about summary refs log tree commit homepage
path: root/examples/varnish-4.vcl
diff options
context:
space:
mode:
authorEric Wong <e@80x24.org>2016-07-03 01:14:24 +0000
committerEric Wong <e@80x24.org>2016-07-03 01:19:07 +0000
commit923147e793af18d20e3d4468cca4687b76a1f097 (patch)
tree5d03189ac8c166c766c6278927e5a9795e84d540 /examples/varnish-4.vcl
parent5e14b8e68483ab412b4a3ae1a62429237143b89b (diff)
downloadpublic-inbox-923147e793af18d20e3d4468cca4687b76a1f097.tar.gz
Document and simplify things a bit.  The major functional change
is we no longer waste space caching objects from dumb HTTP
clones.
Diffstat (limited to 'examples/varnish-4.vcl')
-rw-r--r--examples/varnish-4.vcl26
1 files changed, 14 insertions, 12 deletions
diff --git a/examples/varnish-4.vcl b/examples/varnish-4.vcl
index 999f9542..24296032 100644
--- a/examples/varnish-4.vcl
+++ b/examples/varnish-4.vcl
@@ -10,24 +10,15 @@
 
 vcl 4.0;
 backend default {
+        # this is where public-inbox-http listens
         .host = "127.0.0.1";
         .port = "280";
 }
 
 sub vcl_recv {
-        if (req.method != "GET" &&
-                        req.method != "HEAD" &&
-                        req.method != "PUT" &&
-                        req.method != "POST" &&
-                        req.method != "TRACE" &&
-                        req.method != "OPTIONS" &&
-                        req.method != "DELETE") {
-                /* Non-RFC2616 or CONNECT which is weird. */
-                return (pipe);
-        }
+        /* pipe POST and any other weird methods directly to backend */
         if (req.method != "GET" && req.method != "HEAD") {
-                /* We only deal with GET and HEAD by default */
-                return (pass);
+                return (pipe);
         }
         if (req.http.Authorization || req.http.Cookie) {
                 /* Not cacheable by default */
@@ -36,6 +27,13 @@ sub vcl_recv {
         return (hash);
 }
 
+sub vcl_pipe {
+        # By default Connection: close is set on all piped requests by varnish,
+        # but public-inbox-httpd supports persistent connections well :)
+        unset bereq.http.connection;
+        return (pipe);
+}
+
 sub vcl_hash {
         hash_data(req.url);
         if (req.http.host) {
@@ -43,6 +41,7 @@ sub vcl_hash {
         } else {
                 hash_data(server.ip);
         }
+        /* we generate fully-qualified URLs for Atom feeds and redirects */
         if (req.http.X-Forwarded-Proto) {
                 hash_data(req.http.X-Forwarded-Proto);
         }
@@ -53,6 +52,8 @@ sub vcl_backend_response {
         set beresp.grace = 60s;
         set beresp.do_stream = true;
         if (beresp.ttl <= 0s ||
+                /* no point in caching stuff git already stores on disk */
+                beresp.http.Content-Type ~ "application/x-git" ||
                 beresp.http.Set-Cookie ||
                 beresp.http.Vary == "*") {
                 /* Mark as "Hit-For-Pass" for the next 2 minutes */
@@ -60,6 +61,7 @@ sub vcl_backend_response {
                 set beresp.uncacheable = true;
                 return (deliver);
         } else {
+                /* short TTL for up-to-dateness, our PSGI is not that slow */
                 set beresp.ttl = 10s;
         }
         return (deliver);