diff options
author | BBcan177 <bbcan177@gmail.com> | 2014-12-07 18:30:22 -0500 |
---|---|---|
committer | BBcan177 <bbcan177@gmail.com> | 2014-12-07 18:30:22 -0500 |
commit | a6ec0dd240d2c5df10e121cff0550b9c326f70eb (patch) | |
tree | 16ad1ad46cad7b181914392f9b618f02fb1b1627 /config/varnish3 | |
parent | f51fcf2745bbff493b026d00354642b2fcb562bb (diff) | |
parent | de77645ca39ecd6b86bea62617ebf9081c07aea1 (diff) | |
download | pfsense-packages-a6ec0dd240d2c5df10e121cff0550b9c326f70eb.tar.gz pfsense-packages-a6ec0dd240d2c5df10e121cff0550b9c326f70eb.tar.bz2 pfsense-packages-a6ec0dd240d2c5df10e121cff0550b9c326f70eb.zip |
Merge branch 'master' of https://github.com/pfsense/pfsense-packages into pfBlockerNG_Beta_0.99
Diffstat (limited to 'config/varnish3')
-rw-r--r-- | config/varnish3/varnish.inc | 139 | ||||
-rw-r--r-- | config/varnish3/varnish_backends.xml | 5 | ||||
-rw-r--r-- | config/varnish3/varnish_custom_vcl.xml | 5 | ||||
-rw-r--r-- | config/varnish3/varnish_lb_directors.xml | 16 | ||||
-rw-r--r-- | config/varnish3/varnish_settings.xml | 5 | ||||
-rw-r--r-- | config/varnish3/varnish_sync.xml | 1 | ||||
-rw-r--r-- | config/varnish3/varnish_view_config.php | 9 | ||||
-rw-r--r-- | config/varnish3/varnishstat.php | 47 |
8 files changed, 173 insertions, 54 deletions
diff --git a/config/varnish3/varnish.inc b/config/varnish3/varnish.inc index bca02203..50b37990 100644 --- a/config/varnish3/varnish.inc +++ b/config/varnish3/varnish.inc @@ -36,14 +36,14 @@ $shortcut_section = "varnish"; $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); if (is_dir('/usr/pbi/varnish-' . php_uname("m"))) { - if ($pfs_version == 2.2) - define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")."/local"); - else define('VARNISH_LOCALBASE', '/usr/pbi/varnish-' . php_uname("m")); } else { define('VARNISH_LOCALBASE','/usr/local'); } +define('VARNISH_DIRTYPATH',"{$g['varrun_path']}/varnish.conf.dirty"); +define('VARNISH_CONFFILE','/var/etc/default.vcl'); + function varnish_settings_post_validate($post, &$input_errors) { if( !is_numeric($post['storagesize'])) $input_errors[] = "A valid number is required for the field 'Storage size'"; @@ -113,6 +113,17 @@ function varnish_backends_post_validate($post, &$input_errors) { function varnish_install() { create_varnish_rcd_file(); + + if (file_exists(VARNISH_LOCALBASE . '/local/lib/varnish/libvarnish.so')) { + @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvarnish.so', + VARNISH_LOCALBASE . '/local/lib/libvarnish.so'); + @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvarnishcompat.so', + VARNISH_LOCALBASE . '/local/lib/libvarnishcompat.so'); + @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvcl.so', + VARNISH_LOCALBASE . '/local/lib/libvcl.so'); + @symlink(VARNISH_LOCALBASE . '/local/lib/varnish/libvgz.so', + VARNISH_LOCALBASE . '/local/lib/libvgz.so'); + } } function varnish_deinstall() { @@ -122,12 +133,49 @@ function varnish_deinstall() { function text_area_decode($text){ return preg_replace('/\r\n/', "\n",base64_decode($text)); } -function varnish_start() { + +function varnish_check_config(){ + global $savemsg,$config; + + if (!isset($config['installedpackages']['varnishsettings']['config'][0]['enablevarnish'])) + return; + + $path = '/usr/bin/env PATH=' . VARNISH_LOCALBASE . '/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin'; + exec($path . " " . VARNISH_LOCALBASE."/bin/varnishd -C -f ".VARNISH_CONFFILE." 2>&1",$output,$return); + if ($return == 0){ + if (isset($_REQUEST['apply'])){ + varnish_start(true); + return; + } + + if (file_exists(VARNISH_DIRTYPATH)) + $savemsg="Varnish configuration has been changed.<br>You must apply in order to take effect.<br>"; + } + else{ + $savemsg.= implode("<br>",$output); + $savemsg.= "<br>Daemon will not be restarted."; + return 1; + } + return 0; +} + + +function varnish_start($force_start=false) { global $g, $config; + + if ($force_start){ + mwexec("/usr/local/etc/rc.d/varnish.sh"); + unlink_if_exists(VARNISH_DIRTYPATH); + return; + } + if ($config['installedpackages']['varnishsettings']['config'][0]['enablevarnish']){ exec("chmod +x /usr/local/etc/rc.d/varnish.sh"); - mwexec("/usr/local/etc/rc.d/varnish.sh");} - else{ + if (varnish_check_config() == 0 || $force_start){ + unlink_if_exists(VARNISH_DIRTYPATH); + mwexec("/usr/local/etc/rc.d/varnish.sh"); + } + }else{ exec("chmod -x /usr/local/etc/rc.d/varnish.sh"); mwexec("/usr/bin/killall varnishd");} } @@ -165,6 +213,13 @@ function varnish_get_url_mappings_txt() { $urlmappings .= "if (req.http.host $fieldtype ".'"'.$url['directorurl'].'"'." && req.url $fieldtype ".'"^'.$url['directorurl2'].'") {'."\n"; $urlbackend = "\t\t\tset req.backend = ".$url['directorname'].";"; + // check force ssl option + if ($url['forcessl']){ + $urlmappings .="\t\t#Force ssl for this host/director\n"; + $urlmappings .="\t\tif((req.http.X-Forwarded-Proto !~ \"(?i)https\" ) && !(client.ip ~ SslOffloadServers)){\n"; + $urlmappings .="\t\t\tset req.http.x-redir-url = \"https://\" + req.http.host + req.url;\n"; + $urlmappings .="\t\t\terror 750 req.http.x-redir-url;\n\t\t\t}\n"; + } // check rewrite options if ($url['rewritehost']) $urlmappings .= "\t\t\tset req.http.host = regsub(req.http.host, ".'"'.$url['directorurl'].'",'.'"'.$url['rewritehost'].'")'.";\n"; @@ -254,6 +309,8 @@ function create_varnish_rcd_file() { } } $fd = fopen("/usr/local/etc/rc.d/varnish.sh", "w"); + $conf_file=VARNISH_CONFFILE; + $bin_path=VARNISH_LOCALBASE . '/bin'; $rc_file = <<<EOF #!/bin/sh mkdir -p /var/varnish @@ -264,8 +321,7 @@ sysctl kern.ipc.somaxconn=16384 sysctl kern.maxfiles=131072 sysctl kern.maxfilesperproc=104856 sysctl kern.threads.max_threads_per_proc=4096 -/usr/bin/env \ -PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ +export PATH={$bin_path}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /usr/local/bin/php -q -d auto_prepend_file=config.inc <<ENDOFF <?php require_once("globals.inc"); @@ -273,14 +329,14 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ require_once("pkg-utils.inc"); require_once("varnish.inc"); sync_package_varnish(); - #varnish_start(); + unlink_if_exists(VARNISH_DIRTYPATH); ?> ENDOFF /usr/local/sbin/varnishd \ {$listeningport} \ - -f /var/etc/default.vcl \ + -f {$conf_file} \ {$storage_type} \ -w {$minworkers},{$maxworkers},{$timeoutworkers} \ {$advancedstartup} @@ -409,6 +465,12 @@ EOFA; function sync_package_varnish() { global $config, $g; + + if (isset($_POST["apply"])){ + varnish_start(); + unlink_if_exists(VARNISH_DIRTYPATH); + return; + } if (is_array($config['installedpackages']['varnishcustomvcl']['config'])) { foreach($config['installedpackages']['varnishcustomvcl']['config'] as $vcl) { if ($vcl['vcl_recv_early']) @@ -425,11 +487,23 @@ function sync_package_varnish() { $vcl_pipe_late = text_area_decode($vcl['vcl_pipe_late']); } } - $vcl_recv_set_basic='#BASIC VCL RULES SETTING'."\n"; - $vcl_recv_action_basic='#BASIC VCL RULES ACTIONS'."\n"; - #$plataform=posix_uname(); - if (is_array($config['installedpackages']['varnishsettings']['config'])) - foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { + + $vcl_recv_set_basic='#BASIC VCL RULES SETTING'."\n"; + $vcl_recv_action_basic='#BASIC VCL RULES ACTIONS'."\n"; + #$plataform=posix_uname(); + if (is_array($config['installedpackages']['varnishsettings']['config'])) + foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { + if ($vcl['ssloffload']){ + $vcl_acls="acl SslOffloadServers {\n\t\"localhost\";"; + $sslservers= split (" ",$vcl['ssloffload']); + foreach ($sslservers as $sslserver){ + if (preg_match("/(\S+)\/(d+)/",$sslserver,$sslm)) + $vcl_acls.="\n\t\"{$sslm[1]}\"/{$sslm[2]};"; + else + $vcl_acls.="\n\t\"{$sslserver}\";"; + } + $vcl_acls.="\n\t}\n"; + } if ($vcl['streaming']) $vcl_fetch_stream="set beresp.do_stream = true;\n"; if ($vcl['fixgzip']) { @@ -466,15 +540,6 @@ function sync_package_varnish() { $vcl_recv_set_basic .= "\tset req.http.X-Forwarded-For = req.http.X-Forwarded-For + \",\" + client.ip;\n\n"; break; case 'create': - $vcl_acls="acl SslOffloadServers {\n\t\"localhost\";"; - $sslservers= split (" ",$vcl['ssloffload']); - foreach ($sslservers as $sslserver){ - if (preg_match("/(\S+)\/(d+)/",$sslserver,$sslm)) - $vcl_acls.="\n\t\"{$sslm[1]}\"/{$sslm[2]};"; - else - $vcl_acls.="\n\t\"{$sslserver}\";"; - } - $vcl_acls.="}\n"; $vcl_recv_set_basic .= "\tif (req.http.X-Forwarded-For && client.ip ~ SslOffloadServers){\n\t\t"; $vcl_recv_set_basic .= "set req.http.X-Forwarded-Varnish = req.http.X-Forwarded-For;\n\t}"; $vcl_recv_set_basic .= "else{\n\t\tset req.http.X-Forwarded-Varnish = client.ip;\n\n\t}"; @@ -574,13 +639,19 @@ $varnish_config_file = <<<EOF # Varnish configuration file # Automatically generated by the pfSense package system -# This file is located in /var/etc/default.vcl +# This file is located in {$conf_file} sub vcl_error { - if (obj.status == 503 && req.restarts < {$vcl_restarts}) { - return(restart); + if (obj.status == 503 && req.restarts < {$vcl_restarts}) { + return(restart); } + if (obj.status == 750) { + set obj.http.Location = obj.response; + set obj.status = 301; + return(deliver); + } + set obj.http.Content-Type = "text/html; charset=utf-8"; synthetic {"<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" @@ -668,20 +739,22 @@ sub vcl_fini { } EOF; - file_put_contents("/var/etc/default.vcl",$varnish_config_file,LOCK_EX); - $cc_file="/usr/local/bin/cc"; + file_put_contents(VARNISH_CONFFILE,$varnish_config_file,LOCK_EX); + touch(VARNISH_DIRTYPATH); + varnish_sync_on_changes(); + + $cc_file=VARNISH_LOCALBASE."/bin/cc"; foreach (glob(VARNISH_LOCALBASE."/bin/gcc*") as $bin_file) { + if (strpos($bin_file, '.pbiopt') != FALSE) + continue; $gcc_file=$bin_file; } if (!file_exists($cc_file) && file_exists($gcc_file)){ symlink($gcc_file,$cc_file); } - $fd = fopen("/var/etc/default.vcl", "w"); - fwrite($fd, $varnish_config_file); - fclose($fd); + create_varnish_rcd_file(); - varnish_sync_on_changes(); } /* Uses XMLRPC to synchronize the changes to a remote node */ diff --git a/config/varnish3/varnish_backends.xml b/config/varnish3/varnish_backends.xml index dd93eba5..95248cb9 100644 --- a/config/varnish3/varnish_backends.xml +++ b/config/varnish3/varnish_backends.xml @@ -293,16 +293,13 @@ varnish_install(); </custom_php_install_command> <custom_php_command_before_form> + varnish_check_config(); </custom_php_command_before_form> <custom_delete_php_command> sync_package_varnish(); - create_varnish_rcd_file(); - varnish_start(); </custom_delete_php_command> <custom_php_resync_config_command> sync_package_varnish(); - create_varnish_rcd_file(); - varnish_start(); </custom_php_resync_config_command> <custom_php_validation_command> varnish_backends_post_validate($_POST, $input_errors); diff --git a/config/varnish3/varnish_custom_vcl.xml b/config/varnish3/varnish_custom_vcl.xml index 7c940f40..4950c6ed 100644 --- a/config/varnish3/varnish_custom_vcl.xml +++ b/config/varnish3/varnish_custom_vcl.xml @@ -169,11 +169,12 @@ <encoding>base64</encoding> </field> </fields> + <custom_php_command_before_form> + varnish_check_config(); + </custom_php_command_before_form> <custom_php_validation_command> </custom_php_validation_command> <custom_php_resync_config_command> sync_package_varnish(); - create_varnish_rcd_file(); - varnish_start(); </custom_php_resync_config_command> </packagegui>
\ No newline at end of file diff --git a/config/varnish3/varnish_lb_directors.xml b/config/varnish3/varnish_lb_directors.xml index e3cd8c04..c8868ec4 100644 --- a/config/varnish3/varnish_lb_directors.xml +++ b/config/varnish3/varnish_lb_directors.xml @@ -130,6 +130,10 @@ <fieldname>grace</fieldname> </columnitem> <columnitem> + <fielddescr>SSL</fielddescr> + <fieldname>forcessl</fieldname> + </columnitem> + <columnitem> <fielddescr>Failover</fielddescr> <fieldname>failover</fieldname> </columnitem> @@ -197,6 +201,13 @@ <type>input</type> <size>5</size> </field> + <field> + <fielddescr>Force SSL</fielddescr> + <fieldname>forcessl</fieldname> + <description><![CDATA[Redirect to ssl if request does not came from ssl offload servers.]]></description> + <type>checkbox</type> + <size>5</size> + </field> <field> <fielddescr>Additions options</fielddescr> <fieldname>customapping</fieldname> @@ -261,16 +272,13 @@ </field> </fields> <custom_php_command_before_form> + varnish_check_config(); </custom_php_command_before_form> <custom_delete_php_command> sync_package_varnish(); - create_varnish_rcd_file(); - varnish_start(); </custom_delete_php_command> <custom_php_resync_config_command> sync_package_varnish(); - create_varnish_rcd_file(); - varnish_start(); </custom_php_resync_config_command> <custom_php_validation_command> varnish_lb_directors_post_validate($_POST, $input_errors); diff --git a/config/varnish3/varnish_settings.xml b/config/varnish3/varnish_settings.xml index 99e29663..accfaae8 100644 --- a/config/varnish3/varnish_settings.xml +++ b/config/varnish3/varnish_settings.xml @@ -283,10 +283,13 @@ <encoding>base64</encoding> </field> </fields> + <custom_php_command_before_form> + varnish_check_config(); + </custom_php_command_before_form> + <custom_php_resync_config_command> sync_package_varnish(); create_varnish_rcd_file(); - varnish_start(); </custom_php_resync_config_command> <custom_php_validation_command> varnish_settings_post_validate($_POST, $input_errors); diff --git a/config/varnish3/varnish_sync.xml b/config/varnish3/varnish_sync.xml index eb908afe..c5b4b69c 100644 --- a/config/varnish3/varnish_sync.xml +++ b/config/varnish3/varnish_sync.xml @@ -136,5 +136,6 @@ </custom_php_resync_config_command> <custom_php_command_before_form> unset($_POST['temp']); + varnish_check_config(); </custom_php_command_before_form> </packagegui>
\ No newline at end of file diff --git a/config/varnish3/varnish_view_config.php b/config/varnish3/varnish_view_config.php index b02e5c88..30765756 100644 --- a/config/varnish3/varnish_view_config.php +++ b/config/varnish3/varnish_view_config.php @@ -28,7 +28,7 @@ */ require("guiconfig.inc"); - +require("varnish.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) $one_two = true; @@ -44,7 +44,7 @@ include("head.inc"); <p class="pgtitle"><?=$pgtitle?></font></p> <?php endif; ?> -<?php if ($savemsg) print_info_box($savemsg); ?> +<?php varnish_check_config();if ($savemsg) print_info_box($savemsg); ?> <form action="varnishstat_view_config.php" method="post"> @@ -71,8 +71,9 @@ include("head.inc"); <td class="tabcont" > <textarea id="varnishlogs" rows="50" cols="100%"> <?php - $config_file = file_get_contents("/var/etc/default.vcl"); - echo $config_file; + $config_file = file("/var/etc/default.vcl"); + foreach ($config_file as $l => $v) + echo ($l+1)." - {$v}"; ?> </textarea> </td> diff --git a/config/varnish3/varnishstat.php b/config/varnish3/varnishstat.php index 9e4e2f3d..aa6827a8 100644 --- a/config/varnish3/varnishstat.php +++ b/config/varnish3/varnishstat.php @@ -1,8 +1,9 @@ <?php /* - varnishstat_view_logs.php + varnishstat.php part of pfSense (https://www.pfsense.org/) Copyright (C) 2006 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2014 Marcello Coutinho All rights reserved. Redistribution and use in source and binary forms, with or without @@ -28,11 +29,45 @@ */ require("guiconfig.inc"); - +require("varnish.inc"); +function open_table(){ + echo "<table style=\"padding-top:0px; padding-bottom:0px; padding-left:0px; padding-right:0px\" width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">"; + echo" <tr>"; +} +function close_table(){ + echo" </tr>"; + echo"</table>"; + echo "<br>"; +} if($_REQUEST['getactivity']) { - $varnishstatlogs = `varnishstat -1`; + //$varnishstatlogs = `varnishstat -1`; + $backends=exec("varnishstat -1",$debug); echo "<h2>VarnishSTAT Server logs as of " . date("D M j G:i:s T Y") . "</h2>"; - echo $varnishstatlogs; + open_table(); + print "<td class=\"vncellt\" width=30%><strong>Description</strong></td>"; + print "<td class=\"vncellt\" width=15%><strong>Count</strong></td>"; + print "<td class=\"vncellt\" width=15%><strong></strong></td>"; + print "<td width=20%></td><td width=20%></td></tr>"; + foreach ($debug as $line){ + if (!preg_match("/^VBE/",$line,$lm) && + preg_match("/(\S+)\s+(\S+)\s+(\S+)\s+(.*)/",$line,$lm)) + $varnish_stats[]=$lm; + } + unset($debug); + if (is_array($varnish_stats)){ + foreach ($varnish_stats as $v){ + print "<td class=\"listlr\"> $v[4] ($v[1])</td>"; + print "<td class=\"listlr\" align=\"Right\">". @number_format($v[2]) ."</td>"; + print "<td class=\"listlr\" align=\"Right\">$v[3]</td>"; + print "<td> </td><td> </td></tr>"; + } + } + else{ + print "<td class=\"listlr\">No traffic</td><td class=\"listlr\"></td><td class=\"listlr\"></td></tr>"; + } + +close_table(); + //echo $varnishstatlogs; exit; } @@ -70,7 +105,7 @@ include("head.inc"); <p class="pgtitle"><?=$pgtitle?></font></p> <?php endif; ?> -<?php if ($savemsg) print_info_box($savemsg); ?> +<?php varnish_check_config();if ($savemsg) print_info_box($savemsg); ?> <div id="mainlevel"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> @@ -93,7 +128,7 @@ include("head.inc"); <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td class="tabcont" > - <form action="varnishstat_view_logs.php" method="post"> + <form action="varnishstat.php" method="post"> <div id="varnishstatlogs"> <pre>One moment please, loading VarnishSTAT...</pre> </div> |