1 # Example VCL for Varnish 4.0 with public-inbox WWW code
2 # This is based on what shipped for 3.x a long time ago (I think)
3 # and I'm hardly an expert in VCL (nor should we expect anybody
4 # who maintains a public-inbox HTTP interface to be).
6 # It seems to work for providing some protection from traffic
7 # bursts; but perhaps the public-inbox WWW interface can someday
8 # provide enough out-of-the-box performance that configuration
9 # of an extra component is pointless.
13 # this is where public-inbox-http listens
19 /* pipe POST and any other weird methods directly to backend */
20 if (req.method != "GET" && req.method != "HEAD") {
23 if (req.http.Authorization || req.http.Cookie) {
24 /* Not cacheable by default */
31 # By default Connection: close is set on all piped requests by varnish,
32 # but public-inbox-httpd supports persistent connections well :)
33 unset bereq.http.connection;
40 hash_data(req.http.host);
44 /* we generate fully-qualified URLs for Atom feeds and redirects */
45 if (req.http.X-Forwarded-Proto) {
46 hash_data(req.http.X-Forwarded-Proto);
51 sub vcl_backend_response {
52 set beresp.grace = 60s;
53 set beresp.do_stream = true;
54 if (beresp.ttl <= 0s ||
55 /* no point in caching stuff git already stores on disk */
56 beresp.http.Content-Type ~ "application/x-git" ||
57 beresp.http.Set-Cookie ||
58 beresp.http.Vary == "*") {
59 /* Mark as "Hit-For-Pass" for the next 2 minutes */
60 set beresp.ttl = 120 s;
61 set beresp.uncacheable = true;
64 /* short TTL for up-to-dateness, our PSGI is not that slow */