diff options
Diffstat (limited to 'web/etc')
| -rw-r--r-- | web/etc/apache2/nms-public.tg16.gathering.org.conf | 30 | ||||
| -rw-r--r-- | web/etc/apache2/nms.tg16.gathering.org.conf | 56 | ||||
| -rw-r--r-- | web/etc/nginx/default.conf | 331 | ||||
| -rw-r--r-- | web/etc/varnish/nms.vcl | 55 |
4 files changed, 0 insertions, 472 deletions
diff --git a/web/etc/apache2/nms-public.tg16.gathering.org.conf b/web/etc/apache2/nms-public.tg16.gathering.org.conf deleted file mode 100644 index 7e24b5c..0000000 --- a/web/etc/apache2/nms-public.tg16.gathering.org.conf +++ /dev/null @@ -1,30 +0,0 @@ -<VirtualHost *:8080> - ServerAdmin drift@gathering.org - ServerName nms-public.tg16.gathering.org - ServerAlias nms-public.tg16.gathering.org - - DocumentRoot /srv/tgmanage/web/nms-public.gathering.org - ScriptAlias /api/public/ /srv/tgmanage/web/nms-public.gathering.org/api/public/ - <Directory "/srv/tgmanage/web/nms-public.gathering.org/api/public/"> - AllowOverride None - Options +ExecCGI -MultiViews +Indexes +SymLinksIfOwnerMatch - Require all granted - </Directory> - <Directory "/srv/tgmanage/web/nms-public.gathering.org"> - AllowOverride None - Options Indexes FollowSymLinks MultiViews - Require all granted - - AddDefaultCharset UTF-8 - </Directory> - - ErrorLog /var/log/apache2/error-nms-public.tg16.gathering.org.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/access-nms-public.tg16.gathering.org.log combined - ServerSignature On - -</VirtualHost> diff --git a/web/etc/apache2/nms.tg16.gathering.org.conf b/web/etc/apache2/nms.tg16.gathering.org.conf deleted file mode 100644 index 08471e0..0000000 --- a/web/etc/apache2/nms.tg16.gathering.org.conf +++ /dev/null @@ -1,56 +0,0 @@ -<VirtualHost *:8080> - ServerAdmin drift@gathering.org - ServerName nms.tg16.gathering.org - ServerAlias nms.tg16.gathering.org - - DocumentRoot /srv/tgmanage/web/nms.gathering.org - ScriptAlias /api/write/ /srv/tgmanage/web/nms.gathering.org/api/write/ - ScriptAlias /api/read/ /srv/tgmanage/web/nms.gathering.org/api/read/ - ScriptAlias /api/public/ /srv/tgmanage/web/nms.gathering.org/api/public/ - <Directory "/srv/tgmanage/web/nms.gathering.org/api/write/"> - AllowOverride None - Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch - <RequireAny> - AuthUserFile /srv/tgmanage/web/htpasswd-write - AuthName "Tech:Server Secret Volcano Lair" - AuthType Basic - Require valid-user - </RequireAny> - </Directory> - <Directory "/srv/tgmanage/web/nms.gathering.org/api/read/"> - AllowOverride None - Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch - <RequireAny> - AuthUserFile /srv/tgmanage/web/htpasswd-read - AuthName "The Gathering Network Management System" - AuthType Basic - Require valid-user - </RequireAny> - </Directory> - <Directory "/srv/tgmanage/web/nms.gathering.org/api/public/"> - AllowOverride None - Options +ExecCGI -MultiViews +Indexes +SymLinksIfOwnerMatch - Require all granted - </Directory> - <Directory "/srv/tgmanage/web/nms.gathering.org"> - AllowOverride None - Options Indexes FollowSymLinks MultiViews - AddDefaultCharset UTF-8 - <RequireAny> - AuthUserFile /srv/tgmanage/web/htpasswd-read - AuthName "The Gathering Network Management System" - AuthType Basic - Require valid-user - </RequireAny> - </Directory> - - ErrorLog /var/log/apache2/error-nms.tg16.gathering.org.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/access-nms.tg16.gathering.org.log combined - ServerSignature On - -</VirtualHost> diff --git a/web/etc/nginx/default.conf b/web/etc/nginx/default.conf deleted file mode 100644 index 80fc4f3..0000000 --- a/web/etc/nginx/default.conf +++ /dev/null @@ -1,331 +0,0 @@ -# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. - -ssl_dhparam /etc/nginx/dhparam.pem; -resolver 185.110.149.2 185.110.148.2; - -# Yoda! -server { - listen 80 default_server; - listen [::]:80 default_server; - root /var/www/html; - # Add index.php to the list if you are using PHP - index index.html index.htm index.nginx-debian.html; - add_header Strict-Transport-Security max-age=15768000; - server_name yoda.tg16.gathering.org; - - location /display { - allow 185.110.148.24; - allow 2a06:5841:1337::24; - allow 185.110.148.25; - allow 2a06:5841:1337::25; - allow 185.110.148.26; - allow 2a06:5841:1337::26; - allow 2a06:5841:150a::/64; - allow 185.110.150.0/25; - deny all; - } - #location / { - # return 301 https://$host$request_uri; - #} -} - -# Munin -server { - listen 80; - listen [::]:80; - access_log /var/log/nginx/munin.tg16.gathering.org_ssl_access.log; - error_log /var/log/nginx/munin.tg16.gathering.org_ssl_error.log error; - root /var/www/html; - - server_name munin.tg16.gathering.org; - - allow 185.110.150.0/25; - allow 2a06:5841:150a::/64; - allow 185.110.149.0/26; - allow 2a06:5841:149a::/64; - allow 185.110.148.0/26; - allow 2a06:5841:1337::/64; - allow 185.110.151.0/27; - allow 2a06:5841:151a::/64; - deny all; - - location ^~ /munin-cgi/munin-cgi-graph/ { - fastcgi_split_path_info ^(/munin-cgi/munin-cgi-graph)(.*); - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_pass unix:/var/run/munin/fastcgi-graph.sock; - include fastcgi_params; - } - - - location /munin/static/ { - alias /etc/munin/static/; - } - - location /munin/ { - fastcgi_split_path_info ^(/munin)(.*); - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_pass unix:/var/run/munin/fastcgi-html.sock; - include fastcgi_params; - - rewrite ^/munin/(.*.png)$ /munin-cgi/munin-cgi-graph/$1; - } - - location = / { - return 301 $scheme://$server_name/munin/; - } -} - -# Yoda! -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - access_log /var/log/nginx/yoda.tg16.gathering.org_ssl_access.log; - error_log /var/log/nginx/yoda.tg16.gathering.org_ssl_error.log error; - server_name yoda.tg16.gathering.org; - add_header Strict-Transport-Security max-age=0; - add_header Public-Key-Pins 'pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="DqEaRBrMacYurT/HXzsxYONYXAyhWRgNa3/+g3920uQ="; max-age=5184000; includeSubDomains'; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; - ssl_prefer_server_ciphers on; - ssl_certificate /root/le/prodcerts/yoda.prod.pem; - ssl_certificate_key /root/le/keys/domain.key; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - client_max_body_size 10m; - ssl_stapling on; - ssl_stapling_verify on; - root /var/www/html; - index index.pl index.html; - location ~ \.pl|cgi$ { - try_files $uri =404; - gzip off; - fastcgi_pass 127.0.0.1:8999; - fastcgi_index index.pl; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - location / { - try_files $uri $uri/ =404; - } -} - -# Webcam -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - access_log /var/log/nginx/webcam.tg16.gathering.org_ssl_access.log; - error_log /var/log/nginx/webcam.tg16.gathering.org_ssl_error.log error; - server_name webcam.tg16.gathering.org webcams.tg16.gathering.org; - add_header Strict-Transport-Security max-age=0; - add_header Public-Key-Pins 'pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="DqEaRBrMacYurT/HXzsxYONYXAyhWRgNa3/+g3920uQ="; max-age=5184000; includeSubDomains'; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; - ssl_prefer_server_ciphers on; - ssl_certificate /root/le/prodcerts/yoda.prod.pem; - ssl_certificate_key /root/le/keys/domain.key; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - client_max_body_size 10m; - ssl_stapling on; - ssl_stapling_verify on; - root /var/www/webcam; - location / { - return 301 http://stream.tg16.gathering.org/; - #try_files $uri $uri/ =404; - } -} - -# Stream -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - access_log /var/log/nginx/stream.tg16.gathering.org_ssl_access.log; - error_log /var/log/nginx/stream.tg16.gathering.org_ssl_error.log error; - server_name stream.tg16.gathering.org streams.tg16.gathering.org; - #add_header Strict-Transport-Security max-age=15768000; - add_header Strict-Transport-Security max-age=0; - #add_header Public-Key-Pins 'pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="DqEaRBrMacYurT/HXzsxYONYXAyhWRgNa3/+g3920uQ="; max-age=5184000; includeSubDomains'; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; - ssl_prefer_server_ciphers on; - ssl_certificate /root/le/prodcerts/yoda.prod.pem; - ssl_certificate_key /root/le/keys/domain.key; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - client_max_body_size 10m; - ssl_stapling on; - ssl_stapling_verify on; - root /var/www/stream/; - index index.pl index.html; - location /hls { - types { - #application/vnd.apple.mpegurl m3u8; - application/x-mpegURL m3u8; - video/mp2t ts; - text/html htm; - } - root /var/www/; - add_header Cache-Control no-cache; - } - location /stat { - allow 185.110.150.0/25; - allow 2a06:5841:150a::/64; - allow 185.110.149.0/26; - allow 2a06:5841:149a::/64; - allow 185.110.148.0/26; - allow 2a06:5841:1337::/64; - allow 185.110.151.0/27; - allow 2a06:5841:151a::/64; - deny all; - rtmp_stat all; - rtmp_stat_stylesheet /stat.xsl; - } - location /stat.xsl { - allow 185.110.150.0/25; - allow 2a06:5841:150a::/64; - allow 185.110.149.0/26; - allow 2a06:5841:149a::/64; - allow 185.110.148.0/26; - allow 2a06:5841:1337::/64; - allow 185.110.151.0/27; - allow 2a06:5841:151a::/64; - deny all; - } - location ~ \.pl|cgi$ { - try_files $uri =404; - gzip off; - fastcgi_pass 127.0.0.1:8999; - fastcgi_index index.pl; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - location / { - return 301 http://$host$request_uri; - #try_files $uri $uri/ =404; - } -} - -# Stream -server { - listen 80; - listen [::]:80; - access_log /var/log/nginx/stream.tg16.gathering.org_access.log; - error_log /var/log/nginx/stream.tg16.gathering.org_error.log error; - server_name stream.tg16.gathering.org streams.tg16.gathering.org; - add_header Strict-Transport-Security max-age=0; - client_max_body_size 10m; - root /var/www/stream/; -# index index.pl index.html; - index index.pl index.py index.html; - location /hls { - types { - #application/vnd.apple.mpegurl m3u8; - application/x-mpegURL m3u8; - video/mp2t ts; - text/html htm; - } - root /var/www/; - add_header Cache-Control no-cache; - } - location /stat { - allow 185.110.150.0/25; - allow 2a06:5841:150a::/64; - allow 185.110.149.0/26; - allow 2a06:5841:149a::/64; - allow 185.110.148.0/26; - allow 2a06:5841:1337::/64; - allow 185.110.151.0/27; - allow 2a06:5841:151a::/64; - deny all; - rtmp_stat all; - rtmp_stat_stylesheet /stat.xsl; - } - location /stat.xsl { - allow 185.110.150.0/25; - allow 2a06:5841:150a::/64; - allow 185.110.149.0/26; - allow 2a06:5841:149a::/64; - allow 185.110.148.0/26; - allow 2a06:5841:1337::/64; - allow 185.110.151.0/27; - allow 2a06:5841:151a::/64; - deny all; - } - location ~ \.py { - try_files $uri =404; - fastcgi_pass unix:/tmp/index-fcgi.sock; - fastcgi_index index.py; - fastcgi_param PATH_INFO $fastcgi_path_info; - include fastcgi_params; - } - location ~ \.pl|cgi$ { - try_files $uri =404; - gzip off; - fastcgi_pass 127.0.0.1:8999; - fastcgi_index index.pl; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - location / { - try_files $uri $uri/ =404; - } -} - -# NMS-backend -upstream nms { - server obi-wan.tg16.gathering.org; - keepalive 32; -} - -# NMS -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - access_log /var/log/nginx/nms.tg16.gathering.org_ssl_access.log; - error_log /var/log/nginx/nms.tg16.gathering.org_ssl_error.log error; - server_name nms.tg16.gathering.org nms-public.tg16.gathering.org nms-api.tg16.gathering.org nms4.tg16.gathering.org nms6.tg16.gathering.org; - add_header Strict-Transport-Security max-age=15768000; - add_header Public-Key-Pins 'pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="DqEaRBrMacYurT/HXzsxYONYXAyhWRgNa3/+g3920uQ="; max-age=5184000; includeSubDomains'; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; - ssl_prefer_server_ciphers on; - ssl_certificate /root/le/prodcerts/yoda.prod.pem; - ssl_certificate_key /root/le/keys/domain.key; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - client_max_body_size 10m; - ssl_stapling on; - ssl_stapling_verify on; - location / { - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_pass http://nms; - proxy_http_version 1.1; - proxy_set_header Connection ""; - } -} - -# Stats -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - access_log /var/log/nginx/stats.tg16.gathering.org_ssl_access.log; - error_log /var/log/nginx/stats.tg16.gathering.org_ssl_error.log error; - server_name stats.tg16.gathering.org; - add_header Strict-Transport-Security max-age=15768000; - add_header Public-Key-Pins 'pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="DqEaRBrMacYurT/HXzsxYONYXAyhWRgNa3/+g3920uQ="; max-age=5184000; includeSubDomains'; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; - ssl_prefer_server_ciphers on; - ssl_certificate /root/le/prodcerts/yoda.prod.pem; - ssl_certificate_key /root/le/keys/domain.key; - ssl_session_timeout 5m; - ssl_session_cache shared:SSL:50m; - client_max_body_size 10m; - ssl_stapling on; - ssl_stapling_verify on; - root /var/www/stats; - location / { - try_files $uri $uri/ =404; - } -} diff --git a/web/etc/varnish/nms.vcl b/web/etc/varnish/nms.vcl deleted file mode 100644 index 754ecbc..0000000 --- a/web/etc/varnish/nms.vcl +++ /dev/null @@ -1,55 +0,0 @@ -# vim: ts=8:expandtab:sw=4:softtabstop=4 - -vcl 4.0; - -backend default { - .host = "127.0.0.1"; - .port = "8080"; -} - -sub vcl_recv { - if (req.url ~ "^/where" || req.url ~ "^/location") { - set req.url = "/api/public/location"; - } - if (req.method != "GET" && - req.method != "HEAD" && - req.method != "PUT" && - req.method != "POST" && - req.method != "TRACE" && - req.method != "OPTIONS" && - req.method != "DELETE") { - # Vi hater alt som er gøy. - return (synth(418,"LOLOLOL")); - } - - if (req.method != "GET" && req.method != "HEAD") { - /* We only deal with GET and HEAD by default */ - return (pass); - } - - # Brukes ikke. Cookies er for nubs. - unset req.http.Cookie; - - # Tvinges gjennom for å cache med authorization-skrot. - return (hash); -} - - -# Rosa magi -sub vcl_hash { - # Wheee. Legg til authorization-headeren i hashen. - hash_data(req.http.authorization); -} - -# Mauve magi. Hva nå enn det er. -# Dette er WIP - Skal flyttes til backend -sub vcl_backend_response { - set beresp.http.x-url = bereq.url; - if (beresp.http.x-ban) { - ban("obj.http.x-url ~ " + beresp.http.x-ban); - } - if (beresp.status != 200) { - set beresp.uncacheable = false; - set beresp.ttl = 5s; - } -} |