Source: varnish Version: 5.0.0-7.1 Severity: normal Tags: patch Hello,
today I installed varnish on my production server and, while trying to configure it, it inexplicably failed to follow the options given in /etc/default/varnish. I found out that the mentioned file is only honoured by /etc/init.d/varnish; while /lib/systemd/system/varnish.service simply provides a (reasonable!) set of defaults. See the attached proposed patch. A couple of notes on that, though: 1) regarding VARNISH_STORAGE_FILE, in /etc/default/varnish it uses $INSTANCE, which in turn is $(uname -n). I don't really know how to launch subscripts from systemd service files, so I simply put "instance" there, please have a look whether it's feasible or not. 2) always regarding the storage type, i.e. the "-s" switch of varnishd, in /etc/default/varnish and varnish.service two different defaults are used. Please settle on one (the former uses file, the latter uses malloc). Have a nice day, David
--- varnish.service.orig 2017-08-09 08:19:12.345040719 +0200 +++ varnish.service 2017-08-09 08:28:11.102476241 +0200 @@ -6,7 +6,18 @@ Type=simple LimitNOFILE=131072 LimitMEMLOCK=82000 -ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T 127.0.0.1:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m +Environment=VARNISH_LISTEN_ADDRESS= +Environment=VARNISH_LISTEN_PORT=6081 +Environment=VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 +Environment=VARNISH_ADMIN_LISTEN_PORT=6082 +Environment=VARNISH_VCL_CONF=/etc/varnish/default.vcl +Environment=VARNISH_SECRET_FILE=/etc/varnish/secret +Environment=VARNISH_STORAGE_FILE=/var/lib/varnish/instance/varnish_storage.bin +Environment=VARNISH_STORAGE_SIZE=1G +Environment=VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" +Environment=VARNISH_TTL=120 +EnvironmentFile=-/etc/default/varnish +ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a $VARNISH_LISTEN_ADDRESS:$VARNISH_LISTEN_PORT -T $VARNISH_ADMIN_LISTEN_ADDRESS:$VARNISH_ADMIN_LISTEN_PORT -f $VARNISH_VCL_CONF -S $VARNISH_SECRET_FILE -s $VARNISH_STORAGE ProtectSystem=full ProtectHome=true PrivateTmp=true
pgp_g7rdshWtK.pgp
Description: Firma digitale OpenPGP