Defined Type: varnish::wikimedia_vcl

Defined in:
modules/varnish/manifests/wikimedia_vcl.pp

Summary

resource to create a vcl file

Overview

Parameters:

  • varnish_testing (Boolean) (defaults to: false)

    indicate if this is a testing environment

  • vcl_config (Hash) (defaults to: {})

    A hash if vcl config

  • backend_caches (Array) (defaults to: [])

    list of backend caches

  • backend_options (Hash) (defaults to: {})

    hash of backend configs

  • dynamic_backend_caches (Boolean) (defaults to: true)

    set to true if dynamic backend caches

  • generate_extra_vcl (Boolean) (defaults to: false)

    set to true to generate extra vcl

  • is_separate_vcl (Boolean) (defaults to: false)
  • etcd_filters (Boolean) (defaults to: false)

    pull in dynamic rules from etcd

  • ip_reputation (Boolean) (defaults to: false)

    if true, load the ip reputation maps.

  • wikimedia_nets (Array) (defaults to: [])

    wikimedia owned networks

  • wikimedia_trust (Array) (defaults to: [])

    wikimedia owned trusted

  • wikimedia_domains (Array[Stdlib::Fqdn]) (defaults to: [])

    wikimedia production owned domains

  • wmcs_domains (Array[Stdlib::Fqdn]) (defaults to: [])

    wikimedia cloud services owned domains

  • template_path (Optional[String]) (defaults to: undef)

    path t the template

  • vcl (Optional[String]) (defaults to: undef)

    name of vcl include

  • privileged_uds (Stdlib::Unixpath) (defaults to: '/run/varnish-privileged.socket') 


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'modules/varnish/manifests/wikimedia_vcl.pp', line 17

define varnish::wikimedia_vcl(
    Boolean             $varnish_testing        = false,
    Hash                $vcl_config             = {},
    Array               $backend_caches         = [],
    Hash                $backend_options        = {},
    Boolean             $dynamic_backend_caches = true,
    Boolean             $generate_extra_vcl     = false,
    Boolean             $is_separate_vcl        = false,
    Boolean             $etcd_filters           = false,
    Boolean             $ip_reputation          = false,
    Array               $wikimedia_nets         = [],
    Array               $wikimedia_trust        = [],
    Array[Stdlib::Fqdn] $wikimedia_domains      = [],
    Array[Stdlib::Fqdn] $wmcs_domains           = [],
    Optional[String]    $template_path          = undef,
    Optional[String]    $vcl                    = undef,
    Stdlib::Unixpath    $privileged_uds         = '/run/varnish-privileged.socket',
) {
    if !$generate_extra_vcl and $template_path == undef {
        fail('must provide template_path unless generate_extra_vcl true')
    }
    if $varnish_testing  {
        $netmapper_dir = '/usr/share/varnish/tests'
        $vcl_ip = '10.128.0.129'
    } else {
        $netmapper_dir = '/var/netmapper'
        $vcl_ip = $facts['ipaddress']
    }

    # Hieradata switch to shut users out of a DC/cluster. T129424
    $traffic_shutdown = lookup('cache::traffic_shutdown', {'default_value' => false})
    $wikimedia_domains_regex = $wikimedia_domains.regexpescape.join('|')
    $wmcs_domains_regex = $wmcs_domains.regexpescape.join('|')

    if $generate_extra_vcl {
        $extra_vcl_name = regsubst($title, '^([^ ]+) .*$', '\1')
        $extra_vcl_filename = "/etc/varnish/${extra_vcl_name}.inc.vcl"
        if !defined(File[$extra_vcl_filename]) {
            file { $extra_vcl_filename:
                owner   => 'root',
                group   => 'root',
                mode    => '0444',
                content => template("varnish/${extra_vcl_name}.inc.vcl.erb"),
            }
        }
    } else {
        file { $title:
            owner   => 'root',
            group   => 'root',
            mode    => '0444',
            content => template($template_path),
            notify  => $notify,
            require => $require,
            before  => $before,
        }
    }
}