From fb7218972feb0c7603f15794adefffac0f32f8e5 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 9 Dec 2023 12:28:17 +0100 Subject: [PATCH] squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8 --- CHANGELOG.md | 11 ++++++----- squid/README.md | 2 +- squid/tasks/main.yml | 6 +++--- squid/templates/squid.conf.j2 | 2 +- 4 files changed, 11 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cfd177ec..e97ab46e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,7 @@ The **patch** part changes is incremented if multiple releases happen the same m * apache : fix goaway pattern for bad bots * apache : rename MaxRequestsPerChild to MaxConnectionsPerChild (new name) * bind: Update role for Buster, Bullseye and Bookworm support +* dovecot: Munin plugin conf path is now `/etc/munin/plugin-conf.d/zzz-dovecot` (instead of `z-evolinux-dovecot`) * evocheck: upstream release 23.11.1 * evolinux-base: dump-server-state upstream release 23.11 * evolinux-base: use separate default config file for rsyslog @@ -36,13 +37,13 @@ The **patch** part changes is incremented if multiple releases happen the same m * lxc: init /etc git repository in lxc container * nagios: rename var `nagios_nrpe_process_processes` into `nagios_nrpe_processes` and check systemd-timesyncd instead of ntpd in Debian 12 * proftpd: in SFTP vhost, enable SSH keys login, enable ed25549 host key for Debian >= 11 -* vrrpd: variable to force update the switch script (default: false) -* dovecot: Munin plugin conf path is now `/etc/munin/plugin-conf.d/zzz-dovecot` (instead of `z-evolinux-dovecot`) -* unbound: Big cleanup -* unbound: Use root hints provided by debian package dns-root-data instead of downloading them -* unbound: Move generated config file to `/etc/unbound/unbound.conf.d/evolinux.conf` +* squid: config directory seems to have changed from /etc/squid3 to /etc/squid in Debian 8 * unbound: Add config file to allow configuration reload on Debian 11 and lower * unbound: Add munin configuration & setup plugin +* unbound: Big cleanup +* unbound: Move generated config file to `/etc/unbound/unbound.conf.d/evolinux.conf` +* unbound: Use root hints provided by debian package dns-root-data instead of downloading them +* vrrpd: variable to force update the switch script (default: false) * webapps/nextcloud: Add Ceph volume to fstab ### Fixed diff --git a/squid/README.md b/squid/README.md index 8811a91f..aba25b4d 100644 --- a/squid/README.md +++ b/squid/README.md @@ -6,7 +6,7 @@ Installation and configuration of Squid Everything is in the `tasks/main.yml` file. -A blank file is created at `/etc/squid3/whitelist-custom.conf` to add addresses in the whitelist. +A blank file is created at `/etc/squid/whitelist-custom.conf` to add addresses in the whitelist. ## Available variables diff --git a/squid/tasks/main.yml b/squid/tasks/main.yml index 2f0e94aa..965be04b 100644 --- a/squid/tasks/main.yml +++ b/squid/tasks/main.yml @@ -38,14 +38,14 @@ - name: "squid.conf is present (jessie)" ansible.builtin.template: src: squid.conf.j2 - dest: /etc/squid3/squid.conf + dest: /etc/squid/squid.conf notify: "restart squid3" when: ansible_distribution_release == "jessie" - name: "evolix whitelist is present (jessie)" ansible.builtin.copy: src: whitelist-evolinux.conf - dest: /etc/squid3/whitelist.conf + dest: /etc/squid/whitelist.conf force: false notify: "reload squid3" when: ansible_distribution_release == "jessie" @@ -135,7 +135,7 @@ - name: add some URL in whitelist (Debian 8) ansible.builtin.lineinfile: insertafter: EOF - dest: /etc/squid3/whitelist.conf + dest: /etc/squid/whitelist.conf line: "{{ item }}" state: present loop: '{{ squid_whitelist_items }}' diff --git a/squid/templates/squid.conf.j2 b/squid/templates/squid.conf.j2 index 108a3bc1..4c89a777 100644 --- a/squid/templates/squid.conf.j2 +++ b/squid/templates/squid.conf.j2 @@ -8,7 +8,7 @@ acl localhost src 127.0.0.0/32 acl INTERNE src {{ squid_address }}/32 127.0.0.0/8 acl Safe_ports port 80 # http acl SSL_ports port 443 563 -acl WHITELIST url_regex "/etc/squid3/whitelist.conf" +acl WHITELIST url_regex "/etc/squid/whitelist.conf" http_access deny !WHITELIST http_access allow INTERNE http_access deny all