Snyc Varnish files with ezsystems/ezplatform-http-cache

netgen · Jun 19, 2020 · 4dc789f · 4dc789f
1 parent e92fde9
commit 4dc789f
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 9 deletions.
diff --git a/doc/varnish/varnish.md b/doc/varnish/varnish.md
@@ -8,7 +8,7 @@ Prerequisites
 
 Recommended VCL base files
 --------------------------
-Provided VCL for eZ can be found in [vendor/ezsystems/ezplatform-http-cache/docs/varnish](https://github.com/ezsystems/ezplatform-http-cache/tree/0.8/docs/varnish). Specifically `/vcl/varnish5.vcl`.
+Provided VCL for eZ can be found in [vendor/ezsystems/ezplatform-http-cache/docs/varnish](https://github.com/ezsystems/ezplatform-http-cache/tree/1.0/docs/varnish). Specifically `/vcl/varnish5.vcl`.
 
 
 > **Note:** Http cache management is done with the help of [FOSHttpCacheBundle](http://foshttpcachebundle.readthedocs.org/).

diff --git a/doc/varnish/vcl/parameters.vcl b/doc/varnish/vcl/parameters.vcl
@@ -1,14 +1,21 @@
 // Our Backend - Assuming that web server is listening on port 80
 // Replace the host to fit your setup
 //
-// For additional example see: doc/docker/entrypoint/varnish/parameters.vcl
+// For additional example see:
+// https://github.com/ezsystems/ezplatform/blob/master/doc/docker/entrypoint/varnish/parameters.vcl
 
 backend ezplatform {
     .host = "127.0.0.1";
     .port = "80";
 }
 
 // ACL for invalidators IP
+//
+// Alternative using HTTPCACHE_VARNISH_INVALIDATE_TOKEN : VCL code also allows for token based invalidation, to use it define a
+//      shared secret using env variable HTTPCACHE_VARNISH_INVALIDATE_TOKEN and eZ Platform will also use that for configuring this
+//      bundle. This is prefered for setups such as platform.sh/eZ Platform Cloud, where circular service dependency is
+//      unwanted. If you use this, use a strong cryptological secure hash & make sure to keep the token secret.
+// Use ez_purge_acl for invalidation by token.
 acl invalidators {
     "127.0.0.1";
     "192.168.0.0"/16;

diff --git a/doc/varnish/vcl/varnish4_xkey.vcl b/doc/varnish/vcl/varnish4_xkey.vcl
@@ -1,7 +1,9 @@
 // Varnish VCL for:
-// - Varnish 5.1 or higher with xkey vmod (via varnish-modules package, or via Varnish Plus)
-// - eZ Platform 2.x or higher (with bundled ezplatform-http-cache package)
-// DEPRECATED; please use VCL from https://github.com/ezsystems/ezplatform-http-cache/blob/1.0/docs/varnish/vcl/varnish5.vcl
+// - Varnish 5.0 or higher (6.0LTS recommended, and is what we mainly test against)
+//   - Varnish xkey vmod (via varnish-modules package 0.10.2 or higher, or via Varnish Plus)
+// - eZ Platform 2.5LTS or higher with ezplatform-http-cache (this) bundle
+//
+// Make sure to at least adjust default parameters.vcl, defaults there reflect our testing needs with docker.
 
 vcl 4.0;
 import std;
@@ -187,7 +189,7 @@ sub ez_user_context_hash {
             || req.http.x-user-hash
         )
     ) {
-        return (synth(400, "Bad Request"));
+        return (synth(400));
     }
 
     if (req.restarts == 0 && (req.method == "GET" || req.method == "HEAD")) {
@@ -235,7 +237,7 @@ sub ez_invalidate_token {
             || req.http.x-backend-invalidate-token
         )
     ) {
-        return (synth(400, "Bad Request"));
+        return (synth(400));
     }
 
     if (req.restarts == 0 && req.method == "PURGE" && req.http.x-invalidate-token) {
@@ -307,8 +309,7 @@ sub vcl_deliver {
         if (obj.hits > 0) {
             set resp.http.X-Cache = "HIT";
             set resp.http.X-Cache-Hits = obj.hits;
-            // For Varnihs 5.1+ you can uncomment this to get debug of remaining TTL
-            //set resp.http.X-Cache-TTL = obj.ttl;
+            set resp.http.X-Cache-TTL = obj.ttl;
         } else {
             set resp.http.X-Cache = "MISS";
         }