Skip to content

Fix for directives info length and updated nginx_directives JSON assets #137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
simsine wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix for directives info length and updated nginx_directives JSON assets #137

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion assets/details/ngx_core_module.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,9 @@
[4,"multi_accept","If `multi_accept` is disabled, a worker process will accept one new connection at a time. Otherwise, a worker process will accept all new connections at a time.","<p>If <code>multi_accept</code> is disabled, a worker process will accept one new connection at a time. Otherwise, a worker process will accept all new connections at a time.</p><blockquote class=\"note\">The directive is ignored if <a href=\"https://nginx.org/en/docs/events.html#kqueue\">kqueue</a> connection processing method is used, because it reports the number of new connections waiting to be accepted.</blockquote>",["The directive is ignored if [kqueue](https://nginx.org/en/docs/events.html#kqueue) connection processing method is used, because it reports the number of new connections waiting to be accepted."],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>multi_accept</strong> <code>on</code> | <code>off</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>multi_accept off;</pre></td></tr><tr><th>Context:</th><td><code>events</code><br></td></tr></tbody></table>"],
[4,"pcre_jit","Enables or disables the use of “just-in-time compilation” (PCRE JIT) for the regular expressions known by the time of configuration parsing.","<p>Enables or disables the use of “just-in-time compilation” (PCRE JIT) for the regular expressions known by the time of configuration parsing.</p><p>PCRE JIT can speed up processing of regular expressions significantly.</p><blockquote class=\"note\">The JIT is available in PCRE libraries starting from version 8.20 built with the <code>--enable-jit</code> configuration parameter. When the PCRE library is built with nginx (<code>--with-pcre=</code>), the JIT support is enabled via the <code>--with-pcre-jit</code> configuration parameter.</blockquote>",["The JIT is available in PCRE libraries starting from version 8.20 built with the `--enable-jit` configuration parameter. When the PCRE library is built with nginx (`--with-pcre=`), the JIT support is enabled via the `--with-pcre-jit` configuration parameter."],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>pcre_jit</strong> <code>on</code> | <code>off</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>pcre_jit off;</pre></td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table><p>This directive appeared in version 1.1.12.</p>"],
[4,"pid","Defines a `file` that will store the process ID of the main process.","<p>Defines a <code>file</code> that will store the process ID of the main process.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>pid</strong> <code>file</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>pid logs/nginx.pid;</pre></td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table>"],
[4,"ssl_engine","Defines the name of the hardware SSL accelerator.","<p>Defines the name of the hardware SSL accelerator.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>ssl_engine</strong> <code>device</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table>"],
[4,"ssl_engine","Defines the name of the hardware SSL accelerator.","<p>Defines the name of the hardware SSL accelerator.</p><blockquote class=\"note\">The module may be dynamically loaded by OpenSSL during configuration testing.</blockquote>",["The module may be dynamically loaded by OpenSSL during configuration testing."],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>ssl_engine</strong> <code>device</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table>"],
[4,"ssl_object_cache_inheritable","If enabled, SSL objects (SSL certificates, secret keys, trusted CA certificates, CRL lists) will be inherited across configuration reloads.","<p>If enabled, SSL objects (SSL certificates, secret keys, trusted CA certificates, CRL lists) will be inherited across configuration reloads.</p><p>SSL objects loaded from a file are inherited if the modification time and file index has not been changed since the previous configuration load. Secret keys specified as <code>engine:name:id</code> are never inherited. Secret keys specified as <code>data:value</code> are always inherited.</p><blockquote class=\"note\">SSL objects loaded from variables cannot be inherited.</blockquote><p>Example:</p><blockquote class=\"example\"><pre>ssl_object_cache_inheritable on;\n\nhttp {\n ...\n server {\n ...\n ssl_certificate example.com.crt;\n ssl_certificate_key example.com.key;\n }\n}\n</pre></blockquote>",["SSL objects loaded from variables cannot be inherited."],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>ssl_object_cache_inheritable</strong> <code>on</code> | <code>off</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>ssl_object_cache_inheritable on;</pre></td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table><p>This directive appeared in version 1.27.4.</p>"],
[4,"stall_threshold","Allows overriding the default time threshold for the event loop iteration before a stall is reported. By default, a stall is reported when an event loop iteration exceeds `1000ms`. If the [timer\\_resolution](https://nginx.org/en/docs/ngx_core_module.html#timer_resolution) directive is enabled, the time threshold will be ignored.","<p>Allows overriding the default time threshold for the event loop iteration before a stall is reported. By default, a stall is reported when an event loop iteration exceeds <code>1000ms</code>. If the <a href=\"https://nginx.org/en/docs/ngx_core_module.html#timer_resolution\">timer_resolution</a> directive is enabled, the time threshold will be ignored.</p><blockquote class=\"note\">This directive is available as part of our <a href=\"https://www.f5.com/products/nginx\">commercial subscription</a>.</blockquote>",["This directive is available as part of our [commercial subscription](https://www.f5.com/products/nginx)."],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>stall_threshold</strong> <code>time</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>stall_threshold 1000ms;</pre></td></tr><tr><th>Context:</th><td><code>events</code><br></td></tr></tbody></table><p>This directive appeared in version 1.29.0.</p>"],
[4,"thread_pool","Defines the `name` and parameters of a thread pool used for multi-threaded reading and sending of files [without blocking](https://nginx.org/en/docs/http/ngx_http_core_module.html#aio) worker processes.","<p>Defines the <code>name</code> and parameters of a thread pool used for multi-threaded reading and sending of files <a href=\"https://nginx.org/en/docs/http/ngx_http_core_module.html#aio\">without blocking</a> worker processes.</p><p>The <code>threads</code> parameter defines the number of threads in the pool.</p><p>In the event that all threads in the pool are busy, a new task will wait in the queue. The <code>max_queue</code> parameter limits the number of tasks allowed to be waiting in the queue. By default, up to 65536 tasks can wait in the queue. When the queue overflows, the task is completed with an error.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>thread_pool</strong> <code>name</code> <code>threads</code>=<code>number</code> [<code>max_queue</code>=<code>number</code>];</code><br></td></tr><tr><th>Default:</th><td><pre>thread_pool default threads=32 max_queue=65536;</pre></td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table><p>This directive appeared in version 1.7.11.</p>"],
[4,"timer_resolution","Reduces timer resolution in worker processes, thus reducing the number of `gettimeofday()` system calls made. By default, `gettimeofday()` is called each time a kernel event is received. With reduced resolution, `gettimeofday()` is only called once per specified `interval`.","<p>Reduces timer resolution in worker processes, thus reducing the number of <code>gettimeofday()</code> system calls made. By default, <code>gettimeofday()</code> is called each time a kernel event is received. With reduced resolution, <code>gettimeofday()</code> is only called once per specified <code>interval</code>.</p><p>Example:</p><blockquote class=\"example\"><pre>timer_resolution 100ms;\n</pre></blockquote><p>Internal implementation of the interval depends on the method used:</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>timer_resolution</strong> <code>interval</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>main</code><br></td></tr></tbody></table>"],
[4,"use","Specifies the [connection processing](https://nginx.org/en/docs/events.html) `method` to use. There is normally no need to specify it explicitly, because nginx will by default use the most efficient method.","<p>Specifies the <a href=\"https://nginx.org/en/docs/events.html\">connection processing</a> <code>method</code> to use. There is normally no need to specify it explicitly, because nginx will by default use the most efficient method.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>use</strong> <code>method</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>events</code><br></td></tr></tbody></table>"],
Expand Down
17 changes: 17 additions & 0 deletions assets/details/ngx_http_acme_module.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
[
[4,"acme_issuer","Defines an ACME certificate issuer object.","<p>Defines an ACME certificate issuer object.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>acme_issuer</strong> <code>name</code> { ... }</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>http</code><br></td></tr></tbody></table>"],
[4,"uri","The [directory URL](https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.1) of the ACME server. This directive is mandatory.","<p>The <a href=\"https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.1\">directory URL</a> of the ACME server. This directive is mandatory.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>uri</strong> <code>uri</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"account_key","The account's private key used for request authentication.","<p>The account's private key used for request authentication.</p><p>Accepted values:</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>account_key</strong> <code>alg</code>[:<code>size</code>] | <code>file</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"challenge","Specifies the ACME challenge type to be used for the issuer.","<p>Specifies the ACME challenge type to be used for the issuer.</p><p>Accepted values:</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>challenge</strong> <code>type</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>challenge http-01;</pre></td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table><p>This directive appeared in version 0.2.0.</p>"],
[4,"contact","Sets an array of URLs that the ACME server can use to contact the client regarding account issues. The `mailto:` scheme will be used unless specified explicitly.","<p>Sets an array of URLs that the ACME server can use to contact the client regarding account issues. The <code>mailto:</code> scheme will be used unless specified explicitly.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>contact</strong> <code>URL</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"external_account_key","Specifies a key identifier `kid` and a `file` with the MAC key for [external account authorization](https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.4).","<p>Specifies a key identifier <code>kid</code> and a <code>file</code> with the MAC key for <a href=\"https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.4\">external account authorization</a>.</p><p>The value <code>data</code>:<code>key</code> can be specified instead of the <code>file</code>, which loads a key directly from the configuration without using intermediate files.</p><p>In both cases, the key is expected to be encoded in <a href=\"https://datatracker.ietf.org/doc/html/rfc4648#section-5\">base64url</a>.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>external_account_key</strong> <code>kid</code> <code>file</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table><p>This directive appeared in version 0.2.0.</p>"],
[4,"preferred_chain","Specifies the preferred certificate chain.","<p>Specifies the preferred certificate chain.</p><p>If the ACME server offers multiple certificate chains, prefer the chain with the topmost certificate issued from the Subject Common Name <code>name</code>. If there are no matches, the default chain will be used.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>preferred_chain</strong> <code>name</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table><p>This directive appeared in version 0.3.0.</p>"],
[4,"profile","Requests the [certificate profile](https://datatracker.ietf.org/doc/html/draft-ietf-acme-profiles) `name` from the ACME server.","<p>Requests the <a href=\"https://datatracker.ietf.org/doc/html/draft-ietf-acme-profiles\">certificate profile</a> <code>name</code> from the ACME server.</p><p>The <code>require</code> parameter will cause certificate renewals to fail if the server does not support the specified profile.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>profile</strong> <code>name</code> [<code>require</code>];</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table><p>This directive appeared in version 0.3.0.</p>"],
[4,"ssl_trusted_certificate","Specifies a `file` with trusted CA certificates in the PEM format used to [verify](https://nginx.org/en/docs/http/ngx_http_acme_module.html#ssl_verify) the certificate of the ACME server.","<p>Specifies a <code>file</code> with trusted CA certificates in the PEM format used to <a href=\"https://nginx.org/en/docs/http/ngx_http_acme_module.html#ssl_verify\">verify</a> the certificate of the ACME server.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>ssl_trusted_certificate</strong> <code>file</code>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"ssl_verify","Enables or disables verification of the ACME server certificate.","<p>Enables or disables verification of the ACME server certificate.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>ssl_verify</strong> <code>on</code> | <code>off</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>ssl_verify on;</pre></td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"state_path","Defines a directory for storing the module data that can be persisted across restarts. This can improve the load time by skipping some requests on startup, and avoid hitting request rate limits on the ACME server.","<p>Defines a directory for storing the module data that can be persisted across restarts. This can improve the load time by skipping some requests on startup, and avoid hitting request rate limits on the ACME server.</p><p>The directory contains sensitive content, such as the account key, issued certificates, and private keys.</p><p>The <code>off</code> parameter (0.2.0) disables storing the account information and issued certificates on disk.</p><blockquote class=\"note\">Prior to version 0.2.0, the state directory was not created by default.</blockquote>",["Prior to version 0.2.0, the state directory was not created by default."],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>state_path</strong> <code>path</code> | <code>off</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>state_path acme_&lt;issuer&gt;;</pre></td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"accept_terms_of_service","Agrees to the terms of service under which the ACME server will be used. Some servers require accepting the terms of service before account registration. The terms are usually available on the ACME server's website, and the URL will be printed to the error log if necessary.","<p>Agrees to the terms of service under which the ACME server will be used. Some servers require accepting the terms of service before account registration. The terms are usually available on the ACME server's website, and the URL will be printed to the error log if necessary.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>accept_terms_of_service</strong>;</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>acme_issuer</code><br></td></tr></tbody></table>"],
[4,"acme_shared_zone","Allows increasing the size of in-memory storage of the module. The shared memory zone will be used to store the issued certificates, keys and challenge data for all the configured certificate issuers.","<p>Allows increasing the size of in-memory storage of the module. The shared memory zone will be used to store the issued certificates, keys and challenge data for all the configured certificate issuers.</p><p>The default zone size is sufficient to hold approximately 50 ECDSA prime256v1 keys or 35 RSA 2048 keys.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>acme_shared_zone</strong> <code>zone</code>=<code>name</code>:<code>size</code>;</code><br></td></tr><tr><th>Default:</th><td><pre>acme_shared_zone zone=ngx_acme_shared:256k;</pre></td></tr><tr><th>Context:</th><td><code>http</code><br></td></tr></tbody></table>"],
[4,"acme_certificate","Defines a certificate with the list of `identifiers` requested from issuer `issuer`.","<p>Defines a certificate with the list of <code>identifiers</code> requested from issuer <code>issuer</code>.</p><p>The explicit list of identifiers can be omitted. In this case, the identifiers will be taken from the <a href=\"https://nginx.org/en/docs/http/ngx_http_core_module.html#server_name\">server_name</a> directive in the same <a href=\"https://nginx.org/en/docs/http/ngx_http_core_module.html#server\">server</a> block. Not all values accepted in the <code>server_name</code> are valid certificate identifiers: regular expressions and wildcards are not supported.</p><p>The key parameter sets the type of a generated private key. Supported key algorithms and sizes: <code>ecdsa:256</code> (default), <code>ecdsa:384</code>, <code>ecdsa:521</code>, <code>rsa:2048</code>, <code>rsa:3072</code>, <code>rsa:4096</code>.</p>",[],"<table ><tbody><tr><th>Syntax:</th><td><code><strong>acme_certificate</strong> <code>issuer</code> [<code>identifier</code> ...] [<code>key</code>=<code>alg</code>[:<code>size</code>]];</code><br></td></tr><tr><th>Default:</th><td>—</td></tr><tr><th>Context:</th><td><code>server</code><br></td></tr></tbody></table>"],
[5,"<p>The <code>ngx_http_acme_module</code> module supports embedded variables, valid in the <a href=\"https://nginx.org/en/docs/http/ngx_http_core_module.html#server\">server</a> block with the <a href=\"https://nginx.org/en/docs/http/ngx_http_acme_module.html#acme_certificate\">acme_certificate</a> directive:</p><p></p><dl class=\"compact\"><dt id=\"var_acme_certificate\"><code>$acme_certificate</code></dt><dd>SSL certificate that can be passed to the <a href=\"https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate\">ssl_certificate</a></dd><dt id=\"var_acme_certificate_key\"><code>$acme_certificate_key</code></dt><dd>SSL certificate private key that can be passed to <a href=\"https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate_key\">ssl_certificate_key</a></dd></dl>"]
]
Loading