2022-09-17 15:15:43 +02:00
|
|
|
vcl 4.1;
|
|
|
|
|
|
|
|
backend default {
|
|
|
|
.path = "/run/haproxy-frontend-default.sock";
|
|
|
|
.proxy_header = 1;
|
|
|
|
.connect_timeout = 3s;
|
|
|
|
.first_byte_timeout = 300s;
|
|
|
|
.between_bytes_timeout = 300s;
|
|
|
|
.probe = {
|
|
|
|
.request =
|
|
|
|
"HEAD /haproxycheck HTTP/1.1"
|
|
|
|
"Connection: close";
|
|
|
|
.timeout = 1s;
|
|
|
|
.interval = 3s;
|
|
|
|
.window = 3;
|
|
|
|
.threshold = 2;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# Uncomment if you want to do device detection
|
|
|
|
# cf. https://varnish-cache.org/docs/6.0/users-guide/devicedetection.html
|
|
|
|
#include "/etc/varnish/conf.d/devicedetect.functions.vcl";
|
|
|
|
|
|
|
|
# Those functions are applied everytime
|
|
|
|
# Edit them cautiously!
|
|
|
|
# Do not "return" from these functions.
|
|
|
|
|
|
|
|
sub vcl_recv {
|
|
|
|
# HAProxy check
|
|
|
|
if (req.url == "/varnishcheck") {
|
|
|
|
return(synth(200, "Hi HAProxy, I'm fine!"));
|
|
|
|
}
|
|
|
|
|
|
|
|
# Normalize encoding, and unset it on yet-compressed formats.
|
|
|
|
if (req.http.Accept-Encoding) {
|
|
|
|
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|lzma|tbz|zip|rar)(\?.*|)$") {
|
|
|
|
unset req.http.Accept-Encoding;
|
|
|
|
}
|
|
|
|
# use gzip when possible, otherwise use deflate
|
|
|
|
if (req.http.Accept-Encoding ~ "gzip") {
|
|
|
|
set req.http.Accept-Encoding = "gzip";
|
|
|
|
}
|
|
|
|
elsif (req.http.Accept-Encoding ~ "deflate") {
|
|
|
|
set req.http.Accept-Encoding = "deflate";
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
# unknown algorithm, unset accept-encoding header
|
|
|
|
unset req.http.Accept-Encoding;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# Remove known cookies used only on client side (by JavaScript).
|
|
|
|
if (req.http.cookie) {
|
|
|
|
set req.http.Cookie = regsuball(req.http.Cookie, "_gat=[^;]+(; )?", ""); # Google Analytics
|
|
|
|
set req.http.Cookie = regsuball(req.http.Cookie, "_ga=[^;]+(; )?", ""); # Google Analytics
|
|
|
|
set req.http.Cookie = regsuball(req.http.Cookie, "_gaq=[^;]+(; )?", ""); # Google Analytics
|
|
|
|
set req.http.Cookie = regsuball(req.http.Cookie, "__utm[^=]*=[^;]+(; )?", ""); # Google Analytics
|
|
|
|
set req.http.Cookie = regsuball(req.http.Cookie, "__gads=[^;]+(; )?", ""); # Google Doubleclick
|
|
|
|
set req.http.Cookie = regsuball(req.http.Cookie, "__auc=[^;]+(; )?", ""); # Alexa Analytics
|
|
|
|
|
|
|
|
if (req.http.cookie ~ "^ *$") {
|
|
|
|
unset req.http.cookie;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# BEGIN HTTP tagging
|
|
|
|
set req.http.X-Boost-Layer = "varnish";
|
|
|
|
# END HTTP tagging
|
|
|
|
}
|
|
|
|
|
|
|
|
sub vcl_backend_response {
|
|
|
|
if (beresp.uncacheable) {
|
|
|
|
set beresp.http.X-Cacheable = "FALSE";
|
|
|
|
} else {
|
|
|
|
set beresp.http.X-Cacheable = "TRUE";
|
|
|
|
}
|
|
|
|
|
|
|
|
# our default TTL is 60s instead of 86400s
|
|
|
|
if (beresp.http.cache-control !~ "max-age=") {
|
|
|
|
set beresp.ttl = 60s;
|
|
|
|
}
|
|
|
|
|
|
|
|
# Grace mode (Stale content delivery)
|
|
|
|
# abor on 5xx errors, to keep grace mode, even 503 from HAProxy
|
|
|
|
if (beresp.status >= 500 && bereq.is_bgfetch) {
|
|
|
|
return (abandon);
|
|
|
|
}
|
|
|
|
set beresp.grace = 4h;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub vcl_deliver {
|
|
|
|
|
|
|
|
unset resp.http.Via;
|
|
|
|
|
|
|
|
# BEGIN HTTP tagging
|
|
|
|
if (resp.http.Set-Cookie && resp.http.Cache-Control) {
|
2022-10-15 15:40:15 +02:00
|
|
|
set resp.http.X-Boost-Step2 = "varnish; set-cookie; cache-control";
|
2022-09-17 15:15:43 +02:00
|
|
|
} elseif (resp.http.Set-Cookie) {
|
2022-10-15 15:40:15 +02:00
|
|
|
set resp.http.X-Boost-Step2 = "varnish; set-cookie; no-cache-control";
|
2022-09-17 15:15:43 +02:00
|
|
|
} elseif (resp.http.Cache-Control) {
|
2022-10-15 15:40:15 +02:00
|
|
|
set resp.http.X-Boost-Step2 = "varnish; no-set-cookie; cache-control";
|
2022-09-17 15:15:43 +02:00
|
|
|
} else {
|
2022-10-15 15:40:15 +02:00
|
|
|
set resp.http.X-Boost-Step2 = "varnish; no-set-cookie; no-cache-control";
|
2022-09-17 15:15:43 +02:00
|
|
|
}
|
|
|
|
# END HTTP tagging
|
|
|
|
|
|
|
|
if (resp.http.X-Varnish ~ "[0-9]+ +[0-9]+") {
|
|
|
|
set resp.http.X-Cache = "HIT";
|
|
|
|
unset resp.http.X-Boost-Step3;
|
|
|
|
} else {
|
|
|
|
set resp.http.X-Cache = "MISS";
|
|
|
|
}
|
|
|
|
|
|
|
|
# DEBUG infos
|
|
|
|
|
|
|
|
## This is disabled, because of a bug in our Varnish verison
|
|
|
|
## https://github.com/varnishcache/varnish-cache/issues/3765
|
|
|
|
### set resp.http.X-Varnish-Client-Ip = client.ip;
|
|
|
|
|
|
|
|
set resp.http.X-Varnish-Client-Method = req.method;
|
|
|
|
set resp.http.X-Varnish-Client-Url = req.url;
|
|
|
|
set resp.http.X-Varnish-Client-Proto = req.proto;
|
|
|
|
set resp.http.X-Varnish-Object-Ttl = obj.ttl;
|
|
|
|
|
|
|
|
# Enabel these, to increase debug information
|
|
|
|
### set resp.http.X-Varnish-Client-Cache-Control = req.http.cache-control;
|
|
|
|
### set resp.http.X-Varnish-Client-Cookie = req.http.cookie;
|
|
|
|
### set resp.http.X-Varnish-Client-Ua = req.http.user-agent;
|
|
|
|
### set resp.http.X-Varnish-Object-Grace = obj.grace;
|
|
|
|
### set resp.http.X-Varnish-Object-Keep = obj.keep;
|
|
|
|
### set resp.http.X-Varnish-Object-Storage = obj.storage;
|
|
|
|
}
|
|
|
|
|
|
|
|
# BEGIN sites
|
|
|
|
include "/etc/varnish/sites/example.vcl";
|
|
|
|
# END sites
|
|
|
|
|
|
|
|
# Custom functions, executed as a "fallback"
|
|
|
|
sub vcl_backend_error {
|
|
|
|
set beresp.http.Content-Type = "text/html; charset=utf-8";
|
|
|
|
set beresp.http.Retry-After = "5";
|
|
|
|
set beresp.body = {"<!DOCTYPE html>
|
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<title>"} + beresp.status + " " + beresp.reason + {"</title>
|
|
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<h1>Error "} + beresp.status + " " + beresp.reason + {"</h1>
|
|
|
|
<p>"} + beresp.reason + {"</p>
|
|
|
|
<h3>EvoGuru Meditation:</h3>
|
|
|
|
<p>XID: "} + bereq.xid + {"</p>
|
|
|
|
<hr>
|
|
|
|
<p>Varnish cache server</p>
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
"};
|
|
|
|
return (deliver);
|
|
|
|
}
|
|
|
|
|
|
|
|
# Builtin functions are visible with this command:
|
|
|
|
# varnishd -x builtin
|