Example varnish and hitch config (#2655)

Varnish is a http caching server, hitch is a tls terminating proxy.

contrib/varnish/hitch.conf

@@ -0,0 +1,32 @@
+# Run 'man hitch.conf' for a description of all options.
+
+frontend = {
+	host = "*"
+	port = "443"
+}
+backend = "[127.0.0.1]:8443"
+workers = 4                     # number of CPU cores
+
+daemon = on
+
+# We strongly recommend you create a separate non-privileged hitch
+# user and group
+user = "hitch"
+group = "hitch"
+
+# Enable to let clients negotiate HTTP/2 with ALPN. (default off)
+# alpn-protos = "h2, http/1.1"
+
+# run Varnish as backend over PROXY; varnishd -a :80 -a localhost:6086,PROXY ..
+write-proxy-v2 = on             # Write PROXY header
+
+## ssl config
+pem-dir = "/etc/tls/private"
+tls-protos = TLSv1.2 TLSv1.3
+# ocsp
+ocsp-dir = "/etc/hitch/ocsp"
+ocsp-verify-staple = on
+
+syslog = on
+log-level = 1
+tcp-fastopen = on