projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'bugfix/notice-urls-should-return-objects' into 'develop'
[akkoma]
/
installation
/
pleroma.vcl
diff --git
a/installation/pleroma.vcl
b/installation/pleroma.vcl
index 8ba67069aa24ec7148ab9fef51e824fa8b9493af..63c1cb74dbf01f5b7a72285d83f35306c997b96f 100644
(file)
--- a/
installation/pleroma.vcl
+++ b/
installation/pleroma.vcl
@@
-6,6
+6,11
@@
backend default {
.port = "4000";
}
.port = "4000";
}
+# ACL for IPs that are allowed to PURGE data from the cache
+acl purge {
+ "127.0.0.1";
+}
+
sub vcl_recv {
# Redirect HTTP to HTTPS
if (std.port(server.ip) != 443) {
sub vcl_recv {
# Redirect HTTP to HTTPS
if (std.port(server.ip) != 443) {
@@
-18,6
+23,14
@@
sub vcl_recv {
return (pipe);
}
return (pipe);
}
+ # Allow purging of the cache
+ if (req.method == "PURGE") {
+ if (!client.ip ~ purge) {
+ return(synth(405,"Not allowed."));
+ }
+ return(purge);
+ }
+
# Pleroma MediaProxy - strip headers that will affect caching
if (req.url ~ "^/proxy/") {
unset req.http.Cookie;
# Pleroma MediaProxy - strip headers that will affect caching
if (req.url ~ "^/proxy/") {
unset req.http.Cookie;
@@
-26,17
+39,9
@@
sub vcl_recv {
return (hash);
}
return (hash);
}
- # Hack to enable a Terms of Service page missing from Pleroma
- if (req.url ~ "^/about/more$") {
- set req.http.x-redir = "https://" + req.http.host + "/static/terms-of-service.html";
- return (synth(750, ""));
- }
-
# Strip headers that will affect caching from all other static content
# This also permits caching of individual toots and AP Activities
# Strip headers that will affect caching from all other static content
# This also permits caching of individual toots and AP Activities
- if ((req.url ~ "^/(media|notice|objects|static)/") ||
- (req.url ~ "^/(activities/|api/v1/statuses/\d+$)") ||
- (req.url ~ "^/(activities/|api/v1/statuses/\d+/card$)") ||
+ if ((req.url ~ "^/(media|static)/") ||
(req.url ~ "(?i)\.(html|js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$"))
{
unset req.http.Cookie;
(req.url ~ "(?i)\.(html|js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$"))
{
unset req.http.Cookie;
@@
-88,10
+93,7
@@
sub vcl_backend_response {
# Strip cache-restricting headers from Pleroma on static content that we want to cache
# Also enable streaming of cached content to clients (no waiting for Varnish to complete backend fetch)
# Strip cache-restricting headers from Pleroma on static content that we want to cache
# Also enable streaming of cached content to clients (no waiting for Varnish to complete backend fetch)
- if ((bereq.url ~ "^/(notice|objects)/") ||
- (bereq.url ~ "^/(activities/|api/v1/statuses/\d+$)") ||
- (bereq.url ~ "^/(activities/|api/v1/statuses/\d+/card$)") ||
- (bereq.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$"))
+ if (bereq.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|svg|swf|ttf|pdf|woff|woff2)$")
{
unset beresp.http.set-cookie;
unset beresp.http.Cache-Control;
{
unset beresp.http.set-cookie;
unset beresp.http.Cache-Control;
@@
-101,7
+103,7
@@
sub vcl_backend_response {
}
}
}
}
-# The synthetic response for
the HTTP to HTTPS upgrade
+# The synthetic response for
301 redirects
sub vcl_synth {
if (resp.status == 750) {
set resp.status = 301;
sub vcl_synth {
if (resp.status == 750) {
set resp.status = 301;