[commits] r156 - selinux-site/trunk/buildout
tim at mail.se.linux.org
tim at mail.se.linux.org
Sat Dec 1 21:25:13 CET 2007
Author: tim
Date: 2007-12-01 21:25:12 +0100 (Sat, 01 Dec 2007)
New Revision: 156
Added:
selinux-site/trunk/buildout/varnish.conf
Modified:
selinux-site/trunk/buildout/production.cfg
Log:
Added varnish configuration file to buildout.
Modified: selinux-site/trunk/buildout/production.cfg
===================================================================
--- selinux-site/trunk/buildout/production.cfg 2007-11-30 21:20:29 UTC (rev 155)
+++ selinux-site/trunk/buildout/production.cfg 2007-12-01 20:25:12 UTC (rev 156)
@@ -159,7 +159,7 @@
recipe = plone.recipe.varnish:instance
bind = 127.0.0.1:8000
cache-size = 1G
-config = ${buildout:directory}/selinux.vcl
+config = ${buildout:directory}/varnish.conf
[varnish-build]
recipe = plone.recipe.varnish:build
Added: selinux-site/trunk/buildout/varnish.conf
===================================================================
--- selinux-site/trunk/buildout/varnish.conf (rev 0)
+++ selinux-site/trunk/buildout/varnish.conf 2007-12-01 20:25:12 UTC (rev 156)
@@ -0,0 +1,85 @@
+backend balancer {
+ set backend.host = "127.0.0.1";
+ set backend.port = "8101";
+}
+
+acl purge {
+ "localhost";
+}
+
+sub vcl_recv {
+
+ /* Do not cache if request is not GET or HEAD */
+ if (req.request != "GET" && req.request != "HEAD") {
+ /* Forward to 'lookup' if request is an authorized PURGE request */
+ if (req.request == "PURGE") {
+ if (!client.ip ~ purge) {
+ error 405 "Not allowed.";
+ }
+ lookup;
+ }
+ pipe;
+ }
+
+ /* Do not cache if request contains an Expect header */
+ if (req.http.Expect) {
+ pipe;
+ }
+
+ /* Varnish doesn't do INM requests so pass it through */
+ if (req.http.If-None-Match) {
+ pass;
+ }
+
+ /* Always cache images and multimedia */
+ if (req.url ~ "\.(jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|mp3|mp4|m4a|ogg|mov|avi|wmv)$") {
+ lookup;
+ }
+
+ /* Always cache CSS and javascript */
+ if (req.url ~ "\.(css|js)$") {
+ lookup;
+ }
+
+ /* Always cache static files */
+ if (req.url ~
+"\.(pdf|xls|vsd|doc|ppt|pps|vsd|doc|ppt|pps|xls|pdf|sxw|zip|gz|bz2|tgz|tar|rar|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw|dmg|torrent|deb|msi|iso|rpm)$") {
+ lookup;
+ }
+
+ /* Do not cache when authenticated via HTTP Basic or Digest Authentication */
+ if (req.http.Authenticate || req.http.Authorization) {
+ pipe;
+ }
+
+ /* Do not cache when authenticated via "__ac" cookies */
+ if (req.http.Cookie && req.http.Cookie ~ "__ac_(name|password|persistent)=") {
+ pipe;
+ }
+
+ /* Do not cache when authenticated via "_ZopeId" cookies */
+ if (req.http.Cookie && req.http.Cookie ~ "_ZopeId=") {
+ pipe;
+ }
+
+ lookup;
+}
+
+sub vcl_hit {
+ if (req.request == "PURGE") {
+ set obj.ttl = 0s;
+ error 200 "Purged";
+ }
+}
+
+sub vcl_miss {
+
+ /* Varnish doesn't do IMS to backend, so if not in cache just pass it through */
+ if (req.http.If-Modified-Since) {
+ pass;
+ }
+
+ if (req.request == "PURGE") {
+ error 404 "Not in cache";
+ }
+}
More information about the commits
mailing list