Skip to content

Instantly share code, notes, and snippets.

@pabloroman

pabloroman/default.vcl.pl Secret

Created January 24, 2013 22:28
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save pabloroman/0c5dd43494f5b3081bb3 to your computer and use it in GitHub Desktop.
Save pabloroman/0c5dd43494f5b3081bb3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
default.vcl.pl
# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
backend tnw_master { .host = "tnw-front-1"; .connect_timeout = 600s; .first_byte_timeout = 600s; .between_bytes_timeout = 600s; }
# In case of multiple backend servers, define and set a director
# to perform a load-balancing task
#backend tnw_slave { .host = "tnw-front-2"; .connect_timeout = 600s; .first_byte_timeout = 600s; .between_bytes_timeout = 600s; }
#director www_director random {
# .retries = 50;
# main server
#{ .backend = tnw_master;
# .weight = 50; }
# server 2
#{
# .backend = tnw_slave;
# .weight = 50; }
#}
sub vcl_recv {
# Do not allow purges via HTTP request
if (req.request == "PURGE") {
error 405 "Not allowed.";
}
# Set standard proxied ip header for getting original remote address
set req.http.X-Forwarded-For = client.ip;
set req.grace = 30m;
### NORMALIZE REQUEST URL
# remove awesm referrers from query string
if(req.url ~ "(\?|&)awesm=") {
set req.url = regsub(req.url, "\?.*$", "");
}
# remove from query string
if(req.url ~ "") {
set req.url = regsub(req.url, "\?.*$", "");
}
# Remove query string fragments from the url - Those are not needed for the backend.
# EXAMPLE : Google Analytics campaign variables (UTM Tags), Facebook (fb_xd_fragment),
# replytocom (included by WordPress in comment urls).
if(
req.url ~ "(\?|&)fb_xd_fragment"
|| req.url ~ "(\?|&)utm_source="
|| req.url ~ "(\?|&)utm_medium="
|| req.url ~ "(\?|&)utm_campaign="
|| req.url ~ "(\?|&)replytocom="
) {
set req.url = regsub(req.url, "\?.*$", "");
}
# Set which backend should handle the requests
# set req.backend = www_director;
set req.backend = tnw_master;
# Do not cache (pass to backend) the URLs matching these patterns
if(
req.url ~ "^/wp-(login|admin)" ||
req.url ~ "^/register" ||
req.url ~ "^/startupawards" ||
req.url ~ "^/auth" ||
req.url ~ "preview=true" ||
req.url ~ "\?s="
){
return (pass);
}
# always pass POST requests and those with basic auth
if ( req.request == "POST" || req.http.Authorization ) {
return (pass);
}
# Normalize Content-Encoding
if (req.http.Accept-Encoding)
{
if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|lzma|tbz)(\?.*|)$") {
remove req.http.Accept-Encoding;
} else if (req.url ~ "\.(js|css|txt|html|htm)(\?.*|)$") {
# text files - do compression
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
remove req.http.Accept-Encoding;
}
}
}
# else ok to fetch a cached page
unset req.http.Cookie;
return (lookup);
}
sub vcl_fetch {
if ( beresp.status >= 500 ) {
return (error);
}
# Serve items up to 30 minutes past their expire time
set beresp.grace = 30m;
# Cache pages for 48 hours.
set beresp.ttl = 48h;
# ESI fragments should be cached for only 5 minutes
if ( req.url ~ "\?esi$" ) {
set beresp.ttl = 5m;
if(beresp.http.esi-enabled == "1" ) {
set beresp.do_esi = true;
unset beresp.http.esi-enabled;
}
}
# Remove some headers we never want to see
unset beresp.http.Server;
unset beresp.http.X-Powered-By;
unset beresp.http.x-backend;
# Acknoledge the Cache-Control=private header from the backend
if (beresp.http.Cache-Control ~ "private") {
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
# Varnish determined the object was cacheable
} else {
set beresp.http.X-Cacheable = "YES";
}
# don't cache response to posted requests or those with basic auth
if ( req.request == "POST" || req.http.Authorization ) {
return ( hit_for_pass );
}
# Cache 404 pages for 1 minute
if (beresp.status == 404) {
set beresp.ttl = 1m;
return (deliver);
}
# Temporary and permanent redirects can be cached normally
if (beresp.status == 301 || beresp.status == 302) {
return (deliver);
}
# Otherwise, any other request except 200 should be answered by the backend
if ( beresp.status != 200) {
return (hit_for_pass);
}
# Else, it's ok to cache the response
return (deliver);
}
sub vcl_deliver {
# add debugging headers, so we can see what's cached
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
}
else {
set resp.http.X-Cache = "MISS";
}
# remove some headers added by Varnish, we don't need those
unset resp.http.Via;
unset resp.http.X-Varnish;
}
sub vcl_hash {
hash_data(req.url);
# altering hash so subdomains are ignored.
# don't do this if you actually run different sites on different subdomains
if (req.http.host) {
hash_data(req.http.host);
}
return (hash);
}
sub vcl_error {
if (obj.status == 503 && req.restarts < 2) {
set obj.http.X-Restarts = req.restarts;
return(restart);
}
if (obj.status == 301) {
set obj.http.Location = req.url;
set obj.status = 301;
return(deliver);
} else {
set obj.http.Content-Type = "text/html; charset=utf-8";
synthetic {"
<!DOCTYPE html>
<html lang="en-us" xmlns:og="http://ogp.me/ns#">
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Error</title>
</head>
<body>
<div id="wrapper">
<p>Oops! We're having some technical issues. Our engineers are already on the case and we will be back online real soon, promise!</p>
</div>
</body>
<html> "};
return (deliver);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment