evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity
ansible-roles/boost-proxy/templates-examples/varnish/varnish.default.vcl.j2
Jérémy Lecour d03910d5f8
All checks were successful
gitea/ansible-roles/pipeline/head This commit looks good
Details
boost-proxy: comments in english
2022-11-27 14:23:12 +01:00

177 lines
6 KiB
Django/Jinja
Raw Blame History

vcl 4.1;
probe haproxycheck {
.request =
"HEAD {{ boost_haproxy_check_url | mandatory }} HTTP/1.1"
"Connection: close";
.timeout = 1s;
.interval = 3s;
.window = 3;
.threshold = 2;
}
backend default {
.path = "{{ boost_haproxy_proxy_socket }}";
.proxy_header = 1;
.connect_timeout = 3s;
.first_byte_timeout = 300s;
.between_bytes_timeout = 300s;
.probe = haproxycheck;
}
# Uncomment if you want to do device detection
# cf. https://varnish-cache.org/docs/6.0/users-guide/devicedetection.html
### include "/etc/varnish/conf.d/devicedetect.functions.vcl";
# Routines appliquées dans tous les cas
# A modifier avec précaution
# Ne pas mettre de "return" dans ces routines communes
sub vcl_recv {
# Health check from HAProxy
if (req.url == "{{ boost_varnish_check_url | mandatory }}") {
return (synth(200, "Hi HAProxy, I'm fine!"));
}
# Normalize encoding, and unset it on yet-compressed formats.
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|lzma|tbz|zip|rar)(\?.*|)$") {
unset req.http.Accept-Encoding;
}
# use gzip when possible, otherwise use deflate
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
}
elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
}
else {
# unknown algorithm, unset accept-encoding header
unset req.http.Accept-Encoding;
}
}
# Remove known cookies used only on client side (by JavaScript).
if (req.http.cookie) {
set req.http.Cookie = regsuball(req.http.Cookie, "_gat=[^;]+(; )?", ""); # Google Analytics
set req.http.Cookie = regsuball(req.http.Cookie, "_ga=[^;]+(; )?", ""); # Google Analytics
set req.http.Cookie = regsuball(req.http.Cookie, "_gaq=[^;]+(; )?", ""); # Google Analytics
set req.http.Cookie = regsuball(req.http.Cookie, "__utm[^=]*=[^;]+(; )?", ""); # Google Analytics
set req.http.Cookie = regsuball(req.http.Cookie, "__gads=[^;]+(; )?", ""); # Google Doubleclick
set req.http.Cookie = regsuball(req.http.Cookie, "__auc=[^;]+(; )?", ""); # Alexa Analytics
if (req.http.cookie ~ "^ *$") {
unset req.http.cookie;
}
}
# BEGIN HTTP tagging
# TODO: ajouter un en-tête pour marquer le passage dans les 3 composants
# avec une artie permanente et une partie optionnelle commentée par défaut
set req.http.X-Boost-Layer = "varnish";
# END HTTP tagging
}
sub vcl_backend_response {
if (beresp.uncacheable) {
set beresp.http.X-Cacheable = "FALSE";
} else {
set beresp.http.X-Cacheable = "TRUE";
}
# our default TTL is 60s instead of 86400s
if (beresp.http.cache-control !~ "max-age=") {
set beresp.ttl = 60s;
}
# Grace mode (Stale content delivery)
# abandon when 5xx errors to keep grace mode even 503 from HAProxy
if (beresp.status >= 500 && bereq.is_bgfetch) {
return (abandon);
}
set beresp.grace = 4h;
}
sub vcl_deliver {
unset resp.http.Via;
# BEGIN HTTP tagging
# TODO: ajouter un en-tête pour marquer le passage dans les 3 composants
# avec une partie permanente et une partie optionnelle commentée par défaut
if (resp.http.Set-Cookie && resp.http.Cache-Control) {
set resp.http.X-Boost-Step2 = "varnish; set-cookie; cache-control";
} elseif (resp.http.Set-Cookie) {
set resp.http.X-Boost-Step2 = "varnish; set-cookie; no-cache-control";
} elseif (resp.http.Cache-Control) {
set resp.http.X-Boost-Step2 = "varnish; no-set-cookie; cache-control";
} else {
set resp.http.X-Boost-Step2 = "varnish; no-set-cookie; no-cache-control";
}
# END HTTP tagging
if (resp.http.X-Varnish ~ "[0-9]+ +[0-9]+") {
set resp.http.X-Cache = "HIT";
unset resp.http.X-Boost-Step3;
} else {
set resp.http.X-Cache = "MISS";
}
# DEBUG infos
## désactivation pour test
## https://github.com/varnishcache/varnish-cache/issues/3765
# set resp.http.X-Varnish-Client-Ip = client.ip;
set resp.http.X-Varnish-Client-Method = req.method;
set resp.http.X-Varnish-Client-Url = req.url;
set resp.http.X-Varnish-Client-Proto = req.proto;
set resp.http.X-Varnish-Object-Ttl = obj.ttl;
{% if 'preprod' in group_names %}
set resp.http.X-Varnish-Client-Cache-Control = req.http.cache-control;
set resp.http.X-Varnish-Client-Cookie = req.http.cookie;
set resp.http.X-Varnish-Client-Ua = req.http.user-agent;
set resp.http.X-Varnish-Object-Grace = obj.grace;
set resp.http.X-Varnish-Object-Keep = obj.keep;
set resp.http.X-Varnish-Object-Storage = obj.storage;
{% else %}
### set resp.http.X-Varnish-Client-Cache-Control = req.http.cache-control;
### set resp.http.X-Varnish-Client-Cookie = req.http.cookie;
### set resp.http.X-Varnish-Client-Ua = req.http.user-agent;
### set resp.http.X-Varnish-Object-Grace = obj.grace;
### set resp.http.X-Varnish-Object-Keep = obj.keep;
### set resp.http.X-Varnish-Object-Storage = obj.storage;
{% endif %}
}
# BEGIN sites
{% for site_name in boost_sites_enabled %}
include "/etc/varnish/sites/{{ site_name }}.vcl";
{% endfor %}
# END sites
# Routines personnalisées, appliquées en "fallback"
# TODO: mieux expliquer !
sub vcl_backend_error {
set beresp.http.Content-Type = "text/html; charset=utf-8";
set beresp.http.Retry-After = "5";
set beresp.body = {"<!DOCTYPE html>
<html>
<head>
<title>"} + beresp.status + " " + beresp.reason + {"</title>
</head>
<body>
<h1>Error "} + beresp.status + " " + beresp.reason + {"</h1>
<p>"} + beresp.reason + {"</p>
<h3>EvoGuru Meditation:</h3>
<p>XID: "} + bereq.xid + {"</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
"};
return (deliver);
}
# Les routines internes de Varnish sont visibles avec la commande
# varnishd -x builtin
Reference in a new issue View git blame Copy permalink