projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove hack for /about/more as we are doing this in Pleroma now
[akkoma] / installation / pleroma.vcl
1 vcl 4.0;
2 import std;
3
4 backend default {
5 .host = "127.0.0.1";
6 .port = "4000";
7 }
8
9 # ACL for IPs that are allowed to PURGE data from the cache
10 acl purge {
11 "127.0.0.1";
12 }
13
14 sub vcl_recv {
15 # Redirect HTTP to HTTPS
16 if (std.port(server.ip) != 443) {
17 set req.http.x-redir = "https://" + req.http.host + req.url;
18 return (synth(750, ""));
19 }
20
21 # Pipe if WebSockets request is coming through
22 if (req.http.upgrade ~ "(?i)websocket") {
23 return (pipe);
24 }
25
26 # Allow purging of the cache
27 if (req.method == "PURGE") {
28 if (!client.ip ~ purge) {
29 return(synth(405,"Not allowed."));
30 }
31 return(purge);
32 }
33
34 # Pleroma MediaProxy - strip headers that will affect caching
35 if (req.url ~ "^/proxy/") {
36 unset req.http.Cookie;
37 unset req.http.Authorization;
38 unset req.http.Accept;
39 return (hash);
40 }
41
42 # Strip headers that will affect caching from all other static content
43 # This also permits caching of individual toots and AP Activities
44 if ((req.url ~ "^/(media|notice|static)/") ||
45 (req.url ~ "(?i)\.(html|js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$"))
46 {
47 unset req.http.Cookie;
48 unset req.http.Authorization;
49 return (hash);
50 }
51
52 # Everything else should just be piped to Pleroma
53 return (pipe);
54 }
55
56 sub vcl_backend_response {
57 # gzip text content
58 if (beresp.http.content-type ~ "(text|text/css|application/x-javascript|application/javascript)") {
59 set beresp.do_gzip = true;
60 }
61
62 # etags are bad
63 unset beresp.http.etag;
64
65 # Don't cache objects that require authentication
66 if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") {
67 set beresp.uncacheable = true;
68 return (deliver);
69 }
70
71 # Default object caching of 86400s;
72 set beresp.ttl = 86400s;
73 # Allow serving cached content for 6h in case backend goes down
74 set beresp.grace = 6h;
75
76 # Do not cache 5xx responses
77 if (beresp.status == 500 || beresp.status == 502 || beresp.status == 503 || beresp.status == 504) {
78 set beresp.uncacheable = true;
79 return (abandon);
80 }
81
82 # Do not cache redirects and errors
83 if ((beresp.status >= 300) && (beresp.status < 500)) {
84 set beresp.uncacheable = true;
85 set beresp.ttl = 30s;
86 return (deliver);
87 }
88
89 # Pleroma MediaProxy internally sets headers properly
90 if (bereq.url ~ "^/proxy/") {
91 return (deliver);
92 }
93
94 # Strip cache-restricting headers from Pleroma on static content that we want to cache
95 # Also enable streaming of cached content to clients (no waiting for Varnish to complete backend fetch)
96 if ((bereq.url ~ "^/(notice)/") ||
97 (bereq.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$"))
98 {
99 unset beresp.http.set-cookie;
100 unset beresp.http.Cache-Control;
101 unset beresp.http.x-request-id;
102 set beresp.http.Cache-Control = "public, max-age=86400";
103 set beresp.do_stream = true;
104 }
105 }
106
107 # The synthetic response for 301 redirects
108 sub vcl_synth {
109 if (resp.status == 750) {
110 set resp.status = 301;
111 set resp.http.Location = req.http.x-redir;
112 return(deliver);
113 }
114 }
115
116 # Ensure WebSockets through the pipe do not close prematurely
117 sub vcl_pipe {
118 if (req.http.upgrade) {
119 set bereq.http.upgrade = req.http.upgrade;
120 set bereq.http.connection = req.http.connection;
121 }
122 }
Fork of https://akkoma.dev/AkkomaGang/akkoma.git