buluma.varnish

Ansible Role Varnish

Varnish for Linux.

GitHub	Version	Issues	Pull Requests	Downloads

Example Playbook

This example comes from molecule/default/converge.yml and gets tested on every push, pull request, and release.

---
- name: Converge
  hosts: all
  become: true
  gather_facts: true
  vars:
    varnish_apt_use_packagecloud: false

  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=yes cache_valid_time=600
      when: ansible_os_family == 'Debian'
      changed_when: false

    - name: Check if python3.11 EXTERNALLY-MANAGED file exists
      ansible.builtin.stat:
        path: /usr/lib/python3.11/EXTERNALLY-MANAGED
      register: externally_managed_file_py311

    - name: Rename python3.11 EXTERNALLY-MANAGED file if it exists
      ansible.builtin.command:
        cmd: mv /usr/lib/python3.11/EXTERNALLY-MANAGED /usr/lib/python3.11/EXTERNALLY-MANAGED.old
      when: externally_managed_file_py311.stat.exists
      args:
        creates: /usr/lib/python3.11/EXTERNALLY-MANAGED.old

    - name: Check if python3.12 EXTERNALLY-MANAGED file exists
      ansible.builtin.stat:
        path: /usr/lib/python3.12/EXTERNALLY-MANAGED
      register: externally_managed_file_py312

    - name: Rename python3.12 EXTERNALLY-MANAGED file if it exists
      ansible.builtin.command:
        cmd: mv /usr/lib/python3.12/EXTERNALLY-MANAGED /usr/lib/python3.12/EXTERNALLY-MANAGED.old
      when: externally_managed_file_py312.stat.exists
      args:
        creates: /usr/lib/python3.12/EXTERNALLY-MANAGED.old

  roles:
    - role: buluma.systemd
      systemd_default_target: multi-user.target
    - role: buluma.httpd
    - role: buluma.varnish

You need to prepare the machine. In CI, this is done using molecule/default/prepare.yml:

---
- name: Prepare
  hosts: all
  gather_facts: false
  become: true

  roles:
    - role: buluma.bootstrap

  tasks:
    - name: Update apt cache.
      ansible.builtin.apt: update_cache=true cache_valid_time=600
      when: ansible_os_family == 'Debian'

    - name: Ensure build dependencies are installed.
      ansible.builtin.yum:
        name:
          - logrotate
          - systemd-sysv
        state: present
      when: ansible_os_family == 'RedHat'

    - name: Ensure curl is installed.
      ansible.builtin.package: name=curl state=present

For more details, check the full explanation and example on using these roles.

Role Variables

Default variable values can be found in defaults/main.yml:

---
varnish_package_name: "varnish"
varnish_modules_package_name: ""
varnish_version: "7.5"

varnish_use_default_vcl: true
varnish_default_vcl_template_path: default.vcl.j2

varnish_default_backend_host: "127.0.0.1"
varnish_default_backend_port: "8080"

varnish_listen_address: ""
varnish_listen_port: "80"
varnish_secret: "14bac2e6-1e34-4770-8078-974373b76c90"
varnish_config_path: /etc/varnish
varnish_limit_nofile: 131072

varnish_admin_listen_host: "127.0.0.1"
varnish_admin_listen_port: "6082"

varnish_storage: "file,/var/lib/varnish/varnish_storage.bin,256M"
varnish_pidfile: /run/varnishd.pid

varnishd_extra_options: ""

varnish_enabled_services:
  - varnish

# Use Packagecloud repo instead of default distribution
varnish_apt_use_packagecloud: true

# Ensure Packagecloud repo is used on RHEL/CentOS.
varnish_packagecloud_repo_yum_repository_priority: "1"

# Only used on RedHat / CentOS.
varnish_yum_repo_baseurl: "https://packagecloud.io/varnishcache/{{ varnish_packagecloud_repo }}/el/{{ ansible_distribution_major_version|int }}/$basearch"

# Only used on Debian / Ubuntu.
varnish_apt_repo: "deb https://packagecloud.io/varnishcache/{{ varnish_packagecloud_repo }}/packages/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} main"

# Optionally add more backends.
# varnish_backends:
#   apache:
#     host: 10.0.2.2
#     port: 80
#   nodejs:
#     host: 10.0.2.3
#     port: 80

# Optionally define virtual hosts for different backends.
# varnish_vhosts:
#   example.com:
#     backend: apache
#   nodejs.example.com:
#     backend: nodejs