# APISIX Configuration Sample
# This file is automatically generated by Cloudron package
# Located at: /usr/local/apisix/conf/config.yaml

deployment:
  role: traditional
  role_traditional:
    config_provider: etcd

  admin:
    # Admin API port
    port: 9180

    # Allow admin access from all IPs
    # Restrict this in production to specific IPs
    allow_admin:
      - 0.0.0.0/0

    # Admin API key (CHANGE THIS IN PRODUCTION)
    admin_key:
      - admin-key-secret-change-me

    # Admin API version
    admin_api_version: v3

  etcd:
    # Etcd hosts (automatically configured by Cloudron)
    host:
      - 127.0.0.1
    port: 2379
    prefix: "/apisix"
    timeout: 30

  apisix:
    # SSL configuration
    ssl:
      ssl_trusted_certificate: /etc/ssl/certs/ca-certificates.crt
      ssl_protocols: "TLSv1.2 TLSv1.3"

    # Main HTTP proxy port
    node_listen: 9080

    # Disable IPv6
    enable_ipv6: false

    # Enable CORS for admin API
    enable_admin_cors: true

    # Enable HTTP/2
    enable_http2: true

  # Nginx configuration
  nginx_config:
    # Error log file
    error_log: "logs/error.log"
    error_log_level: "warn"

    # Worker processes
    worker_processes: auto

    # Maximum open files
    worker_rlimit_nofile: 20480

    # Event worker processes
    event_worker_processes: 2

    # Worker shutdown timeout
    worker_shutdown_timeout: 240s

# Additional configuration options:
#
# Plugin configuration (default plugins enabled)
# plugins:
#   - real-ip
#   - proxy-rewrite
#   - limit-req
#   - limit-conn
#   - prometheus
#   - node-status
#   - jwt-auth
#   - key-auth
#   - basic-auth
#   - ip-restriction
#   - cors
#   - proxy-cache
#   - limit-count
#   - request-id
#   - fault-injection
#   - consumer
#
# Stream plugins (for TCP/UDP):
# stream_plugins:
#   - mqtt-proxy
#   - ip-restriction
#   - limit-conn