72 lines
1.8 KiB
YAML
Executable File
72 lines
1.8 KiB
YAML
Executable File
# Configuración dinámica - Middlewares
|
|
# Los middlewares procesan las peticiones antes de llegar al servicio
|
|
|
|
http:
|
|
middlewares:
|
|
# Middleware para comprimir respuestas
|
|
compress:
|
|
compress: {}
|
|
|
|
# Middleware para rate limiting (limitar peticiones)
|
|
rate-limit:
|
|
rateLimit:
|
|
average: 100 # 100 peticiones
|
|
period: 1s # por segundo
|
|
burst: 50 # permite picos de hasta 50
|
|
|
|
# Middleware para headers de seguridad
|
|
security-headers:
|
|
headers:
|
|
frameDeny: true
|
|
browserXssFilter: true
|
|
contentTypeNosniff: true
|
|
forceSTSHeader: true
|
|
stsIncludeSubdomains: true
|
|
stsPreload: true
|
|
stsSeconds: 31536000
|
|
customResponseHeaders:
|
|
X-Powered-By: "Nucleo Rio Frio"
|
|
Server: ""
|
|
|
|
# Middleware para CORS
|
|
cors:
|
|
headers:
|
|
accessControlAllowMethods:
|
|
- GET
|
|
- POST
|
|
- PUT
|
|
- DELETE
|
|
- OPTIONS
|
|
accessControlAllowOriginList:
|
|
- "*" # CAMBIAR por tus dominios específicos en producción
|
|
accessControlAllowHeaders:
|
|
- "*"
|
|
accessControlMaxAge: 100
|
|
addVaryHeader: true
|
|
|
|
# Middleware para redirección HTTPS
|
|
redirect-https:
|
|
redirectScheme:
|
|
scheme: https
|
|
permanent: true
|
|
|
|
# Middleware de autenticación básica de ejemplo
|
|
# Genera usuarios con: htpasswd -nb usuario password
|
|
basic-auth-example:
|
|
basicAuth:
|
|
users:
|
|
- "user:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/" # user:password
|
|
realm: "Área Protegida"
|
|
|
|
# Middleware para agregar prefijo a las rutas
|
|
strip-prefix-api:
|
|
stripPrefix:
|
|
prefixes:
|
|
- "/api"
|
|
|
|
# Middleware para timeout
|
|
timeout:
|
|
forwardAuth:
|
|
address: "http://localhost"
|
|
trustForwardHeader: true
|