diff options
Diffstat (limited to 'web')
| -rw-r--r-- | web/etc/apache2/nms.tg15.gathering.org | 41 | ||||
| -rw-r--r-- | web/etc/varnish/default.vcl | 136 | ||||
| -rw-r--r-- | web/etc/varnish/nms.vcl | 44 |
3 files changed, 16 insertions, 205 deletions
diff --git a/web/etc/apache2/nms.tg15.gathering.org b/web/etc/apache2/nms.tg15.gathering.org deleted file mode 100644 index a671c0a..0000000 --- a/web/etc/apache2/nms.tg15.gathering.org +++ /dev/null @@ -1,41 +0,0 @@ -<VirtualHost *:8080> - ServerAdmin drift@gathering.org - ServerName nms.tg15.gathering.org - ServerAlias einstein.tg15.gathering.org - - DocumentRoot /root/tgmanage/web/nms.gathering.org - <Directory "/root/tgmanage/web/nms.gathering.org"> - AllowOverride None - Options Indexes FollowSymLinks ExecCGI MultiViews - - AddHandler cgi-script .cgi .sh .pl .py - AddDefaultCharset UTF-8 - - SetEnvIF ^X-Forwarded-For$ "^185\.12\.59\.12$" AllowIP - SetEnvIF ^X-Forwarded-For$ "^2a02:ed02:1337::12$" AllowIP - - <RequireAny> - AuthUserFile /root/tgmanage/web/.htpasswd - AuthName "Tech:Server Secret Volcano Lair" - AuthType Basic - Require valid-user - - Require env AllowIP - </RequireAny> - - #AuthUserFile /root/tgmanage/web/.htpasswd - #AuthName "Tech:Server Secret Volcano Lair" - #AuthType Basic - #require valid-user - </Directory> - - ErrorLog /var/log/apache2/error-nms.tg15.gathering.org.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/access-nms.tg15.gathering.org.log combined - ServerSignature On - -</VirtualHost> diff --git a/web/etc/varnish/default.vcl b/web/etc/varnish/default.vcl deleted file mode 100644 index b4445d1..0000000 --- a/web/etc/varnish/default.vcl +++ /dev/null @@ -1,136 +0,0 @@ -# -# This is an example VCL file for Varnish. -# -# It does not do anything by default, delegating control to the -# builtin VCL. The builtin VCL is called when there is no explicit -# return statement. -# -# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/ -# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples. - -# Marker to tell the VCL compiler that this VCL has been adapted to the -# new 4.0 format. -vcl 4.0; - -# Default backend definition. Set this to point to your content server. -backend default { - .host = "127.0.0.1"; - .port = "8080"; -} - -acl einstein { - "localhost"; # myself - "185.12.59.12"; # and everyone on the local network - "2a02:ed02:1337::12"; -} - -sub vcl_recv { - if (req.url ~ "nightMode") { - set req.url = regsub(req.url, "nightMode",""); - set req.url = req.url + "?nightMode"; - } - # Happens before we check if we have this in cache already. - # - # Typically you clean up the request here, removing cookies you don't need, - # rewriting the request, etc. -if (req.restarts == 0) { - if (req.http.X-Forwarded-For) { - set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; - } else { - set req.http.X-Forwarded-For = client.ip; - } -} - - if (client.ip ~ einstein){ - set req.http.x-einstein = "true"; - } else { - set req.http.x-einstein = "false"; - } - - if (req.http.host ~ "stream") { - return (pass); - } - - if (req.http.host ~ "nms-public"){ - return (pass); - } - - if (req.method != "GET" && - req.method != "HEAD" && - req.method != "PUT" && - req.method != "POST" && - req.method != "TRACE" && - req.method != "OPTIONS" && - req.method != "DELETE") { - /* Non-RFC2616 or CONNECT which is weird. */ - return (pipe); - } - - if (req.method != "GET" && req.method != "HEAD") { - /* We only deal with GET and HEAD by default */ - return (pass); - } - - unset req.http.Cookie; - if (req.http.Cookie) { - /* Not cacheable by default */ - return (pass); - } - - return (hash); - } -sub vcl_hash { - hash_data(req.http.x-einstein); - hash_data(req.http.authorization); -} -sub vcl_backend_response { - # Happens after we have read the response headers from the backend. - # - # Here you clean the response headers, removing silly Set-Cookie headers - # and other mistakes your backend does. - if (!(bereq.http.host ~ "stream")) { - if (beresp.status == 200) { - set beresp.ttl = 2s; - } else { - set beresp.ttl = 0s; - } - if(bereq.url ~ "port-state.pl" && beresp.status == 200) { - set beresp.ttl = 1s; - } - if (beresp.status == 200 && bereq.url ~ "now=") { - set beresp.ttl = 60m; - } - if (beresp.status == 500) { - return (retry); - } - } - -} - -sub vcl_deliver { - # Happens when we have all the pieces we need, and are about to send the - # response to the client. - # - # You can do accounting or modifying the final object here. -} -sub vcl_backend_error { - set beresp.http.Content-Type = "text/html; charset=utf-8"; - set beresp.http.Retry-After = "5"; - synthetic( {"<!DOCTYPE html> - <html> - <head> - <title>"} + beresp.status + " " + beresp.reason + {"</title> - <meta http-equiv="refresh" content="1"> - </head> - <body> - <h1>Error "} + beresp.status + " " + beresp.reason + {"</h1> - <p>"} + beresp.reason + {"</p> - <h3>Guru Meditation:</h3> - <p>XID: "} + bereq.xid + {"</p> - <hr> - <p>Totally not a Varnish cache server errror</p> - </body> - </html> - "} ); - return (deliver); - } diff --git a/web/etc/varnish/nms.vcl b/web/etc/varnish/nms.vcl index 5f262a6..45b7830 100644 --- a/web/etc/varnish/nms.vcl +++ b/web/etc/varnish/nms.vcl @@ -1,25 +1,14 @@ -# -# This is an example VCL file for Varnish. -# -# It does not do anything by default, delegating control to the -# builtin VCL. The builtin VCL is called when there is no explicit -# return statement. -# -# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/ -# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples. - -# Marker to tell the VCL compiler that this VCL has been adapted to the -# new 4.0 format. +# Magi. vcl 4.0; -# Default backend definition. Set this to point to your content server. +# Mer magi. backend default { .host = "127.0.0.1"; .port = "8080"; } +# Sort magi. sub vcl_recv { - if (req.method != "GET" && req.method != "HEAD" && req.method != "PUT" && @@ -27,8 +16,8 @@ sub vcl_recv { req.method != "TRACE" && req.method != "OPTIONS" && req.method != "DELETE") { - /* Non-RFC2616 or CONNECT which is weird. */ - return (pipe); + # Vi hater alt som er gøy. + return (synth(418,"LOLOLOL")); } # Hardcoded for testing @@ -38,37 +27,36 @@ sub vcl_recv { /* We only deal with GET and HEAD by default */ return (pass); } - + + # Brukes ikke. Cookies er for nubs. unset req.http.Cookie; + # Tvinges gjennom for å cache med authorization-skrot. return (hash); } +# Rosa magi sub vcl_hash { + # Wheee. Legg til authorization-headeren i hashen. hash_data(req.http.authorization); } +# Mauve magi. Hva nå enn det er. +# Dette er WIP - Skal flyttes til backend sub vcl_backend_response { - # Happens after we have read the response headers from the backend. - # - # Here you clean the response headers, removing silly Set-Cookie headers - # and other mistakes your backend does. - if (!(bereq.http.host ~ "stream")) { if (beresp.status == 200) { set beresp.ttl = 2s; } else { - set beresp.ttl = 0s; + # Vi cacher feilmeldinger, fordi vi er kule. + set beresp.ttl = 1s; } + if(bereq.url ~ "port-state.pl" && beresp.status == 200) { set beresp.ttl = 1s; } if (beresp.status == 200 && bereq.url ~ "now=") { + # Historisk data kan vi cache cirka evig set beresp.ttl = 60m; } - if (beresp.status == 500) { - return (retry); - } - } - } |