diff --git a/templates/default.vcl.j2 b/templates/default.vcl.j2 new file mode 100644 index 0000000..9ef3a6d --- /dev/null +++ b/templates/default.vcl.j2 @@ -0,0 +1,53 @@ +# +# This is an example VCL file for Varnish. +# +# It does not do anything by default, delegating control to the +# builtin VCL. The builtin VCL is called when there is no explicit +# return statement. +# +# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/ +# and https://www.varnish-cache.org/trac/wiki/VCLExamples for more examples. + +# Marker to tell the VCL compiler that this VCL has been adapted to the +# new 4.0 format. +vcl 4.0; + +# Default backend definition. Set this to point to your content server. +backend default { + .host = "127.0.0.1"; + .port = "8080"; +} + +sub vcl_recv { + if (req.restarts == 0) { + if (req.http.x-forwarded-for) { + set req.http.X-Forwarded-For = + req.http.X-Forwarded-For + ", " + client.ip; + } + else { + set req.http.X-Forwarded-For = client.ip; + } + } +} + +sub vcl_backend_response { + set beresp.ttl = 2h; + set beresp.grace = 24h; + + if (bereq.url ~ "\.(bmp|ejs|jpeg|pdf|ps|ttf|class|eot|jpg|pict|svg|webp|html|htm|css|eps|js|pls|svgz|woff|csv|gif|mid|png|swf|woff2|doc|ico|midi|ppt|tif|xls|docx|jar|otf|pptx|tiff|xlsx|mp3)$") { + set beresp.ttl = 1y; + set beresp.grace = 24h; + } +} + +sub vcl_hash { + hash_data(req.method); +} + +sub vcl_deliver { + # Happens when we have all the pieces we need, and are about to send the + # response to the client. + # + # You can do accounting or modifying the final object here. +} + diff --git a/varnish.yml b/varnish.yml index c107c32..2a7388a 100755 --- a/varnish.yml +++ b/varnish.yml @@ -22,6 +22,13 @@ owner: root group: root + - name: Dropping Varnish config (default.vcl) + ansible.builtin.template: + src: templates/default.vcl.j2 + dest: /etc/varnish/default.vcl + mode: '0644' + force: yes + - name: Reload daemons, enable varnish ansible.builtin.systemd: daemon_reload: yes