forked from evolix/ansible-roles
squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8
This commit is contained in:
parent
66b69f1502
commit
fb7218972f
11
CHANGELOG.md
11
CHANGELOG.md
|
@ -28,6 +28,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* apache : fix goaway pattern for bad bots
|
* apache : fix goaway pattern for bad bots
|
||||||
* apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name)
|
* apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name)
|
||||||
* bind: Update role for Buster, Bullseye and Bookworm support
|
* bind: Update role for Buster, Bullseye and Bookworm support
|
||||||
|
* dovecot: Munin plugin conf path is now `/etc/munin/plugin-conf.d/zzz-dovecot` (instead of `z-evolinux-dovecot`)
|
||||||
* evocheck: upstream release 23.11.1
|
* evocheck: upstream release 23.11.1
|
||||||
* evolinux-base: dump-server-state upstream release 23.11
|
* evolinux-base: dump-server-state upstream release 23.11
|
||||||
* evolinux-base: use separate default config file for rsyslog
|
* evolinux-base: use separate default config file for rsyslog
|
||||||
|
@ -36,13 +37,13 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* lxc: init /etc git repository in lxc container
|
* lxc: init /etc git repository in lxc container
|
||||||
* nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12
|
* nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12
|
||||||
* proftpd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11
|
* proftpd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11
|
||||||
* vrrpd: variable to force update the switch script (default: false)
|
* squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8
|
||||||
* dovecot: Munin plugin conf path is now `/etc/munin/plugin-conf.d/zzz-dovecot` (instead of `z-evolinux-dovecot`)
|
|
||||||
* unbound: Big cleanup
|
|
||||||
* unbound: Use root hints provided by debian package dns-root-data instead of downloading them
|
|
||||||
* unbound: Move generated config file to `/etc/unbound/unbound.conf.d/evolinux.conf`
|
|
||||||
* unbound: Add config file to allow configuration reload on Debian 11 and lower
|
* unbound: Add config file to allow configuration reload on Debian 11 and lower
|
||||||
* unbound: Add munin configuration & setup plugin
|
* unbound: Add munin configuration & setup plugin
|
||||||
|
* unbound: Big cleanup
|
||||||
|
* unbound: Move generated config file to `/etc/unbound/unbound.conf.d/evolinux.conf`
|
||||||
|
* unbound: Use root hints provided by debian package dns-root-data instead of downloading them
|
||||||
|
* vrrpd: variable to force update the switch script (default: false)
|
||||||
* webapps/nextcloud: Add Ceph volume to fstab
|
* webapps/nextcloud: Add Ceph volume to fstab
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
|
@ -6,7 +6,7 @@ Installation and configuration of Squid
|
||||||
|
|
||||||
Everything is in the `tasks/main.yml` file.
|
Everything is in the `tasks/main.yml` file.
|
||||||
|
|
||||||
A blank file is created at `/etc/squid3/whitelist-custom.conf` to add addresses in the whitelist.
|
A blank file is created at `/etc/squid/whitelist-custom.conf` to add addresses in the whitelist.
|
||||||
|
|
||||||
## Available variables
|
## Available variables
|
||||||
|
|
||||||
|
|
|
@ -38,14 +38,14 @@
|
||||||
- name: "squid.conf is present (jessie)"
|
- name: "squid.conf is present (jessie)"
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: squid.conf.j2
|
src: squid.conf.j2
|
||||||
dest: /etc/squid3/squid.conf
|
dest: /etc/squid/squid.conf
|
||||||
notify: "restart squid3"
|
notify: "restart squid3"
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- name: "evolix whitelist is present (jessie)"
|
- name: "evolix whitelist is present (jessie)"
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: whitelist-evolinux.conf
|
src: whitelist-evolinux.conf
|
||||||
dest: /etc/squid3/whitelist.conf
|
dest: /etc/squid/whitelist.conf
|
||||||
force: false
|
force: false
|
||||||
notify: "reload squid3"
|
notify: "reload squid3"
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
@ -135,7 +135,7 @@
|
||||||
- name: add some URL in whitelist (Debian 8)
|
- name: add some URL in whitelist (Debian 8)
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
insertafter: EOF
|
insertafter: EOF
|
||||||
dest: /etc/squid3/whitelist.conf
|
dest: /etc/squid/whitelist.conf
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
state: present
|
state: present
|
||||||
loop: '{{ squid_whitelist_items }}'
|
loop: '{{ squid_whitelist_items }}'
|
||||||
|
|
|
@ -8,7 +8,7 @@ acl localhost src 127.0.0.0/32
|
||||||
acl INTERNE src {{ squid_address }}/32 127.0.0.0/8
|
acl INTERNE src {{ squid_address }}/32 127.0.0.0/8
|
||||||
acl Safe_ports port 80 # http
|
acl Safe_ports port 80 # http
|
||||||
acl SSL_ports port 443 563
|
acl SSL_ports port 443 563
|
||||||
acl WHITELIST url_regex "/etc/squid3/whitelist.conf"
|
acl WHITELIST url_regex "/etc/squid/whitelist.conf"
|
||||||
http_access deny !WHITELIST
|
http_access deny !WHITELIST
|
||||||
http_access allow INTERNE
|
http_access allow INTERNE
|
||||||
http_access deny all
|
http_access deny all
|
||||||
|
|
Loading…
Reference in a new issue