Merge branch 'master' of github.com:tech-server/tgmanage

author: Kristian Lyngstol <kly@kly.no> 2016-02-21 15:18:43 +0000
committer: Kristian Lyngstol <kly@kly.no> 2016-02-21 15:18:43 +0000
commit: 47e4039f8fae192f268a13b08e64424d835edb83 (patch)
tree: 5296acc571e90b9d7e04f1effddff4f32856e81d /web
parent: a412ae0c8c75b70786cf60c10c21d0b5c080dfb4 (diff)
parent: dd93f2678b3fc6bd5c038a8f69d324790f9d8f4d (diff)
3 files changed, 41 insertions, 229 deletions
diff --git a/web/etc/apache2/nms.tg15.gathering.org b/web/etc/apache2/nms.tg15.gathering.org
deleted file mode 100644
index a671c0a..0000000
--- a/web/etc/apache2/nms.tg15.gathering.org
+++ /dev/null
@@ -1,41 +0,0 @@
-<VirtualHost *:8080>
-        ServerAdmin drift@gathering.org
-        ServerName nms.tg15.gathering.org
-        ServerAlias einstein.tg15.gathering.org
-
-        DocumentRoot /root/tgmanage/web/nms.gathering.org
-        <Directory "/root/tgmanage/web/nms.gathering.org">
-                AllowOverride None
-                Options Indexes FollowSymLinks ExecCGI MultiViews
-
-                AddHandler cgi-script .cgi .sh .pl .py
-                AddDefaultCharset UTF-8
-
-		SetEnvIF ^X-Forwarded-For$ "^185\.12\.59\.12$" AllowIP
-         	SetEnvIF ^X-Forwarded-For$ "^2a02:ed02:1337::12$" AllowIP
-
-		<RequireAny>
-			AuthUserFile /root/tgmanage/web/.htpasswd
-	                AuthName "Tech:Server Secret Volcano Lair"
-        	        AuthType Basic
-			Require valid-user
-			
-			Require env AllowIP
-		</RequireAny>
-
-                #AuthUserFile /root/tgmanage/web/.htpasswd
-                #AuthName "Tech:Server Secret Volcano Lair"
-                #AuthType Basic
-                #require valid-user
-        </Directory>
-
-        ErrorLog /var/log/apache2/error-nms.tg15.gathering.org.log
-
-        # Possible values include: debug, info, notice, warn, error, crit,
-        # alert, emerg.
-        LogLevel warn
-
-        CustomLog /var/log/apache2/access-nms.tg15.gathering.org.log combined
-        ServerSignature On
-
-</VirtualHost>
diff --git a/web/etc/varnish/default.vcl b/web/etc/varnish/default.vcl
deleted file mode 100644
index b4445d1..0000000
--- a/web/etc/varnish/default.vcl
+++ /dev/null
@@ -1,136 +0,0 @@
-#
-# This is an example VCL file for Varnish.
-#
-# It does not do anything by default, delegating control to the
-# builtin VCL. The builtin VCL is called when there is no explicit
-# return statement.
-#
-# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
-# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
-
-# Marker to tell the VCL compiler that this VCL has been adapted to the
-# new 4.0 format.
-vcl 4.0;
-
-# Default backend definition. Set this to point to your content server.
-backend default {
-    .host = "127.0.0.1";
-    .port = "8080";
-}
-
-acl einstein {
-    "localhost";    # myself
-    "185.12.59.12"; # and everyone on the local network
-    "2a02:ed02:1337::12";
-}
-
-sub vcl_recv {
-	if (req.url ~ "nightMode") {
-		set req.url = regsub(req.url, "nightMode","");
-		set req.url = req.url + "?nightMode";
-	}
-    # Happens before we check if we have this in cache already.
-    # 
-    # Typically you clean up the request here, removing cookies you don't need,
-    # rewriting the request, etc.
-if (req.restarts == 0) {
-  if (req.http.X-Forwarded-For) {
-    set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
-  } else {
-    set req.http.X-Forwarded-For = client.ip;
-  }
-}
-
-	if (client.ip ~ einstein){
-		set req.http.x-einstein = "true";
-	} else {
-		set req.http.x-einstein = "false";
-	}
-
-    if (req.http.host ~ "stream") {
-	    return (pass);
-    }
-
-    if (req.http.host ~ "nms-public"){
-	    return (pass);
-    }
-
-     if (req.method != "GET" &&
-       req.method != "HEAD" &&
-       req.method != "PUT" &&
-       req.method != "POST" &&
-       req.method != "TRACE" &&
-       req.method != "OPTIONS" &&
-       req.method != "DELETE") {
-         /* Non-RFC2616 or CONNECT which is weird. */
-         return (pipe);
-     }
- 
-     if (req.method != "GET" && req.method != "HEAD") {
-         /* We only deal with GET and HEAD by default */
-         return (pass);
-     }
-    
-     unset req.http.Cookie;
-     if (req.http.Cookie) {
-         /* Not cacheable by default */
-         return (pass);
-     }
-
-     return (hash);
- }
-sub vcl_hash {
-    hash_data(req.http.x-einstein);
-    hash_data(req.http.authorization);
-}
-sub vcl_backend_response {
-    # Happens after we have read the response headers from the backend.
-    # 
-    # Here you clean the response headers, removing silly Set-Cookie headers
-    # and other mistakes your backend does.
-    if (!(bereq.http.host ~ "stream")) {
-	    if (beresp.status == 200) {
-		    set beresp.ttl = 2s;
-	    } else {
-		    set beresp.ttl = 0s;
-	    }
-	    if(bereq.url ~ "port-state.pl" && beresp.status == 200) {
-		    set beresp.ttl = 1s;
-	    }
-	    if (beresp.status == 200 && bereq.url ~ "now=") {
-		    set beresp.ttl = 60m;
-	    }
-	    if (beresp.status == 500) {
-		    return (retry);
-	    }
-    }
-
-}
-
-sub vcl_deliver {
-    # Happens when we have all the pieces we need, and are about to send the
-    # response to the client.
-    # 
-    # You can do accounting or modifying the final object here.
-}
-sub vcl_backend_error {
-     set beresp.http.Content-Type = "text/html; charset=utf-8";
-     set beresp.http.Retry-After = "5";
-     synthetic( {"<!DOCTYPE html>
- <html>
-   <head>
-     <title>"} + beresp.status + " " + beresp.reason + {"</title>
-     <meta http-equiv="refresh" content="1">
-   </head>
-   <body>
-     <h1>Error "} + beresp.status + " " + beresp.reason + {"</h1>
-     <p>"} + beresp.reason + {"</p>
-     <h3>Guru Meditation:</h3>
-     <p>XID: "} + bereq.xid + {"</p>
-     <hr>
-     <p>Totally not a Varnish cache server errror</p>
-   </body>
- </html>
- "} );
-     return (deliver);
- }
diff --git a/web/etc/varnish/nms.vcl b/web/etc/varnish/nms.vcl
index 5f262a6..e4b4747 100644
--- a/web/etc/varnish/nms.vcl
+++ b/web/etc/varnish/nms.vcl
@@ -1,74 +1,63 @@
-#
-# This is an example VCL file for Varnish.
-#
-# It does not do anything by default, delegating control to the
-# builtin VCL. The builtin VCL is called when there is no explicit
-# return statement.
-#
-# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
-# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
+# vim: ts=8:expandtab:sw=4:softtabstop=4
 
-# Marker to tell the VCL compiler that this VCL has been adapted to the
-# new 4.0 format.
+# Magi.
 vcl 4.0;
 
-# Default backend definition. Set this to point to your content server.
+# Mer magi.
 backend default {
     .host = "127.0.0.1";
     .port = "8080";
 }
 
+# Sort magi.
 sub vcl_recv {
+    if (req.method != "GET" &&
+        req.method != "HEAD" &&
+        req.method != "PUT" &&
+        req.method != "POST" &&
+        req.method != "TRACE" &&
+        req.method != "OPTIONS" &&
+        req.method != "DELETE") {
+        # Vi hater alt som er gøy.
+        return (synth(418,"LOLOLOL"));
+    }
 
-     if (req.method != "GET" &&
-       req.method != "HEAD" &&
-       req.method != "PUT" &&
-       req.method != "POST" &&
-       req.method != "TRACE" &&
-       req.method != "OPTIONS" &&
-       req.method != "DELETE") {
-         /* Non-RFC2616 or CONNECT which is weird. */
-         return (pipe);
-     }
+    # Hardcoded for testing
+    set req.http.host = "nms.tg16.gathering.org"; 
 
-     # Hardcoded for testing
-     set req.http.host = "nms.tg16.gathering.org"; 
+    if (req.method != "GET" && req.method != "HEAD") {
+        /* We only deal with GET and HEAD by default */
+        return (pass);
+    }
 
-     if (req.method != "GET" && req.method != "HEAD") {
-         /* We only deal with GET and HEAD by default */
-         return (pass);
-     }
-    
-     unset req.http.Cookie;
+    # Brukes ikke. Cookies er for nubs.
+    unset req.http.Cookie;
 
-     return (hash);
- }
+    # Tvinges gjennom for å cache med authorization-skrot.
+    return (hash);
+}
 
+# Rosa magi
 sub vcl_hash {
+    # Wheee. Legg til authorization-headeren i hashen.
     hash_data(req.http.authorization);
 }
 
+# Mauve magi. Hva nå enn det er.
+# Dette er WIP - Skal flyttes til backend
 sub vcl_backend_response {
-    # Happens after we have read the response headers from the backend.
-    # 
-    # Here you clean the response headers, removing silly Set-Cookie headers
-    # and other mistakes your backend does.
-    if (!(bereq.http.host ~ "stream")) {
-	    if (beresp.status == 200) {
-		    set beresp.ttl = 2s;
-	    } else {
-		    set beresp.ttl = 0s;
-	    }
-	    if(bereq.url ~ "port-state.pl" && beresp.status == 200) {
-		    set beresp.ttl = 1s;
-	    }
-	    if (beresp.status == 200 && bereq.url ~ "now=") {
-		    set beresp.ttl = 60m;
-	    }
-	    if (beresp.status == 500) {
-		    return (retry);
-	    }
+    if (beresp.status == 200) {
+        set beresp.ttl = 2s;
+    } else {
+        # Vi cacher feilmeldinger, fordi vi er kule.
+        set beresp.ttl = 1s;
     }
 
+    if(bereq.url ~ "port-state.pl" && beresp.status == 200) {
+        set beresp.ttl = 1s;
+    }
+    if (beresp.status == 200 && bereq.url ~ "now=") {
+        # Historisk data kan vi cache cirka evig
+        set beresp.ttl = 60m;
+    }
 }
-
author	Kristian Lyngstol <kly@kly.no>	2016-02-21 15:18:43 +0000
committer	Kristian Lyngstol <kly@kly.no>	2016-02-21 15:18:43 +0000
commit	47e4039f8fae192f268a13b08e64424d835edb83 (patch)
tree	5296acc571e90b9d7e04f1effddff4f32856e81d /web
parent	a412ae0c8c75b70786cf60c10c21d0b5c080dfb4 (diff)
parent	dd93f2678b3fc6bd5c038a8f69d324790f9d8f4d (diff)