Struct ZLayerProxyConfig 

pub struct ZLayerProxyConfig {

    pub http_addr: String,
    pub https_addr: String,
    pub acme_email: Option<String>,
    pub cert_storage_path: String,
    pub acme_enabled: bool,
    pub acme_staging: bool,
    pub acme_directory_url: Option<String>,
    pub auto_provision_domains: Vec<String>,
    pub tcp: Vec<TcpListenerConfig>,
    pub udp: Vec<UdpListenerConfig>,
    pub udp_session_timeout: Duration,
    pub trusted_proxy_cidrs: Vec<IpNet>,
    pub cloudflare_trust: CloudflareTrust,
}

Configuration for the ZLayer proxy server

This configuration struct controls the behavior of the proxy, including listener addresses, ACME/TLS settings, and L4 stream config.

Fields

http_addr: String

HTTP listener address (default: “0.0.0.0:80”)

https_addr: String

HTTPS listener address (default: “0.0.0.0:443”)

acme_email: Option<String>

Optional ACME email for Let’s Encrypt certificate provisioning

cert_storage_path: String

Path to store TLS certificates (default: zlayer_paths::ZLayerDirs::system_default().certs())

acme_enabled: bool

Enable automatic ACME certificate provisioning

acme_staging: bool

Use Let’s Encrypt staging environment (for testing)

acme_directory_url: Option<String>

Custom ACME directory URL (for non-LE CAs like ZeroSSL)

auto_provision_domains: Vec<String>

Domains to auto-provision certificates for on startup

tcp: Vec<TcpListenerConfig>

TCP stream proxy listeners for L4 proxying

udp: Vec<UdpListenerConfig>

UDP stream proxy listeners for L4 proxying

udp_session_timeout: Duration

Default UDP session timeout (default: 60 seconds)

trusted_proxy_cidrs: Vec<IpNet>

CIDR ranges whose peer IPs are trusted to set CF-Connecting-IP / X-Forwarded-For headers identifying the real client. Defaults to localhost only (127.0.0.0/8, ::1/128) so a public ZLayer node that accidentally receives direct requests (bypassing any upstream proxy) cannot be tricked by spoofed headers.

cloudflare_trust: CloudflareTrust

Cloudflare-specific trust policy. When enabled, CF’s published edge ranges are treated as trusted in addition to trusted_proxy_cidrs.

Implementations

impl ZLayerProxyConfig

pub fn acme_directory(&self) -> &str

Get the ACME directory URL based on configuration

Returns the custom directory URL if set, otherwise returns the appropriate Let’s Encrypt URL based on whether staging mode is enabled.

Trait Implementations

impl Clone for ZLayerProxyConfig

fn clone(&self) -> ZLayerProxyConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ZLayerProxyConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for ZLayerProxyConfig

fn default() -> Self

Returns the “default value” for a type.