mirror of
https://github.com/owncast/owncast.git
synced 2024-11-21 12:18:02 +03:00
Example varnish and hitch config (#2655)
Varnish is a http caching server, hitch is a tls terminating proxy.
This commit is contained in:
parent
0d705aa549
commit
1bd291c7fe
2 changed files with 70 additions and 0 deletions
32
contrib/varnish/hitch.conf
Normal file
32
contrib/varnish/hitch.conf
Normal file
|
@ -0,0 +1,32 @@
|
|||
# Run 'man hitch.conf' for a description of all options.
|
||||
|
||||
frontend = {
|
||||
host = "*"
|
||||
port = "443"
|
||||
}
|
||||
backend = "[127.0.0.1]:8443"
|
||||
workers = 4 # number of CPU cores
|
||||
|
||||
daemon = on
|
||||
|
||||
# We strongly recommend you create a separate non-privileged hitch
|
||||
# user and group
|
||||
user = "hitch"
|
||||
group = "hitch"
|
||||
|
||||
# Enable to let clients negotiate HTTP/2 with ALPN. (default off)
|
||||
# alpn-protos = "h2, http/1.1"
|
||||
|
||||
# run Varnish as backend over PROXY; varnishd -a :80 -a localhost:6086,PROXY ..
|
||||
write-proxy-v2 = on # Write PROXY header
|
||||
|
||||
## ssl config
|
||||
pem-dir = "/etc/tls/private"
|
||||
tls-protos = TLSv1.2 TLSv1.3
|
||||
# ocsp
|
||||
ocsp-dir = "/etc/hitch/ocsp"
|
||||
ocsp-verify-staple = on
|
||||
|
||||
syslog = on
|
||||
log-level = 1
|
||||
tcp-fastopen = on
|
38
contrib/varnish/vanish.vcl
Normal file
38
contrib/varnish/vanish.vcl
Normal file
|
@ -0,0 +1,38 @@
|
|||
vcl 4.0;
|
||||
|
||||
backend default {
|
||||
.host = "localhost";
|
||||
.port = "8080";
|
||||
}
|
||||
|
||||
sub vcl_recv {
|
||||
# Implementing websocket support (https://www.varnish-cache.org/docs/4.0/users-guide/vcl-example-websockets.html)
|
||||
if (req.http.Upgrade ~ "(?i)websocket") {
|
||||
return (pipe);
|
||||
}
|
||||
}
|
||||
|
||||
sub vcl_pipe {
|
||||
if (req.http.upgrade) {
|
||||
set bereq.http.upgrade = req.http.upgrade;
|
||||
set bereq.http.connection = req.http.connection;
|
||||
}
|
||||
}
|
||||
|
||||
sub vcl_backend_response {
|
||||
# Set 1s ttl if origin response HTTP status code is anything other than 200
|
||||
if (beresp.status != 200) {
|
||||
set beresp.ttl = 1s;
|
||||
set beresp.uncacheable = true;
|
||||
return (deliver);
|
||||
}
|
||||
if (bereq.url ~ "m3u8") {
|
||||
# assuming chunks are 2 seconds long
|
||||
set beresp.ttl = 1s;
|
||||
set beresp.grace = 0s;
|
||||
}
|
||||
if (bereq.url ~ "ts") {
|
||||
set beresp.ttl = 10m;
|
||||
set beresp.grace = 5m;
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue