[management,proxy] Add per-target options to reverse proxy (#5501)

2026-04-16 07:16:38 +00:00 · 2026-03-05 17:03:26 +08:00
parent 8e7b016be2
commit e601278117
16 changed files with 1599 additions and 445 deletions
--- a/shared/management/http/api/openapi.yml
+++ b/shared/management/http/api/openapi.yml
@@ -3027,6 +3027,28 @@ components:
        - targets
        - auth
        - enabled
+    ServiceTargetOptions:
+      type: object
+      properties:
+        skip_tls_verify:
+          type: boolean
+          description: Skip TLS certificate verification for this backend
+        request_timeout:
+          type: string
+          description: Per-target response timeout as a Go duration string (e.g. "30s", "2m")
+        path_rewrite:
+          type: string
+          description: Controls how the request path is rewritten before forwarding to the backend. Default strips the matched prefix. "preserve" keeps the full original request path.
+          enum: [preserve]
+        custom_headers:
+          type: object
+          description: Extra headers sent to the backend. Hop-by-hop and proxy-managed headers (Host, Connection, Transfer-Encoding, etc.) are rejected.
+          propertyNames:
+            type: string
+            pattern: '^[!#$%&''*+.^_`|~0-9A-Za-z-]+$'
+          additionalProperties:
+            type: string
+            pattern: '^[^\r\n]*$'
    ServiceTarget:
      type: object
      properties:
@@ -3053,6 +3075,8 @@ components:
        enabled:
          type: boolean
          description: Whether this target is enabled
+        options:
+          $ref: '#/components/schemas/ServiceTargetOptions'
      required:
        - target_id
        - target_type