diff --git a/files/frontend/varnish/conf-anna b/files/frontend/varnish/conf-anna
new file mode 100644
index 0000000000000000000000000000000000000000..8bdad6e4dff7e4c5fb65a4fd3c815eaf474e2751
--- /dev/null
+++ b/files/frontend/varnish/conf-anna
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+VARNISH_ADDR=10.42.254.137:3244
+VARNISH_MGMT_ADDR=localhost:6082
+VARNISH_CONFIG=/etc/varnish/default.vcl
+VARNISH_STORAGE=malloc,40G
+VARNISH_JAIL=unix,user=_varnish,workuser=_vcache
+VARNISH_OPTIONS='-p nuke_limit=999999999 -p idle_send_timeout=600 -p send_timeout=36000'
diff --git a/files/frontend/varnish/conf-laban b/files/frontend/varnish/conf-laban
new file mode 100644
index 0000000000000000000000000000000000000000..2565f7fdb78c649d4afc778890095364cf610c35
--- /dev/null
+++ b/files/frontend/varnish/conf-laban
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+VARNISH_ADDR=10.42.254.134:3244
+VARNISH_MGMT_ADDR=localhost:6082
+VARNISH_CONFIG=/etc/varnish/default.vcl
+VARNISH_STORAGE=malloc,40G
+VARNISH_JAIL=unix,user=_varnish,workuser=_vcache
+VARNISH_OPTIONS='-p nuke_limit=999999999 -p idle_send_timeout=600 -p send_timeout=36000'
diff --git a/files/frontend/varnish/conf-labolina b/files/frontend/varnish/conf-labolina
new file mode 100644
index 0000000000000000000000000000000000000000..6cb543c9c1b01a606c8e2f2ffaff7785b1a6f2b0
--- /dev/null
+++ b/files/frontend/varnish/conf-labolina
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+VARNISH_ADDR=10.42.254.135:3244
+VARNISH_MGMT_ADDR=localhost:6082
+VARNISH_CONFIG=/etc/varnish/default.vcl
+VARNISH_STORAGE=malloc,40G
+VARNISH_JAIL=unix,user=_varnish,workuser=_vcache
+VARNISH_OPTIONS='-p nuke_limit=999999999 -p idle_send_timeout=600 -p send_timeout=36000'
diff --git a/files/frontend/varnish/default.vcl b/files/frontend/varnish/default.vcl
new file mode 100644
index 0000000000000000000000000000000000000000..6faf3eac6711c78d1a1d7469319eb94b2e138247
--- /dev/null
+++ b/files/frontend/varnish/default.vcl
@@ -0,0 +1,76 @@
+vcl 4.1;
+
+
+acl purge {
+ "localhost";
+ # Hina
+ "130.236.254.195";
+ "2001:6b0:17:f0a0::c3";
+ # FTP-push
+ "130.236.254.138";
+ "2001:6b0:17:f0a0::8a";
+ # Infiniband-nät
+ "10.42.0.0/16";
+}
+
+backend dataserver {
+ .host = "localhost";
+ .port = "1447";
+# Varnish suger (data för snabbt så sonden misslyckas)
+# .probe = {
+# .url = "/";
+# .timeout = 1s;
+# .interval = 5s;
+# .window = 5;
+# .threshold = 3;
+# }
+}
+
+sub vcl_recv {
+ if (req.method == "PURGE")
+ {
+ if (!client.ip ~ purge)
+ {
+ return(synth(405, "Not allowed."));
+ }
+ return (purge);
+ }
+ if (req.method == "HEAD")
+ {
+ return(pass);
+ }
+ if (req.url ~ "-repodata$") {
+ return(pass);
+ }
+ if (req.url ~ "/repodata/") {
+ return(pass);
+ }
+ if (req.url ~ "Packages.(gz|bz2)$") {
+ return(pass);
+ }
+ if (req.url ~ "/pub/(archlinux|manjaro)/.*\.(db|db.tar.gz|extra|extra.tar.gz)$") {
+ return(pass);
+ }
+}
+
+sub vcl_backend_response {
+ if (beresp.status == 404) {
+ set beresp.uncacheable = true;
+ return(deliver);
+ }
+
+ set beresp.ttl = 120h;
+}
+
+sub vcl_deliver {
+ unset resp.http.Age;
+ unset resp.http.X-Varnish;
+ unset resp.http.Via;
+}
+
+sub vcl_hash {
+ hash_data(req.url);
+
+ return (lookup);
+}
+
diff --git a/manifests/frontend.pp b/manifests/frontend.pp
index db00027b9e8c1d7d7cf1de9704faf6c2f34920aa..5705e13bcde34cf4a1557d12c393873318bdc764 100644
--- a/manifests/frontend.pp
+++ b/manifests/frontend.pp
@@ -60,5 +60,26 @@ class ftp::frontend
enable => true,
restart => 'sv reload haproxy',
}
+
+ file { '/etc/varnish/default.vcl':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0644',
+ source => 'puppet:///modules/ftp/frontend/varnish/default.vcl',
+ }
+
+ file { '/etc/sv/varnishd/conf':
+ ensure => file,
+ owner => 'root',
+ group => 'root',
+ mode => '0755',
+ source => "puppet:///modules/ftp/frontend/varnish/conf-${facts['hostname']}",
+ }
+
+ service { 'varnishd':
+ provider => 'runit',
+ enable => true,
+ }
}