From 50b0c766e5d9b3fac17d7fe0f2089a89af1aa777 Mon Sep 17 00:00:00 2001
From: Eric Wong <e@80x24.org>
Date: Fri, 1 Jul 2016 15:36:55 +0000
Subject: examples: add varnish-4.vcl

Well, I'm fumbling along with this config.  Might as well
fumble along with it publically :)
---
 examples/varnish-4.vcl | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 examples/varnish-4.vcl

(limited to 'examples')

diff --git a/examples/varnish-4.vcl b/examples/varnish-4.vcl
new file mode 100644
index 00000000..7439679d
--- /dev/null
+++ b/examples/varnish-4.vcl
@@ -0,0 +1,74 @@
+# Example VCL for Varnish 4.0 with public-inbox WWW code
+# This is based on what shipped for 3.x a long time ago (I think)
+# and I'm hardly an expert in VCL (nor should we expect anybody
+# who maintains a public-inbox HTTP interface to be).
+#
+# It seems to work for providing some protection from traffic
+# bursts; but perhaps the public-inbox WWW interface can someday
+# provide enough out-of-the-box performance that configuration
+# of an extra component is pointless.
+
+vcl 4.0;
+backend default {
+	.host = "127.0.0.1";
+	.port = "280";
+}
+
+sub vcl_recv {
+	if (req.restarts == 0) {
+		if (req.http.x-forwarded-for) {
+			set req.http.X-Forwarded-For =
+			req.http.X-Forwarded-For + ", " + client.ip;
+		} else {
+			set req.http.X-Forwarded-For = client.ip;
+		}
+	}
+	if (req.method != "GET" &&
+			req.method != "HEAD" &&
+			req.method != "PUT" &&
+			req.method != "POST" &&
+			req.method != "TRACE" &&
+			req.method != "OPTIONS" &&
+			req.method != "DELETE") {
+		/* Non-RFC2616 or CONNECT which is weird. */
+		return (pipe);
+	}
+	if (req.method != "GET" && req.method != "HEAD") {
+		/* We only deal with GET and HEAD by default */
+		return (pass);
+	}
+	if (req.http.Authorization || req.http.Cookie) {
+		/* Not cacheable by default */
+		return (pass);
+	}
+	return (hash);
+}
+
+sub vcl_hash {
+	hash_data(req.url);
+	if (req.http.host) {
+		hash_data(req.http.host);
+	} else {
+		hash_data(server.ip);
+	}
+	if (req.http.X-Forwarded-Proto) {
+		hash_data(req.http.X-Forwarded-Proto);
+	}
+	return (lookup);
+}
+
+sub vcl_backend_response {
+	set beresp.grace = 60s;
+	set beresp.do_stream = true;
+	if (beresp.ttl <= 0s ||
+		beresp.http.Set-Cookie ||
+		beresp.http.Vary == "*") {
+		/* Mark as "Hit-For-Pass" for the next 2 minutes */
+		set beresp.ttl = 120 s;
+		set beresp.uncacheable = true;
+		return (deliver);
+	} else {
+		set beresp.ttl = 10s;
+	}
+	return (deliver);
+}
-- 
cgit v1.2.3-24-ge0c7