Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-07-09 03:04:57 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add NTLM and HTTP version customization

Matt Holt 2019-11-05 16:31:28 -07:00
parent ed7c401019
commit a16757afb5
1 changed files with 13 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
v2:-Documentation.md

@ -1820,28 +1820,7 @@ A highly flexible and configurable multi-host reverse proxy with load balancing,
{
"handler": "reverse_proxy",
"transport": {
"protocol": "http",
"tls": {
"root_ca_pool": ["..."],
"client_certificate_file": "...",
"client_certificate_key_file": "...",
"insecure_skip_verify": false,
"handshake_timeout": "2s"
},
"keep_alive": {
"enabled": true,
"max_idle_conns": 1500,
"max_idle_conns_per_host": 50,
"idle_timeout": "2m"
},
"compression": true,
"max_conns_per_host": 100,
"dial_timeout": "2s",
"response_header_timeout": "10s",
"expect_continue_timeout": "5s",
"max_response_header_size": 1024,
"write_buffer_size": 4096,
"read_buffer_size": 4096
"protocol": "http"
},
"circuit_breaker": {},
"load_balancing": {
@ -1963,6 +1942,7 @@ Transport modules:
"expect_continue_timeout": "5s",
"read_buffer_size": 4096,
"write_buffer_size": 4096,
"versions": ["1.1", "2"]
}
```
@ -1988,6 +1968,17 @@ Transport modules:
- `expect_continue_timeout`: Maximum time to allow for HTTP 100 Continue responses.
- `read_buffer_size`: Size of the read buffer in bytes.
- `write_buffer_size`: Size of the write buffer in bytes.
- `versions`: Which HTTP versions to enable. Can be "1.1" or "2" (or both, which is default).
**NTLM**: This transport module is the same as `http` except it supports NTLM. It has the same structure and options as the `http` module, but it forces HTTP/1.1 and TCP Keep-Alive. When a request with an Authorization header of either "NTLM" or "Negotiate" values is received, this transport module pins the downstream connection to a new upstream connection, which preserves the context and state of the NTLM authentication. It is basically the same thing as [nginx's paid `ntlm` directive](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm) (but is free in Caddy!).
```json
{
"protocol": "http_ntlm"
}
```
**FastCGI**: The FastCGI transport module is often used to proxy requests to PHP backends like php-fpm.