[Docker] Added app container to varnish debuggers

ezsystems · Nov 19, 2020 · 18bcbe8 · 18bcbe8
1 parent a6c05b8
commit 18bcbe8
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 4 deletions.
diff --git a/doc/docker/entrypoint/varnish/entrypoint.sh b/doc/docker/entrypoint/varnish/entrypoint.sh
@@ -3,6 +3,7 @@
 # Script takes the following parameters:
 # [--acl-all-networks] - Add all container's network in the PURGE ACL.
 # [--acl-add ...] - Add a host or network segment to the PURGE ACL
+# [--debug-acl-add ...] - Add a host or network segment to the debuggers ACL
 
 function create_template_file
 {
@@ -34,26 +35,43 @@ function get_net_segments
 }
 
 # $1 is segment, format 1.2.3.4/24 or myhostname
-function add_segment
+function format_segment
 {
     # convert format 1.2.3.4/24 --> "1.2.3.4"/24;
     segment=`echo $1 | sed "s|\(.*\)/\(.*\)|\"\1\"/\2;|"`
 
     # convert format myhost --> "myhost";  ( any string not containing slash )
     segment=`echo $segment | sed -E "s|^([^/]+)\$|\"\1\";|"`
 
+    echo "$segment"
+}
+
+# $1 is segment, format 1.2.3.4/24 or myhostname
+function add_segment_to_purge_acl
+{
+    segment=`format_segment $1`
+
     echo "Adding network segment to varnish ACL : $segment"
     sed -i -s "s|\(.*ACL_INVALIDATOR.*\)|    $segment\n\1|" /etc/varnish/parameters.vcl
 }
 
+# $1 is segment, format 1.2.3.4/24 or myhostname
+function add_segment_to_debugger_acl
+{
+    segment=`format_segment $1`
+
+    echo "Adding network segment to varnish debuggers : $segment"
+    sed -i -s "s|\(.*DEBUGGER.*\)|    $segment\n\1|" /etc/varnish/parameters.vcl
+}
+
 create_template_file
 
 while (( "$#" )); do
     if [ "$1" = "--acl-all-networks" ]; then
         segments=`get_net_segments`
 
         for segment in `echo $segments`; do
-            add_segment $segment
+            add_segment_to_purge_acl $segment
         done
     elif [ "$1" = "--acl-add" ]; then
         shift
@@ -62,7 +80,16 @@ while (( "$#" )); do
         if [ "$new_network" = "" ]; then
             echo "Warning : --acl-add parameter needs to be followed by a network segment, for instance \"--acl-add 10.0.1.0/24\""
         else
-            add_segment $new_network
+            add_segment_to_purge_acl $new_network
+        fi
+    elif [ "$1" = "--debug-acl-add" ]; then
+        shift
+        new_network="$1"
+
+        if [ "$new_network" = "" ]; then
+            echo "Warning : --debug-acl-add parameter needs to be followed by a network segment, for instance \"--debug-add 10.0.1.0/24\""
+        else
+            add_segment_to_debugger_acl $new_network
         fi
     else
         echo "Warning : Unrecognized parameter $1"

diff --git a/doc/docker/entrypoint/varnish/parameters.vcl b/doc/docker/entrypoint/varnish/parameters.vcl
@@ -15,4 +15,5 @@ acl invalidators {
 acl debuggers {
     "127.0.0.1";
     "172.16.0.0"/20;
+// DEBUGGER
 }
diff --git a/doc/docker/varnish.yml b/doc/docker/varnish.yml
@@ -29,7 +29,7 @@ services:
     networks:
      - frontend
      - backend
-    command: ["--acl-add", "app"]
+    command: ["--acl-add", "app", "--debug-acl-add", "app"]
 
 ## DEBUG??
 # In need of debugging all request going to Varnish, use varnishlog, example: