Installing Varnish on OpenBSD
Installing Varnish Cache:
Want to install Varnish on OpenBSD? First let’s check our variable $PKG_PATH since we’re using OpenBSD ports:
All good! Now let’s install it running:
sudo pkg_add varnish
Password: quirks-2.54 signed on 2015-03-08T12:33:05Z useradd: Warning: home directory `/var/varnish' doesn't exist, and -m was not specified varnish-4.0.2: ok The following new rcscripts were installed: /etc/rc.d/varnishd See rcctl(8) for details. --- +varnish-4.0.2 ------------------- Varnish has a default configuration built in, however see vcl(7) or the following link for more information: http://www.varnish-cache.org/wiki/VCLExamples and for further information: https://www.varnish-cache.org/docs/4.0/
Since I’m using httpd as webserver on my OpenBSD (no, it’s not apache) it’s their own webserver. I had to change the default 80 port to 8080. I’m not gonna cover the binding to 8080 only for local network but you must think about it to avoid someone bypassing your varnish.
Block 8080 from external access using firewall:
Let’s setup a quick firewall rule on your Packet Filter (pf) to block all incoming traffic on port 8080. Let’s edit our pf.conf
sudo vim /etc/pf.conf
And add the rule bellow:
block in on vio0 proto tcp to port 8080
Then you need to reload your pf with:
sudo pfctl -f /etc/pf.conf
You can verify the rules your pf is using with:
sudo pfctl -sr
To start your varnish, you can use the example config coming out of the box
with varnish. The file
/etc/varnish/example.vcl doesn’t have actually
any real rules or config. It’s a nice point of start to forward connections
into your backend running your webserver.
sudo varnishd -f /etc/varnish/example.vcl
I’m probably gonna start studying about varnish from now. Keep in touch to read some posts about it. If you have questions please message me. My contact information on about link.