配置示例

本页提供常见场景的实用配置示例。

基础反向代理

[[servers]]
name = "api"
listen = [":8080"]

[[servers.routes]]
[servers.routes.match]
path = ["/"]

[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3000"]

多域名虚拟主机

[[servers]]
name = "multi-site"
listen = [":80", ":443"]

# 站点 1
[[servers.routes]]
[servers.routes.match]
host = ["www.site1.com", "site1.com"]

[servers.routes.handle]
type = "file_server"
root = "/var/www/site1"

# 站点 2
[[servers.routes]]
[servers.routes.match]
host = ["www.site2.com", "site2.com"]

[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3001"]

带健康检查的负载均衡

[[servers]]
name = "lb"
listen = [":80"]

[[servers.routes]]
[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["10.0.0.1:8080", "10.0.0.2:8080", "10.0.0.3:8080"]
load_balancing = "round_robin"
lb_try_duration = 5
lb_try_interval = 250

[servers.routes.handle.health_check]
path = "/health"
interval = "10s"
timeout = "5s"
expected_status = 200

带认证的 API 网关

[[servers]]
name = "api-gateway"
listen = [":443"]

[[servers.routes]]
[servers.routes.match]
host = ["api.example.com"]
path = ["/v1"]

[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3000"]

[servers.routes.handle.auth]
realm = "API"

[[servers.routes.handle.auth.api_keys]]
key = "sk-production-key-xxx"
source = "header"
param_name = "X-API-Key"

[servers.routes.handle.cors]
allowed_origins = ["https://app.example.com"]
allowed_methods = ["GET", "POST", "PUT", "DELETE"]
allow_credentials = true

SPA 单页应用

[[servers]]
name = "spa"
listen = [":80"]

[[servers.routes]]
[servers.routes.handle]
type = "file_server"
root = "/var/www/app/dist"
index = ["index.html"]
# SPA 回退由 index = ["index.html"] 处理

完整生产环境配置

# 全局配置
[global]
log_level = "info"
access_log = "/var/log/avalon/access.log"
access_log_format = "json"

[global.compression]
enabled = true
level = 6

[global.cache]
enabled = true
default_ttl = 300

# TLS 使用 Let's Encrypt
[tls]
email = "[email protected]"
acme_enabled = true
storage_path = "/etc/avalon/certs"

# HTTP 重定向到 HTTPS
[[servers]]
name = "http-redirect"
listen = [":80"]
https_redirect = true

# HTTPS 主服务器
[[servers]]
name = "main"
listen = [":443"]

# API 路由
[[servers.routes]]
[servers.routes.match]
host = ["api.example.com"]
path = ["/api"]

[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3000", "127.0.0.1:3001"]
load_balancing = "round_robin"

[servers.routes.handle.health_check]
path = "/health"
interval = "10s"

[servers.routes.handle.rewrite]
strip_path_prefix = "/api"

# 静态网站
[[servers.routes]]
[servers.routes.match]
host = ["www.example.com"]

[servers.routes.handle]
type = "file_server"
root = "/var/www/html"
index = ["index.html"]

# 默认 404
[[servers.routes]]
[servers.routes.handle]
type = "static_response"
status = 404
body = "Not Found"

WebSocket 代理

[[servers]]
name = "ws"
listen = [":8080"]

[[servers.routes]]
[servers.routes.match]
path = ["/ws"]

[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3000"]
# WebSocket 自动支持

速率限制

[[servers.routes]]
[servers.routes.handle]
type = "reverse_proxy"
upstreams = ["127.0.0.1:3000"]

[servers.routes.handle.rate_limit]
requests_per_second = 100
burst = 50