Improve SwiftConfiguration integration#68
Conversation
| /// - ``BindTarget`` - Provide under key `"bindTarget"` (keys listed in ``BindTarget/init(config:)``). | ||
| /// | ||
| /// - ``SupportedHTTPVersions`` - Provide under key `"supportedHTTPVersions"` (keys listed in | ||
| /// - ``SupportedHTTPVersions`` - Provide under key `"http.versions"` (supported values listed in |
There was a problem hiding this comment.
Is this right? The input to the init(config:) of SupportedHTTPVersions is scoped to http only, the versions is then parsed internally and that type is HTTPVersionKind instead.
There was a problem hiding this comment.
Yes, sorry, SupportedHTTPVersions was a remnant from working on #67, but we eventually settled on using Set<HTTPVersion> to represent supported HTTP versions instead. I've updated the docs.
| /// - `maxConcurrentStreams` (int, optional, default: 100): The maximum number of concurrent streams in an HTTP/2 | ||
| /// - `maxConcurrentStreams` (int, optional, default: nil): The maximum number of concurrent streams in an HTTP/2 | ||
| /// connection. | ||
| /// - `gracefulShutdown.maximumGracefulShutdownDuration` (int, optional, default: nil): The maximum amount of time |
There was a problem hiding this comment.
| /// - `gracefulShutdown.maximumGracefulShutdownDuration` (int, optional, default: nil): The maximum amount of time | |
| /// - `gracefulShutdown.maximumDuration` (int, optional, default: nil): The maximum amount of time |
Suggestion
There was a problem hiding this comment.
Agreed.
I realised we also have a maximumGracefulShutdownDuration property under the GracefulShutdownConfiguration type in NIOHTTPServerConfiguration:
I'm going to address that in a separate PR where we will also make the other NIOHTTP2ServerConnectionManagementHandler options configurable; currently we only set the maxGraceTime option:
swift-http-server/Sources/NIOHTTPServer/NIOHTTPServer+SecureUpgrade.swift
Lines 147 to 151 in b243999
| > Important: HTTP/2 cannot be served over plaintext. If `"http2"` is included in `http.versions`, the transport | ||
| > security must be set to `"tls"` or `"mTLS"`. | ||
|
|
||
| | Prefix | Configuration Key | Type | Required/Optional | Default | |
There was a problem hiding this comment.
This table is a really good idea, I'll steal it for other projects too :)
3 participants
Motivation:
PR #67 refactored
NIOHTTPServerConfiguration. As part of this PR, we introduced support for TLS credentials and mTLS trust roots to be provided as PEM files too.We should update the
swift-configurationintegration to match these changes. We should also use this opportunity to better document the possible keys and supported values in a DocC article, as the current documentation is spread inline across multiple types.Modifications:
"security"key (5 values:"plaintext","tls","reloadingTLS","mTLS","reloadingMTLS") with a"transportSecurity.mode"key (3 values:"plaintext","tls","mTLS")."transportSecurity.credentialSource"key ("inline","file"), and a"transportSecurity.trustRootsSource"key ("inline","file","systemDefaults","customCertificateVerificationCallback")."supportedHTTPVersions"→"http.versions","low"/"high"→"lowWatermark"/"highWatermark", scoped"gracefulShutdown").Result:
Improved
swift-configurationintegration.