9 The Ceph Object Gateway supports two embedded HTTP frontend libraries
10 that can be configured with ``rgw_frontends``. See `Config Reference`_
11 for details about the syntax.
16 .. versionadded:: Mimic
18 The ``beast`` frontend uses the Boost.Beast library for HTTP parsing
19 and the Boost.Asio library for asynchronous network i/o.
24 ``port`` and ``ssl_port``
26 :Description: Sets the ipv4 & ipv6 listening port number. Can be specified multiple
27 times as in ``port=80 port=8000``.
32 ``endpoint`` and ``ssl_endpoint``
34 :Description: Sets the listening address in the form ``address[:port]``, where
35 the address is an IPv4 address string in dotted decimal form, or
36 an IPv6 address in hexadecimal notation surrounded by square
37 brackets. Specifying a IPv6 endpoint would listen to v6 only. The
38 optional port defaults to 80 for ``endpoint`` and 443 for
39 ``ssl_endpoint``. Can be specified multiple times as in
40 ``endpoint=[::1] endpoint=192.168.0.100:8000``.
48 :Description: Path to the SSL certificate file used for SSL-enabled endpoints.
49 If path is prefixed with ``config://``, the certificate will be
50 pulled from the ceph monitor ``config-key`` database.
58 :Description: Optional path to the private key file used for SSL-enabled
59 endpoints. If one is not given, the ``ssl_certificate`` file
60 is used as the private key.
61 If path is prefixed with ``config://``, the certificate will be
62 pulled from the ceph monitor ``config-key`` database.
69 :Description: Optional colon separated list of ssl context options:
71 ``default_workarounds`` Implement various bug workarounds.
73 ``no_compression`` Disable compression.
75 ``no_sslv2`` Disable SSL v2.
77 ``no_sslv3`` Disable SSL v3.
79 ``no_tlsv1`` Disable TLS v1.
81 ``no_tlsv1_1`` Disable TLS v1.1.
83 ``no_tlsv1_2`` Disable TLS v1.2.
85 ``single_dh_use`` Always create a new key when using tmp_dh parameters.
88 :Default: ``no_sslv2:no_sslv3:no_tlsv1:no_tlsv1_1``
92 :Description: Optional list of one or more cipher strings separated by colons.
93 The format of the string is described in openssl's ciphers(1)
101 :Description: If set the socket option will disable Nagle's algorithm on
102 the connection which means that packets will be sent as soon
103 as possible instead of waiting for a full buffer or timeout to occur.
105 ``1`` Disable Nagel's algorithm for all sockets.
107 ``0`` Keep the default: Nagel's algorithm enabled.
109 :Type: Integer (0 or 1)
112 ``max_connection_backlog``
114 :Description: Optional value to define the maximum size for the queue of
115 connections waiting to be accepted. If not configured, the value
116 from ``boost::asio::socket_base::max_connections`` will be used.
121 ``request_timeout_ms``
123 :Description: The amount of time in milliseconds that Beast will wait
124 for more incoming data or outgoing data before giving up.
125 Setting this value to 0 will disable timeout.
132 :Description: The maximum number of header bytes available for a single request.
142 Some frontend options are generic and supported by all frontends:
146 :Description: A prefix string that is inserted into the URI of all
147 requests. For example, a swift-only frontend could supply
148 a uri prefix of ``/swift``.
154 .. _Config Reference: ../config-ref