配置参考
Avalon 使用 TOML 格式的配置文件。本文档详细说明所有可用的配置选项。
配置结构
[global] # 全局设置
[tls] # TLS/HTTPS 设置
[[servers]] # 服务器配置 (数组)
[global] 全局设置
| 选项 | 类型 | 默认值 | 说明 |
|---|
log_level | string | "info" | 日志级别: trace, debug, info, warn, error |
admin_listen | string | "localhost:2019" | Admin API 监听地址 |
access_log | string | - | 访问日志文件路径 |
access_log_format | string | "common" | 日志格式: common, json, combined |
[global.compression] 压缩设置
| 选项 | 类型 | 默认值 | 说明 |
|---|
enabled | bool | true | 启用响应压缩 |
gzip | bool | true | 启用 gzip |
brotli | bool | true | 启用 brotli |
min_size | int | 1024 | 最小压缩大小 (字节) |
level | int | 6 | 压缩级别 (gzip: 1-9, brotli: 0-11) |
[global.cache] 缓存设置
| 选项 | 类型 | 默认值 | 说明 |
|---|
enabled | bool | false | 启用响应缓存 |
default_ttl | int | 300 | 默认缓存时间 (秒) |
max_entry_size | int | 10485760 | 单条缓存最大大小 (10MB) |
max_cache_size | int | 104857600 | 缓存总大小上限 (100MB) |
[tls] TLS 设置
| 选项 | 类型 | 默认值 | 说明 |
|---|
email | string | - | ACME 账户邮箱 (必填,如果启用 ACME) |
acme_enabled | bool | true | 启用 ACME 自动证书 |
acme_ca | string | Let's Encrypt | ACME CA URL 或提供商名称 |
storage_path | string | "./certs" | 证书存储目录 |
cert_path | string | - | 手动指定证书文件路径 |
key_path | string | - | 手动指定私钥文件路径 |
ACME CA 可选值:
letsencrypt - Let's Encrypt (默认)le-staging - Let's Encrypt 测试环境zerossl - ZeroSSLbuypass - Buypassgoogle - Google Trust Services
[[servers]] 服务器配置
| 选项 | 类型 | 默认值 | 说明 |
|---|
name | string | "default" | 服务器名称 (用于日志) |
listen | array | - | 监听地址列表 (必填) |
https_redirect | bool | false | 自动重定向 HTTP 到 HTTPS |
Handler 类型
reverse_proxy - 反向代理
[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3000", "127.0.0.1:3001"]
load_balancing = "round_robin"
timeout = 30
负载均衡策略:
round_robin - 轮询random - 随机least_conn - 最少连接ip_hash - IP 哈希first - 始终使用第一个
file_server - 静态文件服务
[servers.routes.handle]
type = "file_server"
root = "/var/www/html"
browse = false
index = ["index.html", "index.htm"]
compress = true
static_response - 静态响应
[servers.routes.handle]
type = "static_response"
status = 200
body = "Hello, World!"
[servers.routes.handle.headers]
Content-Type = "text/plain"
redirect - 重定向
[servers.routes.handle]
type = "redirect"
to = "https://example.com{uri}"
code = 301
认证
Basic 认证
[servers.routes.handle.auth]
realm = "Protected Area"
[[servers.routes.handle.auth.basic]]
username = "admin"
password = "password123"
API Key 认证
[[servers.routes.handle.auth.api_keys]]
key = "sk-xxxx"
name = "production"
source = "header"
param_name = "X-API-Key"
JWT 认证
[servers.routes.handle.auth.jwt]
secret = "your-secret-key"
algorithm = "HS256"
header = "Authorization"
CORS 跨域
[servers.routes.handle.cors]
allowed_origins = ["https://example.com"]
allowed_methods = ["GET", "POST", "PUT", "DELETE"]
allowed_headers = ["Content-Type", "Authorization"]
allow_credentials = true
max_age = 3600