+# Recommended varnishncsa logging format: '%h %l %u %t "%m %{X-Forwarded-Proto}i://%{Host}i%U%q %H" %s %b "%{Referer}i" "%{User-agent}i"'
vcl 4.1;
import std;
sub vcl_recv {
# Redirect HTTP to HTTPS
if (std.port(server.ip) != 443) {
+ set req.http.X-Forwarded-Proto = "http";
set req.http.x-redir = "https://" + req.http.host + req.url;
return (synth(750, ""));
+ } else {
+ set req.http.X-Forwarded-Proto = "https";
}
# CHUNKED SUPPORT
set beresp.http.CR = beresp.http.content-range;
}
+ # Bypass cache for large files
+ # 50000000 ~ 50MB
+ if (std.integer(beresp.http.content-length, 0) > 50000000) {
+ set beresp.uncacheable = true;
+ return(deliver);
+ }
+
# Don't cache objects that require authentication
if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") {
set beresp.uncacheable = true;
sub vcl_backend_fetch {
# Be more lenient for slow servers on the fediverse
- if bereq.url ~ "^/proxy/" {
+ if (bereq.url ~ "^/proxy/") {
set bereq.first_byte_timeout = 300s;
}