You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Configuration file for varnish
#
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
#
# Maximum number of open files (for ulimit -n)
NFILES=131072
# Locked shared memory (for ulimit -l)
# Default log size is 82MB + header
MEMLOCK=82000
# Maximum number of threads (for ulimit -u)
NPROCS="unlimited"
# Maximum size of corefile (for ulimit -c). Default in Fedora is 0
#DAEMON_COREFILE_LIMIT="unlimited"
# Set this to 1 to make init script reload try to switch vcl without restart.
# To make this work, you need to set the following variables
# explicit: VARNISH_VCL_CONF, VARNISH_ADMIN_LISTEN_ADDRESS,
# VARNISH_ADMIN_LISTEN_PORT, VARNISH_SECRET_FILE, or in short,
# use Alternative 3, Advanced configuration, below
RELOAD_VCL=1
# This file contains 4 alternatives, please use only one.
## Alternative 1, Minimal configuration, no VCL
#
# Listen on port 6081, administration on localhost:6082, and forward to
# content server on localhost:8080. Use a fixed-size cache file.
#
#DAEMON_OPTS="-a :6081 \
# -T localhost:6082 \
# -b localhost:8080 \
# -u varnish -g varnish \
# -s file,/var/lib/varnish/varnish_storage.bin,1G"
## Alternative 2, Configuration with VCL
#
# Listen on port 6081, administration on localhost:6082, and forward to
# one content server selected by the vcl file, based on the request. Use a
# fixed-size cache file.
#
#DAEMON_OPTS="-a :80 \
# -T localhost:6082 \
# -f /etc/varnish/default.vcl \
# -u varnish -g varnish \
# -S /etc/varnish/secret \
# -s file,/var/lib/varnish/varnish_storage.bin,1G"
## Alternative 3, Advanced configuration
#
# See varnishd(1) for more information.
#
# # Main configuration file. You probably want to change it :)
VARNISH_VCL_CONF=/home/admin/public_html/golulo.es/etc/varnish/prototype.vcl
#
# # Default address and port to bind to
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
# VARNISH_LISTEN_ADDRESS=
VARNISH_LISTEN_PORT=80
#
# # Telnet admin interface listen address and port
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
#
# # Shared secret file for admin interface
VARNISH_SECRET_FILE=/etc/varnish/secret
#
# # The minimum number of worker threads to start
VARNISH_MIN_THREADS=50
#
# # The Maximum number of worker threads to start
VARNISH_MAX_THREADS=1000
#
# # Idle timeout for worker threads
VARNISH_THREAD_TIMEOUT=120
#
# # Cache file location
VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin
#
# # Cache file size: in bytes, optionally using k / M / G / T suffix,
# # or in percentage of available disk space using the % suffix.
VARNISH_STORAGE_SIZE=2G
#
# # Backend storage specification
VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
#
# # Default TTL used when the backend does not specify one
VARNISH_TTL=120
#
# # DAEMON_OPTS is used by the init script. If you add or remove options, make
# # sure you update this section, too.
DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-f ${VARNISH_VCL_CONF} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t ${VARNISH_TTL} \
-w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
-u varnish -g varnish \
-S ${VARNISH_SECRET_FILE} \
-s ${VARNISH_STORAGE} \
-p esi_syntax=0x03 \
-p shm_reclen=4096"
#
## Alternative 4, Do It Yourself. See varnishd(1) for more information.
#
# DAEMON_OPTS=""
.vcl (I don't specify the name of the .vcl for a reason, will explain down in the post)
# This is a basic VCL configuration file for PageCache powered by Varnish for Magento module.
# include variable handling methods
include "/home/admin/public_html/golulo.es/etc/varnish/vars.vcl";
# default backend definition. Set this to point to your content server.
backend default {
.host = "81.21.65.97";
.port = "82";
}
# admin backend with longer timeout values. Set this to the same IP & port as your default server.
backend admin {
.host = "81.21.65.97";
.port = "82";
.first_byte_timeout = 18000s;
.between_bytes_timeout = 18000s;
}
# add your Magento server IP to allow purges from the backend
acl purge {
"localhost";
"81.21.65.97";
}
import std;
sub vcl_init {
C{
/* set random salt */
srand(time(NULL));
/* init var storage */
init_function(NULL, NULL);
}C
}
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE" &&
req.request != "PURGE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
# purge request
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
ban("obj.http.X-Purge-Host ~ " + req.http.X-Purge-Host + " && obj.http.X-Purge-URL ~ " + req.http.X-Purge-Regex + " && obj.http.Content-Type ~ " + req.http.X-Purge-Content-Type);
error 200 "Purged.";
}
# switch to admin backend configuration
if (req.http.cookie ~ "adminhtml=") {
set req.backend = admin;
}
# we only deal with GET and HEAD by default
if (req.request != "GET" && req.request != "HEAD") {
return (pass);
}
# normalize url in case of leading HTTP scheme and domain
set req.url = regsub(req.url, "^http[s]?://[^/]+", "");
# collect all cookies
std.collect(req.http.Cookie);
# static files are always cacheable. remove SSL flag and cookie
if (req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$") {
unset req.http.Https;
unset req.http.Cookie;
}
# check if we have a formkey cookie
if (req.http.Cookie ~ "PAGECACHE_FORMKEY") {
set req.http.x-var-input = regsub(req.http.cookie, ".*PAGECACHE_FORMKEY=([^;]*)(;*.*)?", "\1");
call var_set;
} else {
# create formkey once
if (req.esi_level == 0) {
C{
generate_formkey(sp, 16);
}C
set req.http.x-var-input = req.http.X-Pagecache-Formkey;
call var_set;
}
}
# cleanup variables
unset req.http.x-var-input;
unset req.http.X-Pagecache-Formkey;
# formkey lookup
if (req.url ~ "/varnishcache/getformkey/") {
call var_get;
error 760 req.http.x-var-output;
}
# not cacheable by default
if (req.http.Authorization || req.http.Https) {
return (pass);
}
# do not cache any page from index files
if (req.url ~ "^/(index)") {
return (pass);
}
# as soon as we have a NO_CACHE cookie pass request
if (req.http.cookie ~ "NO_CACHE=") {
return (pass);
}
# remove Google gclid parameters
set req.url = regsuball(req.url, "\?gclid=[^&]+$", ""); # strips when QS = "?gclid=AAA"
set req.url = regsuball(req.url, "\?gclid=[^&]+&", "?"); # strips when QS = "?gclid=AAA&foo=bar"
set req.url = regsuball(req.url, "&gclid=[^&]+", ""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz"
return (lookup);
}
# sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
# return (pipe);
# }
# sub vcl_pass {
# return (pass);
# }
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
if (req.http.cookie ~ "PAGECACHE_ENV=") {
set req.http.pageCacheEnv = regsub(
req.http.cookie,
"(.*)PAGECACHE_ENV=([^;]*)(.*)",
"\2"
);
hash_data(req.http.pageCacheEnv);
remove req.http.pageCacheEnv;
}
if (!(req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$")) {
call design_exception;
}
return (hash);
}
# sub vcl_hit {
# return (deliver);
# }
# sub vcl_miss {
# return (fetch);
# }
sub vcl_fetch {
if (beresp.status >= 500) {
if (beresp.http.Content-Type ~ "text/xml") {
return (deliver);
}
set beresp.saintmode = 10s;
return (restart);
}
set beresp.grace = 5m;
# enable ESI feature if needed
if (beresp.http.X-Cache-DoEsi == "1") {
set beresp.do_esi = true;
}
# add ban-lurker tags to object
set beresp.http.X-Purge-URL = req.url;
set beresp.http.X-Purge-Host = req.http.host;
if (beresp.status == 200 || beresp.status == 301 || beresp.status == 404) {
if (beresp.http.Content-Type ~ "text/html" || beresp.http.Content-Type ~ "text/xml") {
if ((beresp.http.Set-Cookie ~ "NO_CACHE=") || (beresp.ttl < 1s)) {
set beresp.ttl = 0s;
return (hit_for_pass);
}
# marker for vcl_deliver to reset Age:
set beresp.http.magicmarker = "1";
# Don't cache cookies
unset beresp.http.set-cookie;
} else {
# set default TTL value for static content
set beresp.ttl = 4h;
}
return (deliver);
}
return (hit_for_pass);
}
sub vcl_deliver {
# debug info
if (resp.http.X-Cache-Debug) {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
set resp.http.X-Cache-Expires = resp.http.Expires;
} else {
# remove Varnish/proxy header
remove resp.http.X-Varnish;
remove resp.http.Via;
remove resp.http.Age;
remove resp.http.X-Purge-URL;
remove resp.http.X-Purge-Host;
}
if (resp.http.magicmarker) {
# Remove the magic marker
unset resp.http.magicmarker;
set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
set resp.http.Pragma = "no-cache";
set resp.http.Expires = "Mon, 31 Mar 2008 10:00:00 GMT";
set resp.http.Age = "0";
}
}
sub vcl_error {
# workaround for possible security issue
if (req.url ~ "^\s") {
set obj.status = 400;
set obj.response = "Malformed request";
synthetic "";
return(deliver);
}
# formkey request
if (obj.status == 760) {
set obj.status = 200;
synthetic obj.response;
return(deliver);
}
# error 200
if (obj.status == 200) {
return (deliver);
}
set obj.http.Content-Type = "text/html; charset=utf-8";
set obj.http.Retry-After = "5";
synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>"} + obj.status + " " + obj.response + {"</title>
</head>
<body>
<h1>Error "} + obj.status + " " + obj.response + {"</h1>
<p>"} + obj.response + {"</p>
<h3>Guru Meditation:</h3>
<p>XID: "} + req.xid + {"</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
"};
return (deliver);
}
# sub vcl_fini {
# return (ok);
# }
sub design_exception {
}
C{
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
/**
* create a random alphanumeric string and store it in
* the request header as X-Pagecache-Formkey
*/
char *generate_formkey(struct sess *sp, int maxLength) {
char *validChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
int validCharsLength = strlen(validChars);
char *result = (char *) malloc(maxLength + 1);
// generate string
int i;
for (i = 0; i < maxLength; ++i) {
int charPosition = rand() % validCharsLength;
result[i] = validChars[charPosition];
}
result[maxLength] = '\0';
// set req.X-Country-Code header
VRT_SetHdr(sp, HDR_REQ, "\024X-Pagecache-Formkey:", result, vrt_magic_string_end);
return 0;
}
}C
Now the confusion I'm having:
As you can see my varnish config states:
# # Main configuration file. You probably want to change it :)
VARNISH_VCL_CONF=/home/admin/public_html/golulo.es/etc/varnish/prototype.vcl
I've modified the file with the content's of the default.vcl, changing to my ip adress and get misses all the time.
The default.vcl is also in the same directory as the prototype.vcl, so witch one is that varnish uses? Witch one I have to modify for it to work?
Do I need to add my ip or use the localhost or 127.0.0.1? Everything (Varsnish, website etc. is on the same server).
I did try mayority of this thing's I'm asking, but maybe I made a mistake somewhere and I can't see it.
Could you please help me?
If I'm not making my self clear, please ask I will provide all the information needed.
I'm stuck with it for day's and I can't make it to work...
2nd issue:
Getting damaged code with form_keys on product pages and in the cart, as you can see from the config the varnish startup config is modified as specified in the documentation, any ideas what may cause this?
Thank you.
The text was updated successfully, but these errors were encountered:
My configs:
/etc/sysconfig/varnish
.vcl (I don't specify the name of the .vcl for a reason, will explain down in the post)
Now the confusion I'm having:
As you can see my varnish config states:
http://www.isvarnishworking.com/ - indicated, that cache is enabled and running, with issues though.
I've modified the file with the content's of the default.vcl, changing to my ip adress and get misses all the time.
The default.vcl is also in the same directory as the prototype.vcl, so witch one is that varnish uses? Witch one I have to modify for it to work?
Do I need to add my ip or use the localhost or 127.0.0.1? Everything (Varsnish, website etc. is on the same server).
I did try mayority of this thing's I'm asking, but maybe I made a mistake somewhere and I can't see it.
Could you please help me?
If I'm not making my self clear, please ask I will provide all the information needed.
I'm stuck with it for day's and I can't make it to work...
2nd issue:
Getting damaged code with form_keys on product pages and in the cart, as you can see from the config the varnish startup config is modified as specified in the documentation, any ideas what may cause this?
Thank you.
The text was updated successfully, but these errors were encountered: