2021-04-04 13:28:22 -07:00
|
|
|
#
|
|
|
|
# This is an example VCL file for Varnish.
|
|
|
|
#
|
|
|
|
# It does not do anything by default, delegating control to the
|
|
|
|
# builtin VCL. The builtin VCL is called when there is no explicit
|
|
|
|
# return statement.
|
|
|
|
#
|
2022-08-29 15:32:56 -07:00
|
|
|
# See the VCL chapters in the Users Guide for a comprehensive documentation
|
|
|
|
# at https://www.varnish-cache.org/docs/.
|
2021-04-04 13:28:22 -07:00
|
|
|
#
|
|
|
|
# validate config with:
|
|
|
|
# varnishd -C -f /etc/varnish/default.vcl
|
|
|
|
#
|
2022-08-29 15:32:56 -07:00
|
|
|
# Marker to tell the VCL compiler that this VCL has been written with the
|
|
|
|
# 4.0 or 4.1 syntax.
|
2021-04-04 13:28:22 -07:00
|
|
|
vcl 4.0;
|
|
|
|
|
|
|
|
import std;
|
|
|
|
|
|
|
|
# Default backend definition. Set this to point to your content server.
|
|
|
|
backend default {
|
|
|
|
.host = "127.0.0.1";
|
|
|
|
.port = "80";
|
|
|
|
}
|
|
|
|
|
|
|
|
sub vcl_recv {
|
|
|
|
# Happens before we check if we have this in cache already.
|
|
|
|
#
|
|
|
|
# Typically you clean up the request here, removing cookies you don't need,
|
|
|
|
# rewriting the request, etc.
|
|
|
|
|
|
|
|
# Normalize the header - lowercase & remove the port
|
|
|
|
set req.http.host = std.tolower(req.http.host);
|
|
|
|
set req.http.host = regsub(req.http.host, ":[0-9]+", "");
|
|
|
|
# Do not remove www as depending on WP url setting this can cause a 301 redirect loop.
|
|
|
|
#set req.http.host = regsub(req.http.host, "^www\.", "");
|
|
|
|
|
|
|
|
if (req.method == "PRI") {
|
|
|
|
/* This will never happen in properly formed traffic (see: RFC7540) */
|
|
|
|
return (synth(405));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!req.http.host && req.esi_level == 0 && req.proto ~ "^(?i)HTTP/1.1") {
|
|
|
|
/* In HTTP/1.1, Host is required. */
|
|
|
|
return (synth(400));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (req.method != "GET" &&
|
|
|
|
req.method != "HEAD" &&
|
|
|
|
req.method != "PUT" &&
|
|
|
|
req.method != "POST" &&
|
|
|
|
req.method != "TRACE" &&
|
|
|
|
req.method != "OPTIONS" &&
|
|
|
|
req.method != "DELETE" &&
|
|
|
|
req.method != "PATCH") {
|
|
|
|
/* Non-RFC2616 or CONNECT which is weird. */
|
|
|
|
return (pipe);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (req.method != "GET" && req.method != "HEAD") {
|
|
|
|
/* We only deal with GET and HEAD by default */
|
|
|
|
return (pass);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (req.http.Authorization) {
|
|
|
|
/* Not cacheable by default */
|
|
|
|
return (pass);
|
|
|
|
}
|
|
|
|
|
|
|
|
# HTTP verification passthrough (Let'sEncrypt/Certbot /acme-challenge/ URL already handled by HAProxy)
|
|
|
|
if (req.url ~ "^/\.well-known/") {
|
|
|
|
return (pass);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# # Don't cache status checks.
|
|
|
|
# if (req.url ~ "^/status\.php") {
|
|
|
|
# return(pass);
|
|
|
|
# }
|
|
|
|
|
|
|
|
# # "fix" X-Forwarded-For. Not needed
|
|
|
|
# if (req.http.x-client-ip) {
|
|
|
|
# set req.http.X-Forwarded-For = req.http.X-Client-IP;
|
|
|
|
# } else {
|
|
|
|
# set req.http.X-Forwarded-For = client.ip;
|
|
|
|
# }
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
sub vcl_backend_response {
|
|
|
|
# Happens after we have read the response headers from the backend.
|
|
|
|
#
|
|
|
|
# Here you clean the response headers, removing silly Set-Cookie headers
|
|
|
|
# and other mistakes your backend does.
|
|
|
|
}
|
|
|
|
|
|
|
|
sub vcl_deliver {
|
|
|
|
# Happens when we have all the pieces we need, and are about to send the
|
|
|
|
# response to the client.
|
|
|
|
#
|
|
|
|
# You can do accounting or modifying the final object here.
|
|
|
|
if (obj.hits > 0) {
|
|
|
|
set resp.http.X-Cache = "HIT";
|
|
|
|
set resp.http.X-Cache-Hits = obj.hits;
|
|
|
|
} else {
|
|
|
|
set resp.http.X-Cache = "MISS";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
sub vcl_hash {
|
|
|
|
|
|
|
|
if (req.http.X-Forwarded-Proto) {
|
|
|
|
hash_data(req.http.X-Forwarded-Proto);
|
|
|
|
} elseif (req.http.X-Forwarded-Port) {
|
|
|
|
hash_data(req.http.X-Forwarded-Port);
|
|
|
|
} else {
|
|
|
|
hash_data(std.port(server.ip));
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
# include configs & vhosts
|
|
|
|
include "wordpress-sub.vcl";
|
|
|
|
include "sites.vcl";
|
|
|
|
include "catch-all.vcl";
|