Changeset View
Changeset View
Standalone View
Standalone View
site-modules/profile/templates/varnish/vhost.vcl.erb
# vhost_<%= @servername %>.vcl | # vhost_<%= @servername %>.vcl | ||||
# | # | ||||
# Settings for the <%= @servername %> vhost | # Settings for the <%= @servername %> vhost | ||||
# | # | ||||
# File managed by puppet. All modifications will be lost. | # File managed by puppet. All modifications will be lost. | ||||
sub vcl_recv { | sub vcl_recv { | ||||
if ( | if ( | ||||
<% @aliases.each do |alias_| -%> | <% @aliases.each do |alias_| -%> | ||||
req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | req.http.host == "<%= alias_.downcase %>" || | ||||
<% end -%> | <% end -%> | ||||
req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | req.http.host == "<%= @servername.downcase %>" | ||||
) { | ) { | ||||
var.set("known-vhost", "yes"); | var.set("known-vhost", "yes"); | ||||
var.set("current-vhost", "<%= @backend_name %>"); | |||||
} | |||||
if (var.get("current-vhost") == "<%= @backend_name %>") { | |||||
if (std.port(server.ip) == <%= scope['::profile::varnish::http_port'] %>) { | if (std.port(server.ip) == <%= scope['::profile::varnish::http_port'] %>) { | ||||
set req.http.x-redir = "https://" + req.http.host + req.url; | set req.http.x-redir = "https://" + req.http.host + req.url; | ||||
return(synth(850, "Moved permanently")); | return(synth(850, "Moved permanently")); | ||||
} else { | } else { | ||||
set req.backend_hint = <%= @backend_name %>; | set req.backend_hint = <%= @backend_name %>; | ||||
<%- if @basic_auth -%> | <%- if @basic_auth -%> | ||||
if ( 1 == 1 # noop expression to be syntactically correct with the following && | if ( 1 == 1 # noop expression to be syntactically correct with the following && | ||||
Show All 14 Lines | |||||
<% if @vcl_recv_extra -%> | <% if @vcl_recv_extra -%> | ||||
<%= @vcl_recv_extra %> | <%= @vcl_recv_extra %> | ||||
<% end -%> | <% end -%> | ||||
} | } | ||||
} | } | ||||
<% if @websocket_support -%> | <% if @websocket_support -%> | ||||
sub vcl_pipe { | sub vcl_pipe { | ||||
if (var.get("current-vhost") == "<%= @backend_name %>") { | |||||
if (req.http.upgrade) { | if (req.http.upgrade) { | ||||
set bereq.http.upgrade = req.http.upgrade; | set bereq.http.upgrade = req.http.upgrade; | ||||
set bereq.http.connection = req.http.connection; | set bereq.http.connection = req.http.connection; | ||||
} | } | ||||
} | } | ||||
} | |||||
<% end -%> | <% end -%> | ||||
<% if @hsts_max_age or @vcl_deliver_extra -%> | <% if @hsts_max_age or @vcl_deliver_extra -%> | ||||
sub vcl_deliver { | sub vcl_deliver { | ||||
if ( | if (var.get("current-vhost") == "<%= @backend_name %>") { | ||||
<% @aliases.each do |alias_| -%> | |||||
req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | |||||
<% end -%> | |||||
req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | |||||
) { | |||||
<% if @hsts_max_age -%> | <% if @hsts_max_age -%> | ||||
if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) { | if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) { | ||||
set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;"; | set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;"; | ||||
} | } | ||||
<% end -%> | <% end -%> | ||||
<% if @vcl_deliver_extra -%> | <% if @vcl_deliver_extra -%> | ||||
<%= @vcl_deliver_extra %> | <%= @vcl_deliver_extra %> | ||||
<% end -%> | <% end -%> | ||||
} | } | ||||
} | } | ||||
sub vcl_synth { | sub vcl_synth { | ||||
if ( | if (var.get("current-vhost") == "<%= @backend_name %>") { | ||||
<% @aliases.each do |alias_| -%> | |||||
req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | |||||
<% end -%> | |||||
req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | |||||
) { | |||||
if (resp.status == 401) { | if (resp.status == 401) { | ||||
set resp.http.WWW-Authenticate = "Basic"; | set resp.http.WWW-Authenticate = "Basic"; | ||||
return(deliver); | return(deliver); | ||||
} | } | ||||
} | } | ||||
} | } | ||||
<% end -%> | <% end -%> | ||||