Skip to content

Commit

Permalink
docs: wafConfig & rewriteConfig
Browse files Browse the repository at this point in the history 
Signed-off-by: wss-git <wssgryx@163.com>
  • Loading branch information
@wss-git @heimanba
wss-git authored and heimanba committed Mar 3, 2023
1 parent 0c917ae commit faced15
Show file tree
Hide file tree
Showing 4 changed files with 97 additions and 2 deletions.
37 changes: 36 additions & 1 deletion docs/en/yaml/customDomains.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,31 @@ category: 'Yaml-Spec'
| [certConfig](#certconfig) | False | [Struct](#certconfig) | Domain Certificate |
| certId | False | Number | cert ID |
| [tlsConfig](#tlsConfig) | False | [Struct](#tlsConfig) | TLS |
| [wafConfig](#wafConfig) | False | [Struct](#wafConfig) | The Web Application Firewall (WAF) configuration |

References:

```yaml
customDomains:
- domainName: auto
protocol: HTTP
wafConfig:
enableWAF: true
routeConfigs:
- path: /*
serviceName: unit-deploy-service
functionName: event-function
qualifier: LATEST
rewriteConfig:
equalRules:
- match: /equalRules
replacement: /xxxx
regexRules:
- match: ^/old/[a-z]+/
replacement: /xxxx
wildcardRules:
- match: /api/*
replacement: /$1
```
> ⚠️ Note: If the domain name is configured as `auto`, the system will assign a test domain name by default. This domain name is only for testing use, and its stability is not guaranteed. The Serverless Devs FC component has the right to recycle the domain name in the future. In the case of online business and production demand business, it is strongly recommended to bind your own custom domain name.
Expand All @@ -46,6 +60,22 @@ customDomains:
| serviceName | False | String | The name of the service. |
| functionName | False | String | The name of the function. |
| qualifier | False | String | The version of the service. |
| rewriteConfig | False | [Struct](#rewriteConfig) | The URI rewrite configurations |

#### rewriteConfig

| Parameter | Required | Type | Description |
| ------------ | -------- | ------ | --------------------------- |
| equalRules | False | [List\<Struct>](#rewriteConfigRules) | The exact match rules |
| wildcardRules | False | [List\<Struct>](#rewriteConfigRules) | The wildcard match rule |
| regexRules | False | [List\<Struct>](#rewriteConfigRules) | The regex match rule |

#### rewriteConfigRules

| Parameter | Required | Type | Description |
| ------------ | -------- | ------ | --------------------------- |
| match | True | String | The matching rule |
| replacement | True | String | The replacement rule |

#### Obtain the certificate content by configuring certId

Expand Down Expand Up @@ -130,10 +160,15 @@ customDomains:

| Parameter | Required | Type | Description |
| ------------ | -------- | -------------- | --------------------------------------------------- |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| minVersion | True | String | TLS Version, value: `TLSv1.0`、`TLSv1.1`、`TLSv1.2` |
| cipherSuites | True | List\<String\> | Cipher Suite |

### wafConfig

| Parameter | Required | Type | Description |
| ------------ | -------- | -------------- | --------------------------------------------------- |
| enableWAF | False | Boolean | Specifies whether to enable Web Application Firewall (WAF) |

### Permissions

#### Permissions required for a RAM user
Expand Down
14 changes: 13 additions & 1 deletion docs/en/yaml/readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,9 +203,21 @@ services:
protocol: HTTP # Protocol, value: HTTP, HTTPS, HTTP, HTTPS
routeConfigs: # route configuration
- path: /a # path
serviceName: fc-depice # service name
serviceName: fc-depicted # service name
functionName: function # function name
qualifier: 1 # version of the service
rewriteConfig: # The URI rewrite configurations
equalRules: # The exact match rules
- match: /old # The matching rule
replacement: /new # The replacement rule
wildcardRules: # The wildcard match rule
- match: /old # The matching rule
replacement: /new # The replacement rule
regexRules: # The regex match rule
- match: /old # The matching rule
replacement: /new # The replacement rule
wafConfig: # The Web Application Firewall (WAF) configuration
enableWAF: true # Specifies whether to enable Web Application Firewall (WAF)
certConfig: # Domain name certificate
certName: xxx # certificate name
certificate: xxx # Indicates the private key, the content only supports PEM format
Expand Down
36 changes: 36 additions & 0 deletions docs/zh/yaml/customDomains.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,31 @@ category: 'Yaml规范'
| [certConfig](#certconfig) | False | [Struct](#certconfig) | 域名证书 |
| certId | False | Number | 域名证书 ID |
| [tlsConfig](#tlsConfig) | False | [Struct](#tlsConfig) | TLS 协议, 注:目前仅支持配置和修改,不支持删除此配置 |
| [wafConfig](#wafConfig) | False | [Struct](#wafConfig) | Web应用防火墙配置信息 |

参考案例:

```yaml
customDomains:
- domainName: auto
protocol: HTTP
wafConfig:
enableWAF: true
routeConfigs:
- path: /*
serviceName: unit-deploy-service
functionName: event-function
qualifier: LATEST
rewriteConfig:
equalRules:
- match: /equalRules
replacement: /xxxx
regexRules:
- match: ^/old/[a-z]+/
replacement: /xxxx
wildcardRules:
- match: /api/*
replacement: /$1
```
> ⚠️ 注意:如果域名配置为`auto`,系统会默认分配测试域名,该域名仅供测试使用,不对其稳定性等做保证,Serverless Devs FC 组件在日后有权对该域名进行回收等处理,如是线上业务,生产需求业务,强烈建议绑定自己的自定义域名。
Expand Down Expand Up @@ -119,6 +133,12 @@ customDomains:
| minVersion | True | String | TLS 协议版本,取值:`TLSv1.0`、`TLSv1.1`、`TLSv1.2` |
| cipherSuites | True | List\<String\> | 加密套件 |

### wafConfig

| 参数名 | 必填 | 类型 | 参数描述 |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| enableWAF | False | Boolean | 是否开启Web应用防火墙 |

### routeConfigs

| 参数名 | 必填 | 类型 | 参数描述 |
Expand All @@ -127,6 +147,22 @@ customDomains:
| serviceName | False | String | 服务名 |
| functionName | False | String | 函数名 |
| qualifier | False | String | 服务的版本 |
| rewriteConfig | False | [Struct](#rewriteConfig) | URI重写配置 |

#### rewriteConfig

| 参数名 | 必填 | 类型 | 参数描述 |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| equalRules | False | [List\<Struct>](#rewriteConfigRules) | 完全匹配规则 |
| wildcardRules | False | [List\<Struct>](#rewriteConfigRules) | 通配符匹配规则 |
| regexRules | False | [List\<Struct>](#rewriteConfigRules) | 正则匹配规则 |

##### rewriteConfigRules

| 参数名 | 必填 | 类型 | 参数描述 |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| match | True | String | 匹配规则 |
| replacement | True | String | 替换规则 |

### 权限配置相关

Expand Down
12 changes: 12 additions & 0 deletions docs/zh/yaml/readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,18 @@ services:
serviceName: fc-depice # 服务名
functionName: function # 函数名
qualifier: 1 # 服务的版本
rewriteConfig: # URI重写配置
equalRules: # 完全匹配规则
- match: /old # 匹配规则
replacement: /new # 替换规则
wildcardRules: # 通配符匹配规则
- match: /old # 匹配规则
replacement: /new # 替换规则
regexRules: # 正则匹配规则
- match: /old # 匹配规则
replacement: /new # 替换规则
wafConfig: # Web应用防火墙配置信息
enableWAF: true # 是否开启Web应用防火墙
certConfig: # 域名证书
certName: xxx # 证书名称
certificate: xxx # 表示私钥,内容仅支持 PEM 格式
Expand Down

0 comments on commit faced15

Please sign in to comment.