-
Notifications
You must be signed in to change notification settings - Fork 71
/
squid.conf.short.erb
132 lines (117 loc) · 3.91 KB
/
squid.conf.short.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
## THIS FILE IS MANAGED BY PUPPET.
## DO NOT EDIT.
<% @auth_params.each do |line| -%>
auth_param <%= line %>
<% end -%>
# predefined ACLs
<% if @use_deprecated_opts -%>
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
<% end -%>
<% if @use_default_localnet -%>
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
<% end -%>
<% @ssl_ports.each do |line| -%>
acl SSL_ports port <%= line %>
<% end -%>
<% @safe_ports.each do |line| -%>
acl Safe_ports port <%= line %>
<% end -%>
acl CONNECT method CONNECT
# predefined http_accesses
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
# user-defined ACLs
<% @acl.each do |line| -%>
acl <%= line %>
<% end -%>
# user-defined http_accesses
<% @http_access.each do |line| -%>
http_access <%= line %>
<% end -%>
<% if @use_default_localnet -%>
http_access allow localnet
<% end -%>
http_access allow localhost
http_access deny all
# user-defined icp_access
<% @icp_access.each do |line| -%>
icp_access <%= line %>
<% end -%>
<% if @http_port -%>
# user-defined http_port
<% @http_port.each do |line| -%>
http_port <%= line %>
<% end -%>
<% end -%>
<% if @https_port -%>
# user-defined https_port
<% @https_port.each do |line| -%>
https_port <%= line %>
<% end -%>
<% end -%>
# user-defined tcp_outgoing_addresses
<% @tcp_outgoing_address.each do |line| -%>
tcp_outgoing_address <%= line %>
<% end -%>
# general settings
coredump_dir <%= @coredump_dir %>
maximum_object_size_in_memory <%= @maximum_object_size_in_memory %>
maximum_object_size <%= @maximum_object_size %>
<% if @use_deprecated_opts -%>
ignore_expect_100 <%= @ignore_expect_100 %>
<% end -%>
<% if @pconn_timeout -%>
pconn_timeout <%= @pconn_timeout %>
<% end -%>
cache_mgr <%= @cache_mgr %>
client_persistent_connections <%= @client_persistent_connections %>
server_persistent_connections <%= @server_persistent_connections %>
forwarded_for <%= @forwarded_for %>
via <%= @via %>
<% if @reply_header_access -%>
<% @reply_header_access.each do |header_access| -%>
reply_header_access <%= header_access %>
<% end -%>
<% end -%>
<% @access_log.each do |line| -%>
access_log <%= line %>
<% end -%>
cache_mem <%= @cache_mem %>
cache_store_log <%= @cache_store_log %>
cache_log <%= @cache_log %>
<% @cache.each do |line| -%>
cache <%= line %>
<% end -%>
<% if @strip_query_terms -%>
strip_query_terms <%= @strip_query_terms %>
<% end -%>
<% @refresh_patterns.each do |line| -%>
refresh_pattern <%= line %>
<% end -%>
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
# user-defined cache-dirs
<% @cache_dir.each do |line| -%>
cache_dir <%= line %>
<% end -%>
# user-defined configuration settings from config_hash
<% if @config_hash -%>
<% @config_hash.sort_by {|k,v| k}.each do |k,v| -%>
<%= "%*s"%[-30,k] %> <%= v %>
<% end -%>
<% end -%>
<% if @config_array -%>
<% @config_array.each do |v| -%>
<%= v %>
<% end -%>
<% end -%>