kaffa/haproxy-mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add CrowdSec logging, rate limiting, and fix MCP parameter defaults

Browse Source 
- Add real client IP detection (CF-Connecting-IP / src fallback) to both frontends
- Add per-IP rate limiting (429) using real IP for Cloudflare compatibility
- Add CrowdSec syslog forwarding with custom log format
- Add httplog option for detailed HTTP logging
- Fix Python-level defaults on MCP tool parameters to match Field(default=X)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
kaffa
2026-02-07 00:22:39 +09:00
parent 4a411202d3
commit da533f407a
6 changed files with 53 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
haproxy_mcp/tools/certificates.py
View File

@@ -515,7 +515,7 @@ def register_certificate_tools(mcp):
@mcp.tool()
def haproxy_issue_cert(
domain: Annotated[str, Field(description="Primary domain (e.g., example.com)")],
wildcard: Annotated[bool, Field(default=True, description="Include wildcard (*.example.com). Default: true")]
wildcard: Annotated[bool, Field(default=True, description="Include wildcard (*.example.com). Default: true")] = True
) -> str:
"""Issue a new SSL/TLS certificate using acme.sh with Cloudflare DNS.
@@ -528,7 +528,7 @@ def register_certificate_tools(mcp):
@mcp.tool()
def haproxy_renew_cert(
domain: Annotated[str, Field(description="Domain name to renew (e.g., example.com)")],
force: Annotated[bool, Field(default=False, description="Force renewal even if not due. Default: false")]
force: Annotated[bool, Field(default=False, description="Force renewal even if not due. Default: false")] = False
) -> str:
"""Renew an existing certificate.