# Directory for configuration files
CONFIG_DIR=/root/vane/
# Logging level (trace, debug, info, warn, error)
LOG_LEVEL=info
# API access token for authentication (empty = no auth)
ACCESS_TOKEN=
# Console API port
PORT=3333
# Enable IPv6 listening
LISTEN_IPV6=false
# Maximum total connections
MAX_CONNECTIONS=10000
# Maximum connections per IP address
MAX_CONNECTIONS_PER_IP=50
# Primary nameserver address
NAMESERVER1=1.1.1.1
# Primary nameserver port
NAMESERVER1_PORT=53
# Secondary nameserver address
NAMESERVER2=8.8.8.8
# Secondary nameserver port
NAMESERVER2_PORT=53
# TCP protocol detection buffer limit (bytes)
TCP_DETECT_LIMIT=64
# TCP/UDP stream idle timeout (seconds)
STREAM_IDLE_TIMEOUT_SECS=10
# UDP protocol detection buffer limit (bytes)
UDP_DETECT_LIMIT=64
# UDP local socket timeout (milliseconds)
UDP_TIMEOUT_LOCAL=500
# UDP remote socket timeout (milliseconds)
UDP_TIMEOUT_REMOTE=5000
# UDP session timeout (seconds)
UDP_SESSION_TIMEOUT_SECS=30
# UDP session buffer size (bytes, default 4MB)
UDP_SESSION_BUFFER=4194304
# TLS ClientHello buffer size (bytes)
TLS_CLIENTHELLO_BUFFER_SIZE=4096
# TLS handshake peek timeout (milliseconds)
TLS_HANDSHAKE_PEEK_TIMEOUT_MS=500
# Allow TLS parsing failures to continue
TLS_ALLOW_PARSE_FAILURE=false
# QUIC virtual channel capacity (packets)
QUIC_VIRTUAL_CHANNEL_CAPACITY=1024
# QUIC receive buffer size (bytes)
QUIC_RECV_BUFFER_SIZE=65535
# QUIC local socket timeout (milliseconds)
QUIC_TIMEOUT_LOCAL=1000
# QUIC remote socket timeout (milliseconds)
QUIC_TIMEOUT_REMOTE=10000
# QUIC long header buffer size (bytes)
QUIC_LONG_HEADER_BUFFER_SIZE=4096
# QUIC maximum pending packets
QUIC_MAX_PENDING_PACKETS=5
# QUIC global pending bytes limit (bytes, default 64MB)
QUIC_GLOBAL_PENDING_BYTES_LIMIT=67108864
# QUIC session buffer limit (bytes, default 64KB)
QUIC_SESSION_BUFFER_LIMIT=65536
# QUIC sticky session TTL (seconds)
QUIC_STICKY_SESSION_TTL=60
# QUIC session TTL (seconds)
QUIC_SESSION_TTL_SECS=300
# HTTP plain header buffer size (bytes)
HTTP_PLAIN_HEADER_BUFFER_SIZE=4096
# L7 maximum buffer size (bytes, default 10MB)
L7_MAX_BUFFER_SIZE=10485760
# L7 adaptive memory limit enabled
L7_ADAPTIVE_MEMORY_LIMIT=true
# L7 adaptive memory ratio (percentage)
L7_ADAPTIVE_MEMORY_RATIO=85
# L7 global buffer limit fallback (bytes, default 512MB)
L7_GLOBAL_BUFFER_LIMIT=536870912
# Upstream connection pool idle timeout (seconds)
UPSTREAM_POOL_IDLE_TIMEOUT=90
# Upstream connection pool maximum idle connections
UPSTREAM_POOL_MAX_IDLE=32
# Upstream keepalive interval (seconds)
UPSTREAM_KEEPALIVE_INTERVAL=30
# Upstream HTTP/2 stream window size (bytes, default 2MB)
UPSTREAM_H2_STREAM_WINDOW=2097152
# Upstream HTTP/2 connection window size (bytes, default 2MB)
UPSTREAM_H2_CONN_WINDOW=2097152
# Maximum template resolution depth
MAX_TEMPLATE_DEPTH=5
# Maximum template result size (bytes, default 64KB)
MAX_TEMPLATE_RESULT_SIZE=65536
# Maximum template parse depth
MAX_TEMPLATE_PARSE_DEPTH=5
# Maximum template parse nodes
MAX_TEMPLATE_PARSE_NODES=50
# External plugin check interval (minutes)
EXTERNAL_PLUGIN_CHECK_INTERVAL_MINS=15
# Skip external plugin validation (security risk)
SKIP_EXTERNAL_PLUGIN_VALIDATION=false
# Allow external plugins to use linker environment variables
ALLOW_EXTERNAL_LINKER_ENV=false
# Allow external plugins to use runtime environment variables
ALLOW_EXTERNAL_RUNTIME_ENV=false
# Allow external plugins to use shell environment variables
ALLOW_EXTERNAL_SHELL_ENV=false
# Allow external plugins to append to PATH environment variable
ALLOW_EXTERNAL_PATH_ENV_APPEND=false
# Skip TLS verification for HTTPX plugin (security risk)
SKIP_TLS_VERIFY=false
# Flow execution timeout for plugins (seconds)
FLOW_EXECUTION_TIMEOUT_SECS=10
# Maximum memory for rate limiter (bytes, default 4MB)
MAX_LIMITER_MEMORY=4194304
# Maximum rate limit key length (bytes)
RATELIMIT_KEY_MAX_LEN=256
# CGI request body timeout (seconds)
CGI_BODY_TIMEOUT_SEC=30
# CGI request body maximum size (bytes, default 10MB)
CGI_BODY_MAX_SIZE_BYTE=10485760
# Static file MIME type sniff bytes
STATIC_MIME_SNIFF_BYTES=512
# TCP health check connect timeout (milliseconds)
HEALTH_TCP_CONNECT_TIMEOUT_MS=2000
# TCP health check interval (seconds)
HEALTH_TCP_INTERVAL_SECS=5
# UDP health check cleanup interval (seconds)
HEALTH_UDP_CLEANUP_INTERVAL_SECS=5
# UDP health check unhealthy TTL (seconds)
HEALTH_UDP_UNHEALTHY_TTL_SECS=10
# Unix socket directory
SOCKET_DIR=/var/run/vane