site => 'snapshot.debian.org',
content => template('roles/snapshot/snapshot.debian.org.conf.erb')
}
+
+ case $::hostname {
+ 'sallinen': {
+ varnish::default { 'default':
+ listen => ':6081,[2001:630:206:4000:1a1a:0:c13e:ca1b]:80',
+ backend => 'file,/var/lib/varnish/varnish_storage.bin,8G',
+ content => template('roles/snapshot/snapshot.debian.org.vcl.erb'),
+ }
+
+ file { '/etc/apache2/ports.conf':
+ content => @("EOF"),
+ Listen 0.0.0.0:80
+ Listen [2001:630:206:4000:1a1a:0:c13e:ca1a]:80
+ | EOF
+ require => Package['apache2'],
+ notify => Service['apache2'],
+ }
+ }
+ default: {
+ fail ( "unknown host $::hostname for snapshot_web." )
+ }
+ }
}
--- /dev/null
+#-e This is a basic VCL configuration file for varnish. See the vcl(7)
+#man page for details on VCL syntax and semantics.
+vcl 4.0;
+
+backend default {
+ .host = "127.0.0.1";
+ .port = "80";
+}
+
+# weasel's rule:
+sub vcl_recv {
+ if (req.http.Cache-Control ~ "(?i)no-cache") {
+ # Ignore requests via proxy caches and badly behaved crawlers
+ if (! (req.http.Via || req.http.User-Agent ~ "(?i)bot" || req.http.X-Purge)) {
+ return(purge); # Couple this with restart in vcl_purge and X-Purge header to avoid loops
+ }
+ }
+}
+
+sub vcl_purge {
+ # Only handle actual PURGE HTTP methods, everything else is discarded
+ if (req.method != "PURGE") {
+ # restart request
+ set req.http.X-Purge = "Yes";
+ return(restart);
+ }
+}
--- /dev/null
+define varnish::config (
+ $listen = ':6081',
+ $source=undef,
+ $content=undef,
+ $ensure = 'present',
+ $backend = "-s malloc,256m",
+) {
+ if $name != "default" {
+ fail ( "This module cannot setup non-default varnish instances yet." )
+ }
+
+ case $ensure {
+ present: {
+ include varnish::base
+
+ if ! ($source or $content) {
+ fail ( "No configuration found for ${name}" )
+ }
+
+ systemd::override { 'varnish':
+ content => @("EOF"),
+ [Service]
+ ExecStart=
+ ExecStart=/usr/sbin/varnishd -a ${listen} -T localhost:6082 -f /etc/varnish/${name}.vcl -S /etc/varnish/secret -s ${backend}
+ | EOF
+ }
+
+ $dest = "/etc/varnish/${name}.vcl"
+ if $content {
+ file { "${dest}":
+ ensure => $ensure,
+ content => $content,
+ notify => Service["varnish"],
+ }
+ } elsif $source {
+ file { "${dest}":
+ ensure => $ensure,
+ source => $source,
+ notify => Service["varnish"],
+ }
+ }
+ }
+ default: {
+ fail ( "Can only deal with ensure=>present for now" )
+ }
+ }
+}
projects / mirror / dsa-puppet.git / commitdiff