A bare-bones look at configuration settings

Config Hierarchy

Preliminaries

This note provides a summary of the keywords used in host settings and server settings, and the hierarchy used to configure RWSERVE.

host {
hostname <value>
alias <value>
document-root `filepath`
encoding-cache `filepath`
dynamic-cache `filepath`
landing-page `filepath`
tls {
private-key `filepath`
certificate `filepath`
}
}
server {
ip-address <value>
port <value>
cluster-size <value>
diffie-hellman `filepath`
ciphers {
<cipher-suite-name>
}
registration {
customer-number <value>
access-key <value>
}
}
<server | host> {
cache-control {
<path-pattern> *instructions=<value>
}
content-types {
<filename-extension> <mime-type>
}
ip-access {
deny <value>
allow <value>
}
logging {
message-type {
request <boolean>
staging <boolean>
information <boolean>
response <boolean>
policy <boolean>
network <boolean>
debug <boolean>
cluster <boolean>
}
request {
<header-name> *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
default *abbr=none *format=<num...num> *fg=<color> *bg=<color>
}
staging {
remote-address *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
masked-replacement-path *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
resource-path *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
query-string *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
parameter-map *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
cookie-map *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
form-data-map *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
user-agent-common-name *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
user-agent-groups *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
push-candidate *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
dynamic-path *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
}
information {
<header-name> *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
default *abbr=none *format=<num...num> *fg=<color> *bg=<color>
}
response {
<header-name> *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
default *abbr=none *format=<num...num> *fg=<color> *bg=<color>
}
policy {
<policy-variable> *abbr=<value> *format=<num...num> *fg=<color> *bg=<color>
default *abbr=none *format=<num...num> *fg=<color> *bg=<color>
}
}
modules {
accept-language <boolean>
cache-control <boolean>
content-encoding <boolean>
counters <boolean>
cross-origin <boolean>
custom-errors <boolean>
etag <boolean>
information-headers <boolean>
ip-access <boolean>
forbidden <boolean>
policies <boolean>
push-priority <boolean>
rbac <boolean>
resource-masks <boolean>
user-agent <boolean>
}
plugins {
<plugin-name> {
location <path-pattern>
config {
<key> <value>
}
}
router {
<path-pattern> *plugin=rwserve-blue *methods=GET,HEAD
<path-pattern> *plugin=rwserve-counters *methods=GET
<path-pattern> *plugin=rwserve-rbac-auth *methods=POST
<path-pattern> *plugin=rwserve-policy-reports *methods=POST
<path-pattern> *plugin=<plugin-name> *methods=<http-methods>
}
}
policies {
referrer-policy <referrer-policy-value>
content-security-policy {
report-to <report-group>
default-src <csp-policy>
script-src <csp-policy>
style-src <csp-policy>
img-src <csp-policy>
media-src <csp-policy>
object-src <csp-policy>
connect-src <csp-policy>
font-src <csp-policy>
child-src <csp-policy>
frame-src <csp-policy>
worker-src <csp-policy>
frame-ancestors <csp-policy>
form-action <csp-policy>
manifest-src <csp-policy>
base-uri <csp-policy>
upgrade-insecure-requests
block-all-mixed-content
plugin-types <mime-type>
require-sri-for <script-or-source>
sandbox <sandbox-policy-value>
}
content-security-policy-report-only {
// same as content-security-policy
}
feature-policy {
autoplay <feature-policy>
geolocation <feature-policy>
picture-in-Picture <feature-policy>
vertical-scroll <feature-policy>
lazyload <feature-policy>
sync-xhr <feature-policy>
sync-script <feature-policy>
oversized-images <feature-policy>
unsized-media <feature-policy>
animations <feature-policy>
unoptimized-images <feature-policy>
}
network-error-logging {
report-to <report-group>
max-age <num>
}
report-to {
<report-group> {
max-age <num>
endpoint `URL`
}
}
}
request {
accept-language {
<path-pattern> *lang
}
accept-types {
mime-type <value>
}
cross-origin {
<path-pattern> *methods=<http-methods> *origin *credentials *max-age *headers *expose
}
forbidden {
<path-pattern>
}
methods <http-methods>
rbac {
roles `filepath`
cipher-secret <value>
max-idle <value>
resources {
<path-pattern> *methods=<http-methods> *roles
}
}
resource-masks {
*pattern *replacement *scheme *authority
}
user-agent {
<value> *pattern *groups
}
}
response {
charset {
<mime-type> <value>
}
content-encoding {
<mime-type> <value>
}
custom-errors {
<status-code> `filepath`
}
push-priority {
push <path-pattern> *weight
nopush <path-pattern>
}
}
restrictions {
content-length-limit <value>
server-version <boolean>
}
}

A bare-bones look at configuration settings