Changeset View
Changeset View
Standalone View
Standalone View
site-modules/profile/templates/varnish/vhost.vcl.erb
| # vhost_<%= @servername %>.vcl | # vhost_<%= @servername %>.vcl | ||||
| # | # | ||||
| # Settings for the <%= @servername %> vhost | # Settings for the <%= @servername %> vhost | ||||
| # | # | ||||
| # File managed by puppet. All modifications will be lost. | # File managed by puppet. All modifications will be lost. | ||||
| sub vcl_recv { | sub vcl_recv { | ||||
| if ( | if ( | ||||
| <% @aliases.each do |alias_| -%> | <% @aliases.each do |alias_| -%> | ||||
| req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | ||||
| <% end -%> | <% end -%> | ||||
| req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | ||||
| ) { | ) { | ||||
| set req.http.X-Known-Vhost = "Yes"; | |||||
| if (std.port(server.ip) == <%= scope['::profile::varnish::http_port'] %>) { | if (std.port(server.ip) == <%= scope['::profile::varnish::http_port'] %>) { | ||||
| set req.http.x-redir = "https://" + req.http.host + req.url; | set req.http.x-redir = "https://" + req.http.host + req.url; | ||||
| return(synth(850, "Moved permanently")); | return(synth(850, "Moved permanently")); | ||||
| } else { | } else { | ||||
| <% if @websocket_support -%> | <% if @websocket_support -%> | ||||
| if (req.http.upgrade ~ "(?i)websocket") { | if (req.http.upgrade ~ "(?i)websocket") { | ||||
| return (pipe); | return (pipe); | ||||
| } | } | ||||
| Show All 19 Lines | |||||
| <% if @hsts_max_age or @vcl_deliver_extra -%> | <% if @hsts_max_age or @vcl_deliver_extra -%> | ||||
| sub vcl_deliver { | sub vcl_deliver { | ||||
| if ( | if ( | ||||
| <% @aliases.each do |alias_| -%> | <% @aliases.each do |alias_| -%> | ||||
| req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | req.http.host ~ "^(?i)<%= Regexp.escape(alias_) %>(:[0-9]+)?$" || | ||||
| <% end -%> | <% end -%> | ||||
| req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>(:[0-9]+)?$" | ||||
| ) { | ) { | ||||
| unset req.http.X-Known-Vhost; | |||||
| <% if @hsts_max_age -%> | <% if @hsts_max_age -%> | ||||
| if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) { | if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) { | ||||
| set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;"; | set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;"; | ||||
| } | } | ||||
| <% end -%> | <% end -%> | ||||
| <% if @vcl_deliver_extra -%> | <% if @vcl_deliver_extra -%> | ||||
| <%= @vcl_deliver_extra %> | <%= @vcl_deliver_extra %> | ||||
| <% end -%> | <% end -%> | ||||
| } | } | ||||
| } | } | ||||
| <% end -%> | <% end -%> | ||||