe certificate (public key) in PEM format. \n", + "type": "string" + }, + "key": { + "description": "key: string\nModule: tls.certificates.load_pem\nThe private key in PEM format.\n", + "markdownDescription": "key: `string` \nModule: `tls.certificates.load_pem` \nThe private key in PEM format. \n", + "type": "string" + }, + "tags": { + "description": "tags: array\nModule: tls.certificates.load_pem\nArbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates.\n", + "markdownDescription": "tags: `array` \nModule: `tls.certificates.load_pem` \nArbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates. \n", + "type": "array", + "items": { + "description": "Arbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates.\n", + "markdownDescription": "Arbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates. \n", + "type": "string" + } + } + } + } + }, + "tls.certificates.load_storage": { + "description": "load_storage: object\nModule: tls.certificates.load_storage\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#StorageLoader\nStorageLoader loads certificates and their associated keys\nfrom the globally configured storage module.\n\n", + "markdownDescription": "load_storage: `object` \nModule: `tls.certificates.load_storage` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#StorageLoader) \nStorageLoader loads certificates and their associated keys\nfrom the globally configured storage module.\n \n", + "type": "object", + "properties": { + "pairs": { + "description": "pairs: array\nModule: tls.certificates.load_storage\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair\nA list of pairs of certificate and key file names along with their\nencoding format so that they can be loaded from storage.\n\n\nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk.\n", + "markdownDescription": "pairs: `array` \nModule: `tls.certificates.load_storage` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair) \nA list of pairs of certificate and key file names along with their\nencoding format so that they can be loaded from storage.\n\n\nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair\nA list of pairs of certificate and key file names along with their\nencoding format so that they can be loaded from storage.\n\n\nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#CertKeyFilePair) \nA list of pairs of certificate and key file names along with their\nencoding format so that they can be loaded from storage.\n\n\nCertKeyFilePair pairs certificate and key file names along with their\nencoding format so that they can be loaded from disk. \n", + "type": "object", + "properties": { + "certificate": { + "description": "certificate: string\nModule: tls.certificates.load_storage\nPath to the certificate (public key) file.\n", + "markdownDescription": "certificate: `string` \nModule: `tls.certificates.load_storage` \nPath to the certificate (public key) file. \n", + "type": "string" + }, + "format": { + "description": "format: string\nModule: tls.certificates.load_storage\nThe format of the cert and key. Can be \"pem\". Default: \"pem\"\n", + "markdownDescription": "format: `string` \nModule: `tls.certificates.load_storage` \nThe format of the cert and key. Can be \"pem\". Default: \"pem\" \n", + "type": "string" + }, + "key": { + "description": "key: string\nModule: tls.certificates.load_storage\nPath to the private key file.\n", + "markdownDescription": "key: `string` \nModule: `tls.certificates.load_storage` \nPath to the private key file. \n", + "type": "string" + }, + "tags": { + "description": "tags: array\nModule: tls.certificates.load_storage\nArbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates.\n", + "markdownDescription": "tags: `array` \nModule: `tls.certificates.load_storage` \nArbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates. \n", + "type": "array", + "items": { + "description": "Arbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates.\n", + "markdownDescription": "Arbitrary values to associate with this certificate.\nCan be useful when you want to select a particular\ncertificate when there may be multiple valid candidates. \n", + "type": "string" + } + } + } + } + } + } + }, + "tls.client_auth.verifier.leaf": { + "description": "leaf: object\nModule: tls.client_auth.verifier.leaf\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafCertClientAuth\nLeafCertClientAuth verifies the client's leaf certificate.\n\n", + "markdownDescription": "leaf: `object` \nModule: `tls.client_auth.verifier.leaf` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafCertClientAuth) \nLeafCertClientAuth verifies the client's leaf certificate.\n \n", + "type": "object", + "properties": { + "leaf_certs_loaders": { + "description": "leaf_certs_loaders: array\nModule: tls.leaf_cert_loader\n", + "markdownDescription": "leaf_certs_loaders: `array` \nModule: `tls.leaf_cert_loader` \n", + "type": "array", + "items": { + "required": [ + "loader" + ], + "allOf": [ + { + "if": { + "properties": { + "loader": { + "const": "file" + } + } + }, + "then": { + "$ref": "#/definitions/tls.leaf_cert_loader.file" + } + }, + { + "if": { + "properties": { + "loader": { + "const": "folder" + } + } + }, + "then": { + "$ref": "#/definitions/tls.leaf_cert_loader.folder" + } + }, + { + "if": { + "properties": { + "loader": { + "const": "pem" + } + } + }, + "then": { + "$ref": "#/definitions/tls.leaf_cert_loader.pem" + } + }, + { + "if": { + "properties": { + "loader": { + "const": "storage" + } + } + }, + "then": { + "$ref": "#/definitions/tls.leaf_cert_loader.storage" + } + }, + { + "properties": { + "loader": { + "description": "key to identify leaf_certs_loaders module.\nloader: string\nModule: tls.leaf_cert_loader", + "markdownDescription": "key to identify `leaf_certs_loaders` module. \nloader: `string` \nModule: `tls.leaf_cert_loader`", + "type": "string", + "enum": [ + "file", + "folder", + "pem", + "storage" + ] + } + } + } + ] + } + } + } + }, + "tls.ech.publishers.dns": { + "description": "dns: object\nModule: tls.ech.publishers.dns\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ECHDNSPublisher", + "markdownDescription": "dns: `object` \nModule: `tls.ech.publishers.dns` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ECHDNSPublisher)", + "type": "object", + "properties": { + "provider": { + "description": "provider: object\nModule: dns.providers", + "markdownDescription": "provider: `object` \nModule: `dns.providers`", + "type": "object", + "required": [ + "name" + ], + "allOf": [ + { + "if": { + "properties": { + "name": { + "const": "desec" + } + } + }, + "then": { + "$ref": "#/definitions/dns.providers.desec" + } + }, + { + "properties": { + "name": { + "description": "key to identify provider module.\nname: string\nModule: dns.providers", + "markdownDescription": "key to identify `provider` module. \nname: `string` \nModule: `dns.providers`", + "type": "string", + "enum": [ + "desec" + ] + } + } + } + ] + } + } + }, + "tls.get_certificate.http": { + "description": "http: object\nModule: tls.get_certificate.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#HTTPCertGetter\nHTTPCertGetter can get a certificate via HTTP(S) request.\n\n", + "markdownDescription": "http: `object` \nModule: `tls.get_certificate.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#HTTPCertGetter) \nHTTPCertGetter can get a certificate via HTTP(S) request.\n \n", + "type": "object", + "properties": { + "url": { + "description": "url: string\nModule: tls.get_certificate.http\nThe URL from which to download the certificate. Required.\n\nThe URL will be augmented with query string parameters taken\nfrom the TLS handshake:\n\n- server_name: The SNI value\n- signature_schemes: Comma-separated list of hex IDs of signatures\n- cipher_suites: Comma-separated list of hex IDs of cipher suites\n\nTo be valid, the response must be HTTP 200 with a PEM body\nconsisting of blocks for the certificate chain and the private\nkey.\n\nTo indicate that this manager is not managing a certificate for\nthe described handshake, the endpoint should return HTTP 204\n(No Content). Error statuses will indicate that the manager is\ncapable of providing a certificate but was unable to.\n", + "markdownDescription": "url: `string` \nModule: `tls.get_certificate.http` \nThe URL from which to download the certificate. Required.\n\nThe URL will be augmented with query string parameters taken\nfrom the TLS handshake:\n\n- server_name: The SNI value\n- signature_schemes: Comma-separated list of hex IDs of signatures\n- cipher_suites: Comma-separated list of hex IDs of cipher suites\n\nTo be valid, the response must be HTTP 200 with a PEM body\nconsisting of blocks for the certificate chain and the private\nkey.\n\nTo indicate that this manager is not managing a certificate for\nthe described handshake, the endpoint should return HTTP 204\n(No Content). Error statuses will indicate that the manager is\ncapable of providing a certificate but was unable to. \n", + "type": "string" + } + } + }, + "tls.get_certificate.tailscale": { + "description": "tailscale: object\nModule: tls.get_certificate.tailscale\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#Tailscale\nTailscale is a module that can get certificates from the local Tailscale process.\n\n", + "markdownDescription": "tailscale: `object` \nModule: `tls.get_certificate.tailscale` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#Tailscale) \nTailscale is a module that can get certificates from the local Tailscale process.\n \n", + "type": "object" + }, + "tls.handshake_match.local_ip": { + "description": "local_ip: object\nModule: tls.handshake_match.local_ip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchLocalIP\nMatchLocalIP matches based on the IP address of the interface\nreceiving the connection. Specific IPs or CIDR ranges can be specified.\n\n", + "markdownDescription": "local_ip: `object` \nModule: `tls.handshake_match.local_ip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchLocalIP) \nMatchLocalIP matches based on the IP address of the interface\nreceiving the connection. Specific IPs or CIDR ranges can be specified.\n \n", + "type": "object", + "properties": { + "ranges": { + "description": "ranges: array\nModule: tls.handshake_match.local_ip\nThe IPs or CIDR ranges to match.\n", + "markdownDescription": "ranges: `array` \nModule: `tls.handshake_match.local_ip` \nThe IPs or CIDR ranges to match. \n", + "type": "array", + "items": { + "description": "The IPs or CIDR ranges to match.\n", + "markdownDescription": "The IPs or CIDR ranges to match. \n", + "type": "string" + } + } + } + }, + "tls.handshake_match.remote_ip": { + "description": "remote_ip: object\nModule: tls.handshake_match.remote_ip\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchRemoteIP\nMatchRemoteIP matches based on the remote IP of the\nconnection. Specific IPs or CIDR ranges can be specified.\n\nNote that IPs can sometimes be spoofed, so do not rely\non this as a replacement for actual authentication.\n\n", + "markdownDescription": "remote_ip: `object` \nModule: `tls.handshake_match.remote_ip` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchRemoteIP) \nMatchRemoteIP matches based on the remote IP of the\nconnection. Specific IPs or CIDR ranges can be specified.\n\nNote that IPs can sometimes be spoofed, so do not rely\non this as a replacement for actual authentication.\n \n", + "type": "object", + "properties": { + "not_ranges": { + "description": "not_ranges: array\nModule: tls.handshake_match.remote_ip\nThe IPs or CIDR ranges to *NOT* match.\n", + "markdownDescription": "not_ranges: `array` \nModule: `tls.handshake_match.remote_ip` \nThe IPs or CIDR ranges to *NOT* match. \n", + "type": "array", + "items": { + "description": "The IPs or CIDR ranges to *NOT* match.\n", + "markdownDescription": "The IPs or CIDR ranges to *NOT* match. \n", + "type": "string" + } + }, + "ranges": { + "description": "ranges: array\nModule: tls.handshake_match.remote_ip\nThe IPs or CIDR ranges to match.\n", + "markdownDescription": "ranges: `array` \nModule: `tls.handshake_match.remote_ip` \nThe IPs or CIDR ranges to match. \n", + "type": "array", + "items": { + "description": "The IPs or CIDR ranges to match.\n", + "markdownDescription": "The IPs or CIDR ranges to match. \n", + "type": "string" + } + } + } + }, + "tls.handshake_match.sni": { + "description": "sni: array\nModule: tls.handshake_match.sni\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchServerName\nMatchServerName matches based on SNI. Names in\nthis list may use left-most-label wildcards,\nsimilar to wildcard certificates.\n\n", + "markdownDescription": "sni: `array` \nModule: `tls.handshake_match.sni` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchServerName) \nMatchServerName matches based on SNI. Names in\nthis list may use left-most-label wildcards,\nsimilar to wildcard certificates.\n \n", + "type": "array", + "items": { + "type": "string" + } + }, + "tls.handshake_match.sni_regexp": { + "description": "sni_regexp: object\nModule: tls.handshake_match.sni_regexp\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchServerNameRE\nMatchServerNameRE matches based on SNI using a regular expression.\n\n", + "markdownDescription": "sni_regexp: `object` \nModule: `tls.handshake_match.sni_regexp` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#MatchServerNameRE) \nMatchServerNameRE matches based on SNI using a regular expression.\n \n", + "type": "object", + "properties": { + "name": { + "description": "name: string\nModule: tls.handshake_match.sni_regexp\nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers.\n", + "markdownDescription": "name: `string` \nModule: `tls.handshake_match.sni_regexp` \nA unique name for this regular expression. Optional,\nbut useful to prevent overwriting captures from other\nregexp matchers. \n", + "type": "string" + }, + "pattern": { + "description": "pattern: string\nModule: tls.handshake_match.sni_regexp\nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name.\n", + "markdownDescription": "pattern: `string` \nModule: `tls.handshake_match.sni_regexp` \nThe regular expression to evaluate, in RE2 syntax,\nwhich is the same general syntax used by Go, Perl,\nand Python. For details, see\n[Go's regexp package](https://golang.org/pkg/regexp/).\nCaptures are accessible via placeholders. Unnamed\ncapture groups are exposed as their numeric, 1-based\nindex, while named capture groups are available by\nthe capture group name. \n", + "type": "string" + } + } + }, + "tls.issuance.acme": { + "description": "acme: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ACMEIssuer\nACMEIssuer manages certificates using the ACME protocol (RFC 8555).\n\n", + "markdownDescription": "acme: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ACMEIssuer) \nACMEIssuer manages certificates using the ACME protocol (RFC 8555).\n \n", + "type": "object", + "properties": { + "account_key": { + "description": "account_key: string\nModule: tls.issuance.acme\nIf you have an existing account with the ACME server, put\nthe private key here in PEM format. The ACME client will\nlook up your account information with this key first before\ntrying to create a new one. You can use placeholders here,\nfor example if you have it in an environment variable.\n", + "markdownDescription": "account_key: `string` \nModule: `tls.issuance.acme` \nIf you have an existing account with the ACME server, put\nthe private key here in PEM format. The ACME client will\nlook up your account information with this key first before\ntrying to create a new one. You can use placeholders here,\nfor example if you have it in an environment variable. \n", + "type": "string" + }, + "acme_timeout": { + "description": "acme_timeout: number\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nTime to wait before timing out an ACME operation.\nDefault: 0 (no timeout)\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "acme_timeout: `number` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nTime to wait before timing out an ACME operation.\nDefault: 0 (no timeout)\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "ca": { + "description": "ca: string\nModule: tls.issuance.acme\nThe URL to the CA's ACME directory endpoint. Default:\nhttps://acme-v02.api.letsencrypt.org/directory\n", + "markdownDescription": "ca: `string` \nModule: `tls.issuance.acme` \nThe URL to the CA's ACME directory endpoint. Default:\nhttps://acme-v02.api.letsencrypt.org/directory \n", + "type": "string" + }, + "certificate_lifetime": { + "description": "certificate_lifetime: number\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe validity period to ask the CA to issue a certificate for.\nDefault: 0 (CA chooses lifetime).\nThis value is used to compute the \"notAfter\" field of the ACME order;\ntherefore the system must have a reasonably synchronized clock.\nNOTE: Not all CAs support this. Check with your CA's ACME\ndocumentation to see if this is allowed and what values may\nbe used. EXPERIMENTAL: Subject to change.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "certificate_lifetime: `number` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe validity period to ask the CA to issue a certificate for.\nDefault: 0 (CA chooses lifetime).\nThis value is used to compute the \"notAfter\" field of the ACME order;\ntherefore the system must have a reasonably synchronized clock.\nNOTE: Not all CAs support this. Check with your CA's ACME\ndocumentation to see if this is allowed and what values may\nbe used. EXPERIMENTAL: Subject to change.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "challenges": { + "description": "challenges: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ChallengesConfig\nConfigures the various ACME challenge types.\n\n\nChallengesConfig configures the ACME challenges.\n", + "markdownDescription": "challenges: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ChallengesConfig) \nConfigures the various ACME challenge types.\n\n\nChallengesConfig configures the ACME challenges. \n", + "type": "object", + "properties": { + "bind_host": { + "description": "bind_host: string\nModule: tls.issuance.acme\nOptionally customize the host to which a listener\nis bound if required for solving a challenge.\n", + "markdownDescription": "bind_host: `string` \nModule: `tls.issuance.acme` \nOptionally customize the host to which a listener\nis bound if required for solving a challenge. \n", + "type": "string" + }, + "dns": { + "description": "dns: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#DNSChallengeConfig\nConfigures the ACME DNS challenge. Because this\nchallenge typically requires credentials for\ninterfacing with a DNS provider, this challenge is\nnot enabled by default. This is the only challenge\ntype which does not require a direct connection\nto Caddy from an external server.\n\nNOTE: DNS providers are currently being upgraded,\nand this API is subject to change, but should be\nstabilized soon.\n\n\nDNSChallengeConfig configures the ACME DNS challenge.\n\nNOTE: This API is still experimental and is subject to change.\n", + "markdownDescription": "dns: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#DNSChallengeConfig) \nConfigures the ACME DNS challenge. Because this\nchallenge typically requires credentials for\ninterfacing with a DNS provider, this challenge is\nnot enabled by default. This is the only challenge\ntype which does not require a direct connection\nto Caddy from an external server.\n\nNOTE: DNS providers are currently being upgraded,\nand this API is subject to change, but should be\nstabilized soon.\n\n\nDNSChallengeConfig configures the ACME DNS challenge.\n\nNOTE: This API is still experimental and is subject to change. \n", + "type": "object", + "properties": { + "override_domain": { + "description": "override_domain: string\nModule: tls.issuance.acme\nOverride the domain to use for the DNS challenge. This\nis to delegate the challenge to a different domain,\ne.g. one that updates faster or one with a provider API.\n", + "markdownDescription": "override_domain: `string` \nModule: `tls.issuance.acme` \nOverride the domain to use for the DNS challenge. This\nis to delegate the challenge to a different domain,\ne.g. one that updates faster or one with a provider API. \n", + "type": "string" + }, + "propagation_delay": { + "description": "propagation_delay: number\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to wait before starting propagation checks.\nDefault: 0 (no wait).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "propagation_delay: `number` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to wait before starting propagation checks.\nDefault: 0 (no wait).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "propagation_timeout": { + "description": "propagation_timeout: number\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nMaximum time to wait for temporary DNS record to appear.\nSet to -1 to disable propagation checks.\nDefault: 2 minutes.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "propagation_timeout: `number` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nMaximum time to wait for temporary DNS record to appear.\nSet to -1 to disable propagation checks.\nDefault: 2 minutes.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "provider": { + "description": "provider: object\nModule: dns.providers\nThe DNS provider module to use which will manage\nthe DNS records relevant to the ACME challenge.\nRequired.\n", + "markdownDescription": "provider: `object` \nModule: `dns.providers` \nThe DNS provider module to use which will manage\nthe DNS records relevant to the ACME challenge.\nRequired. \n", + "type": "object", + "required": [ + "name" + ], + "allOf": [ + { + "if": { + "properties": { + "name": { + "const": "desec" + } + } + }, + "then": { + "$ref": "#/definitions/dns.providers.desec" + } + }, + { + "properties": { + "name": { + "description": "key to identify provider module.\nname: string\nModule: dns.providers", + "markdownDescription": "key to identify `provider` module. \nname: `string` \nModule: `dns.providers`", + "type": "string", + "enum": [ + "desec" + ] + } + } + } + ] + }, + "resolvers": { + "description": "resolvers: array\nModule: tls.issuance.acme\nCustom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS.\n", + "markdownDescription": "resolvers: `array` \nModule: `tls.issuance.acme` \nCustom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS. \n", + "type": "array", + "items": { + "description": "Custom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS.\n", + "markdownDescription": "Custom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS. \n", + "type": "string" + } + }, + "ttl": { + "description": "ttl: number\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe TTL of the TXT record used for the DNS challenge.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "ttl: `number` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe TTL of the TXT record used for the DNS challenge.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + }, + "http": { + "description": "http: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#HTTPChallengeConfig\nHTTP configures the ACME HTTP challenge. This\nchallenge is enabled and used automatically\nand by default.\n\n\nHTTPChallengeConfig configures the ACME HTTP challenge.\n", + "markdownDescription": "http: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#HTTPChallengeConfig) \nHTTP configures the ACME HTTP challenge. This\nchallenge is enabled and used automatically\nand by default.\n\n\nHTTPChallengeConfig configures the ACME HTTP challenge. \n", + "type": "object", + "properties": { + "alternate_port": { + "description": "alternate_port: number\nModule: tls.issuance.acme\nAn alternate port on which to service this\nchallenge. Note that the HTTP challenge port is\nhard-coded into the spec and cannot be changed,\nso you would have to forward packets from the\nstandard HTTP challenge port to this one.\n", + "markdownDescription": "alternate_port: `number` \nModule: `tls.issuance.acme` \nAn alternate port on which to service this\nchallenge. Note that the HTTP challenge port is\nhard-coded into the spec and cannot be changed,\nso you would have to forward packets from the\nstandard HTTP challenge port to this one. \n", + "type": "number" + }, + "disabled": { + "description": "disabled: boolean\nModule: tls.issuance.acme\nIf true, the HTTP challenge will be disabled.\n", + "markdownDescription": "disabled: `boolean` \nModule: `tls.issuance.acme` \nIf true, the HTTP challenge will be disabled. \n", + "type": "boolean" + } + } + }, + "tls-alpn": { + "description": "tls-alpn: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLSALPNChallengeConfig\nTLSALPN configures the ACME TLS-ALPN challenge.\nThis challenge is enabled and used automatically\nand by default.\n\n\nTLSALPNChallengeConfig configures the ACME TLS-ALPN challenge.\n", + "markdownDescription": "tls-alpn: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#TLSALPNChallengeConfig) \nTLSALPN configures the ACME TLS-ALPN challenge.\nThis challenge is enabled and used automatically\nand by default.\n\n\nTLSALPNChallengeConfig configures the ACME TLS-ALPN challenge. \n", + "type": "object", + "properties": { + "alternate_port": { + "description": "alternate_port: number\nModule: tls.issuance.acme\nAn alternate port on which to service this\nchallenge. Note that the TLS-ALPN challenge port\nis hard-coded into the spec and cannot be changed,\nso you would have to forward packets from the\nstandard TLS-ALPN challenge port to this one.\n", + "markdownDescription": "alternate_port: `number` \nModule: `tls.issuance.acme` \nAn alternate port on which to service this\nchallenge. Note that the TLS-ALPN challenge port\nis hard-coded into the spec and cannot be changed,\nso you would have to forward packets from the\nstandard TLS-ALPN challenge port to this one. \n", + "type": "number" + }, + "disabled": { + "description": "disabled: boolean\nModule: tls.issuance.acme\nIf true, the TLS-ALPN challenge will be disabled.\n", + "markdownDescription": "disabled: `boolean` \nModule: `tls.issuance.acme` \nIf true, the TLS-ALPN challenge will be disabled. \n", + "type": "boolean" + } + } + } + } + }, + "email": { + "description": "email: string\nModule: tls.issuance.acme\nYour email address, so the CA can contact you if necessary.\nNot required, but strongly recommended to provide one so\nyou can be reached if there is a problem. Your email is\nnot sent to any Caddy mothership or used for any purpose\nother than ACME transactions.\n", + "markdownDescription": "email: `string` \nModule: `tls.issuance.acme` \nYour email address, so the CA can contact you if necessary.\nNot required, but strongly recommended to provide one so\nyou can be reached if there is a problem. Your email is\nnot sent to any Caddy mothership or used for any purpose\nother than ACME transactions. \n", + "type": "string" + }, + "external_account": { + "description": "external_account: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/mholt/acmez/v3/acme#EAB\nIf using an ACME CA that requires an external account\nbinding, specify the CA-provided credentials here.\n\n\nEAB (External Account Binding) contains information\nnecessary to bind or map an ACME account to some\nother account known by the CA.\n\nExternal account bindings are \"used to associate an\nACME account with an existing account in a non-ACME\nsystem, such as a CA customer database.\"\n\n\"To enable ACME account binding, the CA operating the\nACME server needs to provide the ACME client with a\nMAC key and a key identifier, using some mechanism\noutside of ACME.\" §7.3.4\n", + "markdownDescription": "external_account: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/mholt/acmez/v3/acme#EAB) \nIf using an ACME CA that requires an external account\nbinding, specify the CA-provided credentials here.\n\n\nEAB (External Account Binding) contains information\nnecessary to bind or map an ACME account to some\nother account known by the CA.\n\nExternal account bindings are \"used to associate an\nACME account with an existing account in a non-ACME\nsystem, such as a CA customer database.\"\n\n\"To enable ACME account binding, the CA operating the\nACME server needs to provide the ACME client with a\nMAC key and a key identifier, using some mechanism\noutside of ACME.\" §7.3.4 \n", + "type": "object", + "properties": { + "key_id": { + "description": "key_id: string\nModule: tls.issuance.acme\n\"The key identifier MUST be an ASCII string.\" §7.3.4\n", + "markdownDescription": "key_id: `string` \nModule: `tls.issuance.acme` \n\"The key identifier MUST be an ASCII string.\" §7.3.4 \n", + "type": "string" + }, + "mac_key": { + "description": "mac_key: string\nModule: tls.issuance.acme\n\"The MAC key SHOULD be provided in base64url-encoded\nform, to maximize compatibility between non-ACME\nprovisioning systems and ACME clients.\" §7.3.4\n", + "markdownDescription": "mac_key: `string` \nModule: `tls.issuance.acme` \n\"The MAC key SHOULD be provided in base64url-encoded\nform, to maximize compatibility between non-ACME\nprovisioning systems and ACME clients.\" §7.3.4 \n", + "type": "string" + } + } + }, + "network_proxy": { + "description": "network_proxy: object\nModule: caddy.network_proxy", + "markdownDescription": "network_proxy: `object` \nModule: `caddy.network_proxy`", + "type": "object", + "required": [ + "from" + ], + "allOf": [ + { + "if": { + "properties": { + "from": { + "const": "none" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.network_proxy.none" + } + }, + { + "if": { + "properties": { + "from": { + "const": "url" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.network_proxy.url" + } + }, + { + "properties": { + "from": { + "description": "key to identify network_proxy module.\nfrom: string\nModule: caddy.network_proxy", + "markdownDescription": "key to identify `network_proxy` module. \nfrom: `string` \nModule: `caddy.network_proxy`", + "type": "string", + "enum": [ + "none", + "url" + ] + } + } + } + ] + }, + "preferred_chains": { + "description": "preferred_chains: object\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ChainPreference\nPreferences for selecting alternate certificate chains, if offered\nby the CA. By default, the first offered chain will be selected.\nIf configured, the chains may be sorted and the first matching chain\nwill be selected.\n\n\nChainPreference describes the client's preferred certificate chain,\nuseful if the CA offers alternate chains. The first matching chain\nwill be selected.\n", + "markdownDescription": "preferred_chains: `object` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ChainPreference) \nPreferences for selecting alternate certificate chains, if offered\nby the CA. By default, the first offered chain will be selected.\nIf configured, the chains may be sorted and the first matching chain\nwill be selected.\n\n\nChainPreference describes the client's preferred certificate chain,\nuseful if the CA offers alternate chains. The first matching chain\nwill be selected. \n", + "type": "object", + "properties": { + "any_common_name": { + "description": "any_common_name: array\nModule: tls.issuance.acme\nSelect first chain that has any issuer with one\nof these common names.\n", + "markdownDescription": "any_common_name: `array` \nModule: `tls.issuance.acme` \nSelect first chain that has any issuer with one\nof these common names. \n", + "type": "array", + "items": { + "description": "Select first chain that has any issuer with one\nof these common names.\n", + "markdownDescription": "Select first chain that has any issuer with one\nof these common names. \n", + "type": "string" + } + }, + "root_common_name": { + "description": "root_common_name: array\nModule: tls.issuance.acme\nSelect first chain having a root with one of\nthese common names.\n", + "markdownDescription": "root_common_name: `array` \nModule: `tls.issuance.acme` \nSelect first chain having a root with one of\nthese common names. \n", + "type": "array", + "items": { + "description": "Select first chain having a root with one of\nthese common names.\n", + "markdownDescription": "Select first chain having a root with one of\nthese common names. \n", + "type": "string" + } + }, + "smallest": { + "description": "smallest: boolean\nModule: tls.issuance.acme\nPrefer chains with the fewest number of bytes.\n", + "markdownDescription": "smallest: `boolean` \nModule: `tls.issuance.acme` \nPrefer chains with the fewest number of bytes. \n", + "type": "boolean" + } + } + }, + "profile": { + "description": "profile: string\nModule: tls.issuance.acme\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ACMEIssuer", + "markdownDescription": "profile: `string` \nModule: `tls.issuance.acme` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ACMEIssuer)", + "type": "string" + }, + "test_ca": { + "description": "test_ca: string\nModule: tls.issuance.acme\nThe URL to the test CA's ACME directory endpoint.\nThis endpoint is only used during retries if there\nis a failure using the primary CA. Default:\nhttps://acme-staging-v02.api.letsencrypt.org/directory\n", + "markdownDescription": "test_ca: `string` \nModule: `tls.issuance.acme` \nThe URL to the test CA's ACME directory endpoint.\nThis endpoint is only used during retries if there\nis a failure using the primary CA. Default:\nhttps://acme-staging-v02.api.letsencrypt.org/directory \n", + "type": "string" + }, + "trusted_roots_pem_files": { + "description": "trusted_roots_pem_files: array\nModule: tls.issuance.acme\nAn array of files of CA certificates to accept when connecting to the\nACME CA. Generally, you should only use this if the ACME CA endpoint\nis internal or for development/testing purposes.\n", + "markdownDescription": "trusted_roots_pem_files: `array` \nModule: `tls.issuance.acme` \nAn array of files of CA certificates to accept when connecting to the\nACME CA. Generally, you should only use this if the ACME CA endpoint\nis internal or for development/testing purposes. \n", + "type": "array", + "items": { + "description": "An array of files of CA certificates to accept when connecting to the\nACME CA. Generally, you should only use this if the ACME CA endpoint\nis internal or for development/testing purposes.\n", + "markdownDescription": "An array of files of CA certificates to accept when connecting to the\nACME CA. Generally, you should only use this if the ACME CA endpoint\nis internal or for development/testing purposes. \n", + "type": "string" + } + } + } + }, + "tls.issuance.internal": { + "description": "internal: object\nModule: tls.issuance.internal\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#InternalIssuer\nInternalIssuer is a certificate issuer that generates\ncertificates internally using a locally-configured\nCA which can be customized using the `pki` app.\n\n", + "markdownDescription": "internal: `object` \nModule: `tls.issuance.internal` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#InternalIssuer) \nInternalIssuer is a certificate issuer that generates\ncertificates internally using a locally-configured\nCA which can be customized using the `pki` app.\n \n", + "type": "object", + "properties": { + "ca": { + "description": "ca: string\nModule: tls.issuance.internal\nThe ID of the CA to use for signing. The default\nCA ID is \"local\". The CA can be configured with the\n`pki` app.\n", + "markdownDescription": "ca: `string` \nModule: `tls.issuance.internal` \nThe ID of the CA to use for signing. The default\nCA ID is \"local\". The CA can be configured with the\n`pki` app. \n", + "type": "string" + }, + "lifetime": { + "description": "lifetime: number\nModule: tls.issuance.internal\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe validity period of certificates.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "lifetime: `number` \nModule: `tls.issuance.internal` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe validity period of certificates.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "sign_with_root": { + "description": "sign_with_root: boolean\nModule: tls.issuance.internal\nIf true, the root will be the issuer instead of\nthe intermediate. This is NOT recommended and should\nonly be used when devices/clients do not properly\nvalidate certificate chains.\n", + "markdownDescription": "sign_with_root: `boolean` \nModule: `tls.issuance.internal` \nIf true, the root will be the issuer instead of\nthe intermediate. This is NOT recommended and should\nonly be used when devices/clients do not properly\nvalidate certificate chains. \n", + "type": "boolean" + } + } + }, + "tls.issuance.zerossl": { + "description": "zerossl: object\nModule: tls.issuance.zerossl\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ZeroSSLIssuer\nZeroSSLIssuer uses the ZeroSSL API to get certificates.\nNote that this is distinct from ZeroSSL's ACME endpoint.\nTo use ZeroSSL's ACME endpoint, use the ACMEIssuer\nconfigured with ZeroSSL's ACME directory endpoint.\n\n", + "markdownDescription": "zerossl: `object` \nModule: `tls.issuance.zerossl` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#ZeroSSLIssuer) \nZeroSSLIssuer uses the ZeroSSL API to get certificates.\nNote that this is distinct from ZeroSSL's ACME endpoint.\nTo use ZeroSSL's ACME endpoint, use the ACMEIssuer\nconfigured with ZeroSSL's ACME directory endpoint.\n \n", + "type": "object", + "properties": { + "alternate_http_port": { + "description": "alternate_http_port: number\nModule: tls.issuance.zerossl\nIf HTTP is forwarded from port 80, specify the\nforwarded port here.\n", + "markdownDescription": "alternate_http_port: `number` \nModule: `tls.issuance.zerossl` \nIf HTTP is forwarded from port 80, specify the\nforwarded port here. \n", + "type": "number" + }, + "api_key": { + "description": "api_key: string\nModule: tls.issuance.zerossl\nThe API key (or \"access key\") for using the ZeroSSL API.\nREQUIRED.\n", + "markdownDescription": "api_key: `string` \nModule: `tls.issuance.zerossl` \nThe API key (or \"access key\") for using the ZeroSSL API.\nREQUIRED. \n", + "type": "string" + }, + "cname_validation": { + "description": "cname_validation: object\nModule: tls.issuance.zerossl\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#DNSChallengeConfig\nUse CNAME validation instead of HTTP. ZeroSSL's\nAPI uses CNAME records for DNS validation, similar\nto how Let's Encrypt uses TXT records for the\nDNS challenge.\n\n\nDNSChallengeConfig configures the ACME DNS challenge.\n\nNOTE: This API is still experimental and is subject to change.\n", + "markdownDescription": "cname_validation: `object` \nModule: `tls.issuance.zerossl` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#DNSChallengeConfig) \nUse CNAME validation instead of HTTP. ZeroSSL's\nAPI uses CNAME records for DNS validation, similar\nto how Let's Encrypt uses TXT records for the\nDNS challenge.\n\n\nDNSChallengeConfig configures the ACME DNS challenge.\n\nNOTE: This API is still experimental and is subject to change. \n", + "type": "object", + "properties": { + "override_domain": { + "description": "override_domain: string\nModule: tls.issuance.zerossl\nOverride the domain to use for the DNS challenge. This\nis to delegate the challenge to a different domain,\ne.g. one that updates faster or one with a provider API.\n", + "markdownDescription": "override_domain: `string` \nModule: `tls.issuance.zerossl` \nOverride the domain to use for the DNS challenge. This\nis to delegate the challenge to a different domain,\ne.g. one that updates faster or one with a provider API. \n", + "type": "string" + }, + "propagation_delay": { + "description": "propagation_delay: number\nModule: tls.issuance.zerossl\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nHow long to wait before starting propagation checks.\nDefault: 0 (no wait).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "propagation_delay: `number` \nModule: `tls.issuance.zerossl` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nHow long to wait before starting propagation checks.\nDefault: 0 (no wait).\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "propagation_timeout": { + "description": "propagation_timeout: number\nModule: tls.issuance.zerossl\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nMaximum time to wait for temporary DNS record to appear.\nSet to -1 to disable propagation checks.\nDefault: 2 minutes.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "propagation_timeout: `number` \nModule: `tls.issuance.zerossl` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nMaximum time to wait for temporary DNS record to appear.\nSet to -1 to disable propagation checks.\nDefault: 2 minutes.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + }, + "provider": { + "description": "provider: object\nModule: dns.providers\nThe DNS provider module to use which will manage\nthe DNS records relevant to the ACME challenge.\nRequired.\n", + "markdownDescription": "provider: `object` \nModule: `dns.providers` \nThe DNS provider module to use which will manage\nthe DNS records relevant to the ACME challenge.\nRequired. \n", + "type": "object", + "required": [ + "name" + ], + "allOf": [ + { + "if": { + "properties": { + "name": { + "const": "desec" + } + } + }, + "then": { + "$ref": "#/definitions/dns.providers.desec" + } + }, + { + "properties": { + "name": { + "description": "key to identify provider module.\nname: string\nModule: dns.providers", + "markdownDescription": "key to identify `provider` module. \nname: `string` \nModule: `dns.providers`", + "type": "string", + "enum": [ + "desec" + ] + } + } + } + ] + }, + "resolvers": { + "description": "resolvers: array\nModule: tls.issuance.zerossl\nCustom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS.\n", + "markdownDescription": "resolvers: `array` \nModule: `tls.issuance.zerossl` \nCustom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS. \n", + "type": "array", + "items": { + "description": "Custom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS.\n", + "markdownDescription": "Custom DNS resolvers to prefer over system/built-in defaults.\nOften necessary to configure when using split-horizon DNS. \n", + "type": "string" + } + }, + "ttl": { + "description": "ttl: number\nModule: tls.issuance.zerossl\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration\nThe TTL of the TXT record used for the DNS challenge.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`.\n", + "markdownDescription": "ttl: `number` \nModule: `tls.issuance.zerossl` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Duration) \nThe TTL of the TXT record used for the DNS challenge.\n\n\nDuration can be an integer or a string. An integer is\ninterpreted as nanoseconds. If a string, it is a Go\ntime.Duration value such as `300ms`, `1.5h`, or `2h45m`;\nvalid units are `ns`, `us`/`µs`, `ms`, `s`, `m`, `h`, and `d`. \n", + "type": "number" + } + } + }, + "listen_host": { + "description": "listen_host: string\nModule: tls.issuance.zerossl\nThe host to bind to when opening a listener for\nverifying domain names (or IPs).\n", + "markdownDescription": "listen_host: `string` \nModule: `tls.issuance.zerossl` \nThe host to bind to when opening a listener for\nverifying domain names (or IPs). \n", + "type": "string" + }, + "validity_days": { + "description": "validity_days: number\nModule: tls.issuance.zerossl\nHow many days the certificate should be valid for.\nOnly certain values are accepted; see ZeroSSL docs.\n", + "markdownDescription": "validity_days: `number` \nModule: `tls.issuance.zerossl` \nHow many days the certificate should be valid for.\nOnly certain values are accepted; see ZeroSSL docs. \n", + "type": "number" + } + } + }, + "tls.leaf_cert_loader.file": { + "description": "file: object\nModule: tls.leaf_cert_loader.file\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFileLoader", + "markdownDescription": "file: `object` \nModule: `tls.leaf_cert_loader.file` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFileLoader)", + "type": "object", + "properties": { + "files": { + "description": "files: array\nModule: tls.leaf_cert_loader.file\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFileLoader", + "markdownDescription": "files: `array` \nModule: `tls.leaf_cert_loader.file` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFileLoader)", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "tls.leaf_cert_loader.folder": { + "description": "folder: object\nModule: tls.leaf_cert_loader.folder\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFolderLoader", + "markdownDescription": "folder: `object` \nModule: `tls.leaf_cert_loader.folder` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFolderLoader)", + "type": "object", + "properties": { + "folders": { + "description": "folders: array\nModule: tls.leaf_cert_loader.folder\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFolderLoader", + "markdownDescription": "folders: `array` \nModule: `tls.leaf_cert_loader.folder` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafFolderLoader)", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "tls.leaf_cert_loader.pem": { + "description": "pem: object\nModule: tls.leaf_cert_loader.pem\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafPEMLoader", + "markdownDescription": "pem: `object` \nModule: `tls.leaf_cert_loader.pem` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafPEMLoader)", + "type": "object", + "properties": { + "certificates": { + "description": "certificates: array\nModule: tls.leaf_cert_loader.pem\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafPEMLoader", + "markdownDescription": "certificates: `array` \nModule: `tls.leaf_cert_loader.pem` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafPEMLoader)", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "tls.leaf_cert_loader.storage": { + "description": "storage: object\nModule: tls.leaf_cert_loader.storage\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafStorageLoader", + "markdownDescription": "storage: `object` \nModule: `tls.leaf_cert_loader.storage` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafStorageLoader)", + "type": "object", + "properties": { + "certificates": { + "description": "certificates: array\nModule: tls.leaf_cert_loader.storage\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafStorageLoader", + "markdownDescription": "certificates: `array` \nModule: `tls.leaf_cert_loader.storage` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#LeafStorageLoader)", + "type": "array", + "items": { + "type": "string" + } + }, + "storage": { + "description": "storage: object\nModule: caddy.storage", + "markdownDescription": "storage: `object` \nModule: `caddy.storage`", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "file_system" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.storage.file_system" + } + }, + { + "properties": { + "module": { + "description": "key to identify storage module.\nmodule: string\nModule: caddy.storage", + "markdownDescription": "key to identify `storage` module. \nmodule: `string` \nModule: `caddy.storage`", + "type": "string", + "enum": [ + "file_system" + ] + } + } + } + ] + } + } + }, + "tls.permission.http": { + "description": "http: object\nModule: tls.permission.http\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PermissionByHTTP\nPermissionByHTTP determines permission for a TLS certificate by\nmaking a request to an HTTP endpoint.\n\n", + "markdownDescription": "http: `object` \nModule: `tls.permission.http` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls#PermissionByHTTP) \nPermissionByHTTP determines permission for a TLS certificate by\nmaking a request to an HTTP endpoint.\n \n", + "type": "object", + "properties": { + "endpoint": { + "description": "endpoint: string\nModule: tls.permission.http\nThe endpoint to access. It should be a full URL.\nA query string parameter \"domain\" will be added to it,\ncontaining the domain (or IP) for the desired certificate,\nlike so: `?domain=example.com`. Generally, this endpoint\nis not exposed publicly to avoid a minor information leak\n(which domains are serviced by your application).\n\nThe endpoint must return a 200 OK status if a certificate\nis allowed; anything else will cause it to be denied.\nRedirects are not followed.\n", + "markdownDescription": "endpoint: `string` \nModule: `tls.permission.http` \nThe endpoint to access. It should be a full URL.\nA query string parameter \"domain\" will be added to it,\ncontaining the domain (or IP) for the desired certificate,\nlike so: `?domain=example.com`. Generally, this endpoint\nis not exposed publicly to avoid a minor information leak\n(which domains are serviced by your application).\n\nThe endpoint must return a 200 OK status if a certificate\nis allowed; anything else will cause it to be denied.\nRedirects are not followed. \n", + "type": "string" + } + } + }, + "tls.stek.distributed": { + "description": "distributed: object\nModule: tls.stek.distributed\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls/distributedstek#Provider\nProvider implements a distributed STEK provider. This\nmodule will obtain STEKs from a storage module instead\nof generating STEKs internally. This allows STEKs to be\ncoordinated, improving TLS session resumption in a cluster.\n\n", + "markdownDescription": "distributed: `object` \nModule: `tls.stek.distributed` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2/modules/caddytls/distributedstek#Provider) \nProvider implements a distributed STEK provider. This\nmodule will obtain STEKs from a storage module instead\nof generating STEKs internally. This allows STEKs to be\ncoordinated, improving TLS session resumption in a cluster.\n \n", + "type": "object", + "properties": { + "storage": { + "description": "storage: object\nModule: caddy.storage\nThe storage module wherein to store and obtain session\nticket keys. If unset, Caddy's default/global-configured\nstorage module will be used.\n", + "markdownDescription": "storage: `object` \nModule: `caddy.storage` \nThe storage module wherein to store and obtain session\nticket keys. If unset, Caddy's default/global-configured\nstorage module will be used. \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "file_system" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.storage.file_system" + } + }, + { + "properties": { + "module": { + "description": "key to identify storage module.\nmodule: string\nModule: caddy.storage", + "markdownDescription": "key to identify `storage` module. \nmodule: `string` \nModule: `caddy.storage`", + "type": "string", + "enum": [ + "file_system" + ] + } + } + } + ] + } + } + }, + "tls.stek.standard": { + "description": "standard: object\nModule: tls.stek.standard", + "markdownDescription": "standard: `object` \nModule: `tls.stek.standard`", + "type": "object" + } + }, + "properties": { + "admin": { + "description": "admin: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminConfig\nAdminConfig configures Caddy's API endpoint, which is used\nto manage Caddy while it is running.\n\n", + "markdownDescription": "admin: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminConfig) \nAdminConfig configures Caddy's API endpoint, which is used\nto manage Caddy while it is running.\n \n", + "type": "object", + "properties": { + "config": { + "description": "config: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ConfigSettings\nOptions pertaining to configuration management.\n\n\nConfigSettings configures the management of configuration.\n", + "markdownDescription": "config: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ConfigSettings) \nOptions pertaining to configuration management.\n\n\nConfigSettings configures the management of configuration. \n", + "type": "object", + "properties": { + "load": { + "description": "load: object\nModule: caddy.config_loaders\nLoads a configuration to use. This is helpful if your configs are\nmanaged elsewhere, and you want Caddy to pull its config dynamically\nwhen it starts. The pulled config completely replaces the current\none, just like any other config load. It is an error if a pulled\nconfig is configured to pull another config.\n\nEXPERIMENTAL: Subject to change.\n", + "markdownDescription": "load: `object` \nModule: `caddy.config_loaders` \nLoads a configuration to use. This is helpful if your configs are\nmanaged elsewhere, and you want Caddy to pull its config dynamically\nwhen it starts. The pulled config completely replaces the current\none, just like any other config load. It is an error if a pulled\nconfig is configured to pull another config.\n\nEXPERIMENTAL: Subject to change. \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "http" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.config_loaders.http" + } + }, + { + "properties": { + "module": { + "description": "key to identify load module.\nmodule: string\nModule: caddy.config_loaders", + "markdownDescription": "key to identify `load` module. \nmodule: `string` \nModule: `caddy.config_loaders`", + "type": "string", + "enum": [ + "http" + ] + } + } + } + ] + }, + "load_delay": { + "description": "load_delay: number", + "markdownDescription": "load_delay: `number`", + "type": "number" + }, + "persist": { + "description": "persist: boolean\nWhether to keep a copy of the active config on disk. Default is true.\nNote that \"pulled\" dynamic configs (using the neighboring \"load\" module)\nare not persisted; only configs that are pushed to Caddy get persisted.\n", + "markdownDescription": "persist: `boolean` \nWhether to keep a copy of the active config on disk. Default is true.\nNote that \"pulled\" dynamic configs (using the neighboring \"load\" module)\nare not persisted; only configs that are pushed to Caddy get persisted. \n", + "type": "boolean" + } + } + }, + "disabled": { + "description": "disabled: boolean\nIf true, the admin endpoint will be completely disabled.\nNote that this makes any runtime changes to the config\nimpossible, since the interface to do so is through the\nadmin endpoint.\n", + "markdownDescription": "disabled: `boolean` \nIf true, the admin endpoint will be completely disabled.\nNote that this makes any runtime changes to the config\nimpossible, since the interface to do so is through the\nadmin endpoint. \n", + "type": "boolean" + }, + "enforce_origin": { + "description": "enforce_origin: boolean\nIf true, CORS headers will be emitted, and requests to the\nAPI will be rejected if their `Host` and `Origin` headers\ndo not match the expected value(s). Use `origins` to\ncustomize which origins/hosts are allowed. If `origins` is\nnot set, the listen address is the only value allowed by\ndefault. Enforced only on local (plaintext) endpoint.\n", + "markdownDescription": "enforce_origin: `boolean` \nIf true, CORS headers will be emitted, and requests to the\nAPI will be rejected if their `Host` and `Origin` headers\ndo not match the expected value(s). Use `origins` to\ncustomize which origins/hosts are allowed. If `origins` is\nnot set, the listen address is the only value allowed by\ndefault. Enforced only on local (plaintext) endpoint. \n", + "type": "boolean" + }, + "identity": { + "description": "identity: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#IdentityConfig\nOptions that establish this server's identity. Identity refers to\ncredentials which can be used to uniquely identify and authenticate\nthis server instance. This is required if remote administration is\nenabled (but does not require remote administration to be enabled).\nDefault: no identity management.\n\n\nIdentityConfig configures management of this server's identity. An identity\nconsists of credentials that uniquely verify this instance; for example,\nTLS certificates (public + private key pairs).\n", + "markdownDescription": "identity: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#IdentityConfig) \nOptions that establish this server's identity. Identity refers to\ncredentials which can be used to uniquely identify and authenticate\nthis server instance. This is required if remote administration is\nenabled (but does not require remote administration to be enabled).\nDefault: no identity management.\n\n\nIdentityConfig configures management of this server's identity. An identity\nconsists of credentials that uniquely verify this instance; for example,\nTLS certificates (public + private key pairs). \n", + "type": "object", + "properties": { + "identifiers": { + "description": "identifiers: array\nList of names or IP addresses which refer to this server.\nCertificates will be obtained for these identifiers so\nsecure TLS connections can be made using them.\n", + "markdownDescription": "identifiers: `array` \nList of names or IP addresses which refer to this server.\nCertificates will be obtained for these identifiers so\nsecure TLS connections can be made using them. \n", + "type": "array", + "items": { + "description": "List of names or IP addresses which refer to this server.\nCertificates will be obtained for these identifiers so\nsecure TLS connections can be made using them.\n", + "markdownDescription": "List of names or IP addresses which refer to this server.\nCertificates will be obtained for these identifiers so\nsecure TLS connections can be made using them. \n", + "type": "string" + } + }, + "issuers": { + "description": "issuers: array\nModule: tls.issuance\nIssuers that can provide this admin endpoint its identity\ncertificate(s). Default: ACME issuers configured for\nZeroSSL and Let's Encrypt. Be sure to change this if you\nrequire credentials for private identifiers.\n", + "markdownDescription": "issuers: `array` \nModule: `tls.issuance` \nIssuers that can provide this admin endpoint its identity\ncertificate(s). Default: ACME issuers configured for\nZeroSSL and Let's Encrypt. Be sure to change this if you\nrequire credentials for private identifiers. \n", + "type": "array", + "items": { + "description": "Issuers that can provide this admin endpoint its identity\ncertificate(s). Default: ACME issuers configured for\nZeroSSL and Let's Encrypt. Be sure to change this if you\nrequire credentials for private identifiers.\n", + "markdownDescription": "Issuers that can provide this admin endpoint its identity\ncertificate(s). Default: ACME issuers configured for\nZeroSSL and Let's Encrypt. Be sure to change this if you\nrequire credentials for private identifiers. \n", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "acme" + } + } + }, + "then": { + "$ref": "#/definitions/tls.issuance.acme" + } + }, + { + "if": { + "properties": { + "module": { + "const": "internal" + } + } + }, + "then": { + "$ref": "#/definitions/tls.issuance.internal" + } + }, + { + "if": { + "properties": { + "module": { + "const": "zerossl" + } + } + }, + "then": { + "$ref": "#/definitions/tls.issuance.zerossl" + } + }, + { + "properties": { + "module": { + "description": "key to identify issuers module.\nmodule: string\nModule: tls.issuance", + "markdownDescription": "key to identify `issuers` module. \nmodule: `string` \nModule: `tls.issuance`", + "type": "string", + "enum": [ + "acme", + "internal", + "zerossl" + ] + } + } + } + ] + } + } + } + }, + "listen": { + "description": "listen: string\nThe address to which the admin endpoint's listener should\nbind itself. Can be any single network address that can be\nparsed by Caddy. Default: localhost:2019\n", + "markdownDescription": "listen: `string` \nThe address to which the admin endpoint's listener should\nbind itself. Can be any single network address that can be\nparsed by Caddy. Default: localhost:2019 \n", + "type": "string" + }, + "origins": { + "description": "origins: array\nThe list of allowed origins/hosts for API requests. Only needed\nif accessing the admin endpoint from a host different from the\nsocket's network interface or if `enforce_origin` is true. If not\nset, the listener address will be the default value. If set but\nempty, no origins will be allowed. Enforced only on local\n(plaintext) endpoint.\n", + "markdownDescription": "origins: `array` \nThe list of allowed origins/hosts for API requests. Only needed\nif accessing the admin endpoint from a host different from the\nsocket's network interface or if `enforce_origin` is true. If not\nset, the listener address will be the default value. If set but\nempty, no origins will be allowed. Enforced only on local\n(plaintext) endpoint. \n", + "type": "array", + "items": { + "description": "The list of allowed origins/hosts for API requests. Only needed\nif accessing the admin endpoint from a host different from the\nsocket's network interface or if `enforce_origin` is true. If not\nset, the listener address will be the default value. If set but\nempty, no origins will be allowed. Enforced only on local\n(plaintext) endpoint.\n", + "markdownDescription": "The list of allowed origins/hosts for API requests. Only needed\nif accessing the admin endpoint from a host different from the\nsocket's network interface or if `enforce_origin` is true. If not\nset, the listener address will be the default value. If set but\nempty, no origins will be allowed. Enforced only on local\n(plaintext) endpoint. \n", + "type": "string" + } + }, + "remote": { + "description": "remote: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#RemoteAdmin\nOptions pertaining to remote administration. By default, remote\nadministration is disabled. If enabled, identity management must\nalso be configured, as that is how the endpoint is secured.\nSee the neighboring \"identity\" object.\n\nEXPERIMENTAL: This feature is subject to change.\n\n\nRemoteAdmin enables and configures remote administration. If enabled,\na secure listener enforcing mutual TLS authentication will be started\non a different port from the standard plaintext admin server.\n\nThis endpoint is secured using identity management, which must be\nconfigured separately (because identity management does not depend\non remote administration). See the admin/identity config struct.\n\nEXPERIMENTAL: Subject to change.\n", + "markdownDescription": "remote: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#RemoteAdmin) \nOptions pertaining to remote administration. By default, remote\nadministration is disabled. If enabled, identity management must\nalso be configured, as that is how the endpoint is secured.\nSee the neighboring \"identity\" object.\n\nEXPERIMENTAL: This feature is subject to change.\n\n\nRemoteAdmin enables and configures remote administration. If enabled,\na secure listener enforcing mutual TLS authentication will be started\non a different port from the standard plaintext admin server.\n\nThis endpoint is secured using identity management, which must be\nconfigured separately (because identity management does not depend\non remote administration). See the admin/identity config struct.\n\nEXPERIMENTAL: Subject to change. \n", + "type": "object", + "properties": { + "access_control": { + "description": "access_control: array\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminAccess\nList of access controls for this secure admin endpoint.\nThis configures TLS mutual authentication (i.e. authorized\nclient certificates), but also application-layer permissions\nlike which paths and methods each identity is authorized for.\n\n\nAdminAccess specifies what permissions an identity or group\nof identities are granted.\n", + "markdownDescription": "access_control: `array` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminAccess) \nList of access controls for this secure admin endpoint.\nThis configures TLS mutual authentication (i.e. authorized\nclient certificates), but also application-layer permissions\nlike which paths and methods each identity is authorized for.\n\n\nAdminAccess specifies what permissions an identity or group\nof identities are granted. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminAccess\nList of access controls for this secure admin endpoint.\nThis configures TLS mutual authentication (i.e. authorized\nclient certificates), but also application-layer permissions\nlike which paths and methods each identity is authorized for.\n\n\nAdminAccess specifies what permissions an identity or group\nof identities are granted.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminAccess) \nList of access controls for this secure admin endpoint.\nThis configures TLS mutual authentication (i.e. authorized\nclient certificates), but also application-layer permissions\nlike which paths and methods each identity is authorized for.\n\n\nAdminAccess specifies what permissions an identity or group\nof identities are granted. \n", + "type": "object", + "properties": { + "permissions": { + "description": "permissions: array\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminPermissions\nLimits what the associated identities are allowed to do.\nIf unspecified, all permissions are granted.\n\n\nAdminPermissions specifies what kinds of requests are allowed\nto be made to the admin endpoint.\n", + "markdownDescription": "permissions: `array` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminPermissions) \nLimits what the associated identities are allowed to do.\nIf unspecified, all permissions are granted.\n\n\nAdminPermissions specifies what kinds of requests are allowed\nto be made to the admin endpoint. \n", + "type": "array", + "items": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminPermissions\nLimits what the associated identities are allowed to do.\nIf unspecified, all permissions are granted.\n\n\nAdminPermissions specifies what kinds of requests are allowed\nto be made to the admin endpoint.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#AdminPermissions) \nLimits what the associated identities are allowed to do.\nIf unspecified, all permissions are granted.\n\n\nAdminPermissions specifies what kinds of requests are allowed\nto be made to the admin endpoint. \n", + "type": "object", + "properties": { + "methods": { + "description": "methods: array\nThe HTTP methods allowed for the given paths.\n", + "markdownDescription": "methods: `array` \nThe HTTP methods allowed for the given paths. \n", + "type": "array", + "items": { + "description": "The HTTP methods allowed for the given paths.\n", + "markdownDescription": "The HTTP methods allowed for the given paths. \n", + "type": "string" + } + }, + "paths": { + "description": "paths: array\nThe API paths allowed. Paths are simple prefix matches.\nAny subpath of the specified paths will be allowed.\n", + "markdownDescription": "paths: `array` \nThe API paths allowed. Paths are simple prefix matches.\nAny subpath of the specified paths will be allowed. \n", + "type": "array", + "items": { + "description": "The API paths allowed. Paths are simple prefix matches.\nAny subpath of the specified paths will be allowed.\n", + "markdownDescription": "The API paths allowed. Paths are simple prefix matches.\nAny subpath of the specified paths will be allowed. \n", + "type": "string" + } + } + } + } + }, + "public_keys": { + "description": "public_keys: array\nBase64-encoded DER certificates containing public keys to accept.\n(The contents of PEM certificate blocks are base64-encoded DER.)\nAny of these public keys can appear in any part of a verified chain.\n", + "markdownDescription": "public_keys: `array` \nBase64-encoded DER certificates containing public keys to accept.\n(The contents of PEM certificate blocks are base64-encoded DER.)\nAny of these public keys can appear in any part of a verified chain. \n", + "type": "array", + "items": { + "description": "Base64-encoded DER certificates containing public keys to accept.\n(The contents of PEM certificate blocks are base64-encoded DER.)\nAny of these public keys can appear in any part of a verified chain.\n", + "markdownDescription": "Base64-encoded DER certificates containing public keys to accept.\n(The contents of PEM certificate blocks are base64-encoded DER.)\nAny of these public keys can appear in any part of a verified chain. \n", + "type": "string" + } + } + } + } + }, + "listen": { + "description": "listen: string\nThe address on which to start the secure listener.\nDefault: :2021\n", + "markdownDescription": "listen: `string` \nThe address on which to start the secure listener.\nDefault: :2021 \n", + "type": "string" + } + } + } + } + }, + "apps": { + "description": "apps: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap\nAppsRaw are the apps that Caddy will load and run. The\napp module name is the key, and the app's config is the\nassociated value.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage.\n", + "markdownDescription": "apps: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#ModuleMap) \nAppsRaw are the apps that Caddy will load and run. The\napp module name is the key, and the app's config is the\nassociated value.\n\n\nModuleMap is a map that can contain multiple modules,\nwhere the map key is the module's name. (The namespace\nis usually read from an associated field's struct tag.)\nBecause the module's name is given as the key in a\nmodule map, the name does not have to be given in the\njson.RawMessage. \n", + "type": "object", + "properties": { + "events": { + "$ref": "#/definitions/events" + }, + "http": { + "$ref": "#/definitions/http" + }, + "pki": { + "$ref": "#/definitions/pki" + }, + "tls": { + "$ref": "#/definitions/tls" + } + } + }, + "logging": { + "description": "logging: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#Logging\nLogging facilitates logging within Caddy. The default log is\ncalled \"default\" and you can customize it. You can also define\nadditional logs.\n\nBy default, all logs at INFO level and higher are written to\nstandard error (\"stderr\" writer) in a human-readable format\n(\"console\" encoder if stdout is an interactive terminal, \"json\"\nencoder otherwise).\n\nAll defined logs accept all log entries by default, but you\ncan filter by level and module/logger names. A logger's name\nis the same as the module's name, but a module may append to\nlogger names for more specificity. For example, you can\nfilter logs emitted only by HTTP handlers using the name\n\"http.handlers\", because all HTTP handler module names have\nthat prefix.\n\nCaddy logs (except the sink) are zero-allocation, so they are\nvery high-performing in terms of memory and CPU time. Enabling\nsampling can further increase throughput on extremely high-load\nservers.\n\n", + "markdownDescription": "logging: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#Logging) \nLogging facilitates logging within Caddy. The default log is\ncalled \"default\" and you can customize it. You can also define\nadditional logs.\n\nBy default, all logs at INFO level and higher are written to\nstandard error (\"stderr\" writer) in a human-readable format\n(\"console\" encoder if stdout is an interactive terminal, \"json\"\nencoder otherwise).\n\nAll defined logs accept all log entries by default, but you\ncan filter by level and module/logger names. A logger's name\nis the same as the module's name, but a module may append to\nlogger names for more specificity. For example, you can\nfilter logs emitted only by HTTP handlers using the name\n\"http.handlers\", because all HTTP handler module names have\nthat prefix.\n\nCaddy logs (except the sink) are zero-allocation, so they are\nvery high-performing in terms of memory and CPU time. Enabling\nsampling can further increase throughput on extremely high-load\nservers.\n \n", + "type": "object", + "properties": { + "logs": { + "description": "logs: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#CustomLog\nLogs are your logs, keyed by an arbitrary name of your\nchoosing. The default log can be customized by defining\na log called \"default\". You can further define other logs\nand filter what kinds of entries they accept.\n\n\nCustomLog represents a custom logger configuration.\n\nBy default, a log will emit all log entries. Some entries\nwill be skipped if sampling is enabled. Further, the Include\nand Exclude parameters define which loggers (by name) are\nallowed or rejected from emitting in this log. If both Include\nand Exclude are populated, their values must be mutually\nexclusive, and longer namespaces have priority. If neither\nare populated, all logs are emitted.\n", + "markdownDescription": "logs: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#CustomLog) \nLogs are your logs, keyed by an arbitrary name of your\nchoosing. The default log can be customized by defining\na log called \"default\". You can further define other logs\nand filter what kinds of entries they accept.\n\n\nCustomLog represents a custom logger configuration.\n\nBy default, a log will emit all log entries. Some entries\nwill be skipped if sampling is enabled. Further, the Include\nand Exclude parameters define which loggers (by name) are\nallowed or rejected from emitting in this log. If both Include\nand Exclude are populated, their values must be mutually\nexclusive, and longer namespaces have priority. If neither\nare populated, all logs are emitted. \n", + "type": "object", + "additionalProperties": { + "description": "https://pkg.go.dev/github.com/caddyserver/caddy/v2#CustomLog\nLogs are your logs, keyed by an arbitrary name of your\nchoosing. The default log can be customized by defining\na log called \"default\". You can further define other logs\nand filter what kinds of entries they accept.\n\n\nCustomLog represents a custom logger configuration.\n\nBy default, a log will emit all log entries. Some entries\nwill be skipped if sampling is enabled. Further, the Include\nand Exclude parameters define which loggers (by name) are\nallowed or rejected from emitting in this log. If both Include\nand Exclude are populated, their values must be mutually\nexclusive, and longer namespaces have priority. If neither\nare populated, all logs are emitted.\n", + "markdownDescription": "[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#CustomLog) \nLogs are your logs, keyed by an arbitrary name of your\nchoosing. The default log can be customized by defining\na log called \"default\". You can further define other logs\nand filter what kinds of entries they accept.\n\n\nCustomLog represents a custom logger configuration.\n\nBy default, a log will emit all log entries. Some entries\nwill be skipped if sampling is enabled. Further, the Include\nand Exclude parameters define which loggers (by name) are\nallowed or rejected from emitting in this log. If both Include\nand Exclude are populated, their values must be mutually\nexclusive, and longer namespaces have priority. If neither\nare populated, all logs are emitted. \n", + "properties": { + "core": { + "description": "core: object\nModule: caddy.logging.cores", + "markdownDescription": "core: `object` \nModule: `caddy.logging.cores`", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "mock" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.cores.mock" + } + }, + { + "properties": { + "module": { + "description": "key to identify core module.\nmodule: string\nModule: caddy.logging.cores", + "markdownDescription": "key to identify `core` module. \nmodule: `string` \nModule: `caddy.logging.cores`", + "type": "string", + "enum": [ + "mock" + ] + } + } + } + ] + }, + "encoder": { + "description": "encoder: object\nModule: caddy.logging.encoders\nThe encoder is how the log entries are formatted or encoded.\n", + "markdownDescription": "encoder: `object` \nModule: `caddy.logging.encoders` \nThe encoder is how the log entries are formatted or encoded. \n", + "type": "object", + "required": [ + "format" + ], + "allOf": [ + { + "if": { + "properties": { + "format": { + "const": "append" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.append" + } + }, + { + "if": { + "properties": { + "format": { + "const": "console" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.console" + } + }, + { + "if": { + "properties": { + "format": { + "const": "filter" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter" + } + }, + { + "if": { + "properties": { + "format": { + "const": "json" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.json" + } + }, + { + "properties": { + "format": { + "description": "key to identify encoder module.\nformat: string\nModule: caddy.logging.encoders", + "markdownDescription": "key to identify `encoder` module. \nformat: `string` \nModule: `caddy.logging.encoders`", + "type": "string", + "enum": [ + "append", + "console", + "filter", + "json" + ] + } + } + } + ] + }, + "exclude": { + "description": "exclude: array\nExclude defines the names of loggers that should be\nskipped by this log. For example, to exclude only\nHTTP access logs, you would exclude \"http.log.access\".\n", + "markdownDescription": "exclude: `array` \nExclude defines the names of loggers that should be\nskipped by this log. For example, to exclude only\nHTTP access logs, you would exclude \"http.log.access\". \n", + "type": "array", + "items": { + "description": "Exclude defines the names of loggers that should be\nskipped by this log. For example, to exclude only\nHTTP access logs, you would exclude \"http.log.access\".\n", + "markdownDescription": "Exclude defines the names of loggers that should be\nskipped by this log. For example, to exclude only\nHTTP access logs, you would exclude \"http.log.access\". \n", + "type": "string" + } + }, + "include": { + "description": "include: array\nInclude defines the names of loggers to emit in this\nlog. For example, to include only logs emitted by the\nadmin API, you would include \"admin.api\".\n", + "markdownDescription": "include: `array` \nInclude defines the names of loggers to emit in this\nlog. For example, to include only logs emitted by the\nadmin API, you would include \"admin.api\". \n", + "type": "array", + "items": { + "description": "Include defines the names of loggers to emit in this\nlog. For example, to include only logs emitted by the\nadmin API, you would include \"admin.api\".\n", + "markdownDescription": "Include defines the names of loggers to emit in this\nlog. For example, to include only logs emitted by the\nadmin API, you would include \"admin.api\". \n", + "type": "string" + } + }, + "level": { + "description": "level: string\nLevel is the minimum level to emit, and is inclusive.\nPossible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL\n", + "markdownDescription": "level: `string` \nLevel is the minimum level to emit, and is inclusive.\nPossible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL \n", + "type": "string" + }, + "sampling": { + "description": "sampling: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#LogSampling\nSampling configures log entry sampling. If enabled,\nonly some log entries will be emitted. This is useful\nfor improving performance on extremely high-pressure\nservers.\n\n\nLogSampling configures log entry sampling.\n", + "markdownDescription": "sampling: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#LogSampling) \nSampling configures log entry sampling. If enabled,\nonly some log entries will be emitted. This is useful\nfor improving performance on extremely high-pressure\nservers.\n\n\nLogSampling configures log entry sampling. \n", + "type": "object", + "properties": { + "first": { + "description": "first: number\nLog this many entries within a given level and\nmessage for each interval.\n", + "markdownDescription": "first: `number` \nLog this many entries within a given level and\nmessage for each interval. \n", + "type": "number" + }, + "interval": { + "description": "interval: number\nhttps://pkg.go.dev/time#Duration\nThe window over which to conduct sampling.\n\n\nA Duration represents the elapsed time between two instants\nas an int64 nanosecond count. The representation limits the\nlargest representable duration to approximately 290 years.\n", + "markdownDescription": "interval: `number` \n[godoc](https://pkg.go.dev/time#Duration) \nThe window over which to conduct sampling.\n\n\nA Duration represents the elapsed time between two instants\nas an int64 nanosecond count. The representation limits the\nlargest representable duration to approximately 290 years. \n", + "type": "number" + }, + "thereafter": { + "description": "thereafter: number\nIf more entries with the same level and message\nare seen during the same interval, keep one in\nthis many entries until the end of the interval.\n", + "markdownDescription": "thereafter: `number` \nIf more entries with the same level and message\nare seen during the same interval, keep one in\nthis many entries until the end of the interval. \n", + "type": "number" + } + } + }, + "with_caller": { + "description": "with_caller: boolean", + "markdownDescription": "with_caller: `boolean`", + "type": "boolean" + }, + "with_caller_skip": { + "description": "with_caller_skip: number", + "markdownDescription": "with_caller_skip: `number`", + "type": "number" + }, + "with_stacktrace": { + "description": "with_stacktrace: string", + "markdownDescription": "with_stacktrace: `string`", + "type": "string" + }, + "writer": { + "description": "writer: object\nModule: caddy.logging.writers\nThe writer defines where log entries are emitted.\n", + "markdownDescription": "writer: `object` \nModule: `caddy.logging.writers` \nThe writer defines where log entries are emitted. \n", + "type": "object", + "required": [ + "output" + ], + "allOf": [ + { + "if": { + "properties": { + "output": { + "const": "stderr" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.stderr" + } + }, + { + "if": { + "properties": { + "output": { + "const": "stdout" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.stdout" + } + }, + { + "if": { + "properties": { + "output": { + "const": "discard" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.discard" + } + }, + { + "if": { + "properties": { + "output": { + "const": "file" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.file" + } + }, + { + "if": { + "properties": { + "output": { + "const": "net" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.net" + } + }, + { + "properties": { + "output": { + "description": "key to identify writer module.\noutput: string\nModule: caddy.logging.writers", + "markdownDescription": "key to identify `writer` module. \noutput: `string` \nModule: `caddy.logging.writers`", + "type": "string", + "enum": [ + "stderr", + "stdout", + "discard", + "file", + "net" + ] + } + } + } + ] + } + } + } + }, + "sink": { + "description": "sink: object\nhttps://pkg.go.dev/github.com/caddyserver/caddy/v2#StandardLibLog\nSink is the destination for all unstructured logs emitted\nfrom Go's standard library logger. These logs are common\nin dependencies that are not designed specifically for use\nin Caddy. Because it is global and unstructured, the sink\nlacks most advanced features and customizations.\n\n\nStandardLibLog configures the default Go standard library\nglobal logger in the log package. This is necessary because\nmodule dependencies which are not built specifically for\nCaddy will use the standard logger. This is also known as\nthe \"sink\" logger.\n", + "markdownDescription": "sink: `object` \n[godoc](https://pkg.go.dev/github.com/caddyserver/caddy/v2#StandardLibLog) \nSink is the destination for all unstructured logs emitted\nfrom Go's standard library logger. These logs are common\nin dependencies that are not designed specifically for use\nin Caddy. Because it is global and unstructured, the sink\nlacks most advanced features and customizations.\n\n\nStandardLibLog configures the default Go standard library\nglobal logger in the log package. This is necessary because\nmodule dependencies which are not built specifically for\nCaddy will use the standard logger. This is also known as\nthe \"sink\" logger. \n", + "type": "object", + "properties": { + "core": { + "description": "core: object\nModule: caddy.logging.cores", + "markdownDescription": "core: `object` \nModule: `caddy.logging.cores`", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "mock" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.cores.mock" + } + }, + { + "properties": { + "module": { + "description": "key to identify core module.\nmodule: string\nModule: caddy.logging.cores", + "markdownDescription": "key to identify `core` module. \nmodule: `string` \nModule: `caddy.logging.cores`", + "type": "string", + "enum": [ + "mock" + ] + } + } + } + ] + }, + "encoder": { + "description": "encoder: object\nModule: caddy.logging.encoders", + "markdownDescription": "encoder: `object` \nModule: `caddy.logging.encoders`", + "type": "object", + "required": [ + "format" + ], + "allOf": [ + { + "if": { + "properties": { + "format": { + "const": "append" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.append" + } + }, + { + "if": { + "properties": { + "format": { + "const": "console" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.console" + } + }, + { + "if": { + "properties": { + "format": { + "const": "filter" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.filter" + } + }, + { + "if": { + "properties": { + "format": { + "const": "json" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.encoders.json" + } + }, + { + "properties": { + "format": { + "description": "key to identify encoder module.\nformat: string\nModule: caddy.logging.encoders", + "markdownDescription": "key to identify `encoder` module. \nformat: `string` \nModule: `caddy.logging.encoders`", + "type": "string", + "enum": [ + "append", + "console", + "filter", + "json" + ] + } + } + } + ] + }, + "level": { + "description": "level: string", + "markdownDescription": "level: `string`", + "type": "string" + }, + "sampling": { + "description": "sampling: object", + "markdownDescription": "sampling: `object`", + "type": "object", + "properties": { + "first": { + "description": "first: number", + "markdownDescription": "first: `number`", + "type": "number" + }, + "interval": { + "description": "interval: number", + "markdownDescription": "interval: `number`", + "type": "number" + }, + "thereafter": { + "description": "thereafter: number", + "markdownDescription": "thereafter: `number`", + "type": "number" + } + } + }, + "with_caller": { + "description": "with_caller: boolean", + "markdownDescription": "with_caller: `boolean`", + "type": "boolean" + }, + "with_caller_skip": { + "description": "with_caller_skip: number", + "markdownDescription": "with_caller_skip: `number`", + "type": "number" + }, + "with_stacktrace": { + "description": "with_stacktrace: string", + "markdownDescription": "with_stacktrace: `string`", + "type": "string" + }, + "writer": { + "description": "writer: object\nModule: caddy.logging.writers\nThe module that writes out log entries for the sink.\n", + "markdownDescription": "writer: `object` \nModule: `caddy.logging.writers` \nThe module that writes out log entries for the sink. \n", + "type": "object", + "required": [ + "output" + ], + "allOf": [ + { + "if": { + "properties": { + "output": { + "const": "discard" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.discard" + } + }, + { + "if": { + "properties": { + "output": { + "const": "file" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.file" + } + }, + { + "if": { + "properties": { + "output": { + "const": "net" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.net" + } + }, + { + "if": { + "properties": { + "output": { + "const": "stderr" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.stderr" + } + }, + { + "if": { + "properties": { + "output": { + "const": "stdout" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.logging.writers.stdout" + } + }, + { + "properties": { + "output": { + "description": "key to identify writer module.\noutput: string\nModule: caddy.logging.writers", + "markdownDescription": "key to identify `writer` module. \noutput: `string` \nModule: `caddy.logging.writers`", + "type": "string", + "enum": [ + "discard", + "file", + "net", + "stderr", + "stdout" + ] + } + } + } + ] + } + } + } + } + }, + "storage": { + "description": "storage: object\nModule: caddy.storage\nStorageRaw is a storage module that defines how/where Caddy\nstores assets (such as TLS certificates). The default storage\nmodule is `caddy.storage.file_system` (the local file system),\nand the default path\n[depends on the OS and environment](/docs/conventions#data-directory).\n", + "markdownDescription": "storage: `object` \nModule: `caddy.storage` \nStorageRaw is a storage module that defines how/where Caddy\nstores assets (such as TLS certificates). The default storage\nmodule is `caddy.storage.file_system` (the local file system),\nand the default path\n[depends on the OS and environment](/docs/conventions#data-directory). \n", + "type": "object", + "required": [ + "module" + ], + "allOf": [ + { + "if": { + "properties": { + "module": { + "const": "file_system" + } + } + }, + "then": { + "$ref": "#/definitions/caddy.storage.file_system" + } + }, + { + "properties": { + "module": { + "description": "key to identify storage module.\nmodule: string\nModule: caddy.storage", + "markdownDescription": "key to identify `storage` module. \nmodule: `string` \nModule: `caddy.storage`", + "type": "string", + "enum": [ + "file_system" + ] + } + } + } + ] + } + }, + "additionalItems": true +} \ No newline at end of file diff --git a/modules/services/caddy.nix b/modules/services/caddy/default.nix similarity index 61% rename from modules/services/caddy.nix rename to modules/services/caddy/default.nix index 652d589e..bfdc9ea9 100644 --- a/modules/services/caddy.nix +++ b/modules/services/caddy/default.nix @@ -30,9 +30,14 @@ let genVHostsFromWildcard = mapAttrs' ( n: v: nameValuePair "*.${n}" (genOneWildcard n v) ) cfg.wildcardHosts; + schema = import ./json-schema.nix { inherit pkgs lib; schema = builtins.fromJSON (builtins.readFile ./caddy_schema.json); }; in { options.xyno.services.caddy.enable = mkEnableOption "enables caddy with the desec plugin"; + options.xyno.services.caddy.config = mkOption { + default = {}; + type = schema.type; + }; options.xyno.services.caddy.wildcardHosts = mkOption { example = { "hailsatan.eu" = { @@ -77,29 +82,31 @@ in services.caddy = { enable = true; package = pkgs.caddy-desec; - virtualHosts = genVHostsFromWildcard; - email = mkDefault "ssl@xyno.systems"; - acmeCA = mkDefault "https://acme-v02.api.letsencrypt.org/directory"; - globalConfig = '' - metrics { - per_host - } - ''; - extraConfig = '' - (blockBots) { - @botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot" + adapter = "json"; + configFile = json.generate "caddy-config.json" cfg.config; + # virtualHosts = genVHostsFromWildcard; + # email = mkDefault "ssl@xyno.systems"; + # acmeCA = mkDefault "https://acme-v02.api.letsencrypt.org/directory"; + # globalConfig = '' + # metrics { + # per_host + # } + # ''; + # extraConfig = '' + # (blockBots) { + # @botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot" - handle @botForbidden { - redir https://hil-speed.hetzner.com/10GB.bin - } - handle /robots.txt { - respond < 3 then + types.deferredModule + else if spec ? "$ref" then + buildOptionType { + depth = depth + 1; + spec = getRef spec."$ref"; + } + else if spec ? allOf then + allOfType + else if !spec ? type then + json.type + + else if isList spec.type then + types.oneOf (map (x: buildOptionType x) spec.type) + else if spec.type == "string" then + strType + else if spec.type == "boolean" then + types.bool + else if spec.type == "number" then + types.number + else if spec.type == "array" then + arrType + else if spec.type == "object" then + objType + else + (throw "unknown json schema type: ${spec.type}"); + + in + type; + + buildOption = + { + spec, + depth, + required ? false, + ... + }: + let + type = buildOptionType { inherit spec depth; }; + in + mkOption { + type = if required then type else types.nullOr type; + description = if spec ? markdownDescription then spec.markdownDescription else "no description qwq"; + default = + if required then + if spec.type == "object" then + { } + else if spec.type == "array" then + [ ] + else + null + else + null; + + }; + +in +{ + generate = json.generate; + type = buildOptionType { + depth = 0; + spec = schema; + }; +}