summary refs log tree commit diff
path: root/services/tazblog/varnish
diff options
context:
space:
mode:
Diffstat (limited to 'services/tazblog/varnish')
-rw-r--r--services/tazblog/varnish/Dockerfile16
-rw-r--r--services/tazblog/varnish/default.vcl60
2 files changed, 0 insertions, 76 deletions
diff --git a/services/tazblog/varnish/Dockerfile b/services/tazblog/varnish/Dockerfile
deleted file mode 100644
index 83733b527d31..000000000000
--- a/services/tazblog/varnish/Dockerfile
+++ /dev/null
@@ -1,16 +0,0 @@
-FROM centos:7
-MAINTAINER Vincent Ambo <hej@tazj.in>
-
-EXPOSE 6081 6082 6083
-
-RUN yum install -y epel-release && \
-    rpm --nosignature -i https://repo.varnish-cache.org/redhat/varnish-4.1.el7.rpm && \
-    yum install -y varnish
-
-ADD default.vcl /etc/varnish/default.vcl
-
-CMD ulimit -n 131072 && \
-    /usr/sbin/varnishd -F -f /etc/varnish/default.vcl \
-                       -a :6081 -T :6082 -a :6083,PROXY -t 120 \
-                       -p thread_pool_min=5 -p thread_pool_max=500\
-                       -p thread_pool_timeout=300
diff --git a/services/tazblog/varnish/default.vcl b/services/tazblog/varnish/default.vcl
deleted file mode 100644
index 5a15d21a9c98..000000000000
--- a/services/tazblog/varnish/default.vcl
+++ /dev/null
@@ -1,60 +0,0 @@
-vcl 4.0;
-import std;
-
-# By default, Varnish will run on the same servers as the blog. Inside of
-# Kubernetes this will be inside the same pod.
-
-backend default {
-        .host = "localhost";
-        .port = "8000";
-}
-
-# Purge requests should be accepted from localhost
-acl purge {
-        "localhost";
-}
-
-sub vcl_recv {
-        # Allow HTTP PURGE from ACL above
-        if (req.method == "PURGE" && client.ip ~ purge) {
-                return (purge);
-        }
-
-        # Don't cache admin page
-        if (req.url ~ "^/admin") {
-                return (pass);
-        }
-
-        # Redirect non-www to www and non-HTTPS to HTTPS
-        if (req.http.host ~ "^tazj.in" || std.port(local.ip) == 6081) {
-                return (synth (750, ""));
-        }
-}
-
-sub vcl_backend_response {
-        # Cache everything for at least 1 minute.
-        if (beresp.ttl < 1m) {
-                set beresp.ttl = 1m;
-        }
-}
-
-sub vcl_deliver {
-        # Add an HSTS header to everything
-        set resp.http.Strict-Transport-Security = "max-age=31536000;includeSubdomains;preload";
-
-        if (obj.hits > 0) {
-                set resp.http.X-Cache = "HIT";
-        } else {
-                set resp.http.X-Cache = "MISS";
-        }
-}
-
-sub vcl_synth {
-        # Execute TLS or www. redirect
-        if (resp.status == 750) {
-                set resp.http.Location = "https://www.tazj.in" + req.url;
-                set resp.http.Strict-Transport-Security = "max-age=31536000;includeSubdomains;preload";
-                set resp.status = 301;
-                return (deliver);
-        }
-}