Merge branch 'chore/pleroma-vcl' into 'develop'

Make it possible for Varnish logs to contain the true scheme used by clients See merge request pleroma/pleroma!3051
author: feld <feld@feld.me> 2020-09-30 18:13:34 +0000
committer: feld <feld@feld.me> 2020-09-30 18:13:34 +0000
commit: 34029ffb90175e9beb43bc20b76a8093971d8ca6 (patch)
tree: 0b7faede0d2c3ef885b399b8b55dfbb52f873751
parent: 6debdaaef2b4789fc5fd933c0362bbf10346febf (diff)
parent: b3015db841536c26934f43374ed75fb77a11ff68 (diff)
download: pleroma-34029ffb90175e9beb43bc20b76a8093971d8ca6.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl
index 154747aa6..13dad784c 100644
--- a/installation/pleroma.vcl
+++ b/installation/pleroma.vcl
@@ -1,3 +1,4 @@
+# Recommended varnishncsa logging format: '%h %l %u %t "%m %{X-Forwarded-Proto}i://%{Host}i%U%q %H" %s %b "%{Referer}i" "%{User-agent}i"'
 vcl 4.1;
 import std;
 
@@ -14,8 +15,11 @@ acl purge {
 sub vcl_recv {
     # Redirect HTTP to HTTPS
     if (std.port(server.ip) != 443) {
+      set req.http.X-Forwarded-Proto = "http";
       set req.http.x-redir = "https://" + req.http.host + req.url;
       return (synth(750, ""));
+    } else {
+      set req.http.X-Forwarded-Proto = "https";
     }
 
     # CHUNKED SUPPORT
@@ -105,7 +109,7 @@ sub vcl_hash {
 
 sub vcl_backend_fetch {
     # Be more lenient for slow servers on the fediverse
-    if bereq.url ~ "^/proxy/" {
+    if (bereq.url ~ "^/proxy/") {
       set bereq.first_byte_timeout = 300s;
     }
author	feld <feld@feld.me>	2020-09-30 18:13:34 +0000
committer	feld <feld@feld.me>	2020-09-30 18:13:34 +0000
commit	34029ffb90175e9beb43bc20b76a8093971d8ca6 (patch)
tree	0b7faede0d2c3ef885b399b8b55dfbb52f873751
parent	6debdaaef2b4789fc5fd933c0362bbf10346febf (diff)
parent	b3015db841536c26934f43374ed75fb77a11ff68 (diff)
download	pleroma-34029ffb90175e9beb43bc20b76a8093971d8ca6.tar.gz