From 212af577469e846210afc2cb203cb9c3e97f05f0 Mon Sep 17 00:00:00 2001
From: cschantz <admin@server.local>
Date: Wed, 21 Jan 2026 22:00:16 -0500
Subject: [PATCH] Fix Varnish backend to use server IP instead of 127.0.0.1

Apache VirtualHosts listen on the public IP, not localhost. Script now detects primary server IP and configures Varnish backend accordingly.
---
 modules/performance/nginx-varnish-manager.sh | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/modules/performance/nginx-varnish-manager.sh b/modules/performance/nginx-varnish-manager.sh
index 0a66b5f..52d0c32 100755
--- a/modules/performance/nginx-varnish-manager.sh
+++ b/modules/performance/nginx-varnish-manager.sh
@@ -477,13 +477,22 @@ install_varnish() {
 configure_varnish_vcl() {
     print_banner "Configuring Varnish VCL"
 
+    # Get server's primary IP address for Apache backend
+    local server_ip=$(hostname -I | awk '{print $1}')
+    if [ -z "$server_ip" ]; then
+        server_ip="127.0.0.1"
+        print_warning "Could not detect server IP, using 127.0.0.1"
+    else
+        print_info "Detected server IP: $server_ip"
+    fi
+
     # Simple VCL with comprehensive admin page bypasses
     cat > "$VARNISH_VCL" <<'EOFVCL'
 vcl 4.1;
 
 # Backend definition - Apache on port 81 (ea-nginx stock port)
 backend default {
-    .host = "127.0.0.1";
+    .host = "SERVER_IP_PLACEHOLDER";
     .port = "81";
     .connect_timeout = 600s;
     .first_byte_timeout = 600s;
@@ -606,6 +615,9 @@ sub vcl_deliver {
 }
 EOFVCL
 
+    # Replace placeholder with actual server IP
+    sed -i "s/SERVER_IP_PLACEHOLDER/$server_ip/g" "$VARNISH_VCL"
+
     # Test VCL configuration
     # Note: /tmp is usually mounted with noexec on cPanel servers, so use -n parameter
     # to specify a working directory outside /tmp