Skip to main content
Version: 0.10.x

Configuration

Lunar Interceptor Configuration

The following table describes the environment variables that can be used to configure Lunar Interceptor.

VARIABLEDescriptionRequired?Default ValueExample
LUNAR_PROXY_HOSTConfigure Lunar Proxy IP and PortYes--lunar-proxy:8000
LUNAR_HANDSHAKE_PORTConfigure Lunar Proxy Handshake Port. This port is represented as ENGINE_ADMIN_PORT on the Proxy configurationsNo80819292
LUNAR_INTERCEPTOR_LOG_LEVELConfigure the log level of the InterceptorNoERRORDEBUG
LUNAR_ALLOW_LISTWhen this variable is set, only requests to domains that are in LUNAR_ALLOW_LIST are forwarded to Lunar Proxy (any other request is sent directly to the API provider)No1use.com,192.168.1.1
LUNAR_BLOCK_LISTWhen this variable is set, requests to domains that are in LUNAR_BLOCK_LIST are not forwarded to Lunar Proxy (instead they are sent directly to the API provider)No2do_not_use.com,192.168.1.2
LUNAR_ENTER_COOLDOWN_AFTER_ATTEMPTSConfigure the number of successive failed connection attempts that trigger a Failsafe mechanismNo510
LUNAR_EXIT_COOLDOWN_AFTER_SECConfigure the cooldown time in seconds for turning back Proxy availabilityNo1020
note

An alternative method for enabling or preventing the forwarding of traffic to Lunar Proxy is by incorporating the x-lunar-allow header. It's essential to ensure that the value of this header is provided as a string, not as a boolean.

  • Setting it to "true": The Interceptor will proceed to route the request to Lunar Proxy.
  • Setting it to "false": The Interceptor will directly dispatch the request to the API provider.

To apply a configuration to Lunar Interceptor or Proxy, simply export the relevant env var with the desired value before running them.

export VARIABLE=Value

Lunar Proxy Configuration

VariableK8S VariableDescriptionRequired?Default ValuePossible Values
TENANT_NAMEtenantNameConfigure the name for your organizationYes--The name of your organization, e.g. Acme, Google
BIND_PORTservice.portConfigure the bind port Lunar Proxy listens onNo8000Any accessible port
ENGINE_ADMIN_PORTservice.adminPortConfigure the admin port Lunar Proxy listens on. Also responsible for the Interceptor handshakeNo8081Any accessible port
LUNAR_HEALTHCHECK_PORTservice.healthCheckPortConfigure the port Lunar Proxy listens onNo8040Any accessible port
LOG_LEVELlogLevelConfigure the log levelNoERRORDEBUG, INFO, WARN, ERROR
ENVenvTo set the environments stageNoprodprod, dev
LUNAR_TELEMETRYtelemetryEnabledAllow the user to disable telemetry reportNotruetrue, false
LUNAR_ACCESS_LOGS_OUTPUT-Configure the output for access logsNostdoutstdout, NULL
LUNAR_ENGINE_FAILSAFE_ENABLEDengineFailsafeEnabledConfigured to handle critical error in Lunar Engine to keep passing directly to the ProviderNotruetrue, false
REDIS_PREFIXredisPrefixPrefix for Redis keysNolunarPrefix for Redis keys
REDIS_USE_CLUSTERredisUseClusterEnable the use of Redis ClusterNofalsetrue, false
REDIS_USE_CA_CERT-Enable the use of CA certificate for Redis mTLS connectionNofalsetrue, false
REDIS_CA_CERT_PATH-Path to the CA certificate file for Redis mTLS connectionNo/etc/redis/ca.crtPath to the CA certificate file
REDIS_USE_CLIENT_CERT-Enable the use of client certificate for Redis mTLS connectionNofalsetrue, false
REDIS_CLIENT_CERT_PATH-Path to the client certificate file for Redis mTLS connectionNo/etc/redis/client.crtPath to the client certificate file
REDIS_CLIENT_KEY_PATH-Path to the client key file for Redis mTLS connectionNo/etc/redis/client.keyPath to the client key file
note
  • Port must be accessible by Lunar Interceptor
  • The default port is 8000
  • The default port for handshake is 8081
  • When ENGINE_ADMIN_PORT are change, then Lunar Interceptor LUNAR_HANDSHAKE_PORT should be updated as well.
  • When BIND_PORT are changed, then Lunar Interceptor LUNAR_PROXY_HOST should be updated as well.

Configuration Example

docker run -d --rm -e TENANT_NAME="Acme Corp." -e LOG_LEVEL=DEBUG -e BIND_PORT=8000 -e ENGINE_ADMIN_PORT=8081 -e LUNAR_HEALTHCHECK_PORT=8040 -p 8000:8000 -p 8081:8081 -p 8040:8040 --name lunar-proxy lunarapi/lunar-proxy:latest

Footnotes

  1. If both LUNAR_BLOCK_LIST and LUNAR_ALLOW_LIST are empty, the Interceptor will forward all domains to Lunar Proxy.

  2. If LUNAR_ALLOW_LIST is empty, the Interceptor will forward all domains to Lunar Proxy except the ones in LUNAR_BLOCK_LIST.

CTRL + M