dz0ny · January 6, 2012 14:38
diff --git a/nginx.conf b/nginx.conf
 user www-data;
 worker_processes 1;
 pid /var/run/nginx.pid;

 events {
 	worker_connections 768;
 	multi_accept on;
 	use epoll;
 }

 http {

 	##
 	# Basic Settings
 	##

 	sendfile on;
 	tcp_nopush on;
 	tcp_nodelay on;
 	keepalive_timeout 30;
 	server_tokens off;
 	access_log off;
 	client_max_body_size 100M;
 	client_body_timeout 60;
 	client_header_timeout 60;
 	send_timeout 60;
 	reset_timedout_connection on;

 	##
 	# Real ip for PHP from Varnish
 	##

 	set_real_ip_from 127.0.0.1;
 	real_ip_header X-Forwarded-For;

 	##
 	# Logging Settings
 	##

 	access_log /dev/null;
 	error_log /dev/null;

 	##
 	# Gzip Settings
 	##

 	gzip on;
 	gzip_disable "MSIE [1-6].(?!.*SV1)";
 	gzip_vary on;
 	gzip_static on;
 	gzip_proxied any;
 	gzip_comp_level 9;
 	gzip_buffers 16 8k;
 	gzip_http_version 1.1;
 	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;

 	#FCGI PHP
 	upstream php { server 127.0.0.1:9000; }

 	##
 	# Virtual Host Configs
 	##

 	include /etc/nginx/conf.d/*.conf;
 	include /etc/nginx/sites-enabled/*;
 }
diff --git a/wordpress_wpt_touch_onswipe.vcl b/wordpress_wpt_touch_onswipe.vcl
 # Set the default backend (Nginx server for me)
 backend default {
  # My Nginx server listen on IP address 127.0.0.1 and TCP port 8080
  .host = "localhost";
  .port = "80";
  .first_byte_timeout = 300s;
 }

 # Purge ACL
 acl purge {
        "127.0.0.1";
 }

 # This function is used when a request is send by a HTTP client (Browser) 
 # !!! Replace: blog.nicolargo.com by your own URL !!!
 sub vcl_recv {

  call detect_device;

  #nginx&php-fpm fix
  set req.http.X-Forwarded-For = client.ip;
  set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");

  # Allow purging from ACL
  if (req.request == "PURGE") {
    # If not allowed then a error 405 is returned
    if (!client.ip ~ purge) {
      error 405 "This IP is not allowed to send PURGE requests.";
    } 
    # If allowed, do a cache_lookup -> vlc_hit() or vlc_miss()
    return (lookup);
  }

  # Post requests will not be cached
  if (req.request == "POST") {
    return (pass);
  }

  # --- Wordpress specific configuration

  # Did not cache the RSS feed
  if (req.url ~ "/feed") {
      return (pass);
  }

  # Did not cache the admin and login pages
  if (req.url ~ "/wp-(login|admin)") {
    return (pass);
  }

  // server1 must handle file uploads
  if (req.url ~ "media-upload.php" || req.url ~ "file.php" || req.url ~ "async-upload.php") {
    return(pass);
  }

  // do not cache xmlrpc.php
  if (req.url ~ "xmlrpc.php") {
    return(pass);
  }
   
  // strip cookies from xmlrpc
  if (req.request == "GET" && req.url ~ "xmlrpc.php"){
      remove req.http.cookie;return(pass);
  }

  # Remove the "has_js" cookie
  set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");

  # Remove any Google Analytics based cookies
  set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");

  # Remove the Quant Capital cookies (added by some plugin, all __qca)
  set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", "");

  # Remove the wp-settings-1 cookie
  set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", "");

  # Remove the wp-settings-time-1 cookie
  set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", "");

  # Remove the wp test cookie
  set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", "");

  # Are there cookies left with only spaces or that are empty?
  if (req.http.cookie ~ "^ *$") {
        unset req.http.cookie;
  }
  
  if (req.http.Accept-Encoding) {
    # Do no compress compressed files...
    if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
          remove req.http.Accept-Encoding;
    } elsif (req.http.Accept-Encoding ~ "gzip") {
          set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
          set req.http.Accept-Encoding = "deflate";
    } else {
      remove req.http.Accept-Encoding;
    }
  }

  # Cache the following files extensions 
  if (req.url ~ "\.(css|js|png|gif|jp(e)?g)") {
    unset req.http.cookie;
  }

  # Check the cookies for wordpress-specific items
  if (req.http.Cookie ~ "wordpress_" || req.http.Cookie ~ "comment_") {
    return (pass);
  }
  if (!req.http.cookie) {
    unset req.http.cookie;
  }
  
  # --- End of Wordpress specific configuration

  # Did not cache HTTP authentication and HTTP Cookie
  if (req.http.Authorization || req.http.Cookie) {
    # Not cacheable by default
    return (pass);
  }
  
  # Cache all others requests
  return (lookup);
 }
 
 sub vcl_pipe {
  return (pipe);
 }
 
 sub vcl_pass {
  return (pass);
 }
 
 # The data on which the hashing will take place
 sub vcl_hash {
  hash_data(req.url);
  if (req.http.host) {
      hash_data(req.http.host);
  } else {
      hash_data(server.ip);
  }

  # ensure separate cache for mobile clients (WPTouch workaround)
  if (req.http.X-Device ~ "smart" || req.http.X-Device ~ "other") {
    hash_data(req.http.X-Device);
  } 

  # If the client supports compression, keep that in a different cache
  if (req.http.Accept-Encoding) {
    hash_data(req.http.Accept-Encoding);
  }
  return (hash);
 }

 sub detect_device {
  # Define the desktop device and ipad
  set req.http.X-Device = "desktop";

  if (req.http.User-Agent ~ "iP(hone|od)" || req.http.User-Agent ~ "Android" ) {
    # Define smartphones and tablets
    set req.http.X-Device = "smart";
  }

  elseif (req.http.User-Agent ~ "SymbianOS" || req.http.User-Agent ~ "^BlackBerry" || req.http.User-Agent ~ "^SonyEricsson" || req.http.User-Agent ~ "^Nokia" || req.http.User-Agent ~ "^SAMSUNG" || req.http.User-Agent ~ "^LG") {
    # Define every other mobile device
    set req.http.X-Device = "other";
  }
 }

 sub vcl_hit {
  # Allow purges
  if (req.request == "PURGE") {
    purge;
    error 200 "Purged.";
  }

  return (deliver);
 }
 
 sub vcl_miss {
  # Allow purges
  if (req.request == "PURGE") {
    purge;
    error 200 "Purged.";
  }
        
  return (fetch);
 }

 # This function is used when a request is sent by our backend (Nginx server)
 sub vcl_fetch {
  # For static content related to the theme, strip all backend cookies
  if (req.url ~ "\.(css|js|png|gif|jp(e?)g)") {
    unset beresp.http.cookie;
  }

  # A TTL of 30 minutes
  set beresp.ttl = 1800s;
  
  return (deliver);
 }
 
 # The routine when we deliver the HTTP request to the user
 # Last chance to modify headers that are sent to the client
 sub vcl_deliver {

  set resp.http.X-Served-By = server.hostname;
  if (obj.hits > 0) {
    set resp.http.X-Cache = "HIT";  
    set resp.http.X-Cache-Hits = obj.hits;
  } else {
    set resp.http.X-Cache = "MISS"; 
  }
  unset resp.http.Via;
  unset resp.http.X-Varnish;

  # Remove some headers: PHP version
  unset resp.http.X-Powered-By;

  return (deliver);
 }
 
 sub vcl_init {
  return (ok);
 }
 
 sub vcl_fini {
  return (ok);
 }
	user www-data;
	worker_processes 1;
	pid /var/run/nginx.pid;

	events {
	worker_connections 768;
	multi_accept on;
	use epoll;
	}

	http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 30;
	server_tokens off;
	access_log off;
	client_max_body_size 100M;
	client_body_timeout 60;
	client_header_timeout 60;
	send_timeout 60;
	reset_timedout_connection on;

	##
	# Real ip for PHP from Varnish
	##

	set_real_ip_from 127.0.0.1;
	real_ip_header X-Forwarded-For;

	##
	# Logging Settings
	##

	access_log /dev/null;
	error_log /dev/null;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "MSIE [1-6].(?!.*SV1)";
	gzip_vary on;
	gzip_static on;
	gzip_proxied any;
	gzip_comp_level 9;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	#FCGI PHP
	upstream php { server 127.0.0.1:9000; }

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
	}
	# Set the default backend (Nginx server for me)
	backend default {
	# My Nginx server listen on IP address 127.0.0.1 and TCP port 8080
	.host = "localhost";
	.port = "80";
	.first_byte_timeout = 300s;
	}

	# Purge ACL
	acl purge {
	"127.0.0.1";
	}

	# This function is used when a request is send by a HTTP client (Browser)
	# !!! Replace: blog.nicolargo.com by your own URL !!!
	sub vcl_recv {

	call detect_device;

	#nginx&php-fpm fix
	set req.http.X-Forwarded-For = client.ip;
	set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");

	# Allow purging from ACL
	if (req.request == "PURGE") {
	# If not allowed then a error 405 is returned
	if (!client.ip ~ purge) {
	error 405 "This IP is not allowed to send PURGE requests.";
	}
	# If allowed, do a cache_lookup -> vlc_hit() or vlc_miss()
	return (lookup);
	}

	# Post requests will not be cached
	if (req.request == "POST") {
	return (pass);
	}

	# --- Wordpress specific configuration

	# Did not cache the RSS feed
	if (req.url ~ "/feed") {
	return (pass);
	}

	# Did not cache the admin and login pages
	if (req.url ~ "/wp-(login\|admin)") {
	return (pass);
	}

	// server1 must handle file uploads
	if (req.url ~ "media-upload.php" \|\| req.url ~ "file.php" \|\| req.url ~ "async-upload.php") {
	return(pass);
	}

	// do not cache xmlrpc.php
	if (req.url ~ "xmlrpc.php") {
	return(pass);
	}

	// strip cookies from xmlrpc
	if (req.request == "GET" && req.url ~ "xmlrpc.php"){
	remove req.http.cookie;return(pass);
	}

	# Remove the "has_js" cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");

	# Remove any Google Analytics based cookies
	set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");

	# Remove the Quant Capital cookies (added by some plugin, all __qca)
	set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", "");

	# Remove the wp-settings-1 cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", "");

	# Remove the wp-settings-time-1 cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", "");

	# Remove the wp test cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", "");

	# Are there cookies left with only spaces or that are empty?
	if (req.http.cookie ~ "^ *$") {
	unset req.http.cookie;
	}

	if (req.http.Accept-Encoding) {
	# Do no compress compressed files...
	if (req.url ~ "\.(jpg\|png\|gif\|gz\|tgz\|bz2\|tbz\|mp3\|ogg)$") {
	remove req.http.Accept-Encoding;
	} elsif (req.http.Accept-Encoding ~ "gzip") {
	set req.http.Accept-Encoding = "gzip";
	} elsif (req.http.Accept-Encoding ~ "deflate") {
	set req.http.Accept-Encoding = "deflate";
	} else {
	remove req.http.Accept-Encoding;
	}
	}

	# Cache the following files extensions
	if (req.url ~ "\.(css\|js\|png\|gif\|jp(e)?g)") {
	unset req.http.cookie;
	}

	# Check the cookies for wordpress-specific items
	if (req.http.Cookie ~ "wordpress_" \|\| req.http.Cookie ~ "comment_") {
	return (pass);
	}
	if (!req.http.cookie) {
	unset req.http.cookie;
	}

	# --- End of Wordpress specific configuration

	# Did not cache HTTP authentication and HTTP Cookie
	if (req.http.Authorization \|\| req.http.Cookie) {
	# Not cacheable by default
	return (pass);
	}

	# Cache all others requests
	return (lookup);
	}

	sub vcl_pipe {
	return (pipe);
	}

	sub vcl_pass {
	return (pass);
	}

	# The data on which the hashing will take place
	sub vcl_hash {
	hash_data(req.url);
	if (req.http.host) {
	hash_data(req.http.host);
	} else {
	hash_data(server.ip);
	}

	# ensure separate cache for mobile clients (WPTouch workaround)
	if (req.http.X-Device ~ "smart" \|\| req.http.X-Device ~ "other") {
	hash_data(req.http.X-Device);
	}

	# If the client supports compression, keep that in a different cache
	if (req.http.Accept-Encoding) {
	hash_data(req.http.Accept-Encoding);
	}
	return (hash);
	}

	sub detect_device {
	# Define the desktop device and ipad
	set req.http.X-Device = "desktop";

	if (req.http.User-Agent ~ "iP(hone\|od)" \|\| req.http.User-Agent ~ "Android" ) {
	# Define smartphones and tablets
	set req.http.X-Device = "smart";
	}

	elseif (req.http.User-Agent ~ "SymbianOS" \|\| req.http.User-Agent ~ "^BlackBerry" \|\| req.http.User-Agent ~ "^SonyEricsson" \|\| req.http.User-Agent ~ "^Nokia" \|\| req.http.User-Agent ~ "^SAMSUNG" \|\| req.http.User-Agent ~ "^LG") {
	# Define every other mobile device
	set req.http.X-Device = "other";
	}
	}

	sub vcl_hit {
	# Allow purges
	if (req.request == "PURGE") {
	purge;
	error 200 "Purged.";
	}

	return (deliver);
	}

	sub vcl_miss {
	# Allow purges
	if (req.request == "PURGE") {
	purge;
	error 200 "Purged.";
	}

	return (fetch);
	}

	# This function is used when a request is sent by our backend (Nginx server)
	sub vcl_fetch {
	# For static content related to the theme, strip all backend cookies
	if (req.url ~ "\.(css\|js\|png\|gif\|jp(e?)g)") {
	unset beresp.http.cookie;
	}

	# A TTL of 30 minutes
	set beresp.ttl = 1800s;

	return (deliver);
	}

	# The routine when we deliver the HTTP request to the user
	# Last chance to modify headers that are sent to the client
	sub vcl_deliver {

	set resp.http.X-Served-By = server.hostname;
	if (obj.hits > 0) {
	set resp.http.X-Cache = "HIT";
	set resp.http.X-Cache-Hits = obj.hits;
	} else {
	set resp.http.X-Cache = "MISS";
	}
	unset resp.http.Via;
	unset resp.http.X-Varnish;

	# Remove some headers: PHP version
	unset resp.http.X-Powered-By;

	return (deliver);
	}

	sub vcl_init {
	return (ok);
	}

	sub vcl_fini {
	return (ok);
	}