Last active
March 23, 2017 15:35
-
-
Save mat813/2637602 to your computer and use it in GitHub Desktop.
Varnish configuration for freebsd-update proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vcl 4.0; | |
import std; | |
import directors; | |
import saintmode; | |
# dig +noall +answer +short srv _http._tcp.update.freebsd.org | sort -k 2,2nr | while read priority weight port target; do printf "backend %s {\n\t.host = \"%s\";\n\t.port = \"80\";\n}\n" ${target//.*} $target; done | |
backend update5 { | |
.host = "update5.freebsd.org."; | |
.port = "80"; | |
} | |
backend update6 { | |
.host = "update6.freebsd.org."; | |
.port = "80"; | |
} | |
backend update4 { | |
.host = "update4.freebsd.org."; | |
.port = "80"; | |
} | |
backend update3 { | |
.host = "update3.freebsd.org."; | |
.port = "80"; | |
} | |
sub vcl_init { | |
new clust = directors.random(); | |
# dig +noall +answer +short srv _http._tcp.update.freebsd.org | sort -k 2,2nr | while read priority weight port target; do printf "\tnew sm%s = saintmode.saintmode(%s, 10);\n\tclust.add_backend(sm%s.backend(), %s);\n" ${target//.*} ${target//.*} ${target//.*} $weight; done | |
new smupdate5 = saintmode.saintmode(update5, 10); | |
clust.add_backend(smupdate5.backend(), 50); | |
new smupdate6 = saintmode.saintmode(update6, 10); | |
clust.add_backend(smupdate6.backend(), 40); | |
new smupdate4 = saintmode.saintmode(update4, 10); | |
clust.add_backend(smupdate4.backend(), 35); | |
new smupdate3 = saintmode.saintmode(update3, 10); | |
clust.add_backend(smupdate3.backend(), 5); | |
} | |
sub vcl_recv { | |
set req.backend_hint = clust.backend(); | |
} | |
sub vcl_backend_response { | |
# if we get something else than 200 or 404, something went wrong. | |
# Also, sometime, a backend will send a 404 when it should not, so, try | |
# again twice. | |
if (beresp.status != 200 && (beresp.status != 404 || bereq.retries < 2) ) { | |
saintmode.blacklist(10s); | |
return (retry); | |
} | |
if (beresp.status == 200) { | |
# Cache .ssl files one hour, the latest.ssl file changes, obviously. | |
if (bereq.url ~ "\.ssl$") { | |
set beresp.ttl = 1h; | |
# Cache everything else for a long time. | |
} else { | |
set beresp.ttl = 200d; | |
} | |
} elsif (beresp.status == 404) { | |
# cache 404's for a very short time. | |
set beresp.ttl = 1s; | |
} else { | |
# The rest will be cached for 20 s, the by default vcl. | |
set beresp.ttl = 20s; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment