pub type PingoraProxyConfig = ZLayerProxyConfig;Expand description
Backwards-compatible alias for ZLayerProxyConfig.
Aliased Type§
pub struct PingoraProxyConfig {Show 13 fields
pub http_addr: String,
pub https_addr: String,
pub acme_email: Option<String>,
pub cert_storage_path: String,
pub acme_enabled: bool,
pub acme_staging: bool,
pub acme_directory_url: Option<String>,
pub auto_provision_domains: Vec<String>,
pub tcp: Vec<TcpListenerConfig>,
pub udp: Vec<UdpListenerConfig>,
pub udp_session_timeout: Duration,
pub trusted_proxy_cidrs: Vec<IpNet>,
pub cloudflare_trust: CloudflareTrust,
}Fields§
§http_addr: StringHTTP listener address (default: “0.0.0.0:80”)
https_addr: StringHTTPS listener address (default: “0.0.0.0:443”)
acme_email: Option<String>Optional ACME email for Let’s Encrypt certificate provisioning
cert_storage_path: StringPath to store TLS certificates (default: zlayer_paths::ZLayerDirs::system_default().certs())
acme_enabled: boolEnable automatic ACME certificate provisioning
acme_staging: boolUse Let’s Encrypt staging environment (for testing)
acme_directory_url: Option<String>Custom ACME directory URL (for non-LE CAs like ZeroSSL)
auto_provision_domains: Vec<String>Domains to auto-provision certificates for on startup
tcp: Vec<TcpListenerConfig>TCP stream proxy listeners for L4 proxying
udp: Vec<UdpListenerConfig>UDP stream proxy listeners for L4 proxying
udp_session_timeout: DurationDefault UDP session timeout (default: 60 seconds)
trusted_proxy_cidrs: Vec<IpNet>CIDR ranges whose peer IPs are trusted to set CF-Connecting-IP /
X-Forwarded-For headers identifying the real client. Defaults to
localhost only (127.0.0.0/8, ::1/128) so a public ZLayer node that
accidentally receives direct requests (bypassing any upstream proxy)
cannot be tricked by spoofed headers.
cloudflare_trust: CloudflareTrustCloudflare-specific trust policy. When enabled, CF’s published edge
ranges are treated as trusted in addition to trusted_proxy_cidrs.