[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#32771] [PATCH 2/2] services: Add Varnish service.
|
From: |
Marius Bakke |
|
Subject: |
[bug#32771] [PATCH 2/2] services: Add Varnish service. |
|
Date: |
Wed, 19 Sep 2018 15:30:27 +0200 |
* gnu/services/web.scm (<varnish-configuration>): New record type.
(%varnish-accounts, %varnish-activation, varnish-service-type): New variables.
(varnish-shepherd-service): New procedure.
* gnu/tests/web.scm (%varnish-vcl, %varnish-os): New variables.
(%test-varnish): New test.
* doc/guix.texi (Web Services): Document it.
---
doc/guix.texi | 82 +++++++++++++++++++++++++++++++++
gnu/services/web.scm | 107 ++++++++++++++++++++++++++++++++++++++++++-
gnu/tests/web.scm | 41 +++++++++++++++++
3 files changed, 229 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 8987b20fa..543b7d4f7 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -16709,6 +16709,88 @@ body of a named location block cannot contain location
blocks.
@end table
@end deftp
address@hidden Varnish Cache
address@hidden Varnish
+Varnish is a fast cache server that sits in between web applications
+and end users. It proxies requests from clients and caches the
+accessed URLs such that multiple requests for the same resource only
+creates one request to the back-end.
+
address@hidden {Scheme Variable} varnish-service-type
+A service type for the Varnish daemon.
address@hidden defvr
+
address@hidden {Data Type} varnish-configuration
+Data type representing the @code{varnish} service configuration.
+This type has the following parameters:
+
address@hidden @asis
address@hidden @code{package} (default: @code{varnish})
+The Varnish package to use.
+
address@hidden @code{name} (default: @code{"default"})
+A name for this Varnish instance. Varnish will create a directory in
address@hidden/var/varnish/} with this name and keep temporary files there. If
+the name starts with a forward slash, it is interpreted as an absolute
+directory name.
+
+Pass the @code{-n} argument to other Varnish programs to connect to the
+named instance, e.g. @command{varnishncsa -n default}.
+
address@hidden @code{backend} (default: @code{"localhost:8080"})
+The backend to use. This option has no effect if @code{vcl} is set.
+
address@hidden @code{vcl} (default: #f)
+The @dfn{VCL} (Varnish Configuration Language) program to run. If this
+is @code{#f}, Varnish will proxy @code{backend} using the default
+configuration. Otherwise this must be a file-like object with valid
+VCL syntax.
+
address@hidden Varnish does not support HTTPS, so keep this URL to avoid
confusion.
+For example, to mirror @url{http://www.gnu.org,www.gnu.org} with VCL you
+can do something along these lines:
+
address@hidden
+(define %gnu-mirror
+ (plain-file
+ "gnu.vcl"
+ "vcl 4.1;
+backend gnu @{ .host = "www.gnu.org"; @}"))
+
+(operating-system
+ ...
+ (services (cons (service varnish-service-type
+ (varnish-configuration
+ (listen '(":80"))
+ (vcl %gnu-mirror)))
+ %base-services)))
address@hidden example
+
+The configuration of an already running Varnish instance can be inspected
+and changed using the @command{varnishadm} program.
+
+Consult the @url{https://varnish-cache.org/docs/,Varnish User Guide} and
address@hidden://book.varnish-software.com/4.0/,Varnish Book} for
+comprehensive documentation on Varnish and its configuration language.
+
address@hidden @code{listen} (default: @code{'("localhost:80")})
+List of addresses Varnish will listen on.
+
address@hidden @code{storage} (default: @code{'()})
+List of storage backends that will be available in VCL. The first backend
+becomes the default. If left empty, Varnish will choose
address@hidden'("malloc,unlimited")}.
+
address@hidden @code{parameters} (default: @code{'()})
+List of run-time parameters in the form @code{'(("parameter" . "value"))}.
+
address@hidden @code{extra-options} (default: @code{'()})
+Additional arguments to pass to the @command{varnishd} process.
+
address@hidden table
address@hidden deftp
+
address@hidden FastCGI
@cindex fastcgi
@cindex fcgiwrap
FastCGI is an interface between the front-end and the back-end of a web
diff --git a/gnu/services/web.scm b/gnu/services/web.scm
index 1c38e7d8d..52358acce 100644
--- a/gnu/services/web.scm
+++ b/gnu/services/web.scm
@@ -8,6 +8,7 @@
;;; Copyright © 2017, 2018 Clément Lassieur <address@hidden>
;;; Copyright © 2018 Pierre-Antoine Rouby <address@hidden>
;;; Copyright © 2017 Christopher Baines <address@hidden>
+;;; Copyright © 2018 Marius Bakke <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -190,7 +191,21 @@
tailon-configuration-config-file
tailon-configuration-package
- tailon-service-type))
+ tailon-service-type
+
+ <varnish-configuration>
+ varnish-configuration
+ varnish-configuration?
+ varnish-configuration-package
+ varnish-configuration-name
+ varnish-configuration-backend
+ varnish-configuration-vcl
+ varnish-configuration-listen
+ varnish-configuration-storage
+ varnish-configuration-parameters
+ varnish-configuration-extra-options
+
+ varnish-service-type))
;;; Commentary:
;;;
@@ -1162,3 +1177,93 @@ files.")
(files (append (tailon-configuration-file-files
old-config-file)
files))))))))
(default-value (tailon-configuration))))
+
+�
+;;;
+;;; Varnish
+;;;
+
+(define-record-type* <varnish-configuration>
+ varnish-configuration make-varnish-configuration
+ varnish-configuration?
+ (package varnish-configuration-package ;<package>
+ (default varnish))
+ (name varnish-configuration-name ;string
+ (default "default"))
+ (backend varnish-configuration-backend ;string
+ (default "localhost:8080"))
+ (vcl varnish-configuration-vcl ;#f | <file-like>
+ (default #f))
+ (listen varnish-configuration-listen ;list of strings
+ (default '("localhost:80")))
+ (storage varnish-configuration-storage ;list of strings
+ (default '()))
+ (parameters varnish-configuration-parameters ;list of pairs
+ (default '()))
+ (extra-options varnish-configuration-extra-options ;list of strings
+ (default '())))
+
+(define %varnish-accounts
+ (list (user-group
+ (name "varnish")
+ (system? #t))
+ (user-account
+ (name "varnish")
+ (group "varnish")
+ (system? #t)
+ (comment "Varnish Cache User")
+ (home-directory "/var/varnish")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+(define %varnish-activation
+ #~(begin
+ (use-modules (guix build utils))
+ (let ((home-dir "/var/varnish")
+ (user (getpwnam "varnish")))
+ (mkdir-p home-dir)
+ (chown home-dir (passwd:uid user) (passwd:gid user))
+ (chmod home-dir #o755))))
+
+(define varnish-shepherd-service
+ (match-lambda
+ (($ <varnish-configuration> package name backend vcl listen storage
+ parameters extra-options)
+ (list (shepherd-service
+ (provision (list (symbol-append 'varnish- (string->symbol name))))
+ (documentation (string-append "The Varnish Web Accelerator"
+ " (" name ")"))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/varnishd")
+ "-n" #$name
+ #$@(if vcl
+ #~("-f" #$vcl)
+ #~("-b" #$backend))
+ #$@(append-map (lambda (a) (list "-a" a)) listen)
+ #$@(append-map (lambda (s) (list "-s" s)) storage)
+ #$@(append-map (lambda (p)
+ (list "-p" (format #f "~a=~a"
+ (car p) (cdr
p))))
+ parameters)
+ address@hidden)
+ ;; Varnish will drop privileges to the "varnish" user
when
+ ;; it exists. Not passing #:user here allows the service
+ ;; to bind to ports < 1024.
+ #:pid-file (if (string-prefix? "/" #$name)
+ (string-append #$name "/_.pid")
+ (string-append "/var/varnish/" #$name
"/_.pid"))))
+ (stop #~(make-kill-destructor)))))))
+
+(define varnish-service-type
+ (service-type
+ (name 'varnish)
+ (description "Run the Varnish cache server.")
+ (extensions
+ (list (service-extension account-service-type
+ (const %varnish-accounts))
+ (service-extension activation-service-type
+ (const %varnish-activation))
+ (service-extension shepherd-root-service-type
+ varnish-shepherd-service)))
+ (default-value
+ (varnish-configuration))))
diff --git a/gnu/tests/web.scm b/gnu/tests/web.scm
index 45fcb668f..bcc919137 100644
--- a/gnu/tests/web.scm
+++ b/gnu/tests/web.scm
@@ -32,6 +32,7 @@
#:use-module (guix store)
#:export (%test-httpd
%test-nginx
+ %test-varnish
%test-php-fpm
%test-hpcguix-web
%test-tailon))
@@ -168,6 +169,46 @@ HTTP-PORT."
#:log-file "/var/log/nginx/access.log"))))
�
+;;;
+;;; Varnish
+;;;
+
+(define %varnish-vcl
+ (mixed-text-file
+ "varnish-test.vcl"
+ "vcl 4.0;
+backend dummy { .host = \"127.1.1.1\"; }
+sub vcl_recv { return(synth(200, \"OK\")); }
+sub vcl_synth {
+ synthetic(\"" %index.html-contents "\");
+ set resp.http.Content-Type = \"text/plain\";
+ return(deliver);
+}"))
+
+(define %varnish-os
+ (simple-operating-system
+ (dhcp-client-service)
+ ;; Pretend to be a web server that serves %index.html-contents.
+ (service varnish-service-type
+ (varnish-configuration
+ (name "/tmp/server")
+ ;; Use a small VSL buffer to fit in the test VM.
+ (parameters '(("vsl_space" . "4M")))
+ (vcl %varnish-vcl)))
+ ;; Proxy the "server" using the builtin configuration.
+ (service varnish-service-type
+ (varnish-configuration
+ (parameters '(("vsl_space" . "4M")))
+ (backend "localhost:80")
+ (listen '(":8080"))))))
+
+(define %test-varnish
+ (system-test
+ (name "varnish")
+ (description "Test the Varnish Cache server.")
+ (value (run-webserver-test "varnish-default" %varnish-os))))
+
+�
;;;
;;; PHP-FPM
;;;
--
2.19.0