aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/varnish64/backends.xml123
-rw-r--r--config/varnish64/varnish.inc204
-rw-r--r--config/varnish64/varnish_settings.xml93
3 files changed, 420 insertions, 0 deletions
diff --git a/config/varnish64/backends.xml b/config/varnish64/backends.xml
new file mode 100644
index 00000000..bcec031b
--- /dev/null
+++ b/config/varnish64/backends.xml
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ backends.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2010 Scott Ullrich
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>varnishbackends</name>
+ <version>0.0.1</version>
+ <title>Varnish: Whitelist</title>
+ <menu>
+ <name>Varnish </name>
+ <tooltiptext></tooltiptext>
+ <section>Services</section>
+ <configfile>backends.xml</configfile>
+ </menu>
+ <tabs>
+ <tab>
+ <text>Varnish Backends</text>
+ <url>/pkg.php?xml=backends.xml</url>
+ <active/>
+ </tab>
+ </tabs>
+ <configpath>['installedpackages']['varnish']['config']</configpath>
+ <adddeleteeditpagefields>
+ <columnitem>
+ <fielddescr>IPAddress</fielddescr>
+ <fieldname>ipaddress</fieldname>
+ </columnitem>
+ <columnitem>
+ <fielddescr>Name</fielddescr>
+ <fieldname>backendname</fieldname>
+ </columnitem>
+ </adddeleteeditpagefields>
+ <fields>
+ <field>
+ <fielddescr>IPAddress</fielddescr>
+ <fieldname>ipaddress</fieldname>
+ <description>Enter the IP Address of the backend web server.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Backend name</fielddescr>
+ <fieldname>backendname</fieldname>
+ <description>Enter the name of this backend web server.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Port</fielddescr>
+ <fieldname>port</fieldname>
+ <description>Enter the TCP/IP port of the webserver.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>First byte timeout</fielddescr>
+ <fieldname>first_byte_timeout</fieldname>
+ <description> time to wait for the first byte from the backend and .between_bytes_timeout for time to wait between each received byte.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Connect timeout</fielddescr>
+ <fieldname>connect_timeout</fieldname>
+ <description>The time to wait for a backend connection.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>none</fielddescr>
+ <fieldname>none</fieldname>
+ <type>rowhelper</type>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>URL</fielddescr>
+ <fieldname>urlmapping</fieldname>
+ <description>Enter the URL that will be mapped to this backend.</description>
+ <type>input</type>
+ </rowhelperfield>
+ </rowhelper>
+ </field>
+ </fields>
+ <custom_php_command_before_form>
+ </custom_php_command_before_form>
+ <custom_delete_php_command>
+ sync_package_varnish();
+ </custom_delete_php_command>
+ <custom_php_resync_config_command>
+ sync_package_varnish();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file
diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc
new file mode 100644
index 00000000..5df22487
--- /dev/null
+++ b/config/varnish64/varnish.inc
@@ -0,0 +1,204 @@
+<?php
+/* ========================================================================== */
+/*
+ varnish.inc
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+
+function sync_package_varnish() {
+ if($config['installedpackages']['varnishsettings']['config'] != "") {
+ foreach($config['installedpackages']['varnishsettings']['config'] as $vs) {
+ if($vs['storagetype'] == "malloc")
+ $storage_type = "-s malloc,{$vs['storagesize']}MB";
+ else
+ $storage_type = "-s file,/var/varnish/storage.bin,{$vs['storagesize']}MB";
+ if($vs['listeningport'])
+ $listeningport = "-a :{$vs['listeningport']}";
+ else
+ $listeningport = "-a :80";
+ }
+ $fd = fopen("/usr/local/etc/rc.d/varnish.sh", "w");
+ $rc_file = <<<EOF;
+#!/bin/sh
+mkdir -p /var/varnish
+rm /var/varnish/storage.bin 2>/dev/null
+killall varnishd 2>/dev/null
+sleep 1
+/usr/local/sbin/varnishd \
+ {$listeningport} \
+ -f /var/etc/default.vcl \
+ {$storage_type} \
+ -w 200,4000,50
+
+EOF;
+ fwrite($fd, $rc_file);
+ fclose($fd);
+ exec("chmod a+rx /usr/local/etc/rc.d/varnish.sh")
+ }
+
+ if(!$errorvcl)
+ $errorvcl = <<<EOF
+set obj.http.Content-Type = "text/html; charset=utf-8";
+synthetic {"
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html>
+<head>
+<title>"} obj.status " " obj.response {"</title>
+</head>
+<body>
+<b>
+<p>We are very sorry but an error occured during this request.</p>
+</b>
+<p>Please press refresh in your browser to try again.</p>
+<p>Varnish Error "} obj.status " " obj.response {"</p>
+<p>"} obj.response {"</p>
+<h3>Guru Meditation:</h3>
+<p>XID: "} req.xid {"</p>
+
+</body>
+</html>
+"};
+deliver;
+
+EOF;
+
+ $backends = "";
+ if($config['installedpackages']['varnishbackends']['config'] != "") {
+ foreach($config['installedpackages']['varnishbackends']['config'] as $backend) {
+ $urlmappings = "";
+ $isfirst = true;
+ if($config['installedpackages']['varnishurlmappings']['config'] != "") {
+ foreach($config['installedpackages']['varnishurlmappings']['config'] as $urlmapping) {
+ if(!$isfirst)
+ $urlmappings .= "else ";
+ $urlmappings = <<<EOAU;
+if (req.http.host == "{$urlmapping['url']}") {
+ set req.backend = {$urlmapping['backend']};
+}
+EOAU;
+ $isfirst = false;
+ }
+ }
+ if($backend['connect_timeout'])
+ $connect_timeout = $backend['connect_timeout'] . "s";
+ else
+ $connect_timeout = "25s";
+ if($backend['port'])
+ $connect_timeout = $backend['port'];
+ else
+ $connect_timeout = "80";
+ if($backend['first_byte_timeout'])
+ $first_byte_timeout = $backend['first_byte_timeout'];
+ else
+ $first_byte_timeout = "300s";
+ $backends .= <<<EOFA;
+backend {$backend['backendname']} {
+ .host = "{$backend['ipaddress']}";
+ .port = "{$backend['port']}";
+ .first_byte_timeout = "{$first_btye_timeout}";
+ .connect_timeout = "{$connect_timeout}";
+}
+
+EOFA;
+ }
+ }
+}
+
+$varnish_config_file = <<<EOF
+
+# Varnish configuration file
+# Automatically generated by the pfSense package system
+
+sub vcl_error {
+ {$errorvcl}
+}
+
+{$backends}
+
+sub vcl_recv {
+ {$vcl_recv_custom_early}
+ # If the client sent an X-Forwarded-For header, remove it.
+ # It cannot betrusted.
+ unset req.http.X-Forwarded-For;
+ # Note that we don't need to add the client ip to the X-Forwarded-For
+ # header, varnish will do that for us
+ if (req.http.Accept-Encoding) {
+ # Handle compression correctly. Varnish treats headers literally
+ # not semantically. So it is very well possible that there are
+ # cache misses because the headers sent by different browsers
+ # aren't the same.
+ # @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression
+ if (req.http.Accept-Encoding ~ "gzip") {
+ # if the browser supports it, we'll use gzip
+ set req.http.Accept-Encoding = "gzip";
+ } elsif (req.http.Accept-Encoding ~ "deflate") {
+ # next, try deflate if it is supported
+ set req.http.Accept-Encoding = "deflate";
+ } else {
+ # unknown algorithm. Probably junk, remove it
+ unset req.http.Accept-Encoding;
+ }
+ }
+ {$urlmappings}
+ {$vcl_recv_custom_late}
+ if (req.request != "GET" && req.request != "HEAD") {
+ pipe;
+ }
+ return(lookup);
+}
+
+sub vcl_pipe {
+ {$vcl_pipe_early}
+ # If we don't set the Connection: close header, any following
+ # requests from the client will also be piped through and
+ # left untouched by varnish. We don't want that.
+ set req.http.connection = "close";
+ # Note: no "pipe" action here - we'll fall back to the default
+ # pipe method so that when any changes are made there, we
+ # still inherit them.
+ {$vcl_pipe_late}
+}
+
+sub vcl_fetch {
+ {$vcl_fetch_early}
+ {$vcl_fetch_late}
+ return(deliver);
+}
+
+EOF;
+
+ $fd = fopen("/var/etc/default.vcl", "w");
+ fwrite($fd, $varnish_config_file);
+ fclose($fd);
+ exec("/usr/local/etc/rc.d/varnish.sh");
+}
+
+?> \ No newline at end of file
diff --git a/config/varnish64/varnish_settings.xml b/config/varnish64/varnish_settings.xml
new file mode 100644
index 00000000..60d08c1d
--- /dev/null
+++ b/config/varnish64/varnish_settings.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* ========================================================================== */
+/*
+ varnish_settings.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>varnishsettings</name>
+ <version>0.0.1</version>
+ <title>Varnish Settings</title>
+ <aftersaveredirect>pkg_edit.php?xml=varnish_settings.xml&amp;id=0</aftersaveredirect>
+ <include_file>/usr/local/pkg/varnish.inc</include_file>
+ <menu>
+ <name>Varnish</name>
+ <section>Services</section>
+ <configfile>backends.xml</configfile>
+ </menu>
+ <service>
+ <name>varnish</name>
+ <rcfile>varnish.sh</rcfile>
+ </service>
+ <tabs>
+ <tab>
+ <text>Backends</text>
+ <url>/pkg.php?xml=backends.xml</url>
+ </tab>
+ </tabs>
+ <configpath>['installedpackages']['varnish']['config']</configpath>
+ <fields>
+ <field>
+ <fielddescr>Storage type</fielddescr>
+ <fieldname>storagetype</fieldname>
+ <description>The SMTP version banner that is reported upon initial connection.</description>
+ <type>select</type>
+ <options>
+ <option><name>Memory</name><value>malloc</value></option>
+ <option><name>Disk</name><value>ondisk</value></option>
+ </options>
+ </field>
+ <field>
+ <fielddescr>Cache storage size in megabytes</fielddescr>
+ <fieldname>storagesize</fieldname>
+ <description>Enter the size of the varnish cache in megabytes. HINT: 1024 == 1 Gigabyte</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Listening port</fielddescr>
+ <fieldname>listeningport</fieldname>
+ <description>Enter the port you would like varnish to listen on. Defaults to 80.</description>
+ <type>input</type>
+ </field>
+ </fields>
+ <custom_php_validation_command>
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_varnish();
+ </custom_php_resync_config_command>
+</packagegui> \ No newline at end of file