From 49229107e812d649e66e36e32e238db66b353b0f Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 30 Sep 2020 12:32:54 -0500 Subject: [PATCH] Make it possible for Varnish logs to contain the true scheme used by clients instead of always reporting http:// --- installation/pleroma.vcl | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl index 154747aa6..57b6d17b3 100644 --- a/installation/pleroma.vcl +++ b/installation/pleroma.vcl @@ -1,3 +1,4 @@ +# Recommended varnishncsa logging format: '%h %l %u %t "%m %{X-Forwarded-Proto}i://%{Host}i%U%q %H" %s %b "%{Referer}i" "%{User-agent}i"' vcl 4.1; import std; @@ -14,8 +15,11 @@ acl purge { sub vcl_recv { # Redirect HTTP to HTTPS if (std.port(server.ip) != 443) { + set req.http.X-Forwarded-Proto = "http"; set req.http.x-redir = "https://" + req.http.host + req.url; return (synth(750, "")); + } else { + set req.http.X-Forwarded-Proto = "https"; } # CHUNKED SUPPORT