Configuration varnish

Forum interne
#1

Voila la configuration varnish que j’utilise pour www.debian-fr.org, pour ceux que ça intéresse.
(forum.appart.debian-fr.org => VPN => maison de ed)

backend forumdebianfr {
  .host = "forum.appart.debian-fr.org";
  .port = "80";
  .max_connections = 5000;
  .connect_timeout = 600s;
  .first_byte_timeout = 600s;
  .between_bytes_timeout = 600s;
}
sub vcl_recv {
  set req.http.host = "www.debian-fr.org";

  # Properly handle different encoding types
  if (req.http.Accept-Encoding) {
    if (req.url ~ "\.(jpg|jpeg|png|ico|gif|tgz|bz2|tbz|mp3|ogg|swf)$") {
      # No point in compressing these
      remove req.http.Accept-Encoding;
    } elsif (req.http.Accept-Encoding ~ "gzip") {
      set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
      set req.http.Accept-Encoding = "deflate";
    } else {
      # unkown algorithm
      remove req.http.Accept-Encoding;
    }
  }

  # Cache things with these extensions
  if (req.url ~ "\.(js|css|jpg|jpeg|ico|png|gif|tgz|bz2|tbz|mp3|ogg|swf)$") {
    return (lookup);
  }

  # Allow a grace period for offering "stale" data in case backend lags
  set req.grace = 5m;

  # Force lookup if the request is a no-cache request from the client
  if (req.http.Cache-Control ~ "no-cache") {
   return (pass);
  }

  if (req.url ~ "\.(xml)$") {
    return (pass);
  }
}

sub vcl_fetch {
  # Grace to allow varnish to serve content if backend is lagged
  set obj.grace = 5m;
  # These status codes should always pass through and never cache.
  if (obj.status == 404 || obj.status == 503 || obj.status == 500) {
    set obj.http.X-Cacheable = "NO: obj.status";
    set obj.http.X-Cacheable-status = obj.status;
    return (pass);
  }

  if (req.url ~ "\.(js|css|jpg|jpeg|ico|png|gif|tgz|bz2|tbz|mp3|ogg|swf)$") {
    unset obj.http.set-cookie;
  }

  if (!obj.cacheable) {
    set obj.http.X-Cacheable = "NO: !obj.cacheable";
    return (pass);
  }
  else {
    # From http://varnish-cache.org/wiki/VCLExampleLongerCaching
    /* Remove Expires from backend, it's not long enough */
    unset obj.http.expires;
  }

  # These TTLs are based on the specific paths and may not apply to your site.
  # You could just set a single default TTL if you want.
  if (req.url ~ "(.js|.css)$") {
    set obj.ttl = 60m; // js and css files ttl 60 minutes
  } else {
    set obj.ttl = 10m; // default ttl 10 minutes
  }

  # marker for vcl_deliver to reset Age:
  set obj.http.magicmarker = "1";

  # All tests passed, therefore item is cacheable
  set obj.http.X-Cacheable = "YES";

  return (deliver);
}

sub vcl_error {
  if (obj.status == 503 && req.restarts < 5) {
    set obj.http.X-Restarts = req.restarts;
    restart;
  }
}

# Added to let users force refresh
sub vcl_hit {
  if (!obj.cacheable) {
    pass;
  }

  if (req.http.Cache-Control ~ "no-cache") {
    # Ignore requests via proxy caches,  IE users and badly behaved crawlers
    # like msnbot that send no-cache with every request.
    if (! (req.http.Via || req.http.User-Agent ~ "bot|MSIE")) {
      set obj.ttl = 0s;
      return (restart);
    } 
  }

  deliver;
}
#2

Merci pour la conf, c’est sympa.
J’ai fait un essai sur le wiki, ça fonctionne bien, mais j’ai eu un souci (évidemment) avec Piwik… que je n’ai pas réussi à configurer avec Varnish…
Je retenterais le coup plus tard.

#3

J’ai mis a jour la configuration pour éliminer de plus en plus “forum.debian-fr.org” de tous les index.

Voici la nouvelle config:

backend forumdebianfr {
  .host = "forum.appart.debian-fr.org";
  .port = "80";
  .max_connections = 5000;
  .connect_timeout = 600s;
  .first_byte_timeout = 600s;
  .between_bytes_timeout = 600s;
}
sub vcl_recv {
  if (req.http.host ~ "^forum\.debian-fr\.org$") {
    error 301;
  }

  set req.http.host = "www.debian-fr.org";

  # Properly handle different encoding types
  if (req.http.Accept-Encoding) {
    if (req.url ~ "\.(jpg|jpeg|png|ico|gif|tgz|bz2|tbz|mp3|ogg|swf)$") {
      # No point in compressing these
      remove req.http.Accept-Encoding;
    } elsif (req.http.Accept-Encoding ~ "gzip") {
      set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
      set req.http.Accept-Encoding = "deflate";
    } else {
      # unkown algorithm
      remove req.http.Accept-Encoding;
    }
  }

  # Cache things with these extensions
  if (req.url ~ "\.(js|css|jpg|jpeg|ico|png|gif|tgz|bz2|tbz|mp3|ogg|swf)$") {
    return (lookup);
  }

  # Allow a grace period for offering "stale" data in case backend lags
  set req.grace = 5m;

  # Force lookup if the request is a no-cache request from the client
  if (req.http.Cache-Control ~ "no-cache") {
   return (pass);
  }

  if (req.url ~ "\.(xml)$") {
    return (pass);
  }
}

sub vcl_fetch {
  # Grace to allow varnish to serve content if backend is lagged
  set obj.grace = 5m;
  # These status codes should always pass through and never cache.
  if (obj.status == 404 || obj.status == 503 || obj.status == 500) {
    set obj.http.X-Cacheable = "NO: obj.status";
    set obj.http.X-Cacheable-status = obj.status;
    return (pass);
  }

  if (req.url ~ "\.(js|css|jpg|jpeg|ico|png|gif|tgz|bz2|tbz|mp3|ogg|swf)$") {
    unset obj.http.set-cookie;
  }

  if (!obj.cacheable) {
    set obj.http.X-Cacheable = "NO: !obj.cacheable";
    return (pass);
  }
  else {
    # From http://varnish-cache.org/wiki/VCLExampleLongerCaching
    /* Remove Expires from backend, it's not long enough */
    unset obj.http.expires;
  }

  # These TTLs are based on the specific paths and may not apply to your site.
  # You could just set a single default TTL if you want.
  if (req.url ~ "(.js|.css)$") {
    set obj.ttl = 60m; // js and css files ttl 60 minutes
  } else {
    set obj.ttl = 10m; // default ttl 10 minutes
  }

  # marker for vcl_deliver to reset Age:
  set obj.http.magicmarker = "1";

  # All tests passed, therefore item is cacheable
  set obj.http.X-Cacheable = "YES";

  return (deliver);
}

sub vcl_error {
  if (obj.status == 503 && req.restarts < 5) {
    set obj.http.X-Restarts = req.restarts;
    restart;
  }
  if (obj.status == 301) {
    set obj.http.Location = "http://www.debian-fr.org" req.url;
    set obj.status = 301;
    return(deliver);
  }
}

# Added to let users force refresh
sub vcl_hit {
  if (!obj.cacheable) {
    pass;
  }

  if (req.http.Cache-Control ~ "no-cache") {
    # Ignore requests via proxy caches,  IE users and badly behaved crawlers
    # like msnbot that send no-cache with every request.
    if (! (req.http.Via || req.http.User-Agent ~ "bot|MSIE")) {
      set obj.ttl = 0s;
      return (restart);
    } 
  }

  deliver;
}