Skip to content

Instantly share code, notes, and snippets.

@andristeiner

andristeiner/varnish-apt

Created February 24, 2016 03:33
Show Gist options
  • Save andristeiner/aae75c2bc3b51e6d71ea to your computer and use it in GitHub Desktop.
Save andristeiner/aae75c2bc3b51e6d71ea to your computer and use it in GitHub Desktop.
Download ZIP
Raw
varnish-apt
/*
* This file was autogenerated by puppet. Do not edit manually!
*
* snowflake Varnish Configuration for APT Cache
*/
/*
* Backend Servers (APT Repositories)
*/
backend ftp_ch_debian_org {
.host = "ftp.ch.debian.org";
}
backend security_debian_org {
.host = "212.211.132.32";
}
backend backports_debian_org {
.host = "debian.ethz.ch";
}
backend debian_systs_org {
.host = "debian.systs.org";
}
backend php53_dotdeb_org {
.host = "php53.dotdeb.org";
}
backend downloads_linux_hp_com {
.host = "15.201.202.85";
}
backend download_proxmox_com {
.host = "download.proxmox.com";
}
backend repo_varnish_cache_org {
.host = "repo.varnish-cache.org";
}
backend pkg_jenkins_ci_org {
.host = "pkg.jenkins-ci.org";
}
backend packages_elasticsearch_org {
.host = "184.72.222.192";
}
backend mirror_netcologne_de {
.host = "mirror.netcologne.de";
}
backend apt_puppetlabs_com {
.host = "apt.puppetlabs.com";
}
backend dl_hhvm_com {
.host = "dl.hhvm.com";
}
backend www_rabbitmq_com {
.host = "www.rabbitmq.com";
}
* Purge ACL
* Clients in this lists are allowed to issue PURGE commands
*/
acl purge {
"127.0.0.1";
"<%= ipaddress %>";
"<%= ipaddress_eth0_varnish %>";
"91.199.98.0"/24;
"91.234.160.0"/24;
"185.17.68.0"/22;
"2a04:500::"/29;
}
/*
* vcl_recv
* Called at the beginning of a request, after the complete request has been received and parsed.
* Its purpose is to decide whether or not to serve the request, how to do it, and, if applicable, which backend to use.
*/
sub vcl_recv {
# Check PURGE Requests against their according ACL
if (req.request == "PURGE") {
if(!client.ip ~ purge) {
error 405 "Not allowed.";
}
return (lookup);
}
# Remove cookies
remove req.http.Cookie;
# Pipe unknown Methods
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
return (pipe);
}
# Cache only GET or HEAD Requests
if (req.request != "GET" && req.request != "HEAD") {
return (pass);
}
# Map APT Servers
if (req.url ~ "^/debian/") {
set req.backend = ftp_ch_debian_org;
set req.http.host = "ftp.ch.debian.org";
} else if (req.url ~ "^/debian-security/") {
set req.backend = security_debian_org;
set req.http.host = "security.debian.org";
} else if (req.url ~ "^/backports/") {
set req.backend = backports_debian_org;
set req.http.host = "backports.debian.org";
set req.url = regsub(req.url, "^/backports/", "/debian-backports/");
} else if (req.url ~ "^/systs/") {
set req.backend = debian_systs_org;
set req.http.host = "debian.systs.org";
set req.url = regsub(req.url, "^/systs/", "/debian/");
} else if (req.url ~ "^/dotdeb-php53/") {
set req.backend = php53_dotdeb_org;
set req.http.host = "php53.dotdeb.org";
set req.url = regsub(req.url, "^/dotdeb-php53/", "/");
} else if (req.url ~ "^/proliantsupportpack/") {
set req.backend = downloads_linux_hp_com;
set req.http.host = "downloads.linux.hp.com";
set req.url = regsub(req.url, "^/proliantsupportpack/", "/SDR/downloads/MCP/");
} else if (req.url ~ "^/proxmox/") {
set req.backend = download_proxmox_com;
set req.http.host = "download.proxmox.com";
set req.url = regsub(req.url, "^/proxmox/", "/debian/");
} else if (req.url ~ "^/varnish/") {
set req.backend = repo_varnish_cache_org;
set req.http.host = "repo.varnish-cache.org";
set req.url = regsub(req.url, "^/varnish/", "/debian/");
} else if (req.url ~ "^/jenkins/") {
set req.backend = pkg_jenkins_ci_org;
set req.http.host = "pkg.jenkins-ci.org";
set req.url = regsub(req.url, "^/jenkins/", "/debian-stable/");
} else if (req.url ~ "^/elasticsearch/") {
set req.backend = packages_elasticsearch_org;
set req.http.host = "packages.elasticsearch.org";
} else if (req.url ~ "^/logstash/") {
set req.backend = packages_elasticsearch_org;
set req.http.host = "packages.elasticsearch.org";
} else if (req.url ~ "^/mariadb/") {
set req.backend = mirror_netcologne_de;
set req.http.host = "mirror.netcologne.de";
} else if (req.url ~ "^/puppet/") {
set req.backend = apt_puppetlabs_com;
set req.http.host = "apt.puppetlabs.com";
set req.url = regsub(req.url, "^/puppet/", "/");
} else if (req.url ~ "^/hhvm/") {
set req.backend = dl_hhvm_com;
set req.http.host = "dl.hhvm.com";
set req.url = regsub(req.url, "^/hhvm/", "/");
} else if (req.url ~ "^/rabbitmq/") {
set req.backend = www_rabbitmq_com;
set req.http.host = "www.rabbitmq.com";
set req.url = regsub(req.url, "^/rabbitmq/", "/debian/");
} else if (req.url ~ "^/nodesource/") {
set req.backend = deb_nodesource_com;
set req.http.host = "deb.nodesource.com";
set req.url = regsub(req.url, "^/nodesource/", "/");
}
# Cache Lookup
return (lookup);
}
/*
* vcl_fetch
* Called after a document has been successfully retrieved from the backend.
*/
sub vcl_fetch {
# Cache only GET or HEAD Requests
if (req.request != "GET" && req.request != "HEAD") {
set beresp.http.X-SiteBooster = "Pass: No GET or HEAD Request";
return (hit_for_pass);
}
# Grace period - deliver expired cache entries as long as the backend is not working
set beresp.grace = 3d;
# Cache everything
unset beresp.http.set-cookie;
set beresp.ttl = 1h;
return (deliver);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment