Put all squid conf directly in /secrets

squid.nomad.hcl

@@ -30,9 +30,8 @@ job [[ $c.instance | toJSON ]] {
 
       env {
         SQUID_LISTS_DIR = "/local/lists"
-        SQUID_CONF_5_auth_param = "basic program /usr/lib/squid/basic_ncsa_auth /secrets/squid/auth"
+        SQUID_CONF_5_auth_param = "basic program /usr/lib/squid/basic_ncsa_auth /secrets/auth"
         SQUID_CONF_5_acl = "ssl_ports port [[ join .squid.ssl_ports " " ]]"
-        SQUID_CONF_40_include = "/secrets/squid/conf.d/*.conf"
       }
 
       template {
@@ -59,7 +58,7 @@ _EOT
         data =<<_EOT
 [[ template "squid/auth.tpl" . ]]
 _EOT
-        destination = "secrets/squid/auth"
+        destination = "secrets/auth"
         uid = 100000
         gid = 100031
         perms = 0640
@@ -70,7 +69,7 @@ _EOT
         data =<<_EOT
 [[ template "squid/acl.conf.tpl" . ]]
 _EOT
-        destination = "secrets/squid/conf.d/acl.conf"
+        destination = "secrets/acl.conf"
         uid = 100000
         gid = 100031
         perms = 0640

templates/filter_acl.sh.tpl

@@ -2,13 +2,13 @@
 
 set -euo pipefail
 
-# Remove any line containing auth_XXX acl not present in /secrets/squid/conf.d/acl.conf
+# Remove any line containing auth_XXX acl not present in /secrets/acl.conf
 IFS=$'\n'
-for LINE in $(grep -E "http_access .* auth_.*" /etc/squid/conf.d/env.conf); do
+for LINE in $(grep -E "http_access .* auth_.*" /etc/env.conf); do
   ACL=$(echo ${LINE} | sed -E 's/http_access .* (auth_[^\s]+).*/\1/')
-  if ! grep -q ${ACL} /secrets/squid/conf.d/acl.conf; then
-    echo "Remove ${LINE} from /etc/squid/conf.d/env.conf because acl ${ACL} doesn't exist"
-    sed -i -E "/.*${ACL}.*/d" /etc/squid/conf.d/env.conf
+  if ! grep -q ${ACL} /secrets/acl.conf; then
+    echo "Remove ${LINE} from /etc/env.conf because acl ${ACL} doesn't exist"
+    sed -i -E "/.*${ACL}.*/d" /etc/env.conf
   fi
 done