initial commit
initial commit

file:b/readme.txt (new)
--- /dev/null
+++ b/readme.txt

--- /dev/null
+++ b/varnish-cacheing.php
@@ -1,1 +1,531 @@
-
+<?php
+/*
+Plugin Name: Varnish Cacheing
+Plugin URI: http://wordpress.org/extend/plugins/varnish-cacheing/
+Description: Sends purge requests to URLs of changed posts/pages when they are modified.
+Version: 1.0
+Author: Razvan Stanga
+Author URI: http://git.razvi.ro/
+License: http://www.apache.org/licenses/LICENSE-2.0
+Text Domain: varnish-cacheing
+Network: true
+
+Copyright 2015: Razvan Stanga (email: varnish-cacheing@razvi.ro)
+*/
+
+class VarnishCacheing {
+    protected $blogId;
+    protected $plugin = 'varnish-cacheing';
+    protected $prefix = 'varnish_cacheing_';
+    protected $purgeUrls = array();
+    protected $varnishIp = null;
+    protected $varnishHost = null;
+    protected $dynamicHost = null;
+    protected $ipsToHosts = array();
+    protected $purgeKey = null;
+    protected $getParam = 'purge_varnish_cache';
+    protected $debugMessage = '';
+    protected $postTypes = array('page', 'post');
+    protected $override = 0;
+    protected $customFields = array();
+    protected $debug = 0;
+
+    public function __construct()
+    {
+        global $blog_id;
+        defined($this->plugin) || define($this->plugin, true);
+
+        $this->blogId = $blog_id;
+        add_action('init', array(&$this, 'init'));
+        add_action('activity_box_end', array($this, 'varnish_glance'), 100);
+
+        $this->customFields = array(
+            array(
+                'name'          => 'ttl',
+                'title'         => 'TTL',
+                'description'   => __('Not required. If filled in overrides default TTL of %s seconds. 0 means no cacheing.', $this->plugin),
+                'type'          => 'text',
+                'scope'         =>  array('post', 'page'),
+                'capability'    => 'manage_options'
+            )
+        );
+
+        $this->setupIpsToHosts();
+        $this->purgeKey = ($purgeKey = trim(get_option($this->prefix . 'purge_key'))) ? $purgeKey : null;
+        $this->admin_menu();
+    }
+
+    public function init()
+    {
+        load_plugin_textdomain($this->plugin);
+
+        $this->debug = get_option($this->prefix . 'debug');
+
+        // send headers to varnish
+        add_action('send_headers', array($this, 'add_headers'));
+
+        // register events to purge post
+        foreach ($this->getRegisterEvents() as $event) {
+            add_action($event, array($this, 'purge_post'), 10, 2);
+        }
+
+        // purge all cache
+        if (isset($_GET[$this->getParam]) && check_admin_referer($this->plugin)) {
+            if (get_option('permalink_structure') == '' && current_user_can('manage_options')) {
+                add_action('admin_notices' , array($this, 'pretty_permalinks_message'));
+            }
+            if ($this->varnishIp == null) {
+                add_action('admin_notices' , array($this, 'purge_message_no_ips'));
+            } else {
+                $this->purgeCache();
+            }
+        }
+
+        if ($this->check_if_purgeable()) {
+            add_action('admin_bar_menu', array($this, 'purge_varnish_cache_all_adminbar'), 100);
+        }
+        if ($this->override = get_option($this->prefix . 'override')) {
+            add_action('admin_menu', array($this, 'createCustomFields'));
+            add_action('save_post', array($this, 'saveCustomFields' ), 1, 2);
+        }
+    }
+
+    protected function setupIpsToHosts()
+    {
+        $this->varnishIp = get_option($this->prefix . 'ips');
+        $this->varnishHost = get_option($this->prefix . 'hosts');
+        $this->dynamicHost = get_option($this->prefix . 'dynamic_host');
+        $varnishIp = explode(',', $this->varnishIp);
+        $varnishHost = explode(',', $this->varnishHost);
+        foreach ($varnishIp as $key => $ip) {
+            $this->ipsToHosts[] = array(
+                'ip' => $ip,
+                'host' => $this->dynamicHost ? $_SERVER['HTTP_HOST'] : $varnishHost[$key]
+            );
+        }
+    }
+
+    public function createCustomFields()
+    {
+        if (function_exists('add_meta_box')) {
+            foreach ($this->postTypes as $postType) {
+                add_meta_box($this->plugin, 'Varnish', array($this, 'displayCustomFields'), $postType, 'side', 'high');
+            }
+        }
+    }
+
+    public function saveCustomFields($post_id, $post)
+    {
+        if (!isset($_POST['vc-custom-fields_wpnonce']) || !wp_verify_nonce($_POST['vc-custom-fields_wpnonce'], 'vc-custom-fields'))
+            return;
+        if (!current_user_can('edit_post', $post_id))
+            return;
+        if (!in_array($post->post_type, $this->postTypes))
+            return;
+        foreach ($this->customFields as $customField) {
+            if (current_user_can($customField['capability'], $post_id)) {
+                if (isset($_POST[$this->prefix . $customField['name']]) && trim($_POST[$this->prefix . $customField['name']])) {
+                    $value = $_POST[$this->prefix . $customField['name']];
+                    update_post_meta($post_id, $this->prefix . $customField['name'], $_POST[$this->prefix . $customField['name']]);
+                } else {
+                    delete_post_meta($post_id, $this->prefix . $customField['name']);
+                }
+            }
+        }
+    }
+
+    function displayCustomFields()
+    {
+        global $post;
+        ?>
+            <?php
+            wp_nonce_field('vc-custom-fields', 'vc-custom-fields_wpnonce', false, true);
+            foreach ($this->customFields as $customField) {
+                // Check scope
+                $scope = $customField['scope'];
+                $output = false;
+                foreach ($scope as $scopeItem) {
+                    switch ($scopeItem) {
+                        default: {
+                            if ($post->post_type == $scopeItem)
+                                $output = true;
+                            break;
+                        }
+                    }
+                    if ($output) break;
+                }
+                // Check capability
+                if (!current_user_can($customField['capability'], $post->ID))
+                    $output = false;
+                // Output if allowed
+                if ($output) { ?>
+                        <?php
+                        switch ($customField['type']) {
+                            case "checkbox": {
+                                // Checkbox
+                                echo '<p><strong>' . $customField['title'] . '</strong></p>';
+                                echo '<label class="screen-reader-text" for="' . $this->prefix . $customField['name'] . '">' . $customField['title'] . '</label>';
+                                echo '<p><input type="checkbox" name="' . $this->prefix . $customField['name'] . '" id="' . $this->prefix . $customField['name'] . '" value="yes"';
+                                if (get_post_meta( $post->ID, $this->prefix . $customField['name'], true ) == "yes")
+                                    echo ' checked="checked"';
+                                echo '" style="width: auto;" /></p>';
+                                break;
+                            }
+                            default: {
+                                // Plain text field
+                                echo '<p><b>' . $customField['title'] . '</b></p>';
+                                $value = intval(get_post_meta($post->ID, $this->prefix . $customField[ 'name' ], true));
+                                $default_ttl = get_option($this->prefix . 'ttl');
+                                $value = $value ? $value : $default;
+                                echo '<p><input type="text" name="' . $this->prefix . $customField['name'] . '" id="' . $this->prefix . $customField['name'] . '" value="' . $value . '" /></p>';
+                                break;
+                            }
+                        }
+                        ?>
+                        <?php if ($customField['description']) echo '<p>' . sprintf($customField['description'], $default_ttl) . '</p>'; ?>
+                <?php
+                }
+            } ?>
+        <?php
+    }
+
+    public function check_if_purgeable()
+    {
+        return (!is_multisite() && current_user_can('activate_plugins')) || current_user_can('manage_network') || (is_multisite() && !current_user_can('manage_network') && (SUBDOMAIN_INSTALL || (!SUBDOMAIN_INSTALL && (BLOG_ID_CURRENT_SITE != $this->blogId))));
+    }
+
+    public function purge_message()
+    {
+        echo '<div id="message" class="updated fade"><p><strong>' . __('Varnish message:', $this->plugin) . '</strong><br />' . $this->debugMessage . '</p></div>';
+    }
+
+    public function purge_message_no_ips()
+    {
+        echo '<div id="message" class="error fade"><p><strong>' . __('Please set the IPs for Varnish!', $this->plugin) . '</strong></p></div>';
+    }
+
+    public function pretty_permalinks_message()
+    {
+        echo '<div id="message" class="error"><p>' . __('Varnish Cacheing requires you to use custom permalinks. Please go to the <a href="options-permalink.php">Permalinks Options Page</a> to configure them.', $this->plugin) . '</p></div>';
+    }
+
+    public function purge_varnish_cache_all_adminbar($admin_bar)
+    {
+        $admin_bar->add_menu( array(
+            'id'    => 'purge-all-varnish-cache',
+            'title' => 'Purge Varnish Cache',
+            'href'  => wp_nonce_url(add_query_arg($this->getParam, 1), $this->plugin),
+            'meta'  => array(
+                'title' => __('Purge Varnish Cache',$this->plugin),
+            ),
+        ));
+    }
+
+    public function varnish_glance()
+    {
+        $url = wp_nonce_url(admin_url('?' . $this->getParam), $this->plugin);
+        $button = '';
+        $nopermission = '';
+        if ($this->varnishIp == null) {
+            $intro .= sprintf(__('Please setup Varnish IPs to be able to use <a href="%1$s">Varnish Cacheing</a>.', $this->plugin), 'http://wordpress.org/plugins/varnish-cacheing/');
+        } else {
+            $intro .= sprintf(__('<a href="%1$s">Varnish Cacheing</a> automatically purges your posts when published or updated. Sometimes you need a manual flush.', $this->plugin), 'http://wordpress.org/plugins/varnish-cacheing/');
+            $button .=  __('Press the button below to force it to purge your entire cache.', $this->plugin);
+            $button .= '</p><p><span class="button"><a href="' . $url . '"><strong>';
+            $button .= __('Purge Varnish', $this->plugin);
+            $button .= '</strong></a></span>';
+            $nopermission .=  __('You do not have permission to purge the cache for the whole site. Please contact your adminstrator.', $this->plugin);
+        }
+        if ($this->check_if_purgeable()) {
+            $text = $intro . ' ' . $button;
+        } else {
+            $text = $intro . ' ' . $nopermission;
+        }
+        echo '<p class="varnish-galce">' . $text . '</p>';
+    }
+
+    protected function getRegisterEvents() {
+        return array(
+            'save_post',
+            'deleted_post',
+            'trashed_post',
+            'edit_post',
+            'delete_attachment',
+            'switch_theme',
+        );
+    }
+
+    public function purgeCache() {
+        $purgeUrls = array_unique($this->purgeUrls);
+
+        if (empty($purgeUrls)) {
+            if (isset($_GET[$this->getParam]) && current_user_can('manage_options') && check_admin_referer($this->plugin)) {
+                $this->purgeUrl(home_url() .'/?vc-regex');
+            }
+        } else {
+            foreach($purgeUrls as $url) {
+                $this->purgeUrl($url);
+            }
+        }
+        add_action('admin_notices' , array($this, 'purge_message'));
+    }
+
+    protected function purgeUrl($url) {
+        $p = parse_url($url);
+
+        if (isset($p['query']) && ($p['query'] == 'vc-regex')) {
+            $pregex = '.*';
+            $purgemethod = 'regex';
+        } else {
+            $pregex = '';
+            $purgemethod = 'default';
+        }
+
+        if (isset($p['path'])) {
+            $path = $p['path'];
+        } else {
+            $path = '';
+        }
+
+        $schema = apply_filters('varnish_http_purge_schema', 'http://');
+
+        foreach ($this->ipsToHosts as $key => $ipToHost) {
+            $purgeme = $schema . $ipToHost['ip'] . $path . $pregex;
+            $headers = array('host' => $ipToHost['host'], 'X-VC-Purge-Method' => $purgemethod, 'X-VC-Purge-Host' => $ipToHost['host']);
+            if (!is_null($this->purgeKey)) {
+                $headers['X-VC-Purge-Key'] = $this->purgeKey;
+            }
+            $response = wp_remote_request($purgeme, array('method' => 'PURGE', 'headers' => $headers));
+            if ($response instanceof WP_Error) {
+                foreach ($response->errors as $error => $errors) {
+                    $this->debugMessage .= '<br />Error ' . $error . '<br />';
+                    foreach ($errors as $error => $description) {
+                        $this->debugMessage .= ' - ' . $description . '<br />';
+                    }
+                }
+            } else {
+                $this->debugMessage .= '<br />Trying to purge URL : ' . $purgeme;
+                if ($this->debug) {
+                    $this->debugMessage .= ' => <br /> ' . $response['body'];
+                }
+            }
+        }
+
+        do_action('after_purge_url', $url, $purgeme);
+    }
+
+    public function purge_post($postId)
+    {
+        // If this is a valid post we want to purge the post, the home page and any associated tags & cats
+        // If not, purge everything on the site.
+
+        $validPostStatus = array('publish', 'trash');
+        $thisPostStatus  = get_post_status($postId);
+
+        // If this is a revision, stop.
+        if(get_permalink($postId) !== true && !in_array($thisPostStatus, $validPostStatus)) {
+            return;
+        } else {
+            // array to collect all our URLs
+            $listofurls = array();
+
+            // Category purge based on Donnacha's work in WP Super Cache
+            $categories = get_the_category($postId);
+            if ($categories) {
+                foreach ($categories as $cat) {
+                    array_push($listofurls, get_category_link( $cat->term_id));
+                }
+            }
+            // Tag purge based on Donnacha's work in WP Super Cache
+            $tags = get_the_tags($postId);
+            if ($tags) {
+                foreach ($tags as $tag) {
+                    array_push($listofurls, get_tag_link( $tag->term_id));
+                }
+            }
+
+            // Author URL
+            array_push($listofurls,
+                get_author_posts_url(get_post_field( 'post_author', $postId)),
+                get_author_feed_link(get_post_field( 'post_author', $postId))
+            );
+
+            // Archives and their feeds
+            $archiveurls = array();
+            if ( get_post_type_archive_link(get_post_type($postId)) == true) {
+                array_push($listofurls,
+                    get_post_type_archive_link( get_post_type($postId)),
+                    get_post_type_archive_feed_link( get_post_type($postId))
+                );
+            }
+
+            // Post URL
+            array_push($listofurls, get_permalink($postId));
+
+            // Feeds
+            array_push($listofurls,
+                get_bloginfo_rss('rdf_url') ,
+                get_bloginfo_rss('rss_url') ,
+                get_bloginfo_rss('rss2_url'),
+                get_bloginfo_rss('atom_url'),
+                get_bloginfo_rss('comments_rss2_url'),
+                get_post_comments_feed_link($postId)
+            );
+
+            // Home Page and (if used) posts page
+            array_push($listofurls, home_url('/'));
+            if ( get_option('show_on_front') == 'page') {
+                array_push($listofurls, get_permalink( get_option('page_for_posts')));
+            }
+
+            // Now flush all the URLs we've collected
+            foreach ($listofurls as $url) {
+                array_push($this->purgeUrls, $url) ;
+            }
+
+        }
+
+        // Filter to add or remove urls to the array of purged urls
+        // @param array $purgeUrls the urls (paths) to be purged
+        // @param int $postId the id of the new/edited post
+        $this->purgeUrls = apply_filters('vc_purge_urls', $this->purgeUrls, $postId);
+        $this->purgeCache();
+    }
+
+    public function add_headers()
+    {
+        $enable = get_option($this->prefix . 'enable');
+        if ($enable) {
+            Header('X-VC-Enabled: true');
+            $ttl = get_option($this->prefix . 'ttl');
+            Header('Cache-Control: max-age=' . $ttl);
+            if ($debug = get_option($this->prefix . 'debug')) {
+                Header('X-VC-Debug: true');
+            }
+        }
+    }
+
+    public function admin_menu()
+    {
+        add_action('admin_menu', array($this, 'add_menu_item'));
+        add_action('admin_init', array($this, 'setting_page_fields'));
+    }
+
+    public function add_menu_item()
+    {
+        add_menu_page(__('Varnish Cacheing', $this->plugin), __('Varnish Cacheing', $this->plugin), 'manage_options', $this->plugin . '-options', array($this, 'settings_page'), null, 99);
+    }
+
+    public function settings_page()
+    {
+    ?>
+        <div class="wrap">
+        <h1><?=__('Varnish Cacheing Options', $this->plugin)?></h1>
+        <form method="post" action="options.php">
+            <?php
+                settings_fields('section');
+                do_settings_sections($this->plugin . '-options');
+                submit_button();
+            ?>
+        </form>
+        </div>
+    <?php
+    }
+
+    public function setting_page_fields()
+    {
+        add_settings_section('section', 'Settings', null, $this->plugin . '-options');
+
+        add_settings_field($this->prefix . "enable", __("Enable" , $this->plugin), array($this, $this->prefix . "enable"), $this->plugin . '-options', "section");
+        add_settings_field($this->prefix . "ttl", __("Cache TTL", $this->plugin), array($this, $this->prefix . "ttl"), $this->plugin . '-options', "section");
+        add_settings_field($this->prefix . "ips", __("IPs", $this->plugin), array($this, $this->prefix . "ips"), $this->plugin . '-options', "section");
+        add_settings_field($this->prefix . "dynamic_host", __("Dynamic host", $this->plugin), array($this, $this->prefix . "dynamic_host"), $this->plugin . '-options', "section");
+        if (!get_option($this->prefix . 'dynamic_host')) {
+            add_settings_field($this->prefix . "hosts", __("Hosts", $this->plugin), array($this, $this->prefix . "hosts"), $this->plugin . '-options', "section");
+        }
+        add_settings_field($this->prefix . "override", __("Override default TTL", $this->plugin), array($this, $this->prefix . "override"), $this->plugin . '-options', "section");
+        add_settings_field($this->prefix . "purge_key", __("Purge key", $this->plugin), array($this, $this->prefix . "purge_key"), $this->plugin . '-options', "section");
+        add_settings_field($this->prefix . "debug", __("Enable debug", $this->plugin), array($this, $this->prefix . "debug"), $this->plugin . '-options', "section");
+
+        register_setting("section", $this->prefix . "enable");
+        register_setting("section", $this->prefix . "ttl");
+        register_setting("section", $this->prefix . "ips");
+        register_setting("section", $this->prefix . "dynamic_host");
+        register_setting("section", $this->prefix . "hosts");
+        register_setting("section", $this->prefix . "override");
+        register_setting("section", $this->prefix . "purge_key");
+        register_setting("section", $this->prefix . "debug");
+    }
+
+    public function varnish_cacheing_enable()
+    {
+        ?>
+            <input type="checkbox" name="varnish_cacheing_enable" value="1" <?php checked(1, get_option($this->prefix . 'enable'), true); ?> />
+            <p class="description"><?=__('Enable Varnish cacheing', $this->plugin)?></p>
+        <?php
+    }
+
+    public function varnish_cacheing_ttl()
+    {
+        ?>
+            <input type="text" name="varnish_cacheing_ttl" id="varnish_cacheing_ttl" value="<?php echo get_option($this->prefix . 'ttl'); ?>" />
+            <p class="description"><?=__('Time to live in seconds in Varnish cache', $this->plugin)?></p>
+        <?php
+    }
+
+    public function varnish_cacheing_ips()
+    {
+        ?>
+            <input type="text" name="varnish_cacheing_ips" id="varnish_cacheing_ips" size="100" value="<?php echo get_option($this->prefix . 'ips'); ?>" />
+            <p class="description"><?=__('Comma separated ip/ip:port. Example : 192.168.0.2,192.168.0.3:8080', $this->plugin)?></p>
+        <?php
+    }
+
+    public function varnish_cacheing_dynamic_host()
+    {
+        ?>
+            <input type="checkbox" name="varnish_cacheing_dynamic_host" value="1" <?php checked(1, get_option($this->prefix . 'dynamic_host'), true); ?> />
+            <p class="description">
+                <?=__('Uses the $_SERVER[\'HTTP_HOST\'] as hash for Varnish. This means the purge cache action will work on the domain you\'re on.<br />Use this option if you use only one domain.', $this->plugin)?>
+            </p>
+        <?php
+    }
+
+    public function varnish_cacheing_hosts()
+    {
+        ?>
+            <input type="text" name="varnish_cacheing_hosts" id="varnish_cacheing_hosts" size="100" value="<?php echo get_option($this->prefix . 'hosts'); ?>" />
+            <p class="description">
+                <?=__('Comma separated hostnames. Varnish uses the hostname to create the cache hash. For each IP, you must set a hostname.<br />Use this option if you use multiple domains.', $this->plugin)?>
+            </p>
+        <?php
+    }
+
+    public function varnish_cacheing_override()
+    {
+        ?>
+            <input type="checkbox" name="varnish_cacheing_override" value="1" <?php checked(1, get_option($this->prefix . 'override'), true); ?> />
+            <p class="description"><?=__('Override default TTL on each post/page.', $this->plugin)?></p>
+        <?php
+    }
+
+    public function varnish_cacheing_purge_key()
+    {
+        ?>
+            <input type="text" name="varnish_cacheing_purge_key" id="varnish_cacheing_purge_key" size="100" value="<?php echo get_option($this->prefix . 'purge_key'); ?>" />
+            <p class="description">
+                <?=__('Key used to purge Varnish cache. It is sent to Varnish as X-VC-Purge-Key header. Use a SHA-256 hash.<br />if you can\'t use ACL\'s, use this option.', $this->plugin)?>
+            </p>
+        <?php
+    }
+
+    public function varnish_cacheing_debug()
+    {
+        ?>
+            <input type="checkbox" name="varnish_cacheing_debug" value="1" <?php checked(1, get_option($this->prefix . 'debug'), true); ?> />
+        <?php
+    }
+}
+
+$purger = new VarnishCacheing();
+

--- /dev/null
+++ b/varnish-conf/LICENSE
@@ -1,1 +1,340 @@
-
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+                            NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.
+

--- /dev/null
+++ b/varnish-conf/README.rst
@@ -1,1 +1,146 @@
+======================
+varnish-vcl-collection
+======================
 
+Collection of Varnish VCL files.  The purpose of this collection is to make
+it easier to configure varnish for some common setups and behaviors.  Some
+of these files require you to define specific ACLs in your main VCL, and also
+note that the order of including files could change the behavior of Varnish.
+
+The main goal for this VCL Collection is to provide a simple config with just
+a few options that can make Varnish work for the majority of sites. Most of
+the "configuration" is done by choosing which files to include and defining
+ACLs. We hope to provide a robust configuration that can be used with
+relatively little information or control over what is actually running on
+the backend.  This is particularly useful for managed web hosts who want
+to have customers benefit from the performance of a caching proxy without
+limiting what can run on the web backend and without customizing the
+configuration for each customer.
+
+See `wordpress-example.vcl` for an example of how to use this collection
+of VCLs to configure Varnish for a WordPress site.
+
+
+CloudFlare
+==========
+
+If you use CloudFlare and the backend is running `mod_cloudflare` (for Apache)
+or `http_realip_module` (for Nginx), then you should use `lib/cloudflare.vcl`.
+
+CloudFlare uses the HTTP Header `CF-Connecting-IP` to store the original
+client IP address.  Note that unlike the `X-Forwarded-For` Header, this just
+contains the original IP address, not the entire forward chain.
+
+If you are using a CloudFlare Railgun server, or have any other trusted proxy
+servers between Varnish and CloudFlare, you will need to specify them in the
+`cloudflare` ACL.
+
+Also note that you will need to make sure that Varnish's IP is configured
+as trusted in `mod_cloudflare` or the `http_realip_module` on the backend.
+
+Example usage::
+
+	include "lib/cloudflare.vcl";
+
+	acl cloudflare {
+		# put the IP of your Railgun (or proxy) server here
+		# "1.2.3.4";
+	}
+
+
+Mobile Device Optimizaiton
+==========================
+
+Different applications optimize for mobile devices in different ways.  The
+best way is to use an "adaptive" design so that the same HTML is served to
+both desktop and mobile devices.  If your application is "adaptive", then
+no special Varnish config is necessary; all devices will access the same
+objects in the Varnish cache.
+
+However, if your application does serve different content to different
+devices, then you'll need to handle that in Varnish.  Since applications
+do mobile device detection differently, the VCL code included here is
+intentionally limited and simple.  Crafting a custom configuration to handle
+the way your application treats mobile devices will usually give better
+results than using one of the following standard configs.
+
+`lib/mobile_cache.vcl` simply adds the string `mobile` to the hash data to
+give mobile devices a separate cache from non-mobile devices.  This is only
+viable if your application serves just 2 different versions of each page
+depending on if the visitor is on a mobile device or not (and if the
+application uses the same method to detect mobile devices).  Any disagreement
+between `mobile_cache.vcl` and your backend on what User-Agents should be
+considered "mobile" could mean that the incorrect versions of pages are
+served to some visitors.
+
+`lib/mobile_pass.vcl` simply disables caching for mobile devices.  This is
+not good for performance, but will at least will prevent serving the
+incorrect version of pages to mobile visitors.
+
+
+HTTP Purging
+============
+
+Include `lib/purge.vcl` to allow purging pages from the cache using the HTTP
+PURGE method.  This uses the ban feature of varnish and will make bans take
+advantage of Varnish's ban-lurker.  You will need to specify a `purge` ACL
+so that only requests coming from your application are allowed to purge.
+
+Example usage::
+
+	include "lib/purge.vcl";
+
+	acl purge {
+		# include the IP of your app if it isn't on localhost
+		"localhost";
+		"127.0.0.1";
+	}
+
+There are several different possible behaviors of HTTP purging which can be
+controlled with the X-Purge-Method HTTP header.  This config will be smart
+and attempt to automatically pick the best method based on the URL if you
+don't use an X-Purge-Method header.  See the comments in `lib/purge.vcl` for
+details.
+
+
+Static File Caching
+===================
+
+Include `lib/static.vcl` to use a simple set of rules to cache static files.
+This will ignore the query string part of request URLs, and discard all
+cookies for these requests.  This will also cache static files for 24 hours.
+
+The cache behavior for this vcl can be bypassed by adding `nocache` to the
+url.  For example, `http://example.com/foo.jpg?nocache` will always
+retrieve the file from the backend instead of serving from the cache.
+
+
+Big Files
+=========
+
+Varnish cannot cache files larger than the entire cache.  Additionally, a few
+large files could potentially fill up the cache and force many more small
+files to be removed from the cache. Use `lib/bigfiles.vcl` or
+`lib/bigfiles_pipe.vcl` to prevent caching files larger than 10 MB.  This
+size was chosen because this should allow most common website assets to be
+cached.  Files larger than 10 MB such as videos, long podcasts, or binary
+downloads are better suited to be served with a CDN or some server separate
+from your main web application.  This config will still allow Varnish to
+serve these large files, but the files will always be retrieved from the
+backend.
+
+`lib/bigfiles.vcl` marks files with `hit_for_pass` when they are above the
+size threshold.  However this only works in Varnish 3.0.3 or later.  Earlier
+versions of Varnish will instead show an internal server error when this
+method is used.  In the case of these older versions of Varnish, you should
+use `lib/bigfiles_pipe.vcl`, which instead pipes the request.
+
+Your main VCL must have `import std;`.  This import line is not included
+within the files themselves because having an import multiple times in a
+Varnish config (counting all included files) produces a compile error.
+
+Example usage::
+
+	import std;
+	include "lib/bigfiles.vcl";
+

--- /dev/null
+++ b/varnish-conf/default.vcl
@@ -1,1 +1,146 @@
+backend default {
+    .host = "192.168.0.2";
+    .port = "80";
+}
 
+import std;
+
+include "lib/xforward.vcl";
+include "lib/cloudflare.vcl";
+include "lib/purge.vcl";
+include "lib/bigfiles.vcl";
+include "lib/static.vcl";
+
+acl cloudflare {
+    # set this ip to your Railgun IP (if applicable)
+    # "1.2.3.4";
+}
+
+acl purge {
+    "localhost";
+    "127.0.0.1";
+    #"192.168.0.2";
+}
+
+# Pick just one of the following:
+# (or don't use either of these if your application is "adaptive")
+# include "lib/mobile_cache.vcl";
+# include "lib/mobile_pass.vcl";
+
+### WordPress-specific config ###
+sub vcl_recv {
+    # pipe on weird http methods
+    if (req.request !~ "^GET|HEAD|PUT|POST|TRACE|OPTIONS|DELETE$") {
+        return(pipe);
+    }
+
+    # redirect yourdomain.com to www.yourdomain.com
+    if (req.http.host ~ "^yourdomain\.com$") {
+        error 750 "http://www.yourdomain.com" + req.url;
+    }
+
+    # if you use a subdomain for wp-admin, do not cache it
+    if (req.http.host ~ "admin.yourdomain.com") {
+        return(pass);
+    }
+
+    ### Check for reasons to bypass the cache!
+    # never cache anything except GET/HEAD
+    if (req.request != "GET" && req.request != "HEAD") {
+        return(pass);
+    }
+    # don't cache logged-in users or authors
+    if (req.http.Cookie ~ "wp-postpass_|wordpress_logged_in_|comment_author|PHPSESSID") {
+        return(pass);
+    }
+    # don't cache ajax requests
+    if (req.http.X-Requested-With == "XMLHttpRequest") {
+        return(pass);
+    }
+    # don't cache these special pages
+    if (req.url ~ "nocache|wp-admin|wp-(comments-post|login|activate|mail)\.php|bb-admin|server-status|control\.php|bb-login\.php|bb-reset-password\.php|register\.php") {
+        return(pass);
+    }
+
+    ### looks like we might actually cache it!
+    # fix up the request
+    set req.grace = 2m;
+    set req.url = regsub(req.url, "\?replytocom=.*$", "");
+
+    # strip query parameters from all urls (so they cache as a single object)
+    # be carefull using this option
+    #if (req.url ~ "\?.*") {
+    #    set req.url = regsub(req.url, "\?.*", "");
+    #}
+
+    # Remove has_js, Google Analytics __*, and wooTracker cookies.
+    set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|has_js|wooTracker)=[^;]*", "");
+    set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
+    if (req.http.Cookie ~ "^\s*$") {
+        unset req.http.Cookie;
+    }
+
+    return(lookup);
+}
+
+sub vcl_hash {
+    # Add the browser cookie only if a WordPress cookie found.
+    if (req.http.Cookie ~ "wp-postpass_|wordpress_logged_in_|comment_author|PHPSESSID") {
+        hash_data(req.http.Cookie);
+    }
+}
+
+sub vcl_fetch {
+    # make sure grace is at least 2 minutes
+    if (beresp.grace < 2m) {
+        set beresp.grace = 2m;
+    }
+
+    # catch obvious reasons we can't cache
+    if (beresp.http.Set-Cookie) {
+        set beresp.ttl = 0s;
+    }
+
+    # Varnish determined the object was not cacheable
+    if (beresp.ttl <= 0s) {
+        set beresp.http.X-VC-Cacheable = "NO:Not Cacheable";
+        return(hit_for_pass);
+
+    # You don't wish to cache content for logged in users
+    } else if (req.http.Cookie ~ "wp-postpass_|wordpress_logged_in_|comment_author|PHPSESSID") {
+        set beresp.http.X-VC-Cacheable = "NO:Got Session";
+        return(hit_for_pass);
+
+    # You are respecting the Cache-Control=private header from the backend
+    } else if (beresp.http.Cache-Control ~ "private") {
+        set beresp.http.X-VC-Cacheable = "NO:Cache-Control=private";
+        return(hit_for_pass);
+
+    # You are respecting the X-VC-Enabled=true header from the backend
+    } else if (beresp.http.X-VC-Enabled ~ "true") {
+        set beresp.http.X-VC-Cacheable = "YES";
+
+    # Do not cache object
+    } else if (beresp.http.X-VC-Enabled ~ "false") {
+        set beresp.http.X-VC-Cacheable = "NO:Disabled";
+        set beresp.ttl = 0s;
+    }
+
+    # Avoid caching error responses
+    if (beresp.status == 404 || beresp.status >= 500) {
+        set beresp.ttl   = 0s;
+        set beresp.grace = 15s;
+    }
+
+    # Deliver the content
+    return(deliver);
+}
+
+sub vcl_error {
+    if (obj.status == 750) {
+        set obj.http.Location = obj.response;
+        set obj.status = 302;
+        return(deliver);
+    }
+}
+

--- /dev/null
+++ b/varnish-conf/lib/bigfiles.vcl
@@ -1,1 +1,9 @@
+# bigfiles.vcl -- Bypass Cache for Large Files
 
+sub vcl_fetch {
+	# Bypass cache for files > 10 MB
+	if (std.integer(beresp.http.Content-Length, 0) > 10485760) {
+		return (hit_for_pass);
+	}
+}
+

--- /dev/null
+++ b/varnish-conf/lib/bigfiles_pipe.vcl
@@ -1,1 +1,37 @@
+# bigfiles_pipe.vcl -- Pipe for Large Files
+#
+# Copyright (C) 2013 DreamHost (New Dream Network, LLC)
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# You must have "import std;" in your main vcl:
+# import std;
+
+# NOTE: Using restart and pipe is a workaround for a bug in varnish prior to
+# 3.0.3.  In 3.0.3+, hit_for_pass in vcl_fetch is all that is necessary.
+sub vcl_recv {
+	if (req.http.X-Pipe-Big-File && req.restarts > 0) {
+		unset req.http.X-Pipe-Big-File;
+		return (pipe);
+	}
+}
+
+sub vcl_fetch {
+	# Bypass cache for files > 10 MB
+	if (std.integer(beresp.http.Content-Length, 0) > 10485760) {
+		set req.http.X-Pipe-Big-File = "Yes";
+		return (restart);
+	}
+}
+

--- /dev/null
+++ b/varnish-conf/lib/cloudflare.vcl
@@ -1,1 +1,56 @@
+# cloudflare.vcl -- CloudFlare HTTP Headers
+#
+# Copyright (C) 2013 DreamHost (New Dream Network, LLC)
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# This should generally be loaded first to make sure that the headers
+# get set appropriately for all requests.
+
+acl official_cloudflare {
+	# https://www.cloudflare.com/ips-v4
+	"204.93.240.0"/24;
+	"204.93.177.0"/24;
+	"199.27.128.0"/21;
+	"173.245.48.0"/20;
+	"103.21.244.0"/22;
+	"103.22.200.0"/22;
+	"103.31.4.0"/22;
+	"141.101.64.0"/18;
+	"108.162.192.0"/18;
+	"190.93.240.0"/20;
+	"188.114.96.0"/20;
+	"197.234.240.0"/22;
+	"198.41.128.0"/17;
+	"162.158.0.0"/15;
+	# https://www.cloudflare.com/ips-v6
+	"2400:cb00::"/32;
+	"2606:4700::"/32;
+	"2803:f800::"/32;
+	"2405:b500::"/32;
+	"2405:8100::"/32;
+}
+
+sub vcl_recv {
+	# Set the CF-Connecting-IP header
+	# If the client.ip is trusted, we leave the header alone if present.
+	if (req.http.CF-Connecting-IP) {
+		if (client.ip !~ official_cloudflare && client.ip !~ cloudflare) {
+			set req.http.CF-Connecting-IP = client.ip;
+		}
+	} else {
+		set req.http.CF-Connecting-IP = client.ip;
+	}
+}
+

--- /dev/null
+++ b/varnish-conf/lib/mobile_cache.vcl
@@ -1,1 +1,34 @@
+# mobile_cache.vcl -- Separate cache for mobile clients
+#
+# Copyright (C) 2013 DreamHost (New Dream Network, LLC)
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# If the User-Agent looks like a mobile device, then we add the string
+# "mobile" to the hash_data.  This results in mobile devices having
+# a separate cache from non-mobile devices.
+#
+# Note that if the backend does anything more sophisticated than having
+# a "desktop" and a "mobile" version of pages (for example serving one
+# page to iPhones and another to Androids), this will not be desirable.
+# Also if the backend disagrees with this logic as far as what is a
+# "mobile" User-Agent, then we may save the wrong version of pages in
+# the cache.
+sub vcl_hash {
+	# General User-Agent list (anything that remotely looks like a mobile device)
+	if (req.http.User-Agent ~ "(?i)ipod|android|blackberry|phone|mobile|kindle|silk|fennec|tablet|webos|palm|windows ce|nokia|philips|samsung|sanyo|sony|panasonic|ericsson|alcatel|series60|series40|opera mini|opera mobi|au-mic|audiovox|avantgo|blazer|danger|docomo|epoc|ericy|i-mode|ipaq|midp-|mot-|netfront|nitro|pocket|portalmmm|rover|sie-|symbian|cldc-|j2me|up\.browser|up\.link|vodafone|wap1\.|wap2\.") {
+		hash_data("mobile");
+	}
+}
+

--- /dev/null
+++ b/varnish-conf/lib/mobile_pass.vcl
@@ -1,1 +1,36 @@
+# mobile_pass.vcl -- Mobile pass-through support for Varnish
+#
+# Copyright (C) 2013 DreamHost (New Dream Network, LLC)
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# This simply bypasses the cache for anything that looks like a mobile
+# (or tablet) device.
+# Also passes through some requests that are specifically for the WordPress
+# Jetpack mobile plugin.
+sub vcl_recv {
+	# Rules specifically for the Jetpack Mobile module
+	if (req.url ~ "\?(.*&)?(ak_action|app-download)=") {
+		return(pass);
+	}
+	if (req.http.Cookie ~ "(^|;\s*)akm_mobile=") {
+		return(pass);
+	}
+
+	# General User-Agent blacklist (anything that remotely looks like a mobile device)
+	if (req.http.User-Agent ~ "(?i)ipod|android|blackberry|phone|mobile|kindle|silk|fennec|tablet|webos|palm|windows ce|nokia|philips|samsung|sanyo|sony|panasonic|ericsson|alcatel|series60|series40|opera mini|opera mobi|au-mic|audiovox|avantgo|blazer|danger|docomo|epoc|ericy|i-mode|ipaq|midp-|mot-|netfront|nitro|pocket|portalmmm|rover|sie-|symbian|cldc-|j2me|up\.browser|up\.link|vodafone|wap1\.|wap2\.") {
+		return(pass);
+	}
+}
+

--- /dev/null
+++ b/varnish-conf/lib/purge.vcl
@@ -1,1 +1,94 @@
 
+# Regex purging
+# Treat the request URL as a regular expression.
+sub purge_regex {
+    ban("obj.http.X-VC-Req-URL ~ " + req.url + " && obj.http.X-VC-Req-Host == " + req.http.host);
+}
+
+# Exact purging
+# Use the exact request URL (including any query params)
+sub purge_exact {
+    ban("obj.http.X-VC-Req-URL == " + req.url + " && obj.http.X-VC-Req-Host == " + req.http.host);
+}
+
+# Page purging (default)
+# Use the exact request URL, but ignore any query params
+sub purge_page {
+    set req.url = regsub(req.url, "\?.*$", "");
+    ban("obj.http.X-VC-Req-URL-Base == " + req.url + " && obj.http.X-VC-Req-Host == " + req.http.host);
+}
+
+# The purge behavior can be controlled with the X-VC-Purge-Method header.
+#
+# Setting the X-VC-Purge-Method header to contain "regex" or "exact" will use
+# those respective behaviors.  Any other value for the X-Purge header will
+# use the default ("page") behavior.
+#
+# The X-VC-Purge-Method header is not case-sensitive.
+#
+# If no X-VC-Purge-Method header is set, the request url is inspected to attempt
+# a best guess as to what purge behavior is expected.  This should work for
+# most cases, although if you want to guarantee some behavior you should
+# always set the X-VC-Purge-Method header.
+
+sub vcl_recv {
+    if (req.request == "PURGE") {
+        if (req.http.X-VC-Purge-Key == "ff93c3cb929cee86901c7eefc8088e9511c005492c6502a930360c02221cf8f4") {
+            set req.http.X-VC-Purge-Key-Auth = "true";
+        } else {
+            set req.http.X-VC-Purge-Key-Auth = "false";
+        }
+        if (client.ip !~ purge && req.http.X-VC-Purge-Key-Auth != "true") {
+            error 405 "Not allowed from " + client.ip;
+        }
+
+        if (req.http.X-VC-Purge-Method) {
+            if (req.http.X-VC-Purge-Method ~ "(?i)regex") {
+                call purge_regex;
+            } elsif (req.http.X-VC-Purge-Method ~ "(?i)exact") {
+                call purge_exact;
+            } else {
+                call purge_page;
+            }
+        } else {
+            # No X-Purge-Method header was specified.
+            # Do our best to figure out which one they want.
+            if (req.url ~ "\.\*" || req.url ~ "^\^" || req.url ~ "\$$" || req.url ~ "\\[.?*+^$|()]") {
+                call purge_regex;
+            } elsif (req.url ~ "\?") {
+                call purge_exact;
+            } else {
+                call purge_page;
+            }
+        }
+        error 200 "Purged " + req.url + " " + req.http.host;
+    }
+}
+
+sub vcl_fetch {
+    set beresp.http.X-VC-Req-Host = req.http.host;
+    set beresp.http.X-VC-Req-URL = req.url;
+    set beresp.http.X-VC-Req-URL-Base = regsub(req.url, "\?.*$", "");
+}
+
+sub vcl_deliver {
+    unset resp.http.X-VC-Req-Host;
+    unset resp.http.X-VC-Req-URL;
+    unset resp.http.X-VC-Req-URL-Base;
+
+    if (obj.hits > 0) {
+        set resp.http.X-VC-Cache = "HIT";
+    } else {
+        set resp.http.X-VC-Cache = "MISS";
+    }
+
+    if (resp.http.X-VC-Debug ~ "true") {
+        set resp.http.X-VC-Hash = req.url+"#"+req.http.host;
+    } else {
+        unset resp.http.X-VC-Debug;
+        unset resp.http.X-VC-Enabled;
+        unset resp.http.X-VC-Cacheable;
+        unset resp.http.X-VC-Purge-Key-Auth;
+    }
+}
+

--- /dev/null
+++ b/varnish-conf/lib/static.vcl
@@ -1,1 +1,26 @@
+# static.vcl -- Static File Caching for Varnish
 
+sub vcl_recv {
+	if (req.request ~ "^(GET|HEAD)$" && req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)(\?.*)?$") {
+		# disable this if you want
+		if (req.url ~ "nocache") {
+			return(pass);
+		}
+		set req.url = regsub(req.url, "\?.*$", "");
+		unset req.http.Cookie;
+		set req.grace = 2m;
+		return(lookup);
+	}
+}
+
+sub vcl_fetch {
+	if (req.request ~ "^(GET|HEAD)$" && req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") {
+		# unset cookie only if no http auth is requested
+		if (!req.http.Authorization) {
+			unset beresp.http.set-cookie;
+		}
+		set beresp.ttl = 24h;
+		set beresp.grace = 2m;
+	}
+}
+

--- /dev/null
+++ b/varnish-conf/lib/xforward.vcl
@@ -1,1 +1,66 @@
+# xforward.vcl -- X-Forwarded-For HTTP Headers
+#
+# Copyright (C) 2013 DreamHost (New Dream Network, LLC)
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+# This file contains some of the default VCL code.  Original copyright
+# and license:
 
+/*
+ * Copyright (c) 2006 Verdens Gang AS
+ * Copyright (c) 2006-2011 Varnish Software AS
+ * All rights reserved.
+ *
+ * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+# This should generally be loaded first to make sure that the headers
+# get set appropriately for all requests.  Note that when using this
+# you MUST NOT fall through to the VCL default handler for vcl_recv
+# since that will run the code again, resulting in the client.ip
+# being added twice.
+sub vcl_recv {
+#	if (req.restarts == 0) {
+		if (req.http.X-Forwarded-For) {
+			set req.http.X-Forwarded-For =
+				req.http.X-Forwarded-For + ", " + client.ip;
+		} else {
+			set req.http.X-Forwarded-For = client.ip;
+		}
+#	}
+}
+

file:b/wp-cli.php (new)
--- /dev/null
+++ b/wp-cli.php
@@ -1,1 +1,35 @@
+<?php
 
+if (!defined('ABSPATH')) {
+    die();
+}
+
+if (!defined('WP_CLI')) return;
+
+/**
+ * Purges Varnish Cache
+ */
+class WP_CLI_VarnishCacheing_Purge_Command extends WP_CLI_Command {
+
+    public function __construct() {
+        $this->varnish_cacheing = new VarnishCacheing();
+    }
+
+    /**
+     * Forces a Varnish Purge
+     *
+     * ## EXAMPLES
+     *
+     *     wp varnish purge
+     *
+     */
+    public function purge() {
+        wp_create_nonce('varnish-http-purge-cli');
+        $this->varnish_cacheing->purgeUrl(home_url() .'/?vhp-regex');
+        WP_CLI::success('The Varnish cache was purged.');
+    }
+
+}
+
+WP_CLI::add_command('varnish', 'WP_CLI_VarnishCacheing_Purge_Command');
+

comments