API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 12th, 2023
75
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.27 KB | None | 0 0
raw download clone embed print report
  1. # Backends
  2. backend F_Host_1 {
  3. .between_bytes_timeout = 10s;
  4. .connect_timeout = 1s;
  5. .first_byte_timeout = 15s;
  6. .host = "REDACTED";
  7. .max_connections = 200;
  8. .port = "443";
  9. .share_key = "REDACTED";
  10. .ssl = true;
  11. .ssl_cert_hostname = "REDACTED";
  12. .ssl_sni_hostname = "REDACTED";
  13. }
  14. sub vcl_recv {
  15. #--FASTLY RECV BEGIN
  16. if (req.restarts == 0) {
  17. if (!req.http.X-Timer) {
  18. set req.http.X-Timer = "S" time.start.sec "." time.start.usec_frac;
  19. }
  20. set req.http.X-Timer = req.http.X-Timer ",VS0";
  21. }
  22. if (req.http.Fastly-Orig-Accept-Encoding) {
  23. if (req.http.Fastly-Orig-Accept-Encoding ~ "\bbr\b") {
  24. set req.http.Accept-Encoding = "br";
  25. }
  26. }
  27. declare local var.fastly_req_do_shield BOOL;
  28. set var.fastly_req_do_shield = (req.restarts == 0);
  29. # default conditions
  30. set req.backend = F_Host_1;
  31. # end default conditions
  32. #--FASTLY RECV END
  33. if (req.request != "HEAD" && req.request != "GET" && req.request != "FASTLYPURGE") {
  34. return(pass);
  35. }
  36. return(lookup);
  37. }
  38. sub vcl_fetch {
  39. declare local var.fastly_disable_restart_on_error BOOL;
  40. #--FASTLY FETCH BEGIN
  41. # record which cache ran vcl_fetch for this object and when
  42. set beresp.http.Fastly-Debug-Path = "(F " server.identity " " now.sec ") " if(beresp.http.Fastly-Debug-Path, beresp.http.Fastly-Debug-Path, "");
  43. # generic mechanism to vary on something
  44. if (req.http.Fastly-Vary-String) {
  45. if (beresp.http.Vary) {
  46. set beresp.http.Vary = "Fastly-Vary-String, " beresp.http.Vary;
  47. } else {
  48. set beresp.http.Vary = "Fastly-Vary-String, ";
  49. }
  50. }
  51. # priority: 0
  52. # max-age
  53. set beresp.ttl = 86400s;
  54. # Header rewrite Cache-Control : 10
  55. set beresp.http.cache-control = "public, max-age=3600";
  56. # Header rewrite Surrogate-Control : 10
  57. set beresp.http.surrogate-control = "max-age=84000";
  58. # Header rewrite Vary : 10
  59. set beresp.http.Vary = "Accept-Encoding, Cookie";
  60. # Gzip Generated by default compression policy
  61. if ((beresp.status == 200 || beresp.status == 404) && (beresp.http.content-type ~ "^(?:text/html|application/x-javascript|text/css|application/javascript|text/javascript|application/json|application/vnd\.ms-fontobject|application/x-font-opentype|application/x-font-truetype|application/x-font-ttf|application/xml|font/eot|font/opentype|font/otf|image/svg\+xml|image/vnd\.microsoft\.icon|text/plain|text/xml)\s*(?:$|;)" || req.url ~ "\.(?:css|js|html|eot|ico|otf|ttf|json|svg)(?:$|\?)" ) ) {
  62. # always set vary to make sure uncompressed versions dont always win
  63. if (!beresp.http.Vary ~ "Accept-Encoding") {
  64. if (beresp.http.Vary) {
  65. set beresp.http.Vary = beresp.http.Vary ", Accept-Encoding";
  66. } else {
  67. set beresp.http.Vary = "Accept-Encoding";
  68. }
  69. }
  70. if (req.http.Accept-Encoding == "br") {
  71. set beresp.brotli = true;
  72. } elsif (req.http.Accept-Encoding == "gzip") {
  73. set beresp.gzip = true;
  74. }
  75. }
  76. # priority: 10
  77. if ( req.http.Authorization || req.http.Cookie ~ "([sS]ession|Token)=" ) {
  78. # Bypass on Cookie
  79. set beresp.ttl = 0s;
  80. return(pass);
  81. }
  82. #--FASTLY FETCH END
  83. if (!var.fastly_disable_restart_on_error) {
  84. if ((beresp.status == 500 || beresp.status == 503) && req.restarts < 1 && (req.request == "GET" || req.request == "HEAD")) {
  85. restart;
  86. }
  87. }
  88. if(req.restarts > 0 ) {
  89. set beresp.http.Fastly-Restarts = req.restarts;
  90. }
  91. if (beresp.http.Set-Cookie) {
  92. set req.http.Fastly-Cachetype = "SETCOOKIE";
  93. return (pass);
  94. }
  95. if (beresp.http.Cache-Control ~ "private") {
  96. set req.http.Fastly-Cachetype = "PRIVATE";
  97. return (pass);
  98. }
  99. if (beresp.status == 500 || beresp.status == 503) {
  100. set req.http.Fastly-Cachetype = "ERROR";
  101. set beresp.ttl = 1s;
  102. set beresp.grace = 5s;
  103. return (deliver);
  104. }
  105. if (beresp.http.Expires || beresp.http.Surrogate-Control ~ "max-age" || beresp.http.Cache-Control ~"(?:s-maxage|max-age)") {
  106. # keep the ttl here
  107. } else {
  108. # apply the default ttl
  109. set beresp.ttl = 3600s;
  110. }
  111. return(deliver);
  112. }
  113. sub vcl_hit {
  114. #--FASTLY HIT BEGIN
  115. # we cannot reach obj.ttl and obj.grace in deliver, save them when we can in vcl_hit
  116. set req.http.Fastly-Tmp-Obj-TTL = obj.ttl;
  117. set req.http.Fastly-Tmp-Obj-Grace = obj.grace;
  118. {
  119. set req.http.Fastly-Cachetype = "HIT";
  120. }
  121. #--FASTLY HIT END
  122. if (!obj.cacheable) {
  123. return(pass);
  124. }
  125. return(deliver);
  126. }
  127. sub vcl_miss {
  128. #--FASTLY MISS BEGIN
  129. # this is not a hit after all, clean up these set in vcl_hit
  130. unset req.http.Fastly-Tmp-Obj-TTL;
  131. unset req.http.Fastly-Tmp-Obj-Grace;
  132. {
  133. if (req.http.Fastly-Check-SHA1) {
  134. error 550 "Doesnt exist";
  135. }
  136. #--FASTLY BEREQ BEGIN
  137. {
  138. {
  139. if (req.http.Fastly-FF) {
  140. set bereq.http.Fastly-Client = "1";
  141. }
  142. }
  143. {
  144. # do not send this to the backend
  145. unset bereq.http.Fastly-Original-Cookie;
  146. unset bereq.http.Fastly-Original-URL;
  147. unset bereq.http.Fastly-Vary-String;
  148. unset bereq.http.X-Varnish-Client;
  149. }
  150. if (req.http.Fastly-Temp-XFF) {
  151. if (req.http.Fastly-Temp-XFF == "") {
  152. unset bereq.http.X-Forwarded-For;
  153. } else {
  154. set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
  155. }
  156. # unset bereq.http.Fastly-Temp-XFF;
  157. }
  158. }
  159. #--FASTLY BEREQ END
  160. #;
  161. set req.http.Fastly-Cachetype = "MISS";
  162. }
  163. #--FASTLY MISS END
  164. return(fetch);
  165. }
  166. sub vcl_deliver {
  167. #--FASTLY DELIVER BEGIN
  168. # record the journey of the object, expose it only if req.http.Fastly-Debug.
  169. if (req.http.Fastly-Debug || req.http.Fastly-FF) {
  170. set resp.http.Fastly-Debug-Path = "(D " server.identity " " now.sec ") "
  171. if(resp.http.Fastly-Debug-Path, resp.http.Fastly-Debug-Path, "");
  172. set resp.http.Fastly-Debug-TTL = if(obj.hits > 0, "(H ", "(M ")
  173. server.identity
  174. if(req.http.Fastly-Tmp-Obj-TTL && req.http.Fastly-Tmp-Obj-Grace, " " req.http.Fastly-Tmp-Obj-TTL " " req.http.Fastly-Tmp-Obj-Grace " ", " - - ")
  175. if(resp.http.Age, resp.http.Age, "-")
  176. ") "
  177. if(resp.http.Fastly-Debug-TTL, resp.http.Fastly-Debug-TTL, "");
  178. set resp.http.Fastly-Debug-Digest = digest.hash_sha256(req.digest);
  179. } else {
  180. unset resp.http.Fastly-Debug-Path;
  181. unset resp.http.Fastly-Debug-TTL;
  182. unset resp.http.Fastly-Debug-Digest;
  183. }
  184. # add or append X-Served-By/X-Cache(-Hits)
  185. {
  186. if(!resp.http.X-Served-By) {
  187. set resp.http.X-Served-By = server.identity;
  188. } else {
  189. set resp.http.X-Served-By = resp.http.X-Served-By ", " server.identity;
  190. }
  191. set resp.http.X-Cache = if(resp.http.X-Cache, resp.http.X-Cache ", ","") if(fastly_info.state ~ "HIT(?:-|\z)", "HIT", "MISS");
  192. if(!resp.http.X-Cache-Hits) {
  193. set resp.http.X-Cache-Hits = obj.hits;
  194. } else {
  195. set resp.http.X-Cache-Hits = resp.http.X-Cache-Hits ", " obj.hits;
  196. }
  197. }
  198. if (req.http.X-Timer) {
  199. set resp.http.X-Timer = req.http.X-Timer ",VE" time.elapsed.msec;
  200. }
  201. # VARY FIXUP
  202. {
  203. # remove before sending to client
  204. set resp.http.Vary = regsub(resp.http.Vary, "Fastly-Vary-String, ", "");
  205. if (resp.http.Vary ~ "^\s*$") {
  206. unset resp.http.Vary;
  207. }
  208. }
  209. unset resp.http.X-Varnish;
  210. # Pop the surrogate headers into the request object so we can reference them later
  211. set req.http.Surrogate-Key = resp.http.Surrogate-Key;
  212. set req.http.Surrogate-Control = resp.http.Surrogate-Control;
  213. # If we are not forwarding or debugging unset the surrogate headers so they are not present in the response
  214. if (!req.http.Fastly-FF && !req.http.Fastly-Debug) {
  215. unset resp.http.Surrogate-Key;
  216. unset resp.http.Surrogate-Control;
  217. }
  218. if(resp.status == 550) {
  219. return(deliver);
  220. }
  221. #default response conditions
  222. #--FASTLY DELIVER END
  223. return(deliver);
  224. }
  225. sub vcl_error {
  226. #--FASTLY ERROR BEGIN
  227. if (obj.status == 801) {
  228. set obj.status = 301;
  229. set obj.response = "Moved Permanently";
  230. set obj.http.Location = "https://" req.http.host req.url;
  231. synthetic {""};
  232. return (deliver);
  233. }
  234. if (req.http.Fastly-Restart-On-Error) {
  235. if (obj.status == 503 && req.restarts == 0) {
  236. restart;
  237. }
  238. }
  239. {
  240. if (obj.status == 550) {
  241. return(deliver);
  242. }
  243. }
  244. #--FASTLY ERROR END
  245. }
  246. sub vcl_pipe {
  247. #--FASTLY PIPE BEGIN
  248. {
  249. #--FASTLY BEREQ BEGIN
  250. {
  251. {
  252. if (req.http.Fastly-FF) {
  253. set bereq.http.Fastly-Client = "1";
  254. }
  255. }
  256. {
  257. # do not send this to the backend
  258. unset bereq.http.Fastly-Original-Cookie;
  259. unset bereq.http.Fastly-Original-URL;
  260. unset bereq.http.Fastly-Vary-String;
  261. unset bereq.http.X-Varnish-Client;
  262. }
  263. if (req.http.Fastly-Temp-XFF) {
  264. if (req.http.Fastly-Temp-XFF == "") {
  265. unset bereq.http.X-Forwarded-For;
  266. } else {
  267. set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
  268. }
  269. # unset bereq.http.Fastly-Temp-XFF;
  270. }
  271. }
  272. #--FASTLY BEREQ END
  273. #;
  274. set req.http.Fastly-Cachetype = "PIPE";
  275. set bereq.http.connection = "close";
  276. }
  277. #--FASTLY PIPE END
  278. }
  279. sub vcl_pass {
  280. #--FASTLY PASS BEGIN
  281. {
  282. #--FASTLY BEREQ BEGIN
  283. {
  284. {
  285. if (req.http.Fastly-FF) {
  286. set bereq.http.Fastly-Client = "1";
  287. }
  288. }
  289. {
  290. # do not send this to the backend
  291. unset bereq.http.Fastly-Original-Cookie;
  292. unset bereq.http.Fastly-Original-URL;
  293. unset bereq.http.Fastly-Vary-String;
  294. unset bereq.http.X-Varnish-Client;
  295. }
  296. if (req.http.Fastly-Temp-XFF) {
  297. if (req.http.Fastly-Temp-XFF == "") {
  298. unset bereq.http.X-Forwarded-For;
  299. } else {
  300. set bereq.http.X-Forwarded-For = req.http.Fastly-Temp-XFF;
  301. }
  302. # unset bereq.http.Fastly-Temp-XFF;
  303. }
  304. }
  305. #--FASTLY BEREQ END
  306. #;
  307. set req.http.Fastly-Cachetype = "PASS";
  308. }
  309. #--FASTLY PASS END
  310. }
  311. sub vcl_log {
  312. #--FASTLY LOG BEGIN
  313. # default response conditions
  314. #--FASTLY LOG END
  315. }
  316. sub vcl_hash {
  317. #--FASTLY HASH BEGIN
  318. #if unspecified fall back to normal
  319. {
  320. set req.hash += req.url;
  321. set req.hash += req.http.host;
  322. set req.hash += req.vcl.generation;
  323. return (hash);
  324. }
  325. #--FASTLY HASH END
  326. }
  327.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!