aboutsummaryrefslogtreecommitdiffstats
path: root/config/varnish-alaveteli.vcl
diff options
context:
space:
mode:
Diffstat (limited to 'config/varnish-alaveteli.vcl')
-rw-r--r--config/varnish-alaveteli.vcl24
1 files changed, 20 insertions, 4 deletions
diff --git a/config/varnish-alaveteli.vcl b/config/varnish-alaveteli.vcl
index 7eedf83fc..452a956da 100644
--- a/config/varnish-alaveteli.vcl
+++ b/config/varnish-alaveteli.vcl
@@ -15,6 +15,12 @@ backend default {
.between_bytes_timeout = 600s;
}
+// set the servers alaveteli can issue a purge from
+acl purge {
+ "localhost";
+ "127.0.0.1";
+}
+
sub vcl_recv {
# Handle IPv6
@@ -54,12 +60,13 @@ sub vcl_recv {
req.request != "HEAD" &&
req.request != "POST" &&
req.request != "PUT" &&
+ req.request != "PURGE" &&
req.request != "DELETE" ) {
# We don't allow any other methods.
error 405 "Method Not Allowed";
}
- if (req.request != "GET" && req.request != "HEAD") {
+ if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") {
/* We only deal with GET and HEAD by default, the rest get passed direct to backend */
return (pass);
}
@@ -73,15 +80,23 @@ sub vcl_recv {
if (req.http.Authorization || req.http.Cookie) {
return (pass);
}
-
# Let's have a little grace
set req.grace = 30s;
+ # Handle PURGE requests
+ if (req.request == "PURGE") {
+ if (!client.ip ~ purge) {
+ error 405 "Not allowed.";
+ }
+ # XXX in Varnish 2.x, the following would be
+ # purge("obj.http.x-url ~ " req.url);
+ ban("obj.http.x-url ~ " + req.url);
+ error 200 "Banned";
+ }
return (lookup);
}
-
sub vcl_fetch {
-
+ set beresp.http.x-url = req.url;
if (req.url ~ "\.(png|gif|jpg|jpeg|swf|css|js|rdf|ico|txt)(\?.*|)$") {
# Ignore backend headers..
remove beresp.http.set-Cookie;
@@ -94,3 +109,4 @@ sub vcl_fetch {
return (deliver);
}
}
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 16:31:02 +0000