vcl 4.1; # https://github.com/varnish/toolbox/tree/master/vcls/hit-miss include "hit-miss.vcl"; import std; backend default { .host = "rstat-dashboard"; .port = "5000"; } acl purge { "localhost"; "nginx"; "127.0.0.1"; } sub vcl_recv { set req.http.Host = regsub(req.http.Host, ":[0-9]+", ""); unset req.http.proxy; set req.url = std.querysort(req.url); set req.url = regsub(req.url, "\?$", ""); set req.http.Surrogate-Capability = "key=ESI/1.0"; if (req.url ~ "/purge-cache") { if (!client.ip ~ purge) { return(synth(403, "Not allowed.")); } ban("req.http.host == rstat.net"); return(synth(200, "Cache cleared")); } if (!req.http.X-Forwarded-Proto) { if(std.port(server.ip) == 443 || std.port(server.ip) == 8443) { set req.http.X-Forwarded-Proto = "https"; } else { set req.http.X-Forwarded-Proto = "https"; } } # Cache static files if (req.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|ogg|ogm|opus|otf|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") { unset req.http.Cookie; return(hash); } # Remove all cookies for other requests unset req.http.Cookie; return(hash); } sub vcl_hash { hash_data(req.http.X-Forwarded-Proto); } sub vcl_backend_response { # Cache static files and other content in Varnish for 1 min set beresp.ttl = 1m; # Enable stale content serving set beresp.grace = 24h; # Preserve the origin's Cache-Control header for client-side caching if (beresp.http.Cache-Control) { set beresp.http.X-Orig-Cache-Control = beresp.http.Cache-Control; } } sub vcl_deliver { # Restore the origin's Cache-Control header for the browser if (resp.http.X-Orig-Cache-Control) { set resp.http.Cache-Control = resp.http.X-Orig-Cache-Control; unset resp.http.X-Orig-Cache-Control; } else { # If no Cache-Control was set by the origin, we'll set a default set resp.http.Cache-Control = "no-cache, must-revalidate"; } }