我尝试使用Varnish仅缓存主页(用于测试目的)。 我想暂时只为匿名用户缓存主页。要做到这一点,我想忽略缓存,如果有一个名为' sessionid'的cookie。
此外,Django的后端总是发送我想删除的Varying:cookie标头,因为Varnish会为每个Cookie组合生成不同的缓存。而且这种组合一直在变化,因为be总是发送' csrf'饼干也是如此,这总是不同的。
总结:
服务器配置:
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256m"
backend default {
.host = "127.0.0.1";
.port = "8000";
}
sub vcl_recv
{
if (! req.http.Authorization ~ "Basic xxxxxxxxx=")
{
error 401 "Restricted";
}
# caching only home page
if (! req.url == "/" || req.http.Cookie ~ "sessionid" || req.request == "POST") {
return(pass);
}
unset req.http.Cookie;
}
sub vcl_fetch
{
# Remove 'vary' header if home page is called
if (bereq.url == "/") {
unset beresp.http.Vary;
set beresp.ttl = 20m;
}
}
sub vcl_error
{
if (obj.status == 401) {
set obj.http.Content-Type = "text/html; charset=utf-8";
set obj.http.WWW-Authenticate = "Basic realm=Secured";
synthetic {"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<HTML>
<HEAD>
<TITLE>Error</TITLE>
<META HTTP-EQUIV='Content-Type' CONTENT='text/html;'>
</HEAD>
<BODY><H1>401 Unauthorized (varnish)</H1></BODY>
</HTML>
"};
return (deliver);
}
}
此配置适用于Varnish 4,但似乎不适用于Varnish 3(稍作修改)。
要知道它不起作用,查看来自服务器的响应,我会看到&#39; age&#39;标题始终为0。
以下是请求/回复详情:
Accept-Ranges:bytes
Age:0
Connection:keep-alive
Content-Encoding:gzip
Content-Length:10808
Content-Type:text/html; charset=utf-8
Date:Thu, 22 Oct 2015 08:32:41 GMT
Server:nginx/1.4.6 (Ubuntu)
Set-Cookie:csrftoken=UFON6QI7JHAOVDAOk2fusWtZirOF3dlc; expires=Thu, 20-Oct-2016 08:32:41 GMT; Max-Age=31449600; Path=/
Via:1.1 varnish
X-Varnish:1495644039
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-CA,en;q=0.8,fr-CA;q=0.6,fr;q=0.4
Authorization:Basic xxxxxx=
Cache-Control:no-cache
Connection:keep-alive
Cookie:csrftoken=iclCbw25qRf25gYscUVyM1P6mHItWXPq
DNT:1
Host:dev.xxxxxx.com
Pragma:no-cache
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
答案 0 :(得分:0)
这是一个有效的配置。老实说,我不知道是什么让它发挥作用。
backend default {
.host = "127.0.0.1";
.port = "8000";
}
sub vcl_recv
{
set req.backend = default;
if (! req.http.Authorization ~ "Basic xxxxxxx=")
{
error 401 "Restricted";
}
# caching only home page
if (req.url != "/" || req.http.Cookie ~ "sessionid" || req.request == "POST") {
return(pass);
}
unset req.http.cookie;
return(lookup);
}
sub vcl_fetch
{
# Remove 'vary' header if home page is called
if (bereq.url == "/") {
set beresp.ttl = 20m;
}
unset beresp.http.Vary;
return(deliver);
}
sub vcl_deliver
{
return(deliver);
}
sub vcl_hit
{
return(deliver);
}
sub vcl_error
{
if (obj.status == 401) {
set obj.http.Content-Type = "text/html; charset=utf-8";
set obj.http.WWW-Authenticate = "Basic realm=Secured";
synthetic {"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<HTML>
<HEAD>
<TITLE>Error</TITLE>
<META HTTP-EQUIV='Content-Type' CONTENT='text/html;'>
</HEAD>
<BODY><H1>401 Unauthorized (varnish)</H1></BODY>
</HTML>
"};
return (deliver);
}
}