Cleanup

prep.d/10-mv_conf.sh

@@ -1 +1 @@
-[[ template "common/mv_conf.sh.tpl" dict "ctx" . "services" (dict "squid" .squid.instance) ]]
+[[ template "common/mv_conf.sh" dict "ctx" . "services" (dict "squid" .instance) ]]

squid.nomad.hcl

@@ -1,8 +1,8 @@
 [[- $c := merge .squid . -]]
 
-job [[ $c.instance | toJSON ]] {
+job [[ .instance | toJSON ]] {
 
-[[ template "common/job_start.tpl" $c ]]
+[[ template "common/job_start" $c ]]
 
   group "squid" {
     network {
@@ -10,28 +10,28 @@ job [[ $c.instance | toJSON ]] {
     }
 
     service {
-      name = "[[ $c.instance ]][[ $c.consul.suffix ]]"
+      name = "[[ .instance ]][[ .consul.suffix ]]"
       port = 3128
-[[ template "common/connect.tpl" $c ]]
+[[ template "common/connect" $c ]]
     }
 
     task "squid" {
       driver = [[ $c.nomad.driver | toJSON ]]
   
       config {
-        image = [[ .squid.image | toJSON ]]
+        image           = [[ .squid.image | toJSON ]]
         readonly_rootfs = true
-        pids_limit = 100
-        volumes = [
+        pids_limit      = 100
+        volumes         = [
           "secrets/:/etc/squid/conf.d",
           "local/filter-acl.sh:/entrypoint.d/30-filter-acl.sh:ro"
         ]
       }
 
       env {
-        SQUID_LISTS_DIR = "/local/lists"
+        SQUID_LISTS_DIR         = "/local/lists"
         SQUID_CONF_5_auth_param = "basic program /usr/lib/squid/basic_ncsa_auth /secrets/auth"
-        SQUID_CONF_5_acl = "ssl_ports port [[ join .squid.ssl_ports " " ]]"
+        SQUID_CONF_5_acl        = "ssl_ports port [[ join .squid.ssl_ports " " ]]"
       }
 
       template {
@@ -83,9 +83,9 @@ _EOT
   [[- if has $v "url" ]]
 
       artifact {
-        source = [[ $v.url | toJSON ]]
+        source      = [[ $v.url | toJSON ]]
         destination = "local/lists/[[ $v.category ]]/[[ $k ]].list"
-        mode = "file"
+        mode        = "file"
       }
   [[- else if has $v "content" ]]
 
@@ -102,8 +102,8 @@ _EOT
   [[- end ]]
 [[- end ]]
   
-[[- template "common/file_env.tpl" $c.env ]]
-[[- template "common/resources.tpl" .squid.resources ]]
+[[- template "common/file_env" $c.env ]]
+[[- template "common/resources" .squid.resources ]]
     }
   }
 }

variables.yml

@@ -1,11 +1,12 @@
 ---
 
+# Name of this instance (job name and service name)
+instance: squid
+
 squid:
-  # Name of this instance (job name and service name)
-  instance: squid
 
   # Docker image to use
-  image: danielberteaud/squid:23.10-6
+  image: '[[ .docker.repo ]]squid:23.12-1'
 
   # Resources
   resources:
@@ -43,6 +44,7 @@ squid:
     - 8443
     - 8006
     - 8007
+    - 8448
 
   # List of domain to build black/white lists
   # content can be used to directly set the content of the list (which can include consul-template fragment to read from consul KV store)
@@ -72,16 +74,16 @@ squid:
       category: white
     whitelist:
       content: |
-        {{- if keyExists "[[ .consul.prefix ]]service/[[ .squid.instance ]]/lists/white" }}
-        {{ key "[[ .consul.prefix ]]service/[[ .squid.instance ]]/lists/white" }}
+        {{- if keyExists "[[ .consul.prefix ]]service/[[ .instance ]]/lists/white" }}
+        {{ key "[[ .consul.prefix ]]service/[[ .instance ]]/lists/white" }}
         {{- end }}
       category: white
     blacklist:
       content: |
         # Add an fake domain to prevents warnings in case Consul has no blacklist entry
         .nonexistingdomain
-        {{- if keyExists "[[ .consul.prefix ]]service/[[ .squid.instance ]]/lists/black" }}
-        {{ key "[[ .consul.prefix ]]service/[[ .squid.instance ]]/lists/black" }}
+        {{- if keyExists "[[ .consul.prefix ]]service/[[ .instance ]]/lists/black" }}
+        {{ key "[[ .consul.prefix ]]service/[[ .instance ]]/lists/black" }}
         {{- end }}
       category: black