Created
July 18, 2012 11:57
-
-
Save danquah/3135778 to your computer and use it in GitHub Desktop.
sl2012 varnish config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a basic VCL configuration file for varnish. See the vcl(7) | |
# man page for details on VCL syntax and semantics. | |
# | |
# Default backend definition. Set this to point to your content | |
# server. | |
# | |
backend sl2012_prod{ | |
.host = "178.23.240.90"; | |
.port = "80"; | |
} | |
acl purge { | |
"localhost"; | |
"127.0.0.1"; | |
# Mads | |
"90.184.204.160"; | |
# dev.dds.dk | |
"62.243.225.169"; | |
} | |
# sl2012 customizations | |
# see http://www.lullabot.com/articles/varnish-multiple-web-servers-drupal | |
sub vcl_recv { | |
# determine which backend to use | |
if(req.http.host ~ "^edit\.2012\.spejderne\.dk$" || | |
req.http.host ~ "^edit\.sl2012\.dk$"){ | |
# bypass varnish | |
set req.backend = sl2012_prod; | |
return (pass); | |
}else{ | |
# default to main sl2012 site | |
set req.backend = sl2012_prod; | |
} | |
# check the incoming request type is "PURGE", not "GET" or "POST" | |
if (req.request == "PURGE") { | |
# Check if the ip coresponds with the acl purge | |
if (!client.ip ~ purge) { | |
# Return error code 405 (Forbidden) when not | |
error 405 "Not allowed."; | |
} | |
# Purge all objects from cache that match the incoming url and host | |
purge("req.url == " req.url " && req.http.host == " req.http.host); | |
# Return a http error code 200 (Ok) | |
error 200 "Purged."; | |
} | |
set req.grace = 5m; | |
# Use anonymous, cached pages if all backends are down. | |
if (!req.backend.healthy) { | |
unset req.http.Cookie; | |
} | |
# specify urls that should never be cached | |
if ( req.url ~ "^.*/ajax/.*$" || | |
req.url ~ "^.*/ahah/.*$") { | |
return (pass); | |
} | |
# Cache things with these extensions | |
if (req.url ~ "\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|html|html|ico)$") { | |
return (lookup); | |
} | |
# Remove all cookies that Drupal doesn't need to know about. ANY remaining | |
# cookie will cause the request to pass-through to Apache. For the most part | |
# we always set the NO_CACHE cookie after any POST request, disabling the | |
# Varnish cache temporarily. The session cookie allows all authenticated users | |
# to pass through as long as they're logged in. | |
if (req.http.Cookie) { | |
set req.http.Cookie = ";" req.http.Cookie; | |
set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";"); | |
set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|NO_CACHE)=", "; \1="); | |
set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", ""); | |
set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", ""); | |
if (req.http.Cookie == "") { | |
# If there are no remaining cookies, remove the cookie header. If there | |
# aren't any cookie headers, Varnish's default behavior will be to cache | |
# the page. | |
unset req.http.Cookie; | |
} | |
else { | |
# If there are any cookies left (a session or NO_CACHE cookie), do not | |
# cache the page. Pass it on to Apache directly. | |
return (pass); | |
} | |
} | |
# remove req.http.X-Forwarded-For; | |
set req.http.X-Forwarded-For = client.ip; | |
# Handle compression correctly. Different browsers send different | |
# "Accept-Encoding" headers, even though they mostly all support the same | |
# compression mechanisms. By consolidating these compression headers into | |
# a consistent format, we can reduce the size of the cache and get more hits. | |
# @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression | |
if (req.http.Accept-Encoding) { | |
if (req.http.Accept-Encoding ~ "gzip") { | |
# If the browser supports it, we'll use gzip. | |
set req.http.Accept-Encoding = "gzip"; | |
} | |
else if (req.http.Accept-Encoding ~ "deflate") { | |
# Next, try deflate if it is supported. | |
set req.http.Accept-Encoding = "deflate"; | |
} | |
else { | |
# Unknown algorithm. Remove it and send unencoded. | |
unset req.http.Accept-Encoding; | |
} | |
} | |
} | |
sub vcl_fetch { | |
# Allow fetch from cache even though backend is down | |
set beresp.grace = 5m; | |
# Don't allow static files to set cookies. | |
if (req.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|html|html|ico)(\?[a-z0-9]+)?$") { | |
# beresp == Back-end response from the web server. | |
unset beresp.http.set-cookie; | |
} | |
} | |
sub vcl_deliver { | |
# Add debug information to response header | |
if (obj.hits > 0) { | |
set resp.http.X-Varnish-Cache = "HIT"; | |
} | |
else { | |
set resp.http.X-Varnish-Cache = "MISS"; | |
} | |
} | |
# | |
# Below is a commented-out copy of the default VCL logic. If you | |
# redefine any of these subroutines, the built-in logic will be | |
# appended to your code. | |
# | |
# sub vcl_recv { | |
# if (req.http.x-forwarded-for) { | |
# set req.http.X-Forwarded-For = | |
# req.http.X-Forwarded-For ", " client.ip; | |
# } else { | |
# set req.http.X-Forwarded-For = client.ip; | |
# } | |
# if (req.request != "GET" && | |
# req.request != "HEAD" && | |
# req.request != "PUT" && | |
# req.request != "POST" && | |
# req.request != "TRACE" && | |
# req.request != "OPTIONS" && | |
# req.request != "DELETE") { | |
# /* Non-RFC2616 or CONNECT which is weird. */ | |
# return (pipe); | |
# } | |
# if (req.request != "GET" && req.request != "HEAD") { | |
# /* We only deal with GET and HEAD by default */ | |
# return (pass); | |
# } | |
# if (req.http.Authorization || req.http.Cookie) { | |
# /* Not cacheable by default */ | |
# return (pass); | |
# } | |
# return (lookup); | |
# } | |
# | |
# sub vcl_pipe { | |
# # Note that only the first request to the backend will have | |
# # X-Forwarded-For set. If you use X-Forwarded-For and want to | |
# # have it set for all requests, make sure to have: | |
# # set req.http.connection = "close"; | |
# # here. It is not set by default as it might break some broken web | |
# # applications, like IIS with NTLM authentication. | |
# return (pipe); | |
# } | |
# | |
# sub vcl_pass { | |
# return (pass); | |
# } | |
# | |
# sub vcl_hash { | |
# set req.hash += req.url; | |
# if (req.http.host) { | |
# set req.hash += req.http.host; | |
# } else { | |
# set req.hash += server.ip; | |
# } | |
# return (hash); | |
# } | |
# | |
# sub vcl_hit { | |
# if (!obj.cacheable) { | |
# return (pass); | |
# } | |
# return (deliver); | |
# } | |
# | |
# sub vcl_miss { | |
# return (fetch); | |
# } | |
# | |
# sub vcl_fetch { | |
# if (!beresp.cacheable) { | |
# return (pass); | |
# } | |
# if (beresp.http.Set-Cookie) { | |
# return (pass); | |
# } | |
# return (deliver); | |
# } | |
# | |
# sub vcl_deliver { | |
# return (deliver); | |
# } | |
# | |
# sub vcl_error { | |
# set obj.http.Content-Type = "text/html; charset=utf-8"; | |
# synthetic {" | |
# <?xml version="1.0" encoding="utf-8"?> | |
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" | |
# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | |
# <html> | |
# <head> | |
# <title>"} obj.status " " obj.response {"</title> | |
# </head> | |
# <body> | |
# <h1>Error "} obj.status " " obj.response {"</h1> | |
# <p>"} obj.response {"</p> | |
# <h3>Guru Meditation:</h3> | |
# <p>XID: "} req.xid {"</p> | |
# <hr> | |
# <p>Varnish cache server</p> | |
# </body> | |
# </html> | |
# "}; | |
# return (deliver); | |
# } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Configuration file for varnish | |
# | |
# /etc/init.d/varnish expects the variables $DAEMON_OPTS, $NFILES and $MEMLOCK | |
# to be set from this shell script fragment. | |
# | |
# Should we start varnishd at boot? Set to "yes" to enable. | |
START=yes | |
# Maximum number of open files (for ulimit -n) | |
NFILES=131072 | |
# Maximum locked memory size (for ulimit -l) | |
# Used for locking the shared memory log in memory. If you increase log size, | |
# you need to increase this number as well | |
MEMLOCK=82000 | |
# Default varnish instance name is the local nodename. Can be overridden with | |
# the -n switch, to have more instances on a single server. | |
INSTANCE=$(uname -n) | |
# This file contains 4 alternatives, please use only one. | |
## Alternative 1, Minimal configuration, no VCL | |
# | |
# Listen on port 6081, administration on localhost:6082, and forward to | |
# content server on localhost:8080. Use a 1GB fixed-size cache file. | |
# | |
# DAEMON_OPTS="-a :6081 \ | |
# -T localhost:6082 \ | |
# -b localhost:8080 \ | |
# -u varnish -g varnish \ | |
# -S /etc/varnish/secret \ | |
# -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G" | |
## Alternative 2, Configuration with VCL | |
# | |
# Listen on port 6081, administration on localhost:6082, and forward to | |
# one content server selected by the vcl file, based on the request. Use a 1GB | |
# fixed-size cache file. | |
# | |
#DAEMON_OPTS="-a :6081 \ | |
# -T localhost:6082 \ | |
# -f /etc/varnish/default.vcl \ | |
# -S /etc/varnish/secret \ | |
# -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G" | |
DAEMON_OPTS="-a :80 \ | |
-T localhost:6082 \ | |
-f /etc/varnish/sl2012.vcl \ | |
-S /etc/varnish/secret \ | |
-p thread_pool_add_delay=2 \ | |
-p thread_pools=8 \ | |
-p thread_pool_min=100 \ | |
-p thread_pool_max=4000 \ | |
-p session_linger=50 \ | |
-p sess_workspace=262144 \ | |
-s malloc,3G" | |
## Alternative 3, Advanced configuration | |
# | |
# See varnishd(1) for more information. | |
# | |
# # Main configuration file. You probably want to change it :) | |
# VARNISH_VCL_CONF=/etc/varnish/sl2012.vcl | |
# | |
# # Default address and port to bind to | |
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify | |
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets. | |
# VARNISH_LISTEN_ADDRESS= | |
# VARNISH_LISTEN_PORT=80 | |
# | |
# # Telnet admin interface listen address and port | |
# VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 | |
# VARNISH_ADMIN_LISTEN_PORT=6082 | |
# | |
# # The minimum number of worker threads to start | |
# VARNISH_MIN_THREADS=1 | |
# | |
# # The Maximum number of worker threads to start | |
# VARNISH_MAX_THREADS=1000 | |
# | |
# # Idle timeout for worker threads | |
# VARNISH_THREAD_TIMEOUT=120 | |
# | |
# # Cache file location | |
# VARNISH_STORAGE_FILE=/var/lib/varnish/$INSTANCE/varnish_storage.bin | |
# | |
# # Cache file size: in bytes, optionally using k / M / G / T suffix, | |
# # or in percentage of available disk space using the % suffix. | |
# VARNISH_STORAGE_SIZE=2G | |
# | |
# # File containing administration secret | |
# VARNISH_SECRET_FILE=/etc/varnish/secret | |
# | |
# # Backend storage specification | |
# VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" | |
# | |
# # Default TTL used when the backend does not specify one | |
# VARNISH_TTL=120 | |
# | |
# # DAEMON_OPTS is used by the init script. If you add or remove options, make | |
# # sure you update this section, too. | |
# DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \ | |
# -f ${VARNISH_VCL_CONF} \ | |
# -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \ | |
# -t ${VARNISH_TTL} \ | |
# -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \ | |
# -S ${VARNISH_SECRET_FILE} \ | |
# -s ${VARNISH_STORAGE}" | |
## Alternative 4, Do It Yourself | |
# | |
# DAEMON_OPTS="" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment