forked from evolix/ansible-roles
Squid: deal with Jessie and Stretch
This commit is contained in:
parent
6771a18b20
commit
9dca0f98bf
|
@ -1,11 +0,0 @@
|
||||||
/var/log/squid3/*.log {
|
|
||||||
monthly
|
|
||||||
compress
|
|
||||||
rotate 12
|
|
||||||
missingok
|
|
||||||
create 640 proxy adm
|
|
||||||
sharedscripts
|
|
||||||
postrotate
|
|
||||||
test ! -e /var/run/squid3.pid || /usr/sbin/squid3 -k rotate
|
|
||||||
endscript
|
|
||||||
}
|
|
|
@ -5,6 +5,11 @@
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
- name: restart squid
|
- name: restart squid
|
||||||
|
service:
|
||||||
|
name: squid
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: restart squid3
|
||||||
service:
|
service:
|
||||||
name: squid3
|
name: squid3
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: logrotate configuration
|
- name: logrotate configuration
|
||||||
copy:
|
template:
|
||||||
src: logrotate_squid3
|
src: logrotate.j2
|
||||||
dest: /etc/logrotate.d/squid3
|
dest: /etc/logrotate.d/{{ squid_daemon }}
|
||||||
force: no
|
force: no
|
||||||
|
|
|
@ -1,35 +1,33 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- name: Include OS-specific variables
|
||||||
|
include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_release }}.yml"
|
||||||
|
|
||||||
- name: package is installed
|
- name: package is installed
|
||||||
apt:
|
apt:
|
||||||
name: squid3
|
name: "{{ squid_package }}"
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: squid.conf is present
|
- name: squid.conf is present
|
||||||
template:
|
template:
|
||||||
src: squid.j2
|
src: squid.j2
|
||||||
dest: /etc/squid3/squid.conf
|
dest: "{{ squid_conf_file }}"
|
||||||
notify: restart squid
|
notify: "restart {{ squid_daemon }}"
|
||||||
|
|
||||||
- name: logrotate configuration
|
|
||||||
copy:
|
|
||||||
src: logrotate_squid3
|
|
||||||
dest: /etc/logrotate.d/squid3
|
|
||||||
|
|
||||||
- name: evolix whitelist is present
|
- name: evolix whitelist is present
|
||||||
copy:
|
copy:
|
||||||
src: whitelist-evolinux.conf
|
src: whitelist-evolinux.conf
|
||||||
dest: /etc/squid3/whitelist-evolinux.conf
|
dest: "{{ squid_conf_path }}/whitelist-evolinux.conf"
|
||||||
force: yes
|
force: yes
|
||||||
backup: yes
|
backup: yes
|
||||||
notify: restart squid
|
notify: "restart {{ squid_daemon }}"
|
||||||
|
|
||||||
- name: custom whitelist is present
|
- name: custom whitelist is present
|
||||||
copy:
|
copy:
|
||||||
src: whitelist-custom.conf
|
src: whitelist-custom.conf
|
||||||
dest: /etc/squid3/whitelist-custom.conf
|
dest: "{{ squid_conf_path }}/whitelist-custom.conf"
|
||||||
force: no
|
force: no
|
||||||
notify: restart squid
|
notify: "restart {{ squid_daemon }}"
|
||||||
|
|
||||||
- include: logrotate.yml
|
- include: logrotate.yml
|
||||||
|
|
||||||
|
|
11
squid/templates/logrotate.j2
Normal file
11
squid/templates/logrotate.j2
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
/var/log/{{ squid_daemon }}/*.log {
|
||||||
|
monthly
|
||||||
|
compress
|
||||||
|
rotate 12
|
||||||
|
missingok
|
||||||
|
create 640 proxy adm
|
||||||
|
sharedscripts
|
||||||
|
postrotate
|
||||||
|
test ! -e /var/run/{{ squid_daemon }}.pid || /usr/sbin/{{ squid_daemon }} -k rotate
|
||||||
|
endscript
|
||||||
|
}
|
|
@ -8,8 +8,8 @@ acl localhost src 127.0.0.0/32
|
||||||
acl INTERNE src {{ squid_address }}/32 127.0.0.0/8
|
acl INTERNE src {{ squid_address }}/32 127.0.0.0/8
|
||||||
acl Safe_ports port 80 # http
|
acl Safe_ports port 80 # http
|
||||||
acl SSL_ports port 443 563
|
acl SSL_ports port 443 563
|
||||||
acl WHITELIST url_regex "/etc/squid3/whitelist-evolinux.conf"
|
acl WHITELIST url_regex "{{ squid_conf_path }}/whitelist-evolinux.conf"
|
||||||
acl WHITELIST url_regex "/etc/squid3/whitelist-custom.conf"
|
acl WHITELIST url_regex "{{ squid_conf_path }}/whitelist-custom.conf"
|
||||||
http_access deny !WHITELIST
|
http_access deny !WHITELIST
|
||||||
http_access allow INTERNE
|
http_access allow INTERNE
|
||||||
http_access deny all
|
http_access deny all
|
||||||
|
|
5
squid/vars/Debian-jessie.yml
Normal file
5
squid/vars/Debian-jessie.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
squid_package: squid3
|
||||||
|
squid_daemon: squid3
|
||||||
|
squid_conf_path: /etc/squid3
|
||||||
|
squid_conf_file: /etc/squid3/squid.conf
|
5
squid/vars/Debian-stretch.yml
Normal file
5
squid/vars/Debian-stretch.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
squid_package: squid
|
||||||
|
squid_daemon: squid
|
||||||
|
squid_conf_path: /etc/squid
|
||||||
|
squid_conf_file: /etc/squid/squid.conf
|
Loading…
Reference in a new issue