Update varnish with critical transit_buffer option

2025-05-09 02:05:37 +00:00 · 2024-11-21 22:12:28 +11:00
parent d0b21d4ce1
commit 2261c2432f
1 changed files with 51 additions and 42 deletions
--- a/varnish/default.vcl
+++ b/varnish/default.vcl
@ -2,6 +2,9 @@ vcl 4.1;
 import std;
 # backend pointing to HAProxy
 backend default {
 	.path = "/shared-sockets/varnish-to-haproxy-internal.sock";
 }
 backend haproxy {
 	.path = "/shared-sockets/varnish-to-haproxy-internal.sock";
 }
@ -9,13 +12,24 @@ backend haproxy {
 acl purge_allowed {
 	"127.0.0.1";
 	"::1";
-	"172.19.0.1";
+	"103.230.159.7";
 	"2404:9400:2:0:216:3eff:fee3:5c06";
 }
 sub vcl_pipe {
 	return (pipe);
 }
 # incoming requests
 sub vcl_recv {
-	# handle PURGE and BAN requests
+	# route all requests to haproxy
 	set req.backend_hint = haproxy;
 	# unfuck x-forwarded-for
 	set req.http.X-Forwarded-For = regsub(req.http.X-Forwarded-For, "^([^,]+),?.*$", "\1");
 	# handle PURGE and BAN
 	if ((req.method == "PURGE" || req.method == "BAN") && req.http.X-BasedFlare-Varnish-Key == "changeme") {
 		if (req.http.X-Forwarded-For) {
 			set req.http.X-Real-IP = regsub(req.http.X-Forwarded-For, ",.*", "");
@ -36,8 +50,9 @@ sub vcl_recv {
 		}
 	}
-	# route all requests to haproxy
+	if (req.http.Range) {
-	set req.backend_hint = haproxy;
+		return (pass);
 	}
 	# some conditions are not cached
 	if (req.method != "GET" && req.method != "HEAD") {
@ -50,28 +65,44 @@ sub vcl_recv {
 		return (pass);
 	}
 	# save the Cookie header temporarily if needed by the backend
 	if (req.http.Cookie) {
 		set req.http.X-Cookie-Temp = req.http.Cookie;
 		unset req.http.Cookie;  # remove Cookie header for caching purposes
 	}
 }
-# caching behavior when fetching from backend
+sub vcl_hash {
 	hash_data(req.url);
 	if (req.http.Host) {
 		hash_data(req.http.Host);
 	}
 	if (req.http.Range) {
 		hash_data(req.http.Range);
 	}
 }
 ## caching behavior when fetching from backend
 sub vcl_backend_response {
-	# for BANs
+	set beresp.do_stream = true;  # Stream directly
-	set beresp.http.x-url = bereq.url;
+	set beresp.transit_buffer = 1M; # testing
 	set beresp.http.x-host = bereq.http.host;
 	# dont cache > 100MB
 	if (beresp.http.Content-Length && std.integer(beresp.http.Content-Length, 0) > 100 * 1024 * 1024) {
 		set beresp.uncacheable = true;  # Don't cache
 		return (deliver);
 	}
 	# dont cache set-cookie responses
 	if (beresp.http.Set-Cookie) {
 		set beresp.uncacheable = true;
 		return (pass);
 	}
 	# dont cache ranges
 	# if (bereq.http.Range) {
 	# 	set beresp.ttl = 0s;
 	# 	set beresp.uncacheable = true;
 	# }
 	# only cache specific types of content and successful responses
-	if ((beresp.status == 200 || beresp.status == 206) && beresp.http.Content-Type ~ "text|application|image|video|audio|font") {
+	if ((beresp.status == 200 || beresp.status == 206) && (!beresp.http.Content-Type || beresp.http.Content-Type ~ "text|application|image|video|audio|font")) {
 		if (beresp.http.Cache-Control ~ "no-cache" || beresp.http.Cache-Control ~ "no-store" || beresp.http.Pragma == "no-cache") {
 			#don't cache if the backend says no-cache
 			set beresp.uncacheable = true;
@ -81,41 +112,29 @@ sub vcl_backend_response {
 			set beresp.ttl = std.duration(regsub(beresp.http.Cache-Control, ".*max-age=([0-9]+).*", "\1") + "s", 0s);
 		} else if (beresp.http.Expires) {
 			# calculate ttl using Expires if present
-			set beresp.ttl = std.duration(beresp.http.Expires, 0s);
+			set beresp.ttl = std.duration(beresp.http.Expires + "s", 0s);
 		} else {
 			# default ttl if no cache header
 			set beresp.ttl = 1m;
 		}
 		# grace period for stale content
 		set beresp.grace = 10m;
 		set beresp.uncacheable = false;
 		set beresp.do_stream = true;
 		set beresp.do_gunzip = true;
 	} else {
 		# non-cacheable or non-success responses
 		set beresp.uncacheable = true;
 		return (pass);
 	}
 	# remove Set-Cookie for cacheable responses
 	if (!beresp.uncacheable) {
 		unset beresp.http.Set-Cookie;
 	}
 }
 # when sending response
 sub vcl_deliver {
-	# for BANs
+	# add accept-ranges for backend reqs
-	unset resp.http.x-url;
+	if (req.http.Range) {
-	unset resp.http.x-host;
+		set resp.http.Accept-Ranges = "bytes";
-
+	}
 	# remove some headers
 	unset resp.http.X-Varnish;
 	unset resp.http.Via;
 	unset req.http.X-Cookie-Temp; # ensure X-Cookie-Temp is gone
 	# custom header to indicate cache hit or miss
 	if (obj.hits > 0) {
@ -125,13 +144,3 @@ sub vcl_deliver {
 	}
 }
 # restore Cookie header to backend if saved
 sub vcl_backend_fetch {
 	if (bereq.http.X-Cookie-Temp) {
 		set bereq.http.Cookie = bereq.http.X-Cookie-Temp;
 		unset bereq.http.X-Cookie-Temp; # remove X-Cookie-Temp after use
 	}
 }