From c62e1e3ad51522e283ce11f0ff5e033e70dfa719 Mon Sep 17 00:00:00 2001 From: floatingghost Date: Mon, 5 Dec 2022 13:39:27 +0000 Subject: [PATCH] varnish config/docs (#342) Co-authored-by: Mark Felder Co-authored-by: FloatingGhost Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/342 --- docs/Pipfile.lock | 104 +++++++++--------- .../{ => integrations}/howto_ejabberd.md | 0 .../{ => integrations}/howto_mongooseim.md | 0 .../{ => optimisation}/optimizing_beam.md | 0 .../optimisation/varnish_cache.md | 54 +++++++++ docs/mkdocs.yml | 8 +- installation/akkoma.vcl | 41 +------ 7 files changed, 119 insertions(+), 88 deletions(-) rename docs/docs/configuration/{ => integrations}/howto_ejabberd.md (100%) rename docs/docs/configuration/{ => integrations}/howto_mongooseim.md (100%) rename docs/docs/configuration/{ => optimisation}/optimizing_beam.md (100%) create mode 100644 docs/docs/configuration/optimisation/varnish_cache.md diff --git a/docs/Pipfile.lock b/docs/Pipfile.lock index c7b8f50db..4cd8c59b9 100644 --- a/docs/Pipfile.lock +++ b/docs/Pipfile.lock @@ -19,7 +19,7 @@ "sha256:0d9c601124e5a6ba9712dbc60d9c53c21e34f5f641fe83002317394311bdce14", "sha256:90c1a32f1d68f940488354e36370f6cca89f0f106db09518524c88d6ed83f382" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==2022.9.24" }, "charset-normalizer": { @@ -27,7 +27,7 @@ "sha256:5a3d016c7c547f69d6f81fb0db9449ce888b418b5b9952cc5e6e66843e9dd845", "sha256:83e9a75d1911279afd89352c68b45348559d1fc0506b054b346651b5e7fee29f" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==2.1.1" }, "click": { @@ -66,15 +66,16 @@ "sha256:cbb516f16218e643d8e0a95b309f77eb118cb138d39a4f27851e6a63581db874", "sha256:f5da449a6e1c989a4cea2631aa8ee67caa5a2ef855d551c88f9e309f4634c621" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==3.3.7" }, "markdown-include": { "hashes": [ - "sha256:a06183b7c7225e73112737acdc6fe0ac0686c39457234eeb5ede23881fed001d" + "sha256:b8f6b6f4e8b506cbe773d7e26c74a97d1354c35f3a3452d3449140a8f578d665", + "sha256:d12fb51500c46334a53608635035c78b7d8ad7f772566f70b8a6a9b2ef2ddbf5" ], "index": "pypi", - "version": "==0.7.0" + "version": "==0.8.0" }, "markupsafe": { "hashes": [ @@ -127,7 +128,7 @@ "sha256:0096d52e9dad9939c3d975a774666af186eda617e6ca84df4c94dec30004f2a8", "sha256:70775750742b25c0d8f36c55aed03d24c3384d17c951b3175d898bd778ef0307" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==1.3.4" }, "mkdocs": { @@ -140,26 +141,26 @@ }, "mkdocs-material": { "hashes": [ - "sha256:143ea55843b3747b640e1110824d91e8a4c670352380e166e64959f9abe98862", - "sha256:45eeabb23d2caba8fa3b85c91d9ec8e8b22add716e9bba8faf16d56af8aa5622" + "sha256:b0ea0513fd8cab323e8a825d6692ea07fa83e917bb5db042e523afecc7064ab7", + "sha256:c907b4b052240a5778074a30a78f31a1f8ff82d7012356dc26898b97559f082e" ], "index": "pypi", - "version": "==8.5.9" + "version": "==8.5.11" }, "mkdocs-material-extensions": { "hashes": [ - "sha256:96ca979dae66d65c2099eefe189b49d5ac62f76afb59c38e069ffc7cf3c131ec", - "sha256:bcc2e5fc70c0ec50e59703ee6e639d87c7e664c0c441c014ea84461a90f1e902" + "sha256:9c003da71e2cc2493d910237448c672e00cefc800d3d6ae93d2fc69979e3bd93", + "sha256:e41d9f38e4798b6617ad98ca8f7f1157b1e4385ac1459ca1e4ea219b556df945" ], "markers": "python_version >= '3.7'", - "version": "==1.1" + "version": "==1.1.1" }, "packaging": { "hashes": [ "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb", "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==21.3" }, "pygments": { @@ -167,16 +168,16 @@ "sha256:56a8508ae95f98e2b9bdf93a6be5ae3f7d8af858b43e02c5a2ff083726be40c1", "sha256:f643f331ab57ba3c9d89212ee4a2dabc6e94f117cf4eefde99a0574720d14c42" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==2.13.0" }, "pymdown-extensions": { "hashes": [ - "sha256:1bd4a173095ef8c433b831af1f3cb13c10883be0c100ae613560668e594651f7", - "sha256:8e62688a8b1128acd42fa823f3d429d22f4284b5e6dd4d3cd56721559a5a211b" + "sha256:0f8fb7b74a37a61cc34e90b2c91865458b713ec774894ffad64353a5fce85cfc", + "sha256:ac698c15265680db5eb13cd4342abfcde2079ac01e5486028f47a1b41547b859" ], "markers": "python_version >= '3.7'", - "version": "==9.8" + "version": "==9.9" }, "pyparsing": { "hashes": [ @@ -237,7 +238,7 @@ "sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174", "sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==6.0" }, "pyyaml-env-tag": { @@ -245,7 +246,7 @@ "sha256:70092675bda14fdec33b31ba77e7543de9ddc88f2e5b99160396572d11525bdb", "sha256:af31106dec8a4d68c60207c1886031cbf839b68aa7abccdb19868200532c2069" ], - "markers": "python_version >= '3.6'", + "markers": "python_full_version >= '3.6.0'", "version": "==0.1" }, "requests": { @@ -266,42 +267,45 @@ }, "urllib3": { "hashes": [ - "sha256:3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e", - "sha256:b930dd878d5a8afb066a637fbb35144fe7901e3b209d1cd4f524bd0e9deee997" + "sha256:47cc05d99aaa09c9e72ed5809b60e7ba354e64b59c9c173ac3018642d8bb41fc", + "sha256:c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8" ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' and python_version < '4'", - "version": "==1.26.12" + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==1.26.13" }, "watchdog": { "hashes": [ - "sha256:083171652584e1b8829581f965b9b7723ca5f9a2cd7e20271edf264cfd7c1412", - "sha256:117ffc6ec261639a0209a3252546b12800670d4bf5f84fbd355957a0595fe654", - "sha256:186f6c55abc5e03872ae14c2f294a153ec7292f807af99f57611acc8caa75306", - "sha256:195fc70c6e41237362ba720e9aaf394f8178bfc7fa68207f112d108edef1af33", - "sha256:226b3c6c468ce72051a4c15a4cc2ef317c32590d82ba0b330403cafd98a62cfd", - "sha256:247dcf1df956daa24828bfea5a138d0e7a7c98b1a47cf1fa5b0c3c16241fcbb7", - "sha256:255bb5758f7e89b1a13c05a5bceccec2219f8995a3a4c4d6968fe1de6a3b2892", - "sha256:43ce20ebb36a51f21fa376f76d1d4692452b2527ccd601950d69ed36b9e21609", - "sha256:4f4e1c4aa54fb86316a62a87b3378c025e228178d55481d30d857c6c438897d6", - "sha256:5952135968519e2447a01875a6f5fc8c03190b24d14ee52b0f4b1682259520b1", - "sha256:64a27aed691408a6abd83394b38503e8176f69031ca25d64131d8d640a307591", - "sha256:6b17d302850c8d412784d9246cfe8d7e3af6bcd45f958abb2d08a6f8bedf695d", - "sha256:70af927aa1613ded6a68089a9262a009fbdf819f46d09c1a908d4b36e1ba2b2d", - "sha256:7a833211f49143c3d336729b0020ffd1274078e94b0ae42e22f596999f50279c", - "sha256:8250546a98388cbc00c3ee3cc5cf96799b5a595270dfcfa855491a64b86ef8c3", - "sha256:97f9752208f5154e9e7b76acc8c4f5a58801b338de2af14e7e181ee3b28a5d39", - "sha256:9f05a5f7c12452f6a27203f76779ae3f46fa30f1dd833037ea8cbc2887c60213", - "sha256:a735a990a1095f75ca4f36ea2ef2752c99e6ee997c46b0de507ba40a09bf7330", - "sha256:ad576a565260d8f99d97f2e64b0f97a48228317095908568a9d5c786c829d428", - "sha256:b530ae007a5f5d50b7fbba96634c7ee21abec70dc3e7f0233339c81943848dc1", - "sha256:bfc4d351e6348d6ec51df007432e6fe80adb53fd41183716017026af03427846", - "sha256:d3dda00aca282b26194bdd0adec21e4c21e916956d972369359ba63ade616153", - "sha256:d9820fe47c20c13e3c9dd544d3706a2a26c02b2b43c993b62fcd8011bcc0adb3", - "sha256:ed80a1628cee19f5cfc6bb74e173f1b4189eb532e705e2a13e3250312a62e0c9", - "sha256:ee3e38a6cc050a8830089f79cbec8a3878ec2fe5160cdb2dc8ccb6def8552658" + "sha256:1893d425ef4fb4f129ee8ef72226836619c2950dd0559bba022b0818c63a7b60", + "sha256:1a410dd4d0adcc86b4c71d1317ba2ea2c92babaf5b83321e4bde2514525544d5", + "sha256:1f2b0665c57358ce9786f06f5475bc083fea9d81ecc0efa4733fd0c320940a37", + "sha256:1f8eca9d294a4f194ce9df0d97d19b5598f310950d3ac3dd6e8d25ae456d4c8a", + "sha256:27e49268735b3c27310883012ab3bd86ea0a96dcab90fe3feb682472e30c90f3", + "sha256:28704c71afdb79c3f215c90231e41c52b056ea880b6be6cee035c6149d658ed1", + "sha256:2ac0bd7c206bb6df78ef9e8ad27cc1346f2b41b1fef610395607319cdab89bc1", + "sha256:2af1a29fd14fc0a87fb6ed762d3e1ae5694dcde22372eebba50e9e5be47af03c", + "sha256:3a048865c828389cb06c0bebf8a883cec3ae58ad3e366bcc38c61d8455a3138f", + "sha256:441024df19253bb108d3a8a5de7a186003d68564084576fecf7333a441271ef7", + "sha256:56fb3f40fc3deecf6e518303c7533f5e2a722e377b12507f6de891583f1b48aa", + "sha256:619d63fa5be69f89ff3a93e165e602c08ed8da402ca42b99cd59a8ec115673e1", + "sha256:74535e955359d79d126885e642d3683616e6d9ab3aae0e7dcccd043bd5a3ff4f", + "sha256:76a2743402b794629a955d96ea2e240bd0e903aa26e02e93cd2d57b33900962b", + "sha256:83cf8bc60d9c613b66a4c018051873d6273d9e45d040eed06d6a96241bd8ec01", + "sha256:920a4bda7daa47545c3201a3292e99300ba81ca26b7569575bd086c865889090", + "sha256:9e99c1713e4436d2563f5828c8910e5ff25abd6ce999e75f15c15d81d41980b6", + "sha256:a5bd9e8656d07cae89ac464ee4bcb6f1b9cecbedc3bf1334683bed3d5afd39ba", + "sha256:ad0150536469fa4b693531e497ffe220d5b6cd76ad2eda474a5e641ee204bbb6", + "sha256:af4b5c7ba60206759a1d99811b5938ca666ea9562a1052b410637bb96ff97512", + "sha256:c7bd98813d34bfa9b464cf8122e7d4bec0a5a427399094d2c17dd5f70d59bc61", + "sha256:ceaa9268d81205876bedb1069f9feab3eccddd4b90d9a45d06a0df592a04cae9", + "sha256:cf05e6ff677b9655c6e9511d02e9cc55e730c4e430b7a54af9c28912294605a4", + "sha256:d0fb5f2b513556c2abb578c1066f5f467d729f2eb689bc2db0739daf81c6bb7e", + "sha256:d6ae890798a3560688b441ef086bb66e87af6b400a92749a18b856a134fc0318", + "sha256:e5aed2a700a18c194c39c266900d41f3db0c1ebe6b8a0834b9995c835d2ca66e", + "sha256:e722755d995035dd32177a9c633d158f2ec604f2a358b545bba5bed53ab25bca", + "sha256:ed91c3ccfc23398e7aa9715abf679d5c163394b8cad994f34f156d57a7c163dc" ], - "markers": "python_version >= '3.6'", - "version": "==2.1.9" + "markers": "python_full_version >= '3.6.0'", + "version": "==2.2.0" } }, "develop": {} diff --git a/docs/docs/configuration/howto_ejabberd.md b/docs/docs/configuration/integrations/howto_ejabberd.md similarity index 100% rename from docs/docs/configuration/howto_ejabberd.md rename to docs/docs/configuration/integrations/howto_ejabberd.md diff --git a/docs/docs/configuration/howto_mongooseim.md b/docs/docs/configuration/integrations/howto_mongooseim.md similarity index 100% rename from docs/docs/configuration/howto_mongooseim.md rename to docs/docs/configuration/integrations/howto_mongooseim.md diff --git a/docs/docs/configuration/optimizing_beam.md b/docs/docs/configuration/optimisation/optimizing_beam.md similarity index 100% rename from docs/docs/configuration/optimizing_beam.md rename to docs/docs/configuration/optimisation/optimizing_beam.md diff --git a/docs/docs/configuration/optimisation/varnish_cache.md b/docs/docs/configuration/optimisation/varnish_cache.md new file mode 100644 index 000000000..1598354f5 --- /dev/null +++ b/docs/docs/configuration/optimisation/varnish_cache.md @@ -0,0 +1,54 @@ +# Using a Varnish Cache + +Varnish is a layer that sits between your web server and your backend application - +it does something similar to nginx caching, but tends to be optimised for speed over +all else. + +To set up a varnish cache, first you'll need to install varnish. + +This will vary by distribution, and since this is a rather advanced guide, +no copy-paste instructions are provided. It's probably in your distribution's +package manager, though. `apt-get install varnish` and so on. + +Once you have varnish installed, you'll need to configure it to work with akkoma. + +Copy the configuration file to the varnish configuration directory: + + cp installation/akkoma.vcl /etc/varnish/akkoma.vcl + +You may want to check if varnish added a `default.vcl` file to the same directory, +if so you can just remove it without issue. + +Then boot up varnish, probably `systemctl start varnish` or `service varnish start`. + +Now you should be able to `curl -D- localhost:6081` and see a bunch of +akkoma javascript. + +Once that's out of the way, we can point our webserver at varnish. This + +=== "Nginx" + + upstream phoenix { + server 127.0.0.1:6081 max_fails=5 fail_timeout=60s; + } + + +=== "Caddy" + + reverse_proxy 127.0.0.1:6081 + +Now hopefully it all works + +If you get a HTTPS redirect loop, you may need to remove this part of the VCL + +```vcl +if (std.port(server.ip) != 443) { + set req.http.X-Forwarded-Proto = "http"; + set req.http.x-redir = "https://" + req.http.host + req.url; + return (synth(750, "")); +} else { + set req.http.X-Forwarded-Proto = "https"; +} +``` + +This will allow your webserver alone to handle redirects. \ No newline at end of file diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index c19439942..a70dac1fc 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -7,7 +7,10 @@ theme: font: false logo: 'images/akko_badday.png' features: - - tabs + - navigation.tabs + - toc.follow + - navigation.instant + - navigation.sections palette: primary: 'deep purple' accent: 'blue grey' @@ -31,7 +34,8 @@ markdown_extensions: - pymdownx.tasklist: custom_checkbox: true - pymdownx.superfences - - pymdownx.tabbed + - pymdownx.tabbed: + alternate_style: true - pymdownx.details - markdown_include.include: base_path: docs diff --git a/installation/akkoma.vcl b/installation/akkoma.vcl index 4752510ea..4eb2f3cfa 100644 --- a/installation/akkoma.vcl +++ b/installation/akkoma.vcl @@ -1,4 +1,5 @@ # Recommended varnishncsa logging format: '%h %l %u %t "%m %{X-Forwarded-Proto}i://%{Host}i%U%q %H" %s %b "%{Referer}i" "%{User-agent}i"' +# Please use Varnish 7.0+ for proper Range Requests / Chunked encoding support vcl 4.1; import std; @@ -22,11 +23,6 @@ sub vcl_recv { set req.http.X-Forwarded-Proto = "https"; } - # CHUNKED SUPPORT - if (req.http.Range ~ "bytes=") { - set req.http.x-range = req.http.Range; - } - # Pipe if WebSockets request is coming through if (req.http.upgrade ~ "(?i)websocket") { return (pipe); @@ -35,9 +31,9 @@ sub vcl_recv { # Allow purging of the cache if (req.method == "PURGE") { if (!client.ip ~ purge) { - return(synth(405,"Not allowed.")); + return (synth(405,"Not allowed.")); } - return(purge); + return (purge); } } @@ -53,17 +49,11 @@ sub vcl_backend_response { return (retry); } - # CHUNKED SUPPORT - if (bereq.http.x-range ~ "bytes=" && beresp.status == 206) { - set beresp.ttl = 10m; - set beresp.http.CR = beresp.http.content-range; - } - # Bypass cache for large files # 50000000 ~ 50MB if (std.integer(beresp.http.content-length, 0) > 50000000) { set beresp.uncacheable = true; - return(deliver); + return (deliver); } # Don't cache objects that require authentication @@ -94,7 +84,7 @@ sub vcl_synth { if (resp.status == 750) { set resp.status = 301; set resp.http.Location = req.http.x-redir; - return(deliver); + return (deliver); } } @@ -106,25 +96,12 @@ sub vcl_pipe { } } -sub vcl_hash { - # CHUNKED SUPPORT - if (req.http.x-range ~ "bytes=") { - hash_data(req.http.x-range); - unset req.http.Range; - } -} - sub vcl_backend_fetch { # Be more lenient for slow servers on the fediverse if (bereq.url ~ "^/proxy/") { set bereq.first_byte_timeout = 300s; } - # CHUNKED SUPPORT - if (bereq.http.x-range) { - set bereq.http.Range = bereq.http.x-range; - } - if (bereq.retries == 0) { # Clean up the X-Varnish-Backend-503 flag that is used internally # to mark broken backend responses that should be retried. @@ -143,14 +120,6 @@ sub vcl_backend_fetch { } } -sub vcl_deliver { - # CHUNKED SUPPORT - if (resp.http.CR) { - set resp.http.Content-Range = resp.http.CR; - unset resp.http.CR; - } -} - sub vcl_backend_error { # Retry broken backend responses. set bereq.http.X-Varnish-Backend-503 = "1";