achekulaev
commented
6 years ago @sean-e-dietrich I guess for security reasons allowed IP range should be limited https://varnish-cache.org/docs/3.0/tutorial/purging.html
Closed sean-e-dietrich closed 5 years ago
achekulaev
commented
6 years ago @sean-e-dietrich I guess for security reasons allowed IP range should be limited https://varnish-cache.org/docs/3.0/tutorial/purging.html
sean-e-dietrich
commented
6 years ago @achekulaev I think that is fine my question to you is what IP address or block would we use?
achekulaev
commented
6 years ago My guess would be "172.21.0.0"/24 to cover all containers in the project and 192.168.64.100.
Which would mean no external purge requests by default.
update. Darn this IP differs from project to project. Might need to use "172.0.0.0"/8
lmakarov
commented
6 years ago @sean-e-dietrich How would the VARNISH_SECRET be used to do a purge and why would you need VARNISH_IP_CLEAR in addition to that?
Since we are getting into the default.vcl refactoring, we should look into the https://github.com/docksal/service-varnish/pull/4/files PR and any more recent Varnish config templates available in general.
sean-e-dietrich
commented
6 years ago @lmakarov VARNISH_SECRET is used to create a HMAC token.
The VARNISH_IP_CLEAR would be for people to include additional IPs but now that I'm thinking of it maybe instead of overwriting the default.vcl file we may want to look at just importing additional files that way someone could create a partial file with the ACL updated. I'm at this point just trying to get testing taken care of. But yes we should look at updating the default.vcl file
lmakarov
commented
5 years ago
using the
PURGEmethod the pages can be cleared from cache.Example:
This should remove the page from cache. This is useful so that someone when testing varnish can do so quickly and easily without having to restart the project. Especially if they aren't using the Drupal varnish module.
Solves #12