I am trying to varnish cache 7 with apache2 on server. Though setting up http request works just fine. but varnish can’t handle https directly so i tried Apache and Hitch but didn’t worked form. Now if any one can help me find a working configuration for varnish and Apache only.
my other question here is do i have to use two virtual hosts?
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Apache HTTP Host
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
<VirtualHost *:8080>
ServerName mycloud.com
#ServerAdmin webmaster@localhost
DocumentRoot /var/www/mycloud.com
<Directory var/www/mycloud.com>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Apache HTTPS Host
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mycloud.com
DocumentRoot /var/www/mycloud.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mycloud.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mycloud.com/privkey.pem
# Set up proxy headers
ProxyRequests Off
ProxyPreserveHost On
ProxyAddHeaders On
SSLProxyEngine On
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
# Add headers to prevent redirect loops
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
# Optional: Log forwarding headers for debugging
LogLevel debug
Header add X-Forwarded-Proto "https" env=HTTPS
Header add X-Forwarded-Port "443" env=HTTPS
ProxyPass /test http://127.0.0.1:80
ProxyPassReverse /test http://127.0.0.1:80
</VirtualHost>
</IfModule>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Varnish VLC
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
vcl 4.0;
backend default {
.host = "127.0.0.1";
.port = "8080";
}
sub vcl_recv {
if (req.http.X-Forwarded-Proto ~ "https") {
set req.http.X-Forwarded-Proto = "https";
}
}
sub vcl_backend_response {
set beresp.http.X-Varnish = bereq.http.X-Varnish;
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Varnish Service
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[Unit]
Description=Varnish Cache, a high-performance HTTP accelerator
Documentation=https://www.varnish-cache.org/docs/ man:varnishd
[Service]
Type=simple
# Maximum number of open files (for ulimit -n)
LimitNOFILE=131072
# Locked shared memory - should suffice to lock the shared memory log
# (varnishd -l argument)
# Default log size is 80MB vsl + 1M vsm + header -> 82MB
# unit is bytes
LimitMEMLOCK=85983232
ExecStart=/usr/sbin/varnishd
-j unix,user=vcache
-F
-a :80
-a localhost:6092,PROXY
-p feature=+http2
-f /etc/varnish/default.vcl
-s malloc,256m
ExecReload=/usr/share/varnish/varnishreload
ProtectSystem=full
ProtectHome=true
PrivateTmp=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
i tried with Hitch for TLS termination but the configuration is too complex for me. so it didn’t work out.
New contributor
Muhammad Aslam is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.