Skip to content

Configuration Overview

RevenProx is configured using a TOML file. This page provides an overview of all configuration sections.

Configuration File

By default, RevenProx looks for config/proxy.toml. Override with:

./sse-proxy --config /path/to/config.toml

Complete Example

# =============================================================================
# RevenProx Configuration
# =============================================================================

# Unique identifier for this proxy instance
proxy_id = "proxy-prod-1"

# Logging level: debug, info, warn, error
log_level = "info"

# Enable metrics collection
metrics_enabled = true

# =============================================================================
# HTTP Server Configuration
# =============================================================================
[http]
# Address and port to bind
bind_address = "0.0.0.0:8080"

# Maximum concurrent connections
max_connections = 100000

# Connection timeout in seconds
connection_timeout_sec = 300

# Keepalive interval in seconds
keepalive_interval_sec = 30

# Maximum messages queued per connection
max_message_queue_size = 1000

# Worker threads (0 = auto-detect CPU count)
thread_pool_size = 0

# Request size limits
max_request_line_size = 8192
max_header_size = 8192
max_headers = 100

# Rate limiting
rate_limit_per_ip = 100
rate_limit_window_sec = 60

# CORS allowed origins ("*" for all)
cors_allowed_origins = "*"

# Backpressure policy: drop_newest, drop_oldest, block
backpressure_policy = "drop_newest"

# =============================================================================
# JWT Verification Configuration
# =============================================================================
[jwt_verifier]
# Webhook URL for JWT verification
webhook_url = "https://auth.example.com/verify"

# Webhook timeout in milliseconds
timeout_ms = 5000

# Retry attempts on webhook failure
retry_attempts = 3

# Cache TTL for verified tokens (seconds)
cache_ttl_sec = 300

# Maximum cache entries
cache_max_size = 10000

# Circuit breaker threshold (failures before opening)
circuit_breaker_threshold = 10

# Circuit breaker timeout (seconds in open state)
circuit_breaker_timeout_sec = 60

# Rate limit for verification requests per second
rate_limit_per_sec = 1000

# Require authentication (set false for development)
require_authentication = true

# =============================================================================
# NNG (Distributed Messaging) Configuration
# =============================================================================
[nng]
# Addresses to listen on
listen_addresses = ["tcp://*:5555"]

# Peer proxy addresses to connect to
peer_addresses = []

# Publisher buffer size
pub_buffer_size = 65536

# Subscriber buffer size
sub_buffer_size = 131072

# Reconnection interval in milliseconds
reconnect_interval_ms = 5000

# Heartbeat interval in seconds
heartbeat_interval_sec = 30

# Message batching
message_batch_size = 100
message_batch_timeout_ms = 50

# =============================================================================
# Distributed State Configuration
# =============================================================================
[distributed_state]
# Gossip protocol interval in seconds
gossip_interval_sec = 30

# Bloom filter capacity
bloom_filter_capacity = 1000000

# Bloom filter false positive rate
bloom_filter_fpr = 0.01

# Vector clock cleanup interval in seconds
vector_clock_cleanup_interval_sec = 3600

# Maximum subscription events to track
max_subscription_events = 100000

# Merkle tree rebuild threshold
merkle_tree_rebuild_threshold = 1000

# Peer timeout in seconds
peer_timeout_sec = 180

# =============================================================================
# Resource Limits Configuration
# =============================================================================
[limits]
# Maximum memory usage in MB
max_memory_mb = 8192

# Maximum CPU usage percentage
max_cpu_percent = 80

# Maximum network throughput in Mbps
max_network_mbps = 1000

# Maximum file descriptors
max_file_descriptors = 1000000

Configuration Sections

Section Description Documentation
[http] HTTP server settings HTTP Server
[jwt_verifier] JWT authentication JWT Auth
[nng] Distributed messaging Distributed State
[distributed_state] State synchronization Distributed State
[limits] Resource constraints Limits

Environment Variables

Configuration values can be overridden with environment variables:

export REVENPROX_HTTP_BIND_ADDRESS="0.0.0.0:9090"
export REVENPROX_JWT_WEBHOOK_URL="https://auth.internal/verify"
./sse-proxy --config proxy.toml

Validation

The proxy validates configuration on startup:

  • Required fields must be present
  • Numeric values must be within valid ranges
  • URLs must be properly formatted
  • Conflicting settings are detected

Invalid configuration produces clear error messages:

error: InvalidConfig: jwt_verifier.webhook_url is required when require_authentication is true

Hot Reload

Currently, configuration changes require a restart. SIGHUP reload is planned for future releases.

Next Steps