{"id":1368,"date":"2022-01-27T13:29:21","date_gmt":"2022-01-27T13:29:21","guid":{"rendered":"https:\/\/www.ridiculously-simple.com\/?p=1368"},"modified":"2024-12-26T05:58:43","modified_gmt":"2024-12-26T05:58:43","slug":"varnish-would-not-listen-on-port-80-on-debian-11","status":"publish","type":"post","link":"https:\/\/www.voodoo.business\/blog\/2022\/01\/27\/varnish-would-not-listen-on-port-80-on-debian-11\/","title":{"rendered":"Varnish would not listen on port 80 on debian 11 and 12 (Bookworm)"},"content":{"rendered":"\n

So, before we start, I assume you have already installed Varnish the casual way, and that you have made sure you do not have something else occupying port 80, if nginx for example is listening on port 80, try this post to switch it to a different port (Changing the default port 80 on nginx<\/a>), if it is a different app, just follow that app’s instructions to change it’s port before asking varnish to listen on it.<\/p>\n\n\n\n

To check that port 80 is not occupied and free to use, try the following command<\/p>\n\n\n\n

netstat -anpe | grep \"80\" | grep \"LISTEN\"\n\nIf for example you want to know what ports nginx is listening to, try one of the following commands\n\nnetstat -tlpn| grep nginx\nor\nss -tlpn| grep nginx\n<\/pre>\n\n\n\n
Within the results, check if any are using port 80, mind you, a service using port 8083 for example will show up, you need to see if anything is using port 80 , Now, install varnish with the following command.<\/p>\n\n\n\n
apt-get install varnish<\/pre>\n\n\n\n
As you may have noticed, and probably the reason why you are here, varnish will not work !<\/p>\n\n\n\n
this is somewhat of an old problem, since Debian moved to systemD back with the Debian 8 release (Jessie), instead of editing the file in \/etc\/default\/varnish<\/strong>, you will need to create a file in \/etc\/systemd\/system\/<\/strong> and name it varnish.service<\/strong>, the contents of such a file should look like the following, note that xxx.xxx.xxx.xxx is the IP varnish should be listening on, one of the IPs assigned to the machine running varnish.<\/p>\n\n\n\n
So to run the following command<\/p>\n\n\n\n
systemctl edit varnish.service<\/pre>\n\n\n\n
[Unit]\nDescription=Varnish HTTP accelerator\nDocumentation=https:\/\/www.varnish-cache.org\/docs\/6.1\/ man:varnishd\n\n[Service]\nType=simple\nLimitNOFILE=131072\nLimitMEMLOCK=82000\nExecStart=\/usr\/sbin\/varnishd -j unix,user=vcache -F -a xxx.xxx.xxx.xxx:80 -T localhost:6082 -f \/etc\/varnish\/default.vcl -S \/etc\/varnish\/secret -s malloc,256m\nExecReload=\/usr\/share\/varnish\/varnishreload\nProtectSystem=full\nProtectHome=true\nPrivateTmp=true\nPrivateDevices=true\n\n[Install]\nWantedBy=multi-user.target\n<\/pre>\n\n\n\n
Once you have added the file execute the following<\/p>\n\n\n\n
systemctl daemon-reload\nsystemctl restart varnish<\/pre>\n\n\n\n
Should i let varnish cache in RAM or switch to disk ?<\/h2>\n\n\n\n
Note that the configuration file above uses RAM to cache the content, My recommendation is to use DISK (Disk is cached in ram in a more dynamic and more useful way utilizing all the ram you are not using, while keeping it available to any app that needs it), but that is just me…<\/p>\n\n\n\n
To switch from RAM to File system, replace the following in the above as follows<\/p>\n\n\n\n
\"-s malloc,512m\" becomes \"-s file,\/path\/to\/cahce\/file.bin,100G\"<\/pre>\n\n\n\n
Now, if you want to flush the varnish cache, you don’t have to remove everything ! you can use the varnishadm command to control the cache<\/p>\n\n\n\n
Don’t let the keyword “Ban” fool you, it bans the existing copy of the cache, but does not prevent it from getting re-cached<\/p>\n\n\n\n


- A domain's cache: varnishadm \"ban req.http.host ~ www.example.com\"

- File type: varnishadm \"ban req.url ~ .css\"

- Both the above: varnishadm \"ban req.http.host ~ www.example.com\" && req.url ~ .css\"

- a URL varnishadm \"ban req.url ~ \/directory\/andmaybefile\"

- whole cache: varnishadm \"ban req.url ~ .\"

- Every png on domain: varnishadm ban req.http.host == example.com '&&' req.url '~' '\\\\.png$'
<\/pre>\n","protected":false},"excerpt":{"rendered":"
So, before we start, I assume you have already installed Varnish the casual way, and that you have made sure you do not have something else occupying port 80, if nginx for example is listening on port 80, try this post to switch it to a different port (Changing the default port 80 on nginx), […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[171],"tags":[],"class_list":["post-1368","post","type-post","status-publish","format-standard","hentry","category-varnish"],"_links":{"self":[{"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/posts\/1368","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/comments?post=1368"}],"version-history":[{"count":20,"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/posts\/1368\/revisions"}],"predecessor-version":[{"id":4399,"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/posts\/1368\/revisions\/4399"}],"wp:attachment":[{"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/media?parent=1368"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/categories?post=1368"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.voodoo.business\/blog\/wp-json\/wp\/v2\/tags?post=1368"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}