* [PATCH 0/2] varnish tweaks and such
@ 2016-07-03 1:21 Eric Wong
2016-07-03 1:21 ` [PATCH 1/2] examples: remove X-Forwarded-For mentions Eric Wong
2016-07-03 1:21 ` [PATCH 2/2] examples/varnish-4.vcl: comments and tweaks Eric Wong
0 siblings, 2 replies; 3+ messages in thread
From: Eric Wong @ 2016-07-03 1:21 UTC (permalink / raw)
To: meta
Less configuration and more explanation is better :)
Eric Wong (2):
examples: remove X-Forwarded-For mentions
examples/varnish-4.vcl: comments and tweaks
examples/public-inbox.psgi | 2 +-
examples/varnish-4.vcl | 34 ++++++++++++++--------------------
script/public-inbox.cgi | 2 +-
3 files changed, 16 insertions(+), 22 deletions(-)
^ permalink raw reply [flat|nested] 3+ messages in thread* [PATCH 1/2] examples: remove X-Forwarded-For mentions
2016-07-03 1:21 [PATCH 0/2] varnish tweaks and such Eric Wong
@ 2016-07-03 1:21 ` Eric Wong
2016-07-03 1:21 ` [PATCH 2/2] examples/varnish-4.vcl: comments and tweaks Eric Wong
1 sibling, 0 replies; 3+ messages in thread
From: Eric Wong @ 2016-07-03 1:21 UTC (permalink / raw)
To: meta
We don't need to care about client IPs anywhere.
---
examples/public-inbox.psgi | 2 +-
examples/varnish-4.vcl | 8 --------
script/public-inbox.cgi | 2 +-
3 files changed, 2 insertions(+), 10 deletions(-)
diff --git a/examples/public-inbox.psgi b/examples/public-inbox.psgi
index 11e2a6e..e97f917 100644
--- a/examples/public-inbox.psgi
+++ b/examples/public-inbox.psgi
@@ -29,7 +29,7 @@ builder {
# Enable to ensure redirects and Atom feed URLs are generated
# properly when running behind a reverse proxy server which
- # sets X-Forwarded-For and X-Forwarded-Proto request headers.
+ # sets the X-Forwarded-Proto request header.
# See Plack::Middleware::ReverseProxy documentation for details
eval { enable 'ReverseProxy' };
$@ and warn
diff --git a/examples/varnish-4.vcl b/examples/varnish-4.vcl
index 7439679..999f954 100644
--- a/examples/varnish-4.vcl
+++ b/examples/varnish-4.vcl
@@ -15,14 +15,6 @@ backend default {
}
sub vcl_recv {
- if (req.restarts == 0) {
- if (req.http.x-forwarded-for) {
- set req.http.X-Forwarded-For =
- req.http.X-Forwarded-For + ", " + client.ip;
- } else {
- set req.http.X-Forwarded-For = client.ip;
- }
- }
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
diff --git a/script/public-inbox.cgi b/script/public-inbox.cgi
index 5b2aefe..2b7f737 100755
--- a/script/public-inbox.cgi
+++ b/script/public-inbox.cgi
@@ -20,7 +20,7 @@ my $app = builder {
# Enable to ensure redirects and Atom feed URLs are generated
# properly when running behind a reverse proxy server which
- # sets X-Forwarded-For and X-Forwarded-Proto request headers.
+ # sets the X-Forwarded-Proto request header.
# See Plack::Middleware::ReverseProxy documentation for details
# enable 'ReverseProxy';
--
EW
^ permalink raw reply related [flat|nested] 3+ messages in thread* [PATCH 2/2] examples/varnish-4.vcl: comments and tweaks
2016-07-03 1:21 [PATCH 0/2] varnish tweaks and such Eric Wong
2016-07-03 1:21 ` [PATCH 1/2] examples: remove X-Forwarded-For mentions Eric Wong
@ 2016-07-03 1:21 ` Eric Wong
1 sibling, 0 replies; 3+ messages in thread
From: Eric Wong @ 2016-07-03 1:21 UTC (permalink / raw)
To: meta
Document and simplify things a bit. The major functional change
is we no longer waste space caching objects from dumb HTTP
clones.
---
examples/varnish-4.vcl | 26 ++++++++++++++------------
1 file changed, 14 insertions(+), 12 deletions(-)
diff --git a/examples/varnish-4.vcl b/examples/varnish-4.vcl
index 999f954..2429603 100644
--- a/examples/varnish-4.vcl
+++ b/examples/varnish-4.vcl
@@ -10,24 +10,15 @@
vcl 4.0;
backend default {
+ # this is where public-inbox-http listens
.host = "127.0.0.1";
.port = "280";
}
sub vcl_recv {
- if (req.method != "GET" &&
- req.method != "HEAD" &&
- req.method != "PUT" &&
- req.method != "POST" &&
- req.method != "TRACE" &&
- req.method != "OPTIONS" &&
- req.method != "DELETE") {
- /* Non-RFC2616 or CONNECT which is weird. */
- return (pipe);
- }
+ /* pipe POST and any other weird methods directly to backend */
if (req.method != "GET" && req.method != "HEAD") {
- /* We only deal with GET and HEAD by default */
- return (pass);
+ return (pipe);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
@@ -36,6 +27,13 @@ sub vcl_recv {
return (hash);
}
+sub vcl_pipe {
+ # By default Connection: close is set on all piped requests by varnish,
+ # but public-inbox-httpd supports persistent connections well :)
+ unset bereq.http.connection;
+ return (pipe);
+}
+
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
@@ -43,6 +41,7 @@ sub vcl_hash {
} else {
hash_data(server.ip);
}
+ /* we generate fully-qualified URLs for Atom feeds and redirects */
if (req.http.X-Forwarded-Proto) {
hash_data(req.http.X-Forwarded-Proto);
}
@@ -53,6 +52,8 @@ sub vcl_backend_response {
set beresp.grace = 60s;
set beresp.do_stream = true;
if (beresp.ttl <= 0s ||
+ /* no point in caching stuff git already stores on disk */
+ beresp.http.Content-Type ~ "application/x-git" ||
beresp.http.Set-Cookie ||
beresp.http.Vary == "*") {
/* Mark as "Hit-For-Pass" for the next 2 minutes */
@@ -60,6 +61,7 @@ sub vcl_backend_response {
set beresp.uncacheable = true;
return (deliver);
} else {
+ /* short TTL for up-to-dateness, our PSGI is not that slow */
set beresp.ttl = 10s;
}
return (deliver);
--
EW
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-07-03 1:21 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-07-03 1:21 [PATCH 0/2] varnish tweaks and such Eric Wong
2016-07-03 1:21 ` [PATCH 1/2] examples: remove X-Forwarded-For mentions Eric Wong
2016-07-03 1:21 ` [PATCH 2/2] examples/varnish-4.vcl: comments and tweaks Eric Wong
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).