From 87cd41a81f9b43a53577d2c3c07ccc7c0294ba5e Mon Sep 17 00:00:00 2001
From: xfy <i@rua.plus>
Date: Thu, 16 Apr 2026 15:16:14 +0800
Subject: [PATCH] =?UTF-8?q?docs(config):=20=E6=B7=BB=E5=8A=A0=20default/ca?=
 =?UTF-8?q?che=5Fvalid/proxy=5Fssl=20=E9=85=8D=E7=BD=AE=E7=A4=BA=E4=BE=8B?=
 =?UTF-8?q?=E6=B3=A8=E9=87=8A?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

补充 GenerateConfigYAML 输出的配置示例：
- default: 虚拟主机模式下标记默认服务器
- cache_valid: 按 HTTP 状态码细分缓存时间
- proxy_ssl: 上游 SSL/TLS 连接配置（含 mTLS 支持）

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 internal/config/defaults.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/internal/config/defaults.go b/internal/config/defaults.go
index 2b2a578..ab43fe7 100644
--- a/internal/config/defaults.go
+++ b/internal/config/defaults.go
@@ -255,6 +255,7 @@ func GenerateConfigYAML(cfg *Config) ([]byte, error) {
 	buf.WriteString("  - # 服务器配置\n")
 	fmt.Fprintf(&buf, "    listen: \"%s\"           # 监听地址\n", cfg.Servers[0].Listen)
 	fmt.Fprintf(&buf, "    name: \"%s\"             # 服务器名称（虚拟主机匹配）\n", cfg.Servers[0].Name)
+	buf.WriteString("    # default: false           # 虚拟主机模式下标记为默认服务器（接收未匹配的请求）\n")
 	fmt.Fprintf(&buf, "    read_timeout: %ds            # 读取超时（0 表示不限制）\n", int(cfg.Servers[0].ReadTimeout.Seconds()))
 	fmt.Fprintf(&buf, "    write_timeout: %ds           # 写入超时（0 表示不限制）\n", int(cfg.Servers[0].WriteTimeout.Seconds()))
 	fmt.Fprintf(&buf, "    idle_timeout: %ds            # 空闲超时（0 表示不限制）\n", int(cfg.Servers[0].IdleTimeout.Seconds()))
@@ -351,6 +352,21 @@ func GenerateConfigYAML(cfg *Config) ([]byte, error) {
 	buf.WriteString("    #       max_age: 60s\n")
 	buf.WriteString("    #       cache_lock: true          # 防止缓存击穿\n")
 	buf.WriteString("    #       stale_while_revalidate: 30s\n")
+	buf.WriteString("    #     cache_valid:                # 按 HTTP 状态码细分缓存时间（可选，未配置时使用 max_age）\n")
+	buf.WriteString("    #       ok: 10m                   # 200-299 缓存 10 分钟\n")
+	buf.WriteString("    #       redirect: 1h              # 301/302 缓存 1 小时\n")
+	buf.WriteString("    #       not_found: 1m             # 404 缓存 1 分钟\n")
+	buf.WriteString("    #       client_error: 0           # 其他 4xx 不缓存\n")
+	buf.WriteString("    #       server_error: 0           # 5xx 不缓存\n")
+	buf.WriteString("    #     proxy_ssl:                  # 上游 SSL 配置（加密到后端的连接）\n")
+	buf.WriteString("    #       enabled: false            # 是否启用上游 TLS\n")
+	buf.WriteString("    #       server_name: \"\"           # SNI 服务器名称\n")
+	buf.WriteString("    #       trusted_ca: \"\"            # 信任的 CA 证书\n")
+	buf.WriteString("    #       client_cert: \"\"           # 客户端证书（mTLS）\n")
+	buf.WriteString("    #       client_key: \"\"            # 客户端私钥（mTLS）\n")
+	buf.WriteString("    #       min_version: \"TLSv1.2\"    # 最小 TLS 版本\n")
+	buf.WriteString("    #       max_version: \"\"           # 最大 TLS 版本（空表示不限制）\n")
+	buf.WriteString("    #       insecure_skip_verify: false  # 跳过证书验证（仅测试用）\n")
 	buf.WriteString("    #     client_max_body_size: \"50MB\"  # 此代理路径的请求体限制\n")
 	buf.WriteString("    #     next_upstream:              # 故障转移配置\n")
 	buf.WriteString("    #       tries: 1                  # 最大尝试次数（1 表示禁用故障转移）\n")