Drupal vcl

1. vcl 4.0;
2. import std;
3. import softpurge;
4. import variable;
5. /**
6.  * Example VCL for Authcache Varnish / Authcache ESI
7.  * =================================================
8.  *
9.  * See also core.vcl for detailed information.
10.  *
11.  * Credits & Sources
12.  * -----------------
13.  * * Josh Waihi - Authenticated page caching with Varnish & Drupal:
14.  *   http://joshwaihi.com/content/authenticated-page-caching-varnish-drupal
15.  * * Four Kitchens - Configure Varnish 3 for Drupal 7:
16.  *   https://fourkitchens.atlassian.net/wiki/display/TECH/Configure+Varnish+3+for+Drupal+7
17.  * * The Varnish Book:
18.  *   https://www.varnish-software.com/static/book/
19.  * * The Varnish Book - VCL Request Flow:
20.  *   https://www.varnish-software.com/static/book/_images/vcl.png
21.  */
22.  
23. # TODO: Update internal subnet ACL and security.
24.  
25. # Define the internal network subnet.
26. # These are used below to allow internal access to certain files while not
27. # allowing access from the public internet.
28.  acl internalIps {
29.     "XX.XX.XX.XX";
30.     "XX.XX.XX.XX";
31.  }
32.  
33. /**
34.  * Define all your backends here.
35.  */
36.  
37. backend default {
38.   .host = "127.0.0.1";
39.   .port = "8080";
40.   .max_connections = 250;
41.   .connect_timeout = 300s;
42.   .first_byte_timeout = 300s;
43.   .between_bytes_timeout = 300s;
44. }
45.  
46. backend stage {
47.   .host = "127.0.0.1";
48.   .port = "8080";
49.   .max_connections = 250;
50.   .connect_timeout = 300s;
51.   .first_byte_timeout = 300s;
52.   .between_bytes_timeout = 300s;
53. }
54.  
55. /**
56.  * Include Authcache Varnish core.vcl.
57.  */
58. include "/etc/varnish/core.vcl";
59.  
60. /**
61.  * Defines where the authcache varnish key callback is located.
62.  *
63.  * Note that the key-retrieval path must start with a slash and must include
64.  * the path prefix if any (e.g. on multilingual sites or if Drupal is installed
65.  * in a subdirectory).
66.  */
67. sub authcache_key_path {
68.   set req.http.X-Authcache-Key-Path = "/authcache-varnish-get-key";
69. }
70.  
71. /**
72.  * Derive the cache identifier for the key cache.
73.  */
74. sub authcache_key_cid {
75.   if (req.http.Cookie ~ "(^|;)\s*S?SESS[a-z0-9]+=") {
76.     // Use the whole session cookie to differentiate between authenticated
77.     // users.
78.     set req.http.X-Authcache-Key-CID = "sess:"+regsuball(req.http.Cookie, "^(.*;\s*)?(S?SESS[a-z0-9]+=[^;]*).*$", "\2");
79.   }
80.   else {
81.     // If authcache key retrieval was enforced for anonymous traffic, the HTTP
82.     // host is used in order to keep apart anonymous users of different
83.     // domains.
84.     set req.http.X-Authcache-Key-CID = "host:"+req.http.host;
85.   }
86.     if (req.http.Cookie ~ "(^|;\s*)(aucp14=1)(;|$)"){
87.         set req.http.X-Authcache-Key-CID = req.http.X-Authcache-Key-CID + "-iva1";
88.     } else if (req.http.Cookie ~ "(^|;\s*)(aucp14=0)(;|$)"){
89.         set req.http.X-Authcache-Key-CID = req.http.X-Authcache-Key-CID + "-iva0";
90.     } else {
91.         if (req.http.Cookie ~ "(^|;\s*)(aucp14=)(;|$)"){
92.            set req.http.Cookie = regsuball(req.http.Cookie, "aucp14", "cancel_aucp14");
93.         }
94.         set req.http.X-Authcache-Key-CID = req.http.X-Authcache-Key-CID + "-iva1";
95.         set req.http.Cookie = req.http.Cookie + ";aucp14=1";
96.     }
97. }
98.  
99. /**
100.  * Place your custom vcl_recv code here.
101.  */
102. sub authcache_recv {
103.  
104.   # Pipe these paths directly to Apache for streaming.
105.   if (req.url ~ "^/admin/content/backup_migrate/export") {
106.     return (pipe);
107.   }
108.  
109.    if (req.url ~ "^/(cron|install)\.php" ) {
110.      set req.url = "/404";
111.      return (hash);
112.      //return (synth(404));
113.    }
114.  
115.    if (
116.        //req.url ~ "^/authcache-varnish-get-key*$" ||
117.        req.url ~ "^/admin$" ||
118.        req.url ~ "^/admin/.*$" ||
119.        req.url ~ "^/batch.*$" ||
120.        req.url ~ "^/comment/edit.*$" ||
121.        req.url ~ "^/cron\.php$" ||
122.        req.url ~ "^/system/ajax$" ||
123.        req.url ~ "^/callback/ajax/.*$" ||
124.        req.url ~ "^/install\.php$" ||
125.        req.url ~ "^/phpmyadmin/.*$" ||
126.        req.url ~ "^/node/*/edit$" ||
127.        req.url ~ "^/node/*/track$" ||
128.        req.url ~ "^/node/add/.*$" ||
129.        req.url ~ "^/status\.php$" ||
130.        req.url ~ "^/system/files/*.$" ||
131.        req.url ~ "^/system/temporary.*$" ||
132.        req.url ~ "^/tracker$" ||
133.        req.url ~ "^/update\.php$" ||
134.        req.url ~ "^/user$" ||
135.        req.url ~ "^/user/.*$" ||
136.        req.url ~ "^/users/.*$") {
137.      return (pass);
138.    }
139.   // no cache these files
140.   if (req.url ~ "(?i)\.(xml|pdf|asc|dat|txt|doc|xls|ppt|tgz|csv|swf)(\?.*)?$") {
141.    return (pass);
142.   }
143.  
144.     //Always put has_js=1 for crawlers not have js activated
145.     if (req.http.Cookie !~ "(^|;\s*)(has_js=1)(;|$)"){
146.         if (req.http.Cookie ~ "(^|;\s*)(has_js=)(|$)"){
147.          //replace
148.          set req.http.Cookie = regsuball(req.http.Cookie, "has_js", "not_has_js");
149.         }
150.         //add
151.         set req.http.Cookie = req.http.Cookie + ";has_js=1";
152.     }
153.    set req.http.Original-Cookie = req.http.Cookie;
154.  
155.    if (req.http.Cookie) {
156.      set req.http.Cookie = ";" + req.http.Cookie;
157.      set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
158.      set req.http.Cookie = regsuball(req.http.Cookie, ";(S?SESS[a-z0-9]+|aucp13n|XDEBUG_SESSION|NO_CACHE_MAC|nocachemac|aucp14|has_js)=", "; \1=");
159.      set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
160.      set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
161.  
162.      if (req.http.Cookie == "") {
163.        unset req.http.Cookie;
164.      }
165.    }
166.  
167.    if (!req.http.X-Authcache-Get-Key) {
168.      set req.http.X-Authcache-Get-Key = "get";
169.    }
170. }
171.  
172. sub vcl_backend_fetch {
173.  
174. }
175.  
176. sub vcl_backend_response {
177.  
178. }
179.  
180. sub vcl_deliver {
181.   if (client.ip ~ internalIps){
182.      if (obj.hits > 0) {
183.        set resp.http.X-Varnish-Cache = "HIT";
184.      }
185.      else {
186.        set resp.http.X-Varnish-Cache = "MISS";
187.      }
188.   }
189. }
190.  
191. sub vcl_synth {
192.  set resp.http.Content-Type = "text/html; charset=utf-8";
193.  set resp.http.Retry-After = "60";
194.  synthetic( {"
195. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
196. <html xmlns="http://www.w3.org/1999/xhtml">
197. <head>
198.   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
199.   <title>Title</title>
200. </head>
201. <body>
202. <div style="text-align: center;">
203.   <a href="#""><img src="server-error.jpg" style="margin:0; border: 0;max-width:100%;"/></a>
204. </div>
205. <div class="error">(Error "} + beresp.status + " " + beresp.reason + {")</div>
206. </body>
207. </html>"});
208.  return (deliver);
209. }
210.  
211.  
212. # In the event of an error, show friendlier messages.
213. sub vcl_backend_error {
214.   # Redirect to some other URL in the case of a homepage failure.
215.  
216.   # Otherwise redirect to the homepage, which will likely be in the cache.
217.   set bereq.http.Content-Type = "text/html; charset=utf-8";
218.   synthetic( {"
219. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
220. <html xmlns="http://www.w3.org/1999/xhtml">
221. <head>
222.   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
223.   <title>Title</title>
224. </head>
225. <body>
226. <div style="text-align: center;">
227.   <a href="#""><img src="server-error.jpg" style="margin:0; border: 0;max-width:100%;"/></a>
228. </div>
229. <div class="error">(Error "} + beresp.status + " " + beresp.reason + {")</div>
230. </body>
231. </html>"});
232.   return (deliver);
233. }