Ansible Role: Varnish

This role installs the Varnish HTTP Cache on RedHat/CentOS or Debian/Ubuntu Linux systems.

Requirements

You need to have the EPEL repository set up on RedHat/CentOS, which can be done with the geerlingguy.repo-epel role.

Role Variables

Here are the variables you can use, along with their default settings (found in defaults/main.yml):

• varnish_package_name: "varnish"
  This is the name of the Varnish package you want to install. Use apt-cache policy varnish or yum list varnish to see available options.

• varnish_version: "6.6"
  This sets the version of Varnish to install. You can check the Varnish Cache packagecloud.io repositories for available versions like 6.6, 6.5, etc.

• varnish_config_path: /etc/varnish
  This is where the Varnish configuration files will be stored.

• varnish_use_default_vcl: true
  This decides whether to use the default Varnish configuration. Set to false if you want to use your own default.vcl file.

• varnish_default_vcl_template_path: default.vcl.j2
  This is the path to the default VCL template used if varnish_use_default_vcl is true. The file should be relative to your playbook's directory.

• varnish_listen_address: ""

• varnish_listen_port: "80"
  These settings control the address and port Varnish listens on. The default is to listen on all interfaces at port 80.

• varnish_default_backend_host: "127.0.0.1"

• varnish_default_backend_port: "8080"
  These specify the default backend server's address and port (like Apache or Nginx).

• varnish_limit_nofile: 131072
  This sets a higher limit for the number of open files Varnish can handle.

• varnish_secret: "14bac2e6-1e34-4770-8078-974373b76c90"
  This is the secret key for connecting to the Varnish admin backend.

• varnish_admin_listen_host: "127.0.0.1"

• varnish_admin_listen_port: "6082"
  These are for the host and port that accept admin requests.

• varnish_storage: "file,/var/lib/varnish/varnish_storage.bin,256M"
  This setting determines how Varnish stores cache data. You can change it for in-memory storage.

• varnish_pidfile: /run/varnishd.pid
  This is the path for the PID file used by Varnish.

• varnishd_extra_options: ""
  Use this for any extra flags you want to pass to the Varnish daemon when it starts.

• varnish_enabled_services:

  • varnish
    This lists services that should start automatically. You can add services like varnishncsa if needed.

• varnish_packagecloud_repo_yum_repository_priority: "1"
  (For RedHat/CentOS) This sets the priority for the yum repository to ensure Varnish is installed from there.

• varnish_apt_repo: deb https://packagecloud.io/varnishcache/{{ varnish_packagecloud_repo }}/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} main
  (For Debian/Ubuntu) This is the repository for apt.

• varnish_yum_repo_baseurl: https://packagecloud.io/varnishcache/{{ varnish_packagecloud_repo }}/el/{{ ansible_distribution_major_version|int }}/$basearch
  (For RedHat/CentOS) This sets the base URL for the yum repository.

• varnish_backends:

  • apache:
    host: 10.0.2.2
    port: 80
    • nodejs:
      host: 10.0.2.3
      port: 80
      You can define multiple backends and direct traffic from different virtual hosts to them.

• varnish_vhosts:

  • example.com:
    backend: apache
    • nodejs.example.com:
      backend: nodejs
      Configure your virtual hosts here, associating each with a backend.

Dependencies

There are no dependencies for this role.

Example Playbook

Here's an example of a playbook using this role:

- hosts: webservers
  vars_files:
    - vars/main.yml
  roles:
    - geerlingguy.varnish

In vars/main.yml:

varnish_secret: "[secret generated by uuidgen]"
varnish_default_backend_port: 81
... etc ...

License

MIT / BSD

Author Information

This role was created in 2014 by Jeff Geerling, the author of Ansible for DevOps.