Skip to content

Instantly share code, notes, and snippets.

@paulknulst
Last active May 2, 2024 18:49
Show Gist options
  • Save paulknulst/51cbba76197a23d4ffaeed2933d9cc63 to your computer and use it in GitHub Desktop.
Save paulknulst/51cbba76197a23d4ffaeed2933d9cc63 to your computer and use it in GitHub Desktop.
Use Varnish HTTP Cache And Docker To Boost Website Speed - https://www.knulst.de
vcl 4.0;
backend default {
.host = "ghost:2368";
}
sub vcl_recv {
# Do not cache the admin and preview pages
if (req.url ~ "^/ghost($|/.*)" ||
req.url ~ "^/p($|/.*)" ||
req.url ~ "^/admin($|/.*)" ||
req.url == "/"
) {
return (pass);
}
if (req.url ~ "testclear") {
ban("req.http.host == knulst.de");
return(synth(200, "Cache was cleared by Rest call"));
}
}
varnish:
image: varnish:stable
container_name: varnish
restart: unless-stopped
configs:
- source: varnish_cfg
target: /etc/varnish/default.vcl
networks:
- default
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.blogs-knulst-http.rule=Host(`www.knulst.de`) || Host(`knulst.de`) || Host(`blog.knulst.de`)
- traefik.http.routers.blogs-knulst-http.entrypoints=http
- traefik.http.routers.blogs-knulst-http.middlewares=https-redirect
- traefik.http.routers.blogs-knulst-https.rule=Host(`www.knulst.de`) || Host(`knulst.de`) || Host(`blog.knulst.de`)
- traefik.http.routers.blogs-knulst-https.entrypoints=https
- traefik.http.routers.blogs-knulst-https.tls=true
- traefik.http.routers.blogs-knulst-https.tls.certresolver=le
- traefik.http.routers.blogs-knulst-https.tls.options=mintls12@file
- traefik.http.services.blogs-knulst.loadbalancer.server.port=80
- traefik.http.middlewares.redirect-blogs-knulst.redirectregex.regex=^https://blog.knulst.de/(.*)
- traefik.http.middlewares.redirect-blogs-knulst.redirectregex.replacement=https://www.knulst.de/$${1}
- traefik.http.middlewares.redirect-blogs-knulst.redirectregex.permanent=true
- traefik.http.middlewares.redirect-blogs-knulst-nosub.redirectregex.regex=^https://knulst.de/(.*)
- traefik.http.middlewares.redirect-blogs-knulst-nosub.redirectregex.replacement=https://www.knulst.de/$${1}
- traefik.http.middlewares.redirect-blogs-knulst-nosub.redirectregex.permanent=true
- traefik.http.routers.blogs-knulst-https.middlewares=redirect-blogs-knulst, redirect-blogs-knulst-nosub
configs:
varnish_cfg:
file: ./default.vcl
version: "3.4"
services:
ghost:
image: ghost:5.9.4
environment:
url: https://www.knulst.de
mail__transport: SMTP
mail__options__host: ${MAIL_HOST?Variable not set}
mail__options__port: ${MAIL_PORT?Variable not set}
mail__options__auth__user: ${MAIL_USER?Variable not set}
mail__options__auth__pass: ${MAIL_PASS?Variable not set}
mail__from: ${MAIL_FROM?Variable not set}
mail__from:
database__client: mysql
database__connection__host: ${DB_HOST?Variable not set}
database__connection__user: ${DB_USER?Variable not set}
database__connection__password: ${DB_PASS?Variable not set}
database__connection__database: ${DB_DB?Variable not set}
volumes:
- content:/var/lib/ghost/content
networks:
- default
deploy:
placement:
constraints:
- node.labels.blogs.knulst == true
db:
image: mysql:8.0
restart: always
networks:
- default
volumes:
- data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: ${DB_PASS?Variable not set}
deploy:
placement:
constraints:
- node.labels.blogs.knulst == true
varnish:
image: varnish:stable
container_name: varnish
restart: unless-stopped
configs:
- source: varnish_cfg
target: /etc/varnish/default.vcl
networks:
- default
- traefik-public
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik-public
- traefik.constraint-label=traefik-public
- traefik.http.routers.blogs-knulst-http.rule=Host(`www.knulst.de`) || Host(`knulst.de`) || Host(`blog.knulst.de`)
- traefik.http.routers.blogs-knulst-http.entrypoints=http
- traefik.http.routers.blogs-knulst-http.middlewares=https-redirect
- traefik.http.routers.blogs-knulst-https.rule=Host(`www.knulst.de`) || Host(`knulst.de`) || Host(`blog.knulst.de`)
- traefik.http.routers.blogs-knulst-https.entrypoints=https
- traefik.http.routers.blogs-knulst-https.tls=true
- traefik.http.routers.blogs-knulst-https.tls.certresolver=le
- traefik.http.routers.blogs-knulst-https.tls.options=mintls12@file
- traefik.http.services.blogs-knulst.loadbalancer.server.port=80
- traefik.http.middlewares.redirect-blogs-knulst.redirectregex.regex=^https://blog.knulst.de/(.*)
- traefik.http.middlewares.redirect-blogs-knulst.redirectregex.replacement=https://www.knulst.de/$${1}
- traefik.http.middlewares.redirect-blogs-knulst.redirectregex.permanent=true
- traefik.http.middlewares.redirect-blogs-knulst-nosub.redirectregex.regex=^https://knulst.de/(.*)
- traefik.http.middlewares.redirect-blogs-knulst-nosub.redirectregex.replacement=https://www.knulst.de/$${1}
- traefik.http.middlewares.redirect-blogs-knulst-nosub.redirectregex.permanent=true
- traefik.http.routers.blogs-knulst-https.middlewares=redirect-blogs-knulst, redirect-blogs-knulst-nosub
volumes:
content:
data:
configs:
varnish_cfg:
file: ./default.vcl
networks:
traefik-public:
external: true
default:
external: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment