Skip to content

Instantly share code, notes, and snippets.

@matthewjackowski

matthewjackowski/edgecache.vcl

Last active June 19, 2021 01:35
Show Gist options
  • Save matthewjackowski/8e118f1f7e2aef5b5eb2a03631e734f7 to your computer and use it in GitHub Desktop.
Save matthewjackowski/8e118f1f7e2aef5b5eb2a03631e734f7 to your computer and use it in GitHub Desktop.
Download ZIP
A basic vcl setup for edge caching
Raw
edge.vcl
# A basic setup for the edge
# Strips cookies and un-needed params
# Does a few redirects
# Sets forwarded proxy headers
# Custom error page
vcl 4.0;
import directors;
import std;
# Backend setup
backend default {
.host = "192.168.99.100";
.port = "32777";
}
sub vcl_recv {
# Only a single backend
set req.backend_hint= default;
# Drop cookies
unset req.http.cookie;
# Setting http headers for backend
set req.http.X-Forwarded-For = client.ip;
set req.http.X-Forwarded-Proto = "https";
# Unset headers that might cause us to cache duplicate infos
unset req.http.Accept-Language;
unset req.http.User-Agent;
# Redirect www to non-www
if (req.http.host ~ "^www\.") {
set req.http.x-redir = regsub(req.http.host, "^www\.(.*)", "https://\1") + req.url;
return (synth(750, "Moved permanently"));
}
# Redirect http to https
if ( std.port(server.ip) == 80) {
set req.http.x-redir = "https://" + req.http.host + req.url;
return (synth(750, "Moved permanently"));
}
# drop params from static assets
if (req.url ~ "\.(gif|jpg|jpeg|swf|ttf|css|js|flv|mp3|mp4|pdf|ico|png)(\?.*|)$") {
set req.url = regsub(req.url, "\?.*$", "");
}
# drop tracking params
if (req.url ~ "\?(utm_(campaign|medium|source|term)|adParams|client|cx|eid|fbid|feed|ref(id|src)?|v(er|iew))=") {
set req.url = regsub(req.url, "\?.*$", "");
}
}
sub vcl_backend_response {
# retry a few times if backend is down
if (beresp.status == 503 && bereq.retries < 3 ) {
return(retry);
}
# if we get a session cookie...caching is a no-go
if (bereq.http.Cookie ~ "(UserID|_session)") {
set beresp.http.X-Cacheable = "NO:Got Session";
set beresp.uncacheable = true;
return (deliver);
} elsif (beresp.ttl <= 0s) {
# Varnish determined the object was not cacheable
set beresp.http.X-Cacheable = "NO:Not Cacheable";
} elsif (beresp.http.set-cookie) {
# Don't cache content for logged in users
set beresp.http.X-Cacheable = "NO:Set-Cookie";
set beresp.uncacheable = true;
return (deliver);
} elsif (beresp.http.Cache-Control ~ "private") {
# Respect the Cache-Control=private header from the backend
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
set beresp.uncacheable = true;
return (deliver);
} else {
# Object is cacheable
set beresp.http.X-Cacheable = "YES";
}
# unset cookies from backendresponse
unset beresp.http.set-cookie;
# remove extra headers
unset resp.http.X-Powered-By;
unset resp.http.Server;
unset resp.http.Via;
unset resp.http.X-Pingback;
unset resp.http.X-Varnish;
}
sub vcl_hash {
if ( req.http.X-Forwarded-Proto ) {
hash_data( req.http.X-Forwarded-Proto );
}
}
sub vcl_synth {
# redirect for http
if (resp.status == 750) {
set resp.status = 301;
set resp.http.Location = req.http.x-redir;
return(deliver);
}
# display custom error page if backend down
if (resp.status == 503) {
set resp.status = 404;
synthetic(std.fileread("/etc/varnish/error.html"));
return(deliver);
}
}
sub vcl_deliver {
# oh noes backend is down
if (resp.status == 503) {
return(restart);
}
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
set resp.http.Access-Control-Allow-Origin = "*";
}
sub vcl_hit {
}
sub vcl_miss {
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment