Varnish Installation and Configuration

Since Deki Wiki needs to be able to purge url's in a case-insensitive manner, we need to use varnish 1.2 which adds the REG_ICASE flag to regexes.

NOTE: Varnish support for Deki Wiki is an experimental feature!     

Use the following steps to configure varnish on CentOS/RHEL

Download Varnish   

mkdir ~/dev
cd ~/dev
svn co http://varnish.projects.linpro.no/svn/branches/1.2 varnish-1.2

cd varnish-1.2
./autogen.sh
./configure --prefix=/opt/varnish
make
make install
cp redhat/varnish.initrc /etc/init.d/varnish
sed -i -e 's:DAEMON="\(.*\)":DAEMON="/opt/varnish/sbin/varnishd":' /etc/init.d/varnish
cp redhat/varnish.sysconfig /etc/sysconfig/varnish
groupadd -r varnish
useradd -r -g varnish -d /var/lib/varnish -s /sbin/nologin \
    -c "Varnish http accelerator user" varnish
chkconfig --add varnish
chkconfig --level 345 varnish on

Edit /etc/sysconfig/varnish and use these options (replace your_ip) with the IP addr of your box

DAEMON_OPTS="-a your_ip:80 \
             -T localhost:6082 \
             -f /etc/varnish/dekiwiki.vcl \
             -u varnish -g varnish \
             -s file,/var/lib/varnish/varnish_storage.bin,1G"

Create the following file:  /etc/varnish/dekiwiki.vcl

#
# This is a basic VCL configuration file for varnish.  See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# $Id: default.vcl 1929 2007-08-29 15:37:59Z des $
#

# Default backend definition.  Set this to point to your content
# server.

backend default {
        .host = "127.0.0.1";
        .port = "80";
}

# Below is a commented-out copy of the default VCL logic.  If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.


acl purge {
        "localhost";
}

## Called when a client request is received
#
sub vcl_recv {
        if (req.request == "PURGE") {
                if(!client.ip ~ purge) {
                        error 405 "Not Allowed";
                }
                purge_url(req.http.X-Purge-Url);
                error 200 "Purged";
        }
        if (req.request != "GET" && req.request != "HEAD") {
                pipe;
        }

        if (req.http.Expect) {
                pipe;
        }
        if (req.http.Authenticate) {
                pass;
        }

        # normalize the Accept-Encoding header
        if (req.http.Accept-Encoding) {
                if (req.http.Accept-Encoding ~ "gzip") {
                        set req.http.Accept-Encoding = "gzip";
                } elsif (req.http.Accept-Encoding ~ "deflate") {
                        set req.http.Accept-Encoding = "deflate";
                } else {
                        # unkown algorithm
                        remove req.http.Accept-Encoding;
                }
        }

        // PeteE: don't cache authenticated sessions
        if (req.http.Cookie && req.http.Cookie ~ "authtoken=") {
                pipe;
        }
        //  PeteE: Varnish doesn't do INM requests so pass it through if no If-Modified-Since was sent
        if (req.http.If-None-Match && !req.http.If-Modified-Since) {
                pass;
        }
        lookup;
}
#
## Called when entering pipe mode
#
sub vcl_pipe {
        pipe;
}
#
## Called when entering pass mode
#
sub vcl_pass {
        pass;
}
#
## Called when entering an object into the cache
#
sub vcl_hash {
        set req.hash += req.url;
        if (req.http.host) {
                set req.hash += req.http.host;
        } else {
                set req.hash += server.ip;
        }
        hash;
}
#
## Called when the requested object was found in the cache
#
sub vcl_hit {
        if (!obj.cacheable) {
                pass;
        }
        deliver;
}
#
## Called when the requested object was not found in the cache
#
sub vcl_miss {
        fetch;
}
#
## Called when the requested object has been retrieved from the
## backend, or the request to the backend has failed
#
sub vcl_fetch {
        // set a 10 second ttl for special pages
        if(req.url ~ "^/Special:.*$") {
                set obj.ttl = 10s;
        }
        // set a 0 second ttl for /@api/host
        if(req.url ~ "^/@api/host.*$") {
                set obj.ttl = 0s;
        }
        // set a 10 second ttl for /@api/deki
        if(req.url ~ "^/@api/deki/files/.*$") {
                // do nothing
        } else if(req.url ~ "^/@api/deki/.*$") {
                set obj.ttl = 10s;
        }

        // rewrite s-maxage so intermediary proxies don't use it
        if(obj.http.Cache-Control ~ "s-maxage") {
                set obj.http.Cache-Control = regsub(obj.http.Cache-Control, "s-maxage=[0-9]+", "s-maxage=0");
        }

        if (!obj.valid) {
                error;
        }
        if (!obj.cacheable) {
                pass;
        }
        insert;
}
#
#
## Called before a cached object is delivered to the client
#
sub vcl_deliver {
    deliver;
}
#
## Called when an object nears its expiry time
#
sub vcl_timeout {
        discard;
}
#
## Called when an object is about to be discarded
#
sub vcl_discard {
    discard;
}

Edit your apache config so Deki Wiki only runs on localhost:80

NameVirtualHost 127.0.0.1:80
<VirtualHost 127.0.0.1:80>

Edit /etc/httpd/conf/httpd.conf and change the Listen directive

Listen 127.0.0.1:80

Restart apache and varnish

/etc/init.d/httpd restart
/etc/init.d/varnish restart

Configure Deki Wiki to use Varnish by editing /etc/dekiwiki/mindtouch.deki.startup.xml

      <wikis>
        <globalconfig>
                <cache> 
                        <varnish>http://your_ip_addr</varnish>
                        <varnish-maxage>600</varnish-maxage> <!-- 5 minutes, increase as needed -->
                </cache>
        </globalconfig>
      </wikis>

Restart dekiwiki

/etc/init.d/dekiwiki restart