Install Varnish 5.x on Debian 9 Stretch Using Repository

Varnish is one of my favorite ways to speed up and scale WordPress. Some hosts like Cloudways and WPEngine have Varnish configured on the server to help deliver fast pages to your users. If you want to install Varnish on your own Vultr server this guide is for you. The Varnish packages have been moved to packagecloud repositories so we won’t have to download any deb files manually :).

Install Varnish 5 on Debian 9

Check your CPU architecture

uname -m

You should see this output showing that we are using modern software.

x86_64

If you see i686 then you will have to compile Varnish 5 from source which will be covered in another article.
Add the packagecloud GPG key so that the repository will be authenticated and verified.

wget https://packagecloud.io/varnishcache/varnish5/gpgkey -O - | sudo apt-key add -

Make sure you have these packages for using https repositories

sudo apt-get install apt-transport-https debian-archive-keyring -y

Add the Varnish 5 repository from packagecloud

echo "deb https://packagecloud.io/varnishcache/varnish5/debian/ stretch main" | sudo tee -a /etc/apt/sources.list.d/varnishcache_varnish5.list
echo "deb-src https://packagecloud.io/varnishcache/varnish5/debian/ stretch main" | sudo tee -a /etc/apt/sources.list.d/varnishcache_varnish5.list
sudo apt-get update

Install Varnish 5.x on Debian 9 with this command

sudo apt-get install varnish -y

Now you probably want to make Varnish listen on port 80, we do that by modifying the systemd script safely so that it survives updates.

Please mark sure to change your nginx and/or Apache virtual hosts to not use port 80 or Varnish won’t be able to use port 80!

Make Varnish systemd Port 80

The way systemd works we have to create a drop-in systemd file that overrides the ExecStart line. This ensures that the changes made directly to the systemd service are not overwritten when there is an upgrade.

sudo mkdir -p /etc/systemd/system/varnish.service.d
sudo nano /etc/systemd/system/varnish.service.d/local.conf

Paste these lines, the 80 is for the port so if your system requires Varnish to run on a different port besides 80 then make sure to change it.

[Service]
ExecStart=
ExecStart=/usr/sbin/varnishd -a 0.0.0.0:80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m

Ctrl+X, Y and Enter

Varnish must be restarted when the port is changed

sudo systemctl daemon-reload
sudo service varnish restart

Check Varnish is listening on port 80

sudo netstat -lntp | grep varnish

If you see any output you will see the IP addresses (0.0.0.0 signifying all addresses and 127.0.0.1 meaning the virtual loopback adapter) and ports Varnish 5 is listening on: ports 80 and 6082

tcp        0      0 0.0.0.0:80            0.0.0.0:*               LISTEN      5359/varnishd
tcp        0      0 127.0.0.1:6082          0.0.0.0:*               LISTEN      5359/varnishd
tcp6       0      0 :::6081                 :::*                    LISTEN      5359/varnishd
tcp6       0      0 ::1:6082                :::*                    LISTEN      5359/varnishd

Done! If you would like to see a sample Varnish vcl for WordPress see this post.

Sources

https://www.varnish-cache.org/docs/trunk/tutorial/putting_varnish_on_port_80.html
https://packagecloud.io/varnishcache/varnish5/install