Closed sean-e-dietrich closed 5 years ago
@sean-e-dietrich I guess for security reasons allowed IP range should be limited https://varnish-cache.org/docs/3.0/tutorial/purging.html
@achekulaev I think that is fine my question to you is what IP address or block would we use?
My guess would be "172.21.0.0"/24
to cover all containers in the project and 192.168.64.100
.
Which would mean no external purge requests by default.
update. Darn this IP differs from project to project. Might need to use "172.0.0.0"/8
@sean-e-dietrich How would the VARNISH_SECRET
be used to do a purge and why would you need VARNISH_IP_CLEAR
in addition to that?
Since we are getting into the default.vcl
refactoring, we should look into the https://github.com/docksal/service-varnish/pull/4/files PR and any more recent Varnish config templates available in general.
@lmakarov VARNISH_SECRET
is used to create a HMAC token.
The VARNISH_IP_CLEAR
would be for people to include additional IPs but now that I'm thinking of it maybe instead of overwriting the default.vcl
file we may want to look at just importing additional files that way someone could create a partial file with the ACL updated. I'm at this point just trying to get testing taken care of. But yes we should look at updating the default.vcl
file
using the
PURGE
method the pages can be cleared from cache.Example:
This should remove the page from cache. This is useful so that someone when testing varnish can do so quickly and easily without having to restart the project. Especially if they aren't using the Drupal varnish module.
Solves #12