Skip to content

Instantly share code, notes, and snippets.

@mdemare
Created September 7, 2015 14:18
Show Gist options
  • Save mdemare/2e0fa52e62691806e0a0 to your computer and use it in GitHub Desktop.
Save mdemare/2e0fa52e62691806e0a0 to your computer and use it in GitHub Desktop.
C!
# Backends
backend F_addr_api_example_com {
.connect_timeout = 1s;
.dynamic = true;
.port = "443";
.host = "api.example.com";
.first_byte_timeout = 15s;
.max_connections = 200;
.between_bytes_timeout = 10s;
.share_key = "uIamKsaBhrdYqAq7EVYoD";
.probe = {
.request = "HEAD / HTTP/1.1" "Host: api.example.com" "Connection: close";
.window = 5;
.threshold = 1;
.timeout = 2s;
.initial = 5;
.dummy = true;
}
}
sub vcl_recv {
set req.http.Debugrecv = "vcl_recv";
#--FASTLY RECV CODE START
if (req.restarts == 0) {
if (!req.http.X-Timer) {
set req.http.X-Timer = "S" time.start.sec "." time.start.usec_frac;
}
set req.http.X-Timer = req.http.X-Timer ",VS0";
}
set req.http.Fastly-Orig-Host = req.http.host;
set req.http.host = "api.example.com";
# default conditions
set req.backend = F_addr_api_example_com;
# end default conditions
#--FASTLY RECV CODE END
# Tolq: don't pass on POST
if (req.request != "HEAD" && req.request != "GET" && req.request != "PURGE" && req.request != "POST") {
set req.http.Debugrecvreturn = "pass";
return(pass);
}
set req.http.Debugrecvreturn = "lookup";
return(lookup);
}
sub vcl_fetch {
set req.http.debug1 = "vcl_fetch line 1";
#--FASTLY FETCH START
# record which cache ran vcl_fetch for this object and when
set beresp.http.Fastly-Debug-Path = "(F " server.identity " " now.sec ") " if(beresp.http.Fastly-Debug-Path, beresp.http.Fastly-Debug-Path, "");
# generic mechanism to vary on something
if (req.http.Fastly-Vary-String) {
if (beresp.http.Vary) {
set beresp.http.Vary = "Fastly-Vary-String, " beresp.http.Vary;
} else {
set beresp.http.Vary = "Fastly-Vary-String, ";
}
}
# priority: 0
# Default
set beresp.ttl = 3600s;
set beresp.grace = 3600s;
return(deliver);
#--FASTLY FETCH END
# Header rewrite Varnish may cache ping
set beresp.http.Cache-Control = "public";
# only post is for /translations - cache 1 week
if ( req.request == "POST" ) {
/* https://www.varnish-cache.org/trac/wiki/VCLExampleLongerCaching */
/* Remove Expires from backend, it's not long enough */
unset beresp.http.expires;
/* Set the clients TTL on this object */
set beresp.http.cache-control = "max-age=900";
set beresp.ttl = 1w;
# cache another 6h if api.example.com is down
set beresp.grace = 6h;
/* marker for vcl_deliver to reset Age: */
set beresp.http.magicmarker = "1";
return(deliver);
}
if ((beresp.status == 500 || beresp.status == 503) && req.restarts < 1 && (req.request == "GET" || req.request == "HEAD")) {
restart;
}
if(req.restarts > 0 ) {
set beresp.http.Fastly-Restarts = req.restarts;
}
if (beresp.http.Set-Cookie) {
set req.http.Fastly-Cachetype = "SETCOOKIE";
return (pass);
}
if (beresp.status == 500 || beresp.status == 503) {
set req.http.Fastly-Cachetype = "ERROR";
set beresp.ttl = 1s;
set beresp.grace = 5s;
return (deliver);
}
set beresp.ttl = 60s;
set beresp.grace = 60s;
set req.http.debug = "GOT HERE";
return(deliver);
}
sub vcl_hit {
set req.http.Debughit = "vcl_hit";
#--FASTLY HIT START
# we cannot reach obj.ttl and obj.grace in vcl_deliver, save them when we can in vcl_hit
set req.http.Fastly-Tmp-Obj-TTL = obj.ttl;
set req.http.Fastly-Tmp-Obj-Grace = obj.grace;
{
set req.http.Fastly-Cachetype = "HIT";
}
#--FASTLY HIT END
if (!obj.cacheable) {
return(pass);
}
return(deliver);
}
sub vcl_miss {
set req.http.Debugmiss = "vcl_miss";
#--FASTLY MISS START
# this is not a hit after all, clean up these set in vcl_hit
unset req.http.Fastly-Tmp-Obj-TTL;
unset req.http.Fastly-Tmp-Obj-Grace;
{
if (req.http.Fastly-Check-SHA1) {
error 550 "Doesnt exist";
}
#--FASTLY BEREQ START
{
if (req.http.Fastly-Original-Cookie) {
set bereq.http.Cookie = req.http.Fastly-Original-Cookie;
}
if (req.http.Fastly-Original-URL) {
set bereq.url = req.http.Fastly-Original-URL;
}
{
if (req.http.Fastly-FF) {
set bereq.http.Fastly-Client = "1";
}
}
{
# do not send this to the backend
unset bereq.http.Fastly-Original-Cookie;
unset bereq.http.Fastly-Original-URL;
unset bereq.http.Fastly-Vary-String;
unset bereq.http.X-Varnish-Client;
}
if (req.http.Fastly-Temp-XFF) {
if (req.http.Fastly-Temp-XFF == "") {
unset bereq.http.X-Forwarded-For;
} else {
set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
}
# unset bereq.http.Fastly-Temp-XFF;
}
}
#--FASTLY BEREQ STOP
#;
set req.http.Fastly-Cachetype = "MISS";
}
#--FASTLY MISS STOP
return(fetch);
}
sub vcl_deliver {
#--FASTLY DELIVER START
# record the journey of the object, expose it only if req.http.Fastly-Debug.
if (req.http.Fastly-Debug || req.http.Fastly-FF) {
set resp.http.Fastly-Debug-Path = "(D " server.identity " " now.sec ") "
if(resp.http.Fastly-Debug-Path, resp.http.Fastly-Debug-Path, "");
set resp.http.Fastly-Debug-TTL = if(obj.hits > 0, "(H ", "(M ")
server.identity
if(req.http.Fastly-Tmp-Obj-TTL && req.http.Fastly-Tmp-Obj-Grace, " " req.http.Fastly-Tmp-Obj-TTL " " req.http.Fastly-Tmp-Obj-Grace " ", " - - ")
if(resp.http.Age, resp.http.Age, "-")
") "
if(resp.http.Fastly-Debug-TTL, resp.http.Fastly-Debug-TTL, "");
} else {
unset resp.http.Fastly-Debug-Path;
unset resp.http.Fastly-Debug-TTL;
}
# add or append X-Served-By/X-Cache(-Hits)
{
if(!resp.http.X-Served-By) {
set resp.http.X-Served-By = server.identity;
} else {
set resp.http.X-Served-By = resp.http.X-Served-By ", " server.identity;
}
set resp.http.X-Cache = if(resp.http.X-Cache, resp.http.X-Cache ", ","") if(fastly_info.state ~ "HIT($|-)", "HIT", "MISS");
if(!resp.http.X-Cache-Hits) {
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache-Hits = resp.http.X-Cache-Hits ", " obj.hits;
}
}
if (req.http.X-Timer) {
set resp.http.X-Timer = req.http.X-Timer ",VE" time.elapsed.msec;
}
# VARY FIXUP
{
# remove before sending to client
set resp.http.Vary = regsub(resp.http.Vary, "Fastly-Vary-String, ", "");
if (resp.http.Vary ~ "^\s*$") {
unset resp.http.Vary;
}
}
unset resp.http.X-Varnish;
# Pop the surrogate headers into the request object so we can reference them later
set req.http.Surrogate-Key = resp.http.Surrogate-Key;
set req.http.Surrogate-Control = resp.http.Surrogate-Control;
# If we are not forwarding or debugging unset the surrogate headers so they are not present in the response
if (!req.http.Fastly-FF && !req.http.Fastly-Debug) {
unset resp.http.Surrogate-Key;
unset resp.http.Surrogate-Control;
}
if(resp.status == 550) {
return(deliver);
}
#default response conditions
#syslog Papertrail
log {"syslog uIamKsaBhrdYqAq7EVYoD Papertrail :: "} req.http.Fastly-Client-IP {" "} {""-""} {" "} {""-""} {" "} now {" "} req.request {" "} req.url {" "} resp.status;
#--FASTLY DELIVER END
if (resp.http.magicmarker) {
unset resp.http.magicmarker;
set resp.http.age = "0";
}
# Tolq: don't cache in the browser
set resp.http.Cache-Control = "no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0";
set resp.http.Expires = "0";
set resp.http.Pragma = "no-cache";
set resp.http.debug1 = req.http.debug1;
set resp.http.debug = req.http.debug;
set resp.http.Debugrecv = req.http.Debugrecv;
set resp.http.Debugrecvreturn = req.http.Debugrecvreturn;
set resp.http.Debugmiss = req.http.Debugmiss;
set resp.http.Debughit = req.http.Debughit;
set resp.http.Debugpass = req.http.Debugpass;
set resp.http.debugme = "vcl_deliver; desperate8";
return(deliver);
}
sub vcl_error {
#--FASTLY ERROR START
if (obj.status == 801) {
set obj.status = 301;
set obj.response = "Moved Permanently";
set obj.http.Location = "https://" req.http.host req.url;
synthetic {""};
return (deliver);
}
if (req.http.Fastly-Restart-On-Error) {
if (obj.status == 503 && req.restarts == 0) {
restart;
}
}
{
if (obj.status == 550) {
return(deliver);
}
}
#--FASTLY ERROR END
}
sub vcl_pass {
set req.http.Debugpass = "vcl_pass";
#--FASTLY PASS START
{
#--FASTLY BEREQ START
{
if (req.http.Fastly-Original-Cookie) {
set bereq.http.Cookie = req.http.Fastly-Original-Cookie;
}
if (req.http.Fastly-Original-URL) {
set bereq.url = req.http.Fastly-Original-URL;
}
{
if (req.http.Fastly-FF) {
set bereq.http.Fastly-Client = "1";
}
}
{
# do not send this to the backend
unset bereq.http.Fastly-Original-Cookie;
unset bereq.http.Fastly-Original-URL;
unset bereq.http.Fastly-Vary-String;
unset bereq.http.X-Varnish-Client;
}
if (req.http.Fastly-Temp-XFF) {
if (req.http.Fastly-Temp-XFF == "") {
unset bereq.http.X-Forwarded-For;
} else {
set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
}
# unset bereq.http.Fastly-Temp-XFF;
}
}
#--FASTLY BEREQ STOP
#;
set req.http.Fastly-Cachetype = "PASS";
}
#--FASTLY PASS STOP
}
sub vcl_hash {
set req.http.Debughash = "vcl_hash";
#--FASTLY HASH start
# support purge all
set req.hash += "#####GENERATION#####";
#--FASTLY HASH end
}
sub vcl_pipe {
#--FASTLY PIPE START
{
# error 403 "Forbidden";
#--FASTLY BEREQ START
{
if (req.http.Fastly-Original-Cookie) {
set bereq.http.Cookie = req.http.Fastly-Original-Cookie;
}
if (req.http.Fastly-Original-URL) {
set bereq.url = req.http.Fastly-Original-URL;
}
{
if (req.http.Fastly-FF) {
set bereq.http.Fastly-Client = "1";
}
}
{
# do not send this to the backend
unset bereq.http.Fastly-Original-Cookie;
unset bereq.http.Fastly-Original-URL;
unset bereq.http.Fastly-Vary-String;
unset bereq.http.X-Varnish-Client;
}
if (req.http.Fastly-Temp-XFF) {
if (req.http.Fastly-Temp-XFF == "") {
unset bereq.http.X-Forwarded-For;
} else {
set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
}
# unset bereq.http.Fastly-Temp-XFF;
}
}
#--FASTLY BEREQ STOP
#;
set req.http.Fastly-Cachetype = "PIPE";
set bereq.http.connection = "close";
}
#--FASTLY PIPE STOP
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment