Changeset View
Changeset View
Standalone View
Standalone View
site-modules/profile/templates/varnish/vhost.vcl.erb
# vhost_<%= @servername %>.vcl | # vhost_<%= @servername %>.vcl | ||||
# | # | ||||
# Settings for the <%= @servername %> vhost | # Settings for the <%= @servername %> vhost | ||||
# | # | ||||
# File managed by puppet. All modifications will be lost. | # File managed by puppet. All modifications will be lost. | ||||
sub vcl_recv { | sub vcl_recv { | ||||
if ( | if ( | ||||
<% @aliases.each do |alias_| -%> | <% @aliases.each do |alias_| -%> | ||||
req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | ||||
<% end -%> | <% end -%> | ||||
req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | ||||
) { | ) { | ||||
set req.http.X-Known-Vhost = "Yes"; | |||||
if (std.port(server.ip) == <%= scope['::profile::varnish::http_port'] %>) { | if (std.port(server.ip) == <%= scope['::profile::varnish::http_port'] %>) { | ||||
set req.http.x-redir = "https://" + req.http.host + req.url; | set req.http.x-redir = "https://" + req.http.host + req.url; | ||||
return(synth(850, "Moved permanently")); | return(synth(850, "Moved permanently")); | ||||
} else { | } else { | ||||
<% if @websocket_support -%> | <% if @websocket_support -%> | ||||
if (req.http.upgrade ~ "(?i)websocket") { | if (req.http.upgrade ~ "(?i)websocket") { | ||||
return (pipe); | return (pipe); | ||||
} | } | ||||
Show All 19 Lines | |||||
<% if @hsts_max_age or @vcl_deliver_extra -%> | <% if @hsts_max_age or @vcl_deliver_extra -%> | ||||
sub vcl_deliver { | sub vcl_deliver { | ||||
if ( | if ( | ||||
<% @aliases.each do |alias_| -%> | <% @aliases.each do |alias_| -%> | ||||
req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | ||||
<% end -%> | <% end -%> | ||||
req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | ||||
) { | ) { | ||||
unset req.http.X-Known-Vhost; | |||||
<% if @hsts_max_age -%> | <% if @hsts_max_age -%> | ||||
if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) { | if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) { | ||||
set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;"; | set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;"; | ||||
} | } | ||||
<% end -%> | <% end -%> | ||||
<% if @vcl_deliver_extra -%> | <% if @vcl_deliver_extra -%> | ||||
<%= @vcl_deliver_extra %> | <%= @vcl_deliver_extra %> | ||||
<% end -%> | <% end -%> | ||||
} | } | ||||
} | } | ||||
<% end -%> | <% end -%> |