Created
September 7, 2015 14:18
-
-
Save mdemare/2e0fa52e62691806e0a0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| C! | |
| # Backends | |
| backend F_addr_api_example_com { | |
| .connect_timeout = 1s; | |
| .dynamic = true; | |
| .port = "443"; | |
| .host = "api.example.com"; | |
| .first_byte_timeout = 15s; | |
| .max_connections = 200; | |
| .between_bytes_timeout = 10s; | |
| .share_key = "uIamKsaBhrdYqAq7EVYoD"; | |
| .probe = { | |
| .request = "HEAD / HTTP/1.1" "Host: api.example.com" "Connection: close"; | |
| .window = 5; | |
| .threshold = 1; | |
| .timeout = 2s; | |
| .initial = 5; | |
| .dummy = true; | |
| } | |
| } | |
| sub vcl_recv { | |
| set req.http.Debugrecv = "vcl_recv"; | |
| #--FASTLY RECV CODE START | |
| if (req.restarts == 0) { | |
| if (!req.http.X-Timer) { | |
| set req.http.X-Timer = "S" time.start.sec "." time.start.usec_frac; | |
| } | |
| set req.http.X-Timer = req.http.X-Timer ",VS0"; | |
| } | |
| set req.http.Fastly-Orig-Host = req.http.host; | |
| set req.http.host = "api.example.com"; | |
| # default conditions | |
| set req.backend = F_addr_api_example_com; | |
| # end default conditions | |
| #--FASTLY RECV CODE END | |
| # Tolq: don't pass on POST | |
| if (req.request != "HEAD" && req.request != "GET" && req.request != "PURGE" && req.request != "POST") { | |
| set req.http.Debugrecvreturn = "pass"; | |
| return(pass); | |
| } | |
| set req.http.Debugrecvreturn = "lookup"; | |
| return(lookup); | |
| } | |
| sub vcl_fetch { | |
| set req.http.debug1 = "vcl_fetch line 1"; | |
| #--FASTLY FETCH START | |
| # record which cache ran vcl_fetch for this object and when | |
| set beresp.http.Fastly-Debug-Path = "(F " server.identity " " now.sec ") " if(beresp.http.Fastly-Debug-Path, beresp.http.Fastly-Debug-Path, ""); | |
| # generic mechanism to vary on something | |
| if (req.http.Fastly-Vary-String) { | |
| if (beresp.http.Vary) { | |
| set beresp.http.Vary = "Fastly-Vary-String, " beresp.http.Vary; | |
| } else { | |
| set beresp.http.Vary = "Fastly-Vary-String, "; | |
| } | |
| } | |
| # priority: 0 | |
| # Default | |
| set beresp.ttl = 3600s; | |
| set beresp.grace = 3600s; | |
| return(deliver); | |
| #--FASTLY FETCH END | |
| # Header rewrite Varnish may cache ping | |
| set beresp.http.Cache-Control = "public"; | |
| # only post is for /translations - cache 1 week | |
| if ( req.request == "POST" ) { | |
| /* https://www.varnish-cache.org/trac/wiki/VCLExampleLongerCaching */ | |
| /* Remove Expires from backend, it's not long enough */ | |
| unset beresp.http.expires; | |
| /* Set the clients TTL on this object */ | |
| set beresp.http.cache-control = "max-age=900"; | |
| set beresp.ttl = 1w; | |
| # cache another 6h if api.example.com is down | |
| set beresp.grace = 6h; | |
| /* marker for vcl_deliver to reset Age: */ | |
| set beresp.http.magicmarker = "1"; | |
| return(deliver); | |
| } | |
| if ((beresp.status == 500 || beresp.status == 503) && req.restarts < 1 && (req.request == "GET" || req.request == "HEAD")) { | |
| restart; | |
| } | |
| if(req.restarts > 0 ) { | |
| set beresp.http.Fastly-Restarts = req.restarts; | |
| } | |
| if (beresp.http.Set-Cookie) { | |
| set req.http.Fastly-Cachetype = "SETCOOKIE"; | |
| return (pass); | |
| } | |
| if (beresp.status == 500 || beresp.status == 503) { | |
| set req.http.Fastly-Cachetype = "ERROR"; | |
| set beresp.ttl = 1s; | |
| set beresp.grace = 5s; | |
| return (deliver); | |
| } | |
| set beresp.ttl = 60s; | |
| set beresp.grace = 60s; | |
| set req.http.debug = "GOT HERE"; | |
| return(deliver); | |
| } | |
| sub vcl_hit { | |
| set req.http.Debughit = "vcl_hit"; | |
| #--FASTLY HIT START | |
| # we cannot reach obj.ttl and obj.grace in vcl_deliver, save them when we can in vcl_hit | |
| set req.http.Fastly-Tmp-Obj-TTL = obj.ttl; | |
| set req.http.Fastly-Tmp-Obj-Grace = obj.grace; | |
| { | |
| set req.http.Fastly-Cachetype = "HIT"; | |
| } | |
| #--FASTLY HIT END | |
| if (!obj.cacheable) { | |
| return(pass); | |
| } | |
| return(deliver); | |
| } | |
| sub vcl_miss { | |
| set req.http.Debugmiss = "vcl_miss"; | |
| #--FASTLY MISS START | |
| # this is not a hit after all, clean up these set in vcl_hit | |
| unset req.http.Fastly-Tmp-Obj-TTL; | |
| unset req.http.Fastly-Tmp-Obj-Grace; | |
| { | |
| if (req.http.Fastly-Check-SHA1) { | |
| error 550 "Doesnt exist"; | |
| } | |
| #--FASTLY BEREQ START | |
| { | |
| if (req.http.Fastly-Original-Cookie) { | |
| set bereq.http.Cookie = req.http.Fastly-Original-Cookie; | |
| } | |
| if (req.http.Fastly-Original-URL) { | |
| set bereq.url = req.http.Fastly-Original-URL; | |
| } | |
| { | |
| if (req.http.Fastly-FF) { | |
| set bereq.http.Fastly-Client = "1"; | |
| } | |
| } | |
| { | |
| # do not send this to the backend | |
| unset bereq.http.Fastly-Original-Cookie; | |
| unset bereq.http.Fastly-Original-URL; | |
| unset bereq.http.Fastly-Vary-String; | |
| unset bereq.http.X-Varnish-Client; | |
| } | |
| if (req.http.Fastly-Temp-XFF) { | |
| if (req.http.Fastly-Temp-XFF == "") { | |
| unset bereq.http.X-Forwarded-For; | |
| } else { | |
| set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF; | |
| } | |
| # unset bereq.http.Fastly-Temp-XFF; | |
| } | |
| } | |
| #--FASTLY BEREQ STOP | |
| #; | |
| set req.http.Fastly-Cachetype = "MISS"; | |
| } | |
| #--FASTLY MISS STOP | |
| return(fetch); | |
| } | |
| sub vcl_deliver { | |
| #--FASTLY DELIVER START | |
| # record the journey of the object, expose it only if req.http.Fastly-Debug. | |
| if (req.http.Fastly-Debug || req.http.Fastly-FF) { | |
| set resp.http.Fastly-Debug-Path = "(D " server.identity " " now.sec ") " | |
| if(resp.http.Fastly-Debug-Path, resp.http.Fastly-Debug-Path, ""); | |
| set resp.http.Fastly-Debug-TTL = if(obj.hits > 0, "(H ", "(M ") | |
| server.identity | |
| if(req.http.Fastly-Tmp-Obj-TTL && req.http.Fastly-Tmp-Obj-Grace, " " req.http.Fastly-Tmp-Obj-TTL " " req.http.Fastly-Tmp-Obj-Grace " ", " - - ") | |
| if(resp.http.Age, resp.http.Age, "-") | |
| ") " | |
| if(resp.http.Fastly-Debug-TTL, resp.http.Fastly-Debug-TTL, ""); | |
| } else { | |
| unset resp.http.Fastly-Debug-Path; | |
| unset resp.http.Fastly-Debug-TTL; | |
| } | |
| # add or append X-Served-By/X-Cache(-Hits) | |
| { | |
| if(!resp.http.X-Served-By) { | |
| set resp.http.X-Served-By = server.identity; | |
| } else { | |
| set resp.http.X-Served-By = resp.http.X-Served-By ", " server.identity; | |
| } | |
| set resp.http.X-Cache = if(resp.http.X-Cache, resp.http.X-Cache ", ","") if(fastly_info.state ~ "HIT($|-)", "HIT", "MISS"); | |
| if(!resp.http.X-Cache-Hits) { | |
| set resp.http.X-Cache-Hits = obj.hits; | |
| } else { | |
| set resp.http.X-Cache-Hits = resp.http.X-Cache-Hits ", " obj.hits; | |
| } | |
| } | |
| if (req.http.X-Timer) { | |
| set resp.http.X-Timer = req.http.X-Timer ",VE" time.elapsed.msec; | |
| } | |
| # VARY FIXUP | |
| { | |
| # remove before sending to client | |
| set resp.http.Vary = regsub(resp.http.Vary, "Fastly-Vary-String, ", ""); | |
| if (resp.http.Vary ~ "^\s*$") { | |
| unset resp.http.Vary; | |
| } | |
| } | |
| unset resp.http.X-Varnish; | |
| # Pop the surrogate headers into the request object so we can reference them later | |
| set req.http.Surrogate-Key = resp.http.Surrogate-Key; | |
| set req.http.Surrogate-Control = resp.http.Surrogate-Control; | |
| # If we are not forwarding or debugging unset the surrogate headers so they are not present in the response | |
| if (!req.http.Fastly-FF && !req.http.Fastly-Debug) { | |
| unset resp.http.Surrogate-Key; | |
| unset resp.http.Surrogate-Control; | |
| } | |
| if(resp.status == 550) { | |
| return(deliver); | |
| } | |
| #default response conditions | |
| #syslog Papertrail | |
| log {"syslog uIamKsaBhrdYqAq7EVYoD Papertrail :: "} req.http.Fastly-Client-IP {" "} {""-""} {" "} {""-""} {" "} now {" "} req.request {" "} req.url {" "} resp.status; | |
| #--FASTLY DELIVER END | |
| if (resp.http.magicmarker) { | |
| unset resp.http.magicmarker; | |
| set resp.http.age = "0"; | |
| } | |
| # Tolq: don't cache in the browser | |
| set resp.http.Cache-Control = "no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0"; | |
| set resp.http.Expires = "0"; | |
| set resp.http.Pragma = "no-cache"; | |
| set resp.http.debug1 = req.http.debug1; | |
| set resp.http.debug = req.http.debug; | |
| set resp.http.Debugrecv = req.http.Debugrecv; | |
| set resp.http.Debugrecvreturn = req.http.Debugrecvreturn; | |
| set resp.http.Debugmiss = req.http.Debugmiss; | |
| set resp.http.Debughit = req.http.Debughit; | |
| set resp.http.Debugpass = req.http.Debugpass; | |
| set resp.http.debugme = "vcl_deliver; desperate8"; | |
| return(deliver); | |
| } | |
| sub vcl_error { | |
| #--FASTLY ERROR START | |
| if (obj.status == 801) { | |
| set obj.status = 301; | |
| set obj.response = "Moved Permanently"; | |
| set obj.http.Location = "https://" req.http.host req.url; | |
| synthetic {""}; | |
| return (deliver); | |
| } | |
| if (req.http.Fastly-Restart-On-Error) { | |
| if (obj.status == 503 && req.restarts == 0) { | |
| restart; | |
| } | |
| } | |
| { | |
| if (obj.status == 550) { | |
| return(deliver); | |
| } | |
| } | |
| #--FASTLY ERROR END | |
| } | |
| sub vcl_pass { | |
| set req.http.Debugpass = "vcl_pass"; | |
| #--FASTLY PASS START | |
| { | |
| #--FASTLY BEREQ START | |
| { | |
| if (req.http.Fastly-Original-Cookie) { | |
| set bereq.http.Cookie = req.http.Fastly-Original-Cookie; | |
| } | |
| if (req.http.Fastly-Original-URL) { | |
| set bereq.url = req.http.Fastly-Original-URL; | |
| } | |
| { | |
| if (req.http.Fastly-FF) { | |
| set bereq.http.Fastly-Client = "1"; | |
| } | |
| } | |
| { | |
| # do not send this to the backend | |
| unset bereq.http.Fastly-Original-Cookie; | |
| unset bereq.http.Fastly-Original-URL; | |
| unset bereq.http.Fastly-Vary-String; | |
| unset bereq.http.X-Varnish-Client; | |
| } | |
| if (req.http.Fastly-Temp-XFF) { | |
| if (req.http.Fastly-Temp-XFF == "") { | |
| unset bereq.http.X-Forwarded-For; | |
| } else { | |
| set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF; | |
| } | |
| # unset bereq.http.Fastly-Temp-XFF; | |
| } | |
| } | |
| #--FASTLY BEREQ STOP | |
| #; | |
| set req.http.Fastly-Cachetype = "PASS"; | |
| } | |
| #--FASTLY PASS STOP | |
| } | |
| sub vcl_hash { | |
| set req.http.Debughash = "vcl_hash"; | |
| #--FASTLY HASH start | |
| # support purge all | |
| set req.hash += "#####GENERATION#####"; | |
| #--FASTLY HASH end | |
| } | |
| sub vcl_pipe { | |
| #--FASTLY PIPE START | |
| { | |
| # error 403 "Forbidden"; | |
| #--FASTLY BEREQ START | |
| { | |
| if (req.http.Fastly-Original-Cookie) { | |
| set bereq.http.Cookie = req.http.Fastly-Original-Cookie; | |
| } | |
| if (req.http.Fastly-Original-URL) { | |
| set bereq.url = req.http.Fastly-Original-URL; | |
| } | |
| { | |
| if (req.http.Fastly-FF) { | |
| set bereq.http.Fastly-Client = "1"; | |
| } | |
| } | |
| { | |
| # do not send this to the backend | |
| unset bereq.http.Fastly-Original-Cookie; | |
| unset bereq.http.Fastly-Original-URL; | |
| unset bereq.http.Fastly-Vary-String; | |
| unset bereq.http.X-Varnish-Client; | |
| } | |
| if (req.http.Fastly-Temp-XFF) { | |
| if (req.http.Fastly-Temp-XFF == "") { | |
| unset bereq.http.X-Forwarded-For; | |
| } else { | |
| set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF; | |
| } | |
| # unset bereq.http.Fastly-Temp-XFF; | |
| } | |
| } | |
| #--FASTLY BEREQ STOP | |
| #; | |
| set req.http.Fastly-Cachetype = "PIPE"; | |
| set bereq.http.connection = "close"; | |
| } | |
| #--FASTLY PIPE STOP | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment