Scribd
Upload
5 views

WI – Install Varnish Cache

The document details the installation process of Varnish Cache on a CentOS system using the DNF package manager. It outlines the dependencies required for the installation, the packages being installed, and the successful completion of the installation. Additionally, it includes commands to disable the Varnish module and set up the repository for Varnish Cache version 65.

Uploaded by

arifin faathir
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
5 views

WI – Install Varnish Cache

The document details the installation process of Varnish Cache on a CentOS system using the DNF package manager. It outlines the dependencies required for the installation, the packages being installed, and the successful completion of the installation. Additionally, it includes commands to disable the Varnish module and set up the repository for Varnish Cache version 65.

Uploaded by

arifin faathir
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 12

WI – Install Varnish Cache

[root@svrproxy src]# yum install dnf


Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
epel/x86_64/metalink | 12 kB 00:00
* base: mirror.dionipe.net
* elrepo: mirrors.nav.ro
* epel: fr2.rpmfind.net
* extras: kartolo.sby.datautama.net.id
* remi-php73: remi.mivzakim.net
* remi-safe: remi.mivzakim.net
* updates: mirror.dionipe.net
CodeIT | 2.9 kB 00:00
base | 3.6 kB 00:00
elrepo | 2.9 kB 00:00
epel | 4.7 kB 00:00
extras | 2.9 kB 00:00
mariadb | 2.9 kB 00:00
remi-php73 | 3.0 kB 00:00
remi-safe | 3.0 kB 00:00
updates | 2.9 kB 00:00
(1/8): CodeIT/x86_64/primary_db | 58 kB 00:01
(2/8): mariadb/primary_db | 58 kB 00:01
(3/8): elrepo/primary_db | 479 kB 00:02
(4/8): epel/x86_64/updateinfo | 1.0 MB 00:03
(5/8): remi-php73/primary_db | 225 kB 00:03
(6/8): remi-safe/primary_db | 1.8 MB 00:07
(7/8): updates/7/x86_64/primary_db | 4.5 MB 00:16
(8/8): epel/x86_64/primary_db | 6.9 MB 00:28
Resolving Dependencies
--> Running transaction check
---> Package dnf.noarch 0:4.0.9.2-1.el7_6 will be installed
--> Processing Dependency: python2-dnf = 4.0.9.2-1.el7_6 for package: dnf-4.0.9.2-1.el7_6.noarch
--> Running transaction check
---> Package python2-dnf.noarch 0:4.0.9.2-1.el7_6 will be installed
--> Processing Dependency: dnf-data = 4.0.9.2-1.el7_6 for package: python2-dnf-4.0.9.2-
1.el7_6.noarch
--> Processing Dependency: python2-libdnf >= 0.22.5 for package: python2-dnf-4.0.9.2-1.el7_6.noarch
--> Processing Dependency: python2-libcomps >= 0.1.8 for package: python2-dnf-4.0.9.2-
1.el7_6.noarch
--> Processing Dependency: python2-hawkey >= 0.22.5 for package: python2-dnf-4.0.9.2-
1.el7_6.noarch
--> Processing Dependency: libmodulemd >= 1.4.0 for package: python2-dnf-4.0.9.2-1.el7_6.noarch
--> Processing Dependency: python2-libdnf for package: python2-dnf-4.0.9.2-1.el7_6.noarch
--> Processing Dependency: deltarpm for package: python2-dnf-4.0.9.2-1.el7_6.noarch
--> Running transaction check
---> Package deltarpm.x86_64 0:3.6-3.el7 will be installed
---> Package dnf-data.noarch 0:4.0.9.2-1.el7_6 will be installed
---> Package libmodulemd.x86_64 0:1.6.3-1.el7 will be installed
---> Package python2-hawkey.x86_64 0:0.22.5-1.el7_6 will be installed
--> Processing Dependency: libdnf(x86-64) = 0.22.5-1.el7_6 for package: python2-hawkey-0.22.5-
1.el7_6.x86_64
--> Processing Dependency: libsolvext.so.0(SOLV_1.0)(64bit) for package: python2-hawkey-0.22.5-
1.el7_6.x86_64
--> Processing Dependency: libsolv.so.0(SOLV_1.0)(64bit) for package: python2-hawkey-0.22.5-
1.el7_6.x86_64
--> Processing Dependency: libsolvext.so.0()(64bit) for package: python2-hawkey-0.22.5-
1.el7_6.x86_64
--> Processing Dependency: libsolv.so.0()(64bit) for package: python2-hawkey-0.22.5-1.el7_6.x86_64
--> Processing Dependency: librepo.so.0()(64bit) for package: python2-hawkey-0.22.5-1.el7_6.x86_64
--> Processing Dependency: libdnf.so.2()(64bit) for package: python2-hawkey-0.22.5-1.el7_6.x86_64
---> Package python2-libcomps.x86_64 0:0.1.8-14.el7 will be installed
--> Processing Dependency: libcomps(x86-64) = 0.1.8-14.el7 for package: python2-libcomps-0.1.8-
14.el7.x86_64
--> Processing Dependency: libcomps.so.0.1.6()(64bit) for package: python2-libcomps-0.1.8-
14.el7.x86_64
---> Package python2-libdnf.x86_64 0:0.22.5-1.el7_6 will be installed
--> Running transaction check
---> Package libcomps.x86_64 0:0.1.8-14.el7 will be installed
---> Package libdnf.x86_64 0:0.22.5-1.el7_6 will be installed
---> Package librepo.x86_64 0:1.8.1-7.el7 will be installed
---> Package libsolv.x86_64 0:0.6.34-4.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
dnf noarch 4.0.9.2-1.el7_6 extras 357 k
Installing for dependencies:
deltarpm x86_64 3.6-3.el7 base 82 k
dnf-data noarch 4.0.9.2-1.el7_6 extras 51 k
libcomps x86_64 0.1.8-14.el7 extras 75 k
libdnf x86_64 0.22.5-1.el7_6 extras 533 k
libmodulemd x86_64 1.6.3-1.el7 extras 141 k
librepo x86_64 1.8.1-7.el7 base 81 k
libsolv x86_64 0.6.34-4.el7 base 329 k
python2-dnf noarch 4.0.9.2-1.el7_6 extras 414 k
python2-hawkey x86_64 0.22.5-1.el7_6 extras 68 k
python2-libcomps x86_64 0.1.8-14.el7 extras 47 k
python2-libdnf x86_64 0.22.5-1.el7_6 extras 608 k
Transaction Summary
================================================================================
Install 1 Package (+11 Dependent packages)

Total download size: 2.7 M


Installed size: 10 M
Is this ok [y/d/N]: y
Downloading packages:
(1/12): libcomps-0.1.8-14.el7.x86_64.rpm | 75 kB 00:00
(2/12): dnf-data-4.0.9.2-1.el7_6.noarch.rpm | 51 kB 00:00
(3/12): libmodulemd-1.6.3-1.el7.x86_64.rpm | 141 kB 00:00
(4/12): librepo-1.8.1-7.el7.x86_64.rpm | 81 kB 00:00
(5/12): deltarpm-3.6-3.el7.x86_64.rpm | 82 kB 00:00
(6/12): python2-hawkey-0.22.5-1.el7_6.x86_64.rpm | 68 kB 00:00
(7/12): python2-libcomps-0.1.8-14.el7.x86_64.rpm | 47 kB 00:00
(8/12): dnf-4.0.9.2-1.el7_6.noarch.rpm | 357 kB 00:02
(9/12): python2-dnf-4.0.9.2-1.el7_6.noarch.rpm | 414 kB 00:01
(10/12): libdnf-0.22.5-1.el7_6.x86_64.rpm | 533 kB 00:02
(11/12): libsolv-0.6.34-4.el7.x86_64.rpm | 329 kB 00:02
(12/12): python2-libdnf-0.22.5-1.el7_6.x86_64.rpm | 608 kB 00:01
--------------------------------------------------------------------------------
Total 794 kB/s | 2.7 MB 00:03
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libmodulemd-1.6.3-1.el7.x86_64 1/12
Installing : librepo-1.8.1-7.el7.x86_64 2/12
Installing : libsolv-0.6.34-4.el7.x86_64 3/12
Installing : libdnf-0.22.5-1.el7_6.x86_64 4/12
Installing : python2-libdnf-0.22.5-1.el7_6.x86_64 5/12
Installing : python2-hawkey-0.22.5-1.el7_6.x86_64 6/12
Installing : libcomps-0.1.8-14.el7.x86_64 7/12
Installing : python2-libcomps-0.1.8-14.el7.x86_64 8/12
Installing : deltarpm-3.6-3.el7.x86_64 9/12
Installing : dnf-data-4.0.9.2-1.el7_6.noarch 10/12
Installing : python2-dnf-4.0.9.2-1.el7_6.noarch 11/12
Installing : dnf-4.0.9.2-1.el7_6.noarch 12/12
Verifying : python2-libcomps-0.1.8-14.el7.x86_64 1/12
Verifying : python2-libdnf-0.22.5-1.el7_6.x86_64 2/12
Verifying : dnf-data-4.0.9.2-1.el7_6.noarch 3/12
Verifying : deltarpm-3.6-3.el7.x86_64 4/12
Verifying : libmodulemd-1.6.3-1.el7.x86_64 5/12
Verifying : python2-hawkey-0.22.5-1.el7_6.x86_64 6/12
Verifying : python2-dnf-4.0.9.2-1.el7_6.noarch 7/12
Verifying : libdnf-0.22.5-1.el7_6.x86_64 8/12
Verifying : libcomps-0.1.8-14.el7.x86_64 9/12
Verifying : libsolv-0.6.34-4.el7.x86_64 10/12
Verifying : librepo-1.8.1-7.el7.x86_64 11/12
Verifying : dnf-4.0.9.2-1.el7_6.noarch 12/12

Installed:
dnf.noarch 0:4.0.9.2-1.el7_6

Dependency Installed:
deltarpm.x86_64 0:3.6-3.el7 dnf-data.noarch 0:4.0.9.2-1.el7_6
libcomps.x86_64 0:0.1.8-14.el7 libdnf.x86_64 0:0.22.5-1.el7_6
libmodulemd.x86_64 0:1.6.3-1.el7 librepo.x86_64 0:1.8.1-7.el7
libsolv.x86_64 0:0.6.34-4.el7 python2-dnf.noarch 0:4.0.9.2-1.el7_6
python2-hawkey.x86_64 0:0.22.5-1.el7_6 python2-libcomps.x86_64 0:0.1.8-14.el7
python2-libdnf.x86_64 0:0.22.5-1.el7_6

Complete!

[root@svrproxy src]# dnf module disable varnish


varnishcache_varnish60lts 215 B/s | 819 B 00:03
varnishcache_varnish60lts-source 244 B/s | 819 B 00:03
varnishcache_varnish65 212 B/s | 833 B 00:03
varnishcache_varnish65-source 220 B/s | 833 B 00:03
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Disabling modules:
varnish

Transaction Summary
================================================================================

Is this ok [y/N]: y
Complete!

# curl -s
https://packagecloud.io/install/repositories/varnishcache/varnish65/
script.rpm.sh | sudo bash
Detected operating system as centos/8.
Checking for curl...
Detected curl...
Downloading repository file: https://packagecloud.io/install/repositories/varnishcache/varnish65/
config_file.repo?os=centos&dist=8&source=script
done.
Installing yum-utils...
varnishcache_varnish65-source 223 B/s | 833 B 00:03
Package yum-utils-4.0.12-4.el8_2.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Generating yum cache for varnishcache_varnish65...
Generating yum cache for varnishcache_varnish65-source...

The repository is setup! You can now install packages.

Terbentuk file /etc/yum.repos.d/varnishcache_varnish65.repo, denga isi sbb:


[varnishcache_varnish65]
name=varnishcache_varnish65
baseurl=https://packagecloud.io/varnishcache/varnish65/el/8/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish65/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

[varnishcache_varnish65-source]
name=varnishcache_varnish65-source
baseurl=https://packagecloud.io/varnishcache/varnish65/el/8/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish65/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

[root@svrproxy yum.repos.d]# sudo yum install varnish


Last metadata expiration check: 0:01:22 ago on Fri 09 Oct 2020 07:52:56 AM WIB.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
varnish x86_64 6.5.1-0.0.el8 varnishcache_varnish65 3.8 M
Installing dependencies:
jemalloc x86_64 5.2.1-2.el8 epel 228 k

Transaction Summary
================================================================================
Install 2 Packages

Total download size: 4.1 M


Installed size: 17 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): jemalloc-5.2.1-2.el8.x86_64.rpm 67 kB/s | 228 kB 00:03
(2/2): varnish-6.5.1-0.0.el8.x86_64.rpm 95 kB/s | 3.8 MB 00:41
--------------------------------------------------------------------------------
Total 100 kB/s | 4.1 MB 00:41
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : jemalloc-5.2.1-2.el8.x86_64 1/2
Running scriptlet: varnish-6.5.1-0.0.el8.x86_64 2/2
Installing : varnish-6.5.1-0.0.el8.x86_64 2/2
Running scriptlet: varnish-6.5.1-0.0.el8.x86_64 2/2
Verifying : jemalloc-5.2.1-2.el8.x86_64 1/2
Verifying : varnish-6.5.1-0.0.el8.x86_64 2/2
Installed products updated.

Installed:
jemalloc-5.2.1-2.el8.x86_64 varnish-6.5.1-0.0.el8.x86_64

Complete!

Agar bisa support port 443 SSL


[root@omc ~]# dnf install hitch
Extra Packages for Enterprise Linux 7 - x86_64 0.0 B/s | 0 B 00:00
Extra Packages for Enterprise Linux 7 - x86_64 219 kB/s | 16 MB 01:16
Remi's PHP 7.3 RPM repository for Enterprise Li 0.0 B/s | 0 B 00:00
Remi's PHP 7.3 RPM repository for Enterprise Li 189 kB/s | 192 kB 00:01
Safe Remi's RPM repository for Enterprise Linux 0.0 B/s | 0 B 00:00
Safe Remi's RPM repository for Enterprise Linux 705 kB/s | 2.3 MB 00:03
CentOS-7 - Base 0.0 B/s | 0 B 00:00
varnishcache_varnish65 0.0 B/s | 0 B 00:00
varnishcache_varnish65 0.0 B/s | 0 B 00:00
Importing GPG key 0xF149D65B:
Userid : "https://packagecloud.io/varnishcache/varnish65
(https://packagecloud.io/docs#gpg_signing) <[email protected]>"
Fingerprint: A487 F9BE 81D9 DF51 2148 8CFE 1C7B 4E9F F149 D65B
From : https://packagecloud.io/varnishcache/varnish65/gpgkey
Is this ok [y/N]: y
varnishcache_varnish65 2.8 kB/s | 4.8 kB 00:01
CentOS-7 - Updates 0.0 B/s | 0 B 00:00
MariaDB 0.0 B/s | 0 B 00:00
CodeIT repo 0.0 B/s | 0 B 00:00
CodeIT repo 85 kB/s | 103 kB 00:01
varnishcache_varnish65-source 0.0 B/s | 0 B 00:00
varnishcache_varnish65-source 0.0 B/s | 0 B 00:00
Importing GPG key 0xF149D65B:
Userid : "https://packagecloud.io/varnishcache/varnish65
(https://packagecloud.io/docs#gpg_signing) <[email protected]>"
Fingerprint: A487 F9BE 81D9 DF51 2148 8CFE 1C7B 4E9F F149 D65B
From : https://packagecloud.io/varnishcache/varnish65/gpgkey
Is this ok [y/N]: y
varnishcache_varnish65-source 168 B/s | 296 B 00:01
CentOS-7 - Extras 0.0 B/s | 0 B 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
hitch x86_64 1.5.2-1.el7 epel 105 k
Installing dependencies:
libev x86_64 4.15-7.el7 extras 44 k

Transaction Summary
================================================================================
Install 2 Packages

Total download size: 149 k


Installed size: 309 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): libev-4.15-7.el7.x86_64.rpm 174 kB/s | 44 kB 00:00
(2/2): hitch-1.5.2-1.el7.x86_64.rpm 80 kB/s | 105 kB 00:01
--------------------------------------------------------------------------------
Total 69 kB/s | 149 kB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libev-4.15-7.el7.x86_64 1/2
Running scriptlet: libev-4.15-7.el7.x86_64 1/2
Running scriptlet: hitch-1.5.2-1.el7.x86_64 2/2
Installing : hitch-1.5.2-1.el7.x86_64 2/2
Running scriptlet: hitch-1.5.2-1.el7.x86_64 2/2
Verifying : hitch-1.5.2-1.el7.x86_64 1/2
Verifying : libev-4.15-7.el7.x86_64 2/2

Installed:
hitch-1.5.2-1.el7.x86_64 libev-4.15-7.el7.x86_64

Complete!
# vi /etc/httpd/conf/httpd.conf
Dari
Listen 80
<VirtualHost *:80>

Menjadi
Listen 8080
<VirtualHost *:8080>

# cd /etc/httpd/conf.d/
# mv ssl.conf /root/ssl.conf.orig
# mv nss.conf nss.conf.orig
# systemctl restart httpd

Untuk web server


# vi /usr/lib/systemd/system/varnish.service
Ubah dari :
ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m

Menjadi :
ExecStart=/usr/sbin/varnishd -a :80 -a 127.0.0.1:8443,proxy -f /etc/varnish/default.vcl -s malloc,256m

[root@svrproxy yum.repos.d]# service varnish restart


Redirecting to /bin/systemctl restart varnish.service

[root@svrproxy yum.repos.d]# service varnish status


Redirecting to /bin/systemctl status varnish.service
● varnish.service - Varnish Cache, a high-performance HTTP accelerator
Loaded: loaded (/usr/lib/systemd/system/varnish.service; disabled; vendor pr>
Active: active (running) since Fri 2020-10-09 08:04:00 WIB; 29s ago
Process: 39268 ExecStart=/usr/sbin/varnishd -a :6081 -a localhost:8443,PROXY >
Main PID: 39269 (varnishd)
Tasks: 217
Memory: 192.6M
CGroup: /system.slice/varnish.service
├─39269 /usr/sbin/varnishd -a :6081 -a localhost:8443,PROXY -p featu>
└─39280 /usr/sbin/varnishd -a :6081 -a localhost:8443,PROXY -p featu>

Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39268]: Warnings:


Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39268]: VCL compiled.
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39268]: Debug: Version: varnis>
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39268]: Debug: Platform: Linux>
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39269]: Version: varnish-6.5.1>
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39269]: Platform: Linux,4.18.0>
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39268]: Debug: Child (39280) S>
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39269]: Child (39280) Started
Oct 09 08:04:00 svrproxy.propanraya.com varnishd[39269]: Child (39280) said Chi>
Oct 09 08:04:00 svrproxy.propanraya.com systemd[1]: Started Varnish Cache, a hi>
lines 1-21/21 (END)

[root@svrproxy yum.repos.d]# varnishd -V


varnishd (varnish-6.5.1 revision 1dae23376bb5ea7a6b8e9e4b9ed95cdc9469fb64)
Copyright (c) 2006 Verdens Gang AS
Copyright (c) 2006-2020 Varnish Software

# cd /etc/pki/tls/certs/
# cat STAR_propanraya_com.crt STAR_propanraya_com.ca-bundle STAR_propanraya_com_key.txt >
STAR_propanraya_com.pem

# vi /etc/hitch/hitch.conf
Ubah baris
Dari :
backend = "[127.0.0.1]:6086" # 6086 is the default Varnish PROXY port.
pem-dir = "/etc/pki/tls/private"

Menjadi
backend = "[127.0.0.1]:8443" # 8443 is the default Varnish PROXY port.
#pem-dir = "/etc/pki/tls/private"

Tambahkan baris:
pem-file = "/etc/pki/tls/certs/STAR_propanraya_com.pem"

Jika dibutuhkan SSL multidomain / domain yang lain, misalnya mail.jtklinux.com maka ditambakan baris
seperti dibawah ini :
pem-file = "/etc/pki/tls/certs/STAR_propanraya_com.pem"
pem-file = "/etc/pki/tls/certs/mail-jtklinux-com.pem"

# systemctl start hitch


# systemctl enable hitch
# systemctl status hitch
● hitch.service - Network proxy that terminates TLS/SSL connections
Loaded: loaded (/usr/lib/systemd/system/hitch.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/hitch.service.d
└─limit.conf
Active: active (running) since Tue 2020-10-13 15:02:21 WIB; 54s ago
Main PID: 4666 (hitch)
CGroup: /system.slice/hitch.service
├─4666 /usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
├─4667 /usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
├─4668 /usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
├─4669 /usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
├─4670 /usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf
└─4671 /usr/sbin/hitch --pidfile=/run/hitch/hitch.pid --config=/etc/hitch/hitch.conf

Oct 13 15:02:21 webha2 systemd[1]: Starting Network proxy that terminates TLS/SSL connections...
Oct 13 15:02:21 webha2 hitch[4665]: {core} hitch 1.5.2 starting
Oct 13 15:02:21 webha2 hitch[4665]: {core} Loading certificate pem files (1)
Oct 13 15:02:21 webha2 hitch[4665]: {core} Daemonized as pid 4666.
Oct 13 15:02:21 webha2 hitch[4667]: {core} Process 0 online
Oct 13 15:02:21 webha2 hitch[4668]: {core} Process 1 online
Oct 13 15:02:21 webha2 systemd[1]: Started Network proxy that terminates TLS/SSL connections.
Oct 13 15:02:21 webha2 hitch[4669]: {core} Process 2 online
Oct 13 15:02:21 webha2 hitch[4670]: {core} Process 3 online
Oct 13 15:02:21 webha2 hitch[4666]: {core} hitch 1.5.2 initialization complete

Redirect http ke https


# vi /etc/varnish/default.vcl
Tambahkan baris sbb:
Dibawah baris vcl 4.1;
import std;

Dibawah
backend default {
.host = "127.0.0.1";
.port = "8080";
}
sub vcl_recv {
if (std.port(server.ip) != 443) {
set req.http.location = "https://" + req.http.host + req.url;
return(synth(301));
}
}

sub vcl_synth {
if (resp.status == 301) {
set resp.http.location = req.http.location;
set resp.status = 301;
return (deliver);
}
}

Simpan dan restart varnish


# systemctl restart varnish
Testing redirect https varnish:
http://devtender.propanraya.com

# curl -I http://localhost
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Oct 2020 08:00:44 GMT
Server: Varnish
X-Varnish: 62
location: https://localhost/
Content-Length: 0
Connection: keep-alive

Testing di server yang lain, misalnya di server dns lokal


# curl -I http://devtender.propanraya.com
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Oct 2020 08:13:50 GMT
Server: Varnish
X-Varnish: 229465
location: https://devtender.propanraya.com/
Content-Length: 0
Connection: keep-alive

# curl -I https://devtender.propanraya.com
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 07:59:57 GMT
Server: Apache
Last-Modified: Tue, 13 Oct 2020 09:02:59 GMT
ETag: "4a-5b189ae73db46"
Content-Length: 74
Content-Type: text/html; charset=UTF-8
X-Varnish: 59
Age: 0
Via: 1.1 varnish (Varnish/6.5)
Accept-Ranges: bytes
Connection: keep-alive

# nmap localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2020-10-13 15:05 WIB
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000011s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 989 closed ports
PORT STATE SERVICE
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
631/tcp open ipp
3306/tcp open mysql
8080/tcp open http-proxy
8443/tcp open https-alt
9000/tcp open cslistener

Nmap done: 1 IP address (1 host up) scanned in 1.63 seconds

You might also like