aboutsummaryrefslogtreecommitdiffstats
path: root/config/varnish3
diff options
context:
space:
mode:
authorBBcan177 <bbcan177@gmail.com>2014-12-07 18:30:22 -0500
committerBBcan177 <bbcan177@gmail.com>2014-12-07 18:30:22 -0500
commita6ec0dd240d2c5df10e121cff0550b9c326f70eb (patch)
tree16ad1ad46cad7b181914392f9b618f02fb1b1627 /config/varnish3
parentf51fcf2745bbff493b026d00354642b2fcb562bb (diff)
parentde77645ca39ecd6b86bea62617ebf9081c07aea1 (diff)
downloadpfsense-packages-a6ec0dd240d2c5df10e121cff0550b9c326f70eb.tar.gz
pfsense-packages-a6ec0dd240d2c5df10e121cff0550b9c326f70eb.tar.bz2
pfsense-packages-a6ec0dd240d2c5df10e121cff0550b9c326f70eb.zip
Merge branch 'master' of https://github.com/pfsense/pfsense-packages into pfBlockerNG_Beta_0.99
Diffstat (limited to 'config/varnish3')
-rw-r--r--config/varnish3/varnish.inc139
-rw-r--r--config/varnish3/varnish_backends.xml5
-rw-r--r--config/varnish3/varnish_custom_vcl.xml5
-rw-r--r--config/varnish3/varnish_lb_directors.xml16
-rw-r--r--config/varnish3/varnish_settings.xml5
-rw-r--r--config/varnish3/varnish_sync.xml1
-rw-r--r--config/varnish3/varnish_view_config.php9
-rw-r--r--config/varnish3/varnishstat.php47
8 files changed, 173 insertions, 54 deletions
diff --git a/config/varnish3/varnish.inc b/config/varnish3/varnish.inc
index bca02203..50b37990 100644
--- a/config/varnish3/varnish.inc
+++ b/config/varnish3/varnish.inc
@@ -36,14 +36,14 @@ $shortcut_section = "varnish";
$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
if (is_dir('/usr/pbi/varnish-' . php_uname("m"))) {
- if ($pfs_version == 2.2)
- define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")."/local");
- else
define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m"));
} else {
define('VARNISH_LOCALBASE','/usr/local');
}
+define('VARNISH_DIRTYPATH',"{$g['varrun_path']}/varnish.conf.dirty");
+define('VARNISH_CONFFILE','/var/etc/default.vcl');
+
function varnish_settings_post_validate($post, &$input_errors) {
if( !is_numeric($post['storagesize']))
$input_errors[] = "A valid number is required for the field 'Storage size'";
@@ -113,6 +113,17 @@ function varnish_backends_post_validate($post, &$input_errors) {
function varnish_install() {
create_varnish_rcd_file();
+
+ if (file_exists(VARNISH_LOCALBASE . '/local/lib/varnish/libvarnish.so')) {
+ @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvarnish.so',
+ VARNISH_LOCALBASE . '/local/lib/libvarnish.so');
+ @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvarnishcompat.so',
+ VARNISH_LOCALBASE . '/local/lib/libvarnishcompat.so');
+ @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvcl.so',
+ VARNISH_LOCALBASE . '/local/lib/libvcl.so');
+ @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvgz.so',
+ VARNISH_LOCALBASE . '/local/lib/libvgz.so');
+ }
}
function varnish_deinstall() {
@@ -122,12 +133,49 @@ function varnish_deinstall() {
function text_area_decode($text){
return preg_replace('/\r\n/', "\n",base64_decode($text));
}
-function varnish_start() {
+
+function varnish_check_config(){
+ global $savemsg,$config;
+
+ if (!isset($config['installedpackages']['varnishsettings']['config'][0]['enablevarnish']))
+ return;
+
+ $path = '/usr/bin/env PATH=' . VARNISH_LOCALBASE . '/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin';
+ exec($path . " " . VARNISH_LOCALBASE."/bin/varnishd -C -f ".VARNISH_CONFFILE." 2>&1",$output,$return);
+ if ($return == 0){
+ if (isset($_REQUEST['apply'])){
+ varnish_start(true);
+ return;
+ }
+
+ if (file_exists(VARNISH_DIRTYPATH))
+ $savemsg="Varnish configuration has been changed.<br>You must apply in order to take effect.<br>";
+ }
+ else{
+ $savemsg.= implode("<br>",$output);
+ $savemsg.= "<br>Daemon will not be restarted.";
+ return 1;
+ }
+ return 0;
+}
+
+
+function varnish_start($force_start=false) {
global $g, $config;
+
+ if ($force_start){
+ mwexec("/usr/local/etc/rc.d/varnish.sh");
+ unlink_if_exists(VARNISH_DIRTYPATH);
+ return;
+ }
+
if ($config['installedpackages']['varnishsettings']['config'][0]['enablevarnish']){
exec("chmod +x /usr/local/etc/rc.d/varnish.sh");
- mwexec("/usr/local/etc/rc.d/varnish.sh");}
- else{
+ if (varnish_check_config() == 0 || $force_start){
+ unlink_if_exists(VARNISH_DIRTYPATH);
+ mwexec("/usr/local/etc/rc.d/varnish.sh");
+ }
+ }else{
exec("chmod -x /usr/local/etc/rc.d/varnish.sh");
mwexec("/usr/bin/killall varnishd");}
}
@@ -165,6 +213,13 @@ function varnish_get_url_mappings_txt() {
$urlmappings .= "if (req.http.host $fieldtype ".'"'.$url['directorurl'].'"'." && req.url $fieldtype ".'"^'.$url['directorurl2'].'") {'."\n";
$urlbackend = "\t\t\tset req.backend = ".$url['directorname'].";";
+ // check force ssl option
+ if ($url['forcessl']){
+ $urlmappings .="\t\t#Force ssl for this host/director\n";
+ $urlmappings .="\t\tif((req.http.X-Forwarded-Proto !~ \"(?i)https\" ) && !(client.ip ~ SslOffloadServers)){\n";
+ $urlmappings .="\t\t\tset req.http.x-redir-url = \"https://\" + req.http.host + req.url;\n";
+ $urlmappings .="\t\t\terror 750 req.http.x-redir-url;\n\t\t\t}\n";
+ }
// check rewrite options
if ($url['rewritehost'])
$urlmappings .= "\t\t\tset req.http.host = regsub(req.http.host, ".'"'.$url['directorurl'].'",'.'"'.$url['rewritehost'].'")'.";\n";
@@ -254,6 +309,8 @@ function create_varnish_rcd_file() {
}
}
$fd = fopen("/usr/local/etc/rc.d/varnish.sh", "w");
+ $conf_file=VARNISH_CONFFILE;
+ $bin_path=VARNISH_LOCALBASE . '/bin';
$rc_file = <<<EOF
#!/bin/sh
mkdir -p /var/varnish
@@ -264,8 +321,7 @@ sysctl kern.ipc.somaxconn=16384
sysctl kern.maxfiles=131072
sysctl kern.maxfilesperproc=104856
sysctl kern.threads.max_threads_per_proc=4096
-/usr/bin/env \
-PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
+export PATH={$bin_path}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
/usr/local/bin/php -q -d auto_prepend_file=config.inc <<ENDOFF
<?php
require_once("globals.inc");
@@ -273,14 +329,14 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
require_once("pkg-utils.inc");
require_once("varnish.inc");
sync_package_varnish();
- #varnish_start();
+ unlink_if_exists(VARNISH_DIRTYPATH);
?>
ENDOFF
/usr/local/sbin/varnishd \
{$listeningport} \
- -f /var/etc/default.vcl \
+ -f {$conf_file} \
{$storage_type} \
-w {$minworkers},{$maxworkers},{$timeoutworkers} \
{$advancedstartup}
@@ -409,6 +465,12 @@ EOFA;
function sync_package_varnish() {
global $config, $g;
+
+ if (isset($_POST["apply"])){
+ varnish_start();
+ unlink_if_exists(VARNISH_DIRTYPATH);
+ return;
+ }
if (is_array($config['installedpackages']['varnishcustomvcl']['config'])) {
foreach($config['installedpackages']['varnishcustomvcl']['config'] as $vcl) {
if ($vcl['vcl_recv_early'])
@@ -425,11 +487,23 @@ function sync_package_varnish() {
$vcl_pipe_late = text_area_decode($vcl['vcl_pipe_late']);
}
}
- $vcl_recv_set_basic='#BASIC VCL RULES SETTING'."\n";
- $vcl_recv_action_basic='#BASIC VCL RULES ACTIONS'."\n";
- #$plataform=posix_uname();
- if (is_array($config['installedpackages']['varnishsettings']['config']))
- foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) {
+
+ $vcl_recv_set_basic='#BASIC VCL RULES SETTING'."\n";
+ $vcl_recv_action_basic='#BASIC VCL RULES ACTIONS'."\n";
+ #$plataform=posix_uname();
+ if (is_array($config['installedpackages']['varnishsettings']['config']))
+ foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) {
+ if ($vcl['ssloffload']){
+ $vcl_acls="acl SslOffloadServers {\n\t\"localhost\";";
+ $sslservers= split (" ",$vcl['ssloffload']);
+ foreach ($sslservers as $sslserver){
+ if (preg_match("/(\S+)\/(d+)/",$sslserver,$sslm))
+ $vcl_acls.="\n\t\"{$sslm[1]}\"/{$sslm[2]};";
+ else
+ $vcl_acls.="\n\t\"{$sslserver}\";";
+ }
+ $vcl_acls.="\n\t}\n";
+ }
if ($vcl['streaming'])
$vcl_fetch_stream="set beresp.do_stream = true;\n";
if ($vcl['fixgzip']) {
@@ -466,15 +540,6 @@ function sync_package_varnish() {
$vcl_recv_set_basic .= "\tset req.http.X-Forwarded-For = req.http.X-Forwarded-For + \",\" + client.ip;\n\n";
break;
case 'create':
- $vcl_acls="acl SslOffloadServers {\n\t\"localhost\";";
- $sslservers= split (" ",$vcl['ssloffload']);
- foreach ($sslservers as $sslserver){
- if (preg_match("/(\S+)\/(d+)/",$sslserver,$sslm))
- $vcl_acls.="\n\t\"{$sslm[1]}\"/{$sslm[2]};";
- else
- $vcl_acls.="\n\t\"{$sslserver}\";";
- }
- $vcl_acls.="}\n";
$vcl_recv_set_basic .= "\tif (req.http.X-Forwarded-For && client.ip ~ SslOffloadServers){\n\t\t";
$vcl_recv_set_basic .= "set req.http.X-Forwarded-Varnish = req.http.X-Forwarded-For;\n\t}";
$vcl_recv_set_basic .= "else{\n\t\tset req.http.X-Forwarded-Varnish = client.ip;\n\n\t}";
@@ -574,13 +639,19 @@ $varnish_config_file = <<<EOF
# Varnish configuration file
# Automatically generated by the pfSense package system
-# This file is located in /var/etc/default.vcl
+# This file is located in {$conf_file}
sub vcl_error {
- if (obj.status == 503 && req.restarts < {$vcl_restarts}) {
- return(restart);
+ if (obj.status == 503 && req.restarts < {$vcl_restarts}) {
+ return(restart);
}
+ if (obj.status == 750) {
+ set obj.http.Location = obj.response;
+ set obj.status = 301;
+ return(deliver);
+ }
+
set obj.http.Content-Type = "text/html; charset=utf-8";
synthetic {"<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
@@ -668,20 +739,22 @@ sub vcl_fini {
}
EOF;
- file_put_contents("/var/etc/default.vcl",$varnish_config_file,LOCK_EX);
- $cc_file="/usr/local/bin/cc";
+ file_put_contents(VARNISH_CONFFILE,$varnish_config_file,LOCK_EX);
+ touch(VARNISH_DIRTYPATH);
+ varnish_sync_on_changes();
+
+ $cc_file=VARNISH_LOCALBASE."/bin/cc";
foreach (glob(VARNISH_LOCALBASE."/bin/gcc*") as $bin_file) {
+ if (strpos($bin_file, '.pbiopt') != FALSE)
+ continue;
$gcc_file=$bin_file;
}
if (!file_exists($cc_file) && file_exists($gcc_file)){
symlink($gcc_file,$cc_file);
}
- $fd = fopen("/var/etc/default.vcl", "w");
- fwrite($fd, $varnish_config_file);
- fclose($fd);
+ create_varnish_rcd_file();
- varnish_sync_on_changes();
}
/* Uses XMLRPC to synchronize the changes to a remote node */
diff --git a/config/varnish3/varnish_backends.xml b/config/varnish3/varnish_backends.xml
index dd93eba5..95248cb9 100644
--- a/config/varnish3/varnish_backends.xml
+++ b/config/varnish3/varnish_backends.xml
@@ -293,16 +293,13 @@
varnish_install();
</custom_php_install_command>
<custom_php_command_before_form>
+ varnish_check_config();
</custom_php_command_before_form>
<custom_delete_php_command>
sync_package_varnish();
- create_varnish_rcd_file();
- varnish_start();
</custom_delete_php_command>
<custom_php_resync_config_command>
sync_package_varnish();
- create_varnish_rcd_file();
- varnish_start();
</custom_php_resync_config_command>
<custom_php_validation_command>
varnish_backends_post_validate($_POST, $input_errors);
diff --git a/config/varnish3/varnish_custom_vcl.xml b/config/varnish3/varnish_custom_vcl.xml
index 7c940f40..4950c6ed 100644
--- a/config/varnish3/varnish_custom_vcl.xml
+++ b/config/varnish3/varnish_custom_vcl.xml
@@ -169,11 +169,12 @@
<encoding>base64</encoding>
</field>
</fields>
+ <custom_php_command_before_form>
+ varnish_check_config();
+ </custom_php_command_before_form>
<custom_php_validation_command>
</custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_varnish();
- create_varnish_rcd_file();
- varnish_start();
</custom_php_resync_config_command>
</packagegui> \ No newline at end of file
diff --git a/config/varnish3/varnish_lb_directors.xml b/config/varnish3/varnish_lb_directors.xml
index e3cd8c04..c8868ec4 100644
--- a/config/varnish3/varnish_lb_directors.xml
+++ b/config/varnish3/varnish_lb_directors.xml
@@ -130,6 +130,10 @@
<fieldname>grace</fieldname>
</columnitem>
<columnitem>
+ <fielddescr>SSL</fielddescr>
+ <fieldname>forcessl</fieldname>
+ </columnitem>
+ <columnitem>
<fielddescr>Failover</fielddescr>
<fieldname>failover</fieldname>
</columnitem>
@@ -197,6 +201,13 @@
<type>input</type>
<size>5</size>
</field>
+ <field>
+ <fielddescr>Force SSL</fielddescr>
+ <fieldname>forcessl</fieldname>
+ <description><![CDATA[Redirect to ssl if request does not came from ssl offload servers.]]></description>
+ <type>checkbox</type>
+ <size>5</size>
+ </field>
<field>
<fielddescr>Additions options</fielddescr>
<fieldname>customapping</fieldname>
@@ -261,16 +272,13 @@
</field>
</fields>
<custom_php_command_before_form>
+ varnish_check_config();
</custom_php_command_before_form>
<custom_delete_php_command>
sync_package_varnish();
- create_varnish_rcd_file();
- varnish_start();
</custom_delete_php_command>
<custom_php_resync_config_command>
sync_package_varnish();
- create_varnish_rcd_file();
- varnish_start();
</custom_php_resync_config_command>
<custom_php_validation_command>
varnish_lb_directors_post_validate($_POST, $input_errors);
diff --git a/config/varnish3/varnish_settings.xml b/config/varnish3/varnish_settings.xml
index 99e29663..accfaae8 100644
--- a/config/varnish3/varnish_settings.xml
+++ b/config/varnish3/varnish_settings.xml
@@ -283,10 +283,13 @@
<encoding>base64</encoding>
</field>
</fields>
+ <custom_php_command_before_form>
+ varnish_check_config();
+ </custom_php_command_before_form>
+
<custom_php_resync_config_command>
sync_package_varnish();
create_varnish_rcd_file();
- varnish_start();
</custom_php_resync_config_command>
<custom_php_validation_command>
varnish_settings_post_validate($_POST, $input_errors);
diff --git a/config/varnish3/varnish_sync.xml b/config/varnish3/varnish_sync.xml
index eb908afe..c5b4b69c 100644
--- a/config/varnish3/varnish_sync.xml
+++ b/config/varnish3/varnish_sync.xml
@@ -136,5 +136,6 @@
</custom_php_resync_config_command>
<custom_php_command_before_form>
unset($_POST['temp']);
+ varnish_check_config();
</custom_php_command_before_form>
</packagegui> \ No newline at end of file
diff --git a/config/varnish3/varnish_view_config.php b/config/varnish3/varnish_view_config.php
index b02e5c88..30765756 100644
--- a/config/varnish3/varnish_view_config.php
+++ b/config/varnish3/varnish_view_config.php
@@ -28,7 +28,7 @@
*/
require("guiconfig.inc");
-
+require("varnish.inc");
$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
if ($pf_version < 2.0)
$one_two = true;
@@ -44,7 +44,7 @@ include("head.inc");
<p class="pgtitle"><?=$pgtitle?></font></p>
<?php endif; ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php varnish_check_config();if ($savemsg) print_info_box($savemsg); ?>
<form action="varnishstat_view_config.php" method="post">
@@ -71,8 +71,9 @@ include("head.inc");
<td class="tabcont" >
<textarea id="varnishlogs" rows="50" cols="100%">
<?php
- $config_file = file_get_contents("/var/etc/default.vcl");
- echo $config_file;
+ $config_file = file("/var/etc/default.vcl");
+ foreach ($config_file as $l => $v)
+ echo ($l+1)." - {$v}";
?>
</textarea>
</td>
diff --git a/config/varnish3/varnishstat.php b/config/varnish3/varnishstat.php
index 9e4e2f3d..aa6827a8 100644
--- a/config/varnish3/varnishstat.php
+++ b/config/varnish3/varnishstat.php
@@ -1,8 +1,9 @@
<?php
/*
- varnishstat_view_logs.php
+ varnishstat.php
part of pfSense (https://www.pfsense.org/)
Copyright (C) 2006 Scott Ullrich <sullrich@gmail.com>
+ Copyright (C) 2014 Marcello Coutinho
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -28,11 +29,45 @@
*/
require("guiconfig.inc");
-
+require("varnish.inc");
+function open_table(){
+ echo "<table style=\"padding-top:0px; padding-bottom:0px; padding-left:0px; padding-right:0px\" width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">";
+ echo" <tr>";
+}
+function close_table(){
+ echo" </tr>";
+ echo"</table>";
+ echo "<br>";
+}
if($_REQUEST['getactivity']) {
- $varnishstatlogs = `varnishstat -1`;
+ //$varnishstatlogs = `varnishstat -1`;
+ $backends=exec("varnishstat -1",$debug);
echo "<h2>VarnishSTAT Server logs as of " . date("D M j G:i:s T Y") . "</h2>";
- echo $varnishstatlogs;
+ open_table();
+ print "<td class=\"vncellt\" width=30%><strong>Description</strong></td>";
+ print "<td class=\"vncellt\" width=15%><strong>Count</strong></td>";
+ print "<td class=\"vncellt\" width=15%><strong></strong></td>";
+ print "<td width=20%></td><td width=20%></td></tr>";
+ foreach ($debug as $line){
+ if (!preg_match("/^VBE/",$line,$lm) &&
+ preg_match("/(\S+)\s+(\S+)\s+(\S+)\s+(.*)/",$line,$lm))
+ $varnish_stats[]=$lm;
+ }
+ unset($debug);
+ if (is_array($varnish_stats)){
+ foreach ($varnish_stats as $v){
+ print "<td class=\"listlr\"> $v[4] ($v[1])</td>";
+ print "<td class=\"listlr\" align=\"Right\">". @number_format($v[2]) ."</td>";
+ print "<td class=\"listlr\" align=\"Right\">$v[3]</td>";
+ print "<td>&nbsp;</td><td>&nbsp;</td></tr>";
+ }
+ }
+ else{
+ print "<td class=\"listlr\">No traffic</td><td class=\"listlr\"></td><td class=\"listlr\"></td></tr>";
+ }
+
+close_table();
+ //echo $varnishstatlogs;
exit;
}
@@ -70,7 +105,7 @@ include("head.inc");
<p class="pgtitle"><?=$pgtitle?></font></p>
<?php endif; ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php varnish_check_config();if ($savemsg) print_info_box($savemsg); ?>
<div id="mainlevel">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
@@ -93,7 +128,7 @@ include("head.inc");
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td class="tabcont" >
- <form action="varnishstat_view_logs.php" method="post">
+ <form action="varnishstat.php" method="post">
<div id="varnishstatlogs">
<pre>One moment please, loading VarnishSTAT...</pre>
</div>