Put all squid conf directly in /secrets
This commit is contained in:
parent
4c5627e7c7
commit
39072e4f06
|
@ -30,9 +30,8 @@ job [[ $c.instance | toJSON ]] {
|
|||
|
||||
env {
|
||||
SQUID_LISTS_DIR = "/local/lists"
|
||||
SQUID_CONF_5_auth_param = "basic program /usr/lib/squid/basic_ncsa_auth /secrets/squid/auth"
|
||||
SQUID_CONF_5_auth_param = "basic program /usr/lib/squid/basic_ncsa_auth /secrets/auth"
|
||||
SQUID_CONF_5_acl = "ssl_ports port [[ join .squid.ssl_ports " " ]]"
|
||||
SQUID_CONF_40_include = "/secrets/squid/conf.d/*.conf"
|
||||
}
|
||||
|
||||
template {
|
||||
|
@ -59,7 +58,7 @@ _EOT
|
|||
data =<<_EOT
|
||||
[[ template "squid/auth.tpl" . ]]
|
||||
_EOT
|
||||
destination = "secrets/squid/auth"
|
||||
destination = "secrets/auth"
|
||||
uid = 100000
|
||||
gid = 100031
|
||||
perms = 0640
|
||||
|
@ -70,7 +69,7 @@ _EOT
|
|||
data =<<_EOT
|
||||
[[ template "squid/acl.conf.tpl" . ]]
|
||||
_EOT
|
||||
destination = "secrets/squid/conf.d/acl.conf"
|
||||
destination = "secrets/acl.conf"
|
||||
uid = 100000
|
||||
gid = 100031
|
||||
perms = 0640
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
set -euo pipefail
|
||||
|
||||
# Remove any line containing auth_XXX acl not present in /secrets/squid/conf.d/acl.conf
|
||||
# Remove any line containing auth_XXX acl not present in /secrets/acl.conf
|
||||
IFS=$'\n'
|
||||
for LINE in $(grep -E "http_access .* auth_.*" /etc/squid/conf.d/env.conf); do
|
||||
for LINE in $(grep -E "http_access .* auth_.*" /etc/env.conf); do
|
||||
ACL=$(echo ${LINE} | sed -E 's/http_access .* (auth_[^\s]+).*/\1/')
|
||||
if ! grep -q ${ACL} /secrets/squid/conf.d/acl.conf; then
|
||||
echo "Remove ${LINE} from /etc/squid/conf.d/env.conf because acl ${ACL} doesn't exist"
|
||||
sed -i -E "/.*${ACL}.*/d" /etc/squid/conf.d/env.conf
|
||||
if ! grep -q ${ACL} /secrets/acl.conf; then
|
||||
echo "Remove ${LINE} from /etc/env.conf because acl ${ACL} doesn't exist"
|
||||
sed -i -E "/.*${ACL}.*/d" /etc/env.conf
|
||||
fi
|
||||
done
|
||||
|
||||
|
|
Loading…
Reference in New Issue