Question about designed solution with dynamic backend setup based on csv-file with backend Basic Authentication

Lasse Karstensen lkarsten at
Tue Feb 18 11:10:07 CET 2014

On Thu, Feb 06, 2014 at 04:30:08PM +0100, Aleksandar Lazic wrote:
> I have the following need.
> A external script make a request  to varnish and varnish, get a
> picture from the
> specified backend in the mapping file.
> Store the for ~5Min (=ttl=5m) and the re-fetch it from the backend.
> 1.) There is a mapping file which looks like this.
> id;URL;username;password
> 2.) Build per ID a backend with username:password
> 3.) Use the right backend for the $REQUEST
> 4.) Check the backend for availability.
> @2.) Write a script which create a $ID.vcl with the necessary
> "backend $ID { ...}" files.
>      This script add also a 'sub vcl_recv {...}' per backend with header
>      set req.http.Authorization = "BASIC [base64 encoded
> admin:adminpass]"

If this is for the backend connection/requests, you need to set it on bereq in

If you want to validate a client basic auth session, you should let your generating
script write a long if-else segment that checks that the data, not setting/overriding

> @3.) add include $sysconfdir/conf.d/*.vcl into default.vcl
> @4.) I will use
>      with .request option for the Auth-Header.
> This solution is very specific for my set-up.
> Is there a more generic varnish-way to solve my need?

No, this should be fine.

> Can I use some 'scripting' possibilities in varnish?

That is what VCL is for. You're already doing it.

> Is this possible "$sysconfdir/conf.d/*.vcl"?

No. varnishd will only read a single VCL file, and VCL include entries does not
support globbing/wildcards.

With regards,
Lasse Karstensen
Varnish Software AS

More information about the varnish-misc mailing list