Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: wafConfig & rewriteConfig #940

Merged
merged 1 commit into from
Mar 3, 2023
Merged

docs: wafConfig & rewriteConfig #940

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 36 additions & 1 deletion docs/en/yaml/customDomains.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,31 @@ category: 'Yaml-Spec'
| [certConfig](#certconfig) | False | [Struct](#certconfig) | Domain Certificate |
| certId | False | Number | cert ID |
| [tlsConfig](#tlsConfig) | False | [Struct](#tlsConfig) | TLS |
| [wafConfig](#wafConfig) | False | [Struct](#wafConfig) | The Web Application Firewall (WAF) configuration |

References:

```yaml
customDomains:
- domainName: auto
protocol: HTTP
wafConfig:
enableWAF: true
routeConfigs:
- path: /*
serviceName: unit-deploy-service
functionName: event-function
qualifier: LATEST
rewriteConfig:
equalRules:
- match: /equalRules
replacement: /xxxx
regexRules:
- match: ^/old/[a-z]+/
replacement: /xxxx
wildcardRules:
- match: /api/*
replacement: /$1
```

> ⚠️ Note: If the domain name is configured as `auto`, the system will assign a test domain name by default. This domain name is only for testing use, and its stability is not guaranteed. The Serverless Devs FC component has the right to recycle the domain name in the future. In the case of online business and production demand business, it is strongly recommended to bind your own custom domain name.
Expand All @@ -46,6 +60,22 @@ customDomains:
| serviceName | False | String | The name of the service. |
| functionName | False | String | The name of the function. |
| qualifier | False | String | The version of the service. |
| rewriteConfig | False | [Struct](#rewriteConfig) | The URI rewrite configurations |

#### rewriteConfig

| Parameter | Required | Type | Description |
| ------------ | -------- | ------ | --------------------------- |
| equalRules | False | [List\<Struct>](#rewriteConfigRules) | The exact match rules |
| wildcardRules | False | [List\<Struct>](#rewriteConfigRules) | The wildcard match rule |
| regexRules | False | [List\<Struct>](#rewriteConfigRules) | The regex match rule |

#### rewriteConfigRules

| Parameter | Required | Type | Description |
| ------------ | -------- | ------ | --------------------------- |
| match | True | String | The matching rule |
| replacement | True | String | The replacement rule |

#### Obtain the certificate content by configuring certId

Expand Down Expand Up @@ -130,10 +160,15 @@ customDomains:

| Parameter | Required | Type | Description |
| ------------ | -------- | -------------- | --------------------------------------------------- |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| minVersion | True | String | TLS Version, value: `TLSv1.0`、`TLSv1.1`、`TLSv1.2` |
| cipherSuites | True | List\<String\> | Cipher Suite |

### wafConfig

| Parameter | Required | Type | Description |
| ------------ | -------- | -------------- | --------------------------------------------------- |
| enableWAF | False | Boolean | Specifies whether to enable Web Application Firewall (WAF) |

### Permissions

#### Permissions required for a RAM user
Expand Down
14 changes: 13 additions & 1 deletion docs/en/yaml/readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,9 +203,21 @@ services:
protocol: HTTP # Protocol, value: HTTP, HTTPS, HTTP, HTTPS
routeConfigs: # route configuration
- path: /a # path
serviceName: fc-depice # service name
serviceName: fc-depicted # service name
functionName: function # function name
qualifier: 1 # version of the service
rewriteConfig: # The URI rewrite configurations
equalRules: # The exact match rules
- match: /old # The matching rule
replacement: /new # The replacement rule
wildcardRules: # The wildcard match rule
- match: /old # The matching rule
replacement: /new # The replacement rule
regexRules: # The regex match rule
- match: /old # The matching rule
replacement: /new # The replacement rule
wafConfig: # The Web Application Firewall (WAF) configuration
enableWAF: true # Specifies whether to enable Web Application Firewall (WAF)
certConfig: # Domain name certificate
certName: xxx # certificate name
certificate: xxx # Indicates the private key, the content only supports PEM format
Expand Down
36 changes: 36 additions & 0 deletions docs/zh/yaml/customDomains.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,31 @@ category: 'Yaml规范'
| [certConfig](#certconfig) | False | [Struct](#certconfig) | 域名证书 |
| certId | False | Number | 域名证书 ID |
| [tlsConfig](#tlsConfig) | False | [Struct](#tlsConfig) | TLS 协议, 注:目前仅支持配置和修改,不支持删除此配置 |
| [wafConfig](#wafConfig) | False | [Struct](#wafConfig) | Web应用防火墙配置信息 |

参考案例:

```yaml
customDomains:
- domainName: auto
protocol: HTTP
wafConfig:
enableWAF: true
routeConfigs:
- path: /*
serviceName: unit-deploy-service
functionName: event-function
qualifier: LATEST
rewriteConfig:
equalRules:
- match: /equalRules
replacement: /xxxx
regexRules:
- match: ^/old/[a-z]+/
replacement: /xxxx
wildcardRules:
- match: /api/*
replacement: /$1
```

> ⚠️ 注意:如果域名配置为`auto`,系统会默认分配测试域名,该域名仅供测试使用,不对其稳定性等做保证,Serverless Devs FC 组件在日后有权对该域名进行回收等处理,如是线上业务,生产需求业务,强烈建议绑定自己的自定义域名。
Expand Down Expand Up @@ -119,6 +133,12 @@ customDomains:
| minVersion | True | String | TLS 协议版本,取值:`TLSv1.0`、`TLSv1.1`、`TLSv1.2` |
| cipherSuites | True | List\<String\> | 加密套件 |

### wafConfig

| 参数名 | 必填 | 类型 | 参数描述 |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| enableWAF | False | Boolean | 是否开启Web应用防火墙 |

### routeConfigs

| 参数名 | 必填 | 类型 | 参数描述 |
Expand All @@ -127,6 +147,22 @@ customDomains:
| serviceName | False | String | 服务名 |
| functionName | False | String | 函数名 |
| qualifier | False | String | 服务的版本 |
| rewriteConfig | False | [Struct](#rewriteConfig) | URI重写配置 |

#### rewriteConfig

| 参数名 | 必填 | 类型 | 参数描述 |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| equalRules | False | [List\<Struct>](#rewriteConfigRules) | 完全匹配规则 |
| wildcardRules | False | [List\<Struct>](#rewriteConfigRules) | 通配符匹配规则 |
| regexRules | False | [List\<Struct>](#rewriteConfigRules) | 正则匹配规则 |

##### rewriteConfigRules

| 参数名 | 必填 | 类型 | 参数描述 |
| ------------ | ---- | -------------- | --------------------------------------------------- |
| match | True | String | 匹配规则 |
| replacement | True | String | 替换规则 |

### 权限配置相关

Expand Down
12 changes: 12 additions & 0 deletions docs/zh/yaml/readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,18 @@ services:
serviceName: fc-depice # 服务名
functionName: function # 函数名
qualifier: 1 # 服务的版本
rewriteConfig: # URI重写配置
equalRules: # 完全匹配规则
- match: /old # 匹配规则
replacement: /new # 替换规则
wildcardRules: # 通配符匹配规则
- match: /old # 匹配规则
replacement: /new # 替换规则
regexRules: # 正则匹配规则
- match: /old # 匹配规则
replacement: /new # 替换规则
wafConfig: # Web应用防火墙配置信息
enableWAF: true # 是否开启Web应用防火墙
certConfig: # 域名证书
certName: xxx # 证书名称
certificate: xxx # 表示私钥,内容仅支持 PEM 格式
Expand Down