acl osmtile_thishost dstdomain <%= node.name %> acl osmtile_sites dstdomain <%= node.name %> a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org tile.openstreetmap.org a.tile.osm.org b.tile.osm.org c.tile.osm.org tile.osm.org acl osmtiles_png urlpath_regex .png$ acl whitelist_path urlpath_regex ^/cgi-bin/(export|debug) acl blacklist_path urlpath_regex ^/cgi-bin/ acl blacklist_path urlpath_regex ^/MyAdmin/ acl blacklist_path urlpath_regex ^/myadmin/ acl blacklist_path urlpath_regex ^/pma/ acl blacklist_path urlpath_regex ^/phpmyadmin/ acl blacklist_path urlpath_regex ^/phpMyAdmin/ acl blacklist_path urlpath_regex ^/idssvc/ acl blacklist_path urlpath_regex ^/iesvc/ acl blacklist_path urlpath_regex ^/invoker/ acl blacklist_path urlpath_regex ^/jmx-console/ acl blacklist_path urlpath_regex ^/manager/ acl blacklist_path urlpath_regex ^/service/ acl blacklist_path urlpath_regex ^/web-console/ acl blacklist_path urlpath_regex ^/wstats/ acl blacklist_path urlpath_regex ^/zecmd/ http_access allow osmtile_sites whitelist_path http_access deny blacklist_path acl requestMethodGet method GET http_access allow osmtile_sites requestMethodGet acl osmtile_nocache_url urlpath_regex \.png/(status|dirty)$ cache deny osmtile_sites osmtile_nocache_url <% @caches.each do |cache| -%> <% cache.ipaddresses(:family => :inet, :role => :external).sort.each do |address| -%> acl tile_caches src <%= address %> <% end -%> <% end -%> # Primary Parent <% if node[:squid][:version] < 4 -%> cache_peer <%= node[:tilecache][:tile_parent] %> parent 443 0 no-query originserver name=osmtileAccel login=PASS connect-timeout=120 no-digest weight=1000 ssl ssldomain=render.openstreetmap.org <% elsif node[:lsb][:release].to_f < 20.04 -%> cache_peer <%= node[:tilecache][:tile_parent] %> parent 443 0 no-query originserver name=osmtileAccel login=PASS connect-timeout=120 no-digest weight=1000 tls tlsdomain=render.openstreetmap.org <% else -%> cache_peer <%= node[:tilecache][:tile_parent] %> parent 443 0 no-query originserver name=osmtileAccel login=PASS connect-timeout=120 no-digest weight=1000 tls tlsdomain=render.openstreetmap.org tls-options=NORMAL:-VERS-TLS1.3 <% end -%> cache_peer_access osmtileAccel allow osmtile_sites # Backup Parents <% @renders.each do |renders| -%> <% if node[:squid][:version] < 4 -%> cache_peer <%= renders[:hostname] %>.render.openstreetmap.org parent 443 0 no-query originserver name=osmtileAccelBackup<%= renders[:hostname] %> login=PASS connect-timeout=60 no-digest weight=10 ssl ssldomain=render.openstreetmap.org <% elsif node[:lsb][:release].to_f < 20.04 -%> cache_peer <%= renders[:hostname] %>.render.openstreetmap.org parent 443 0 no-query originserver name=osmtileAccelBackup<%= renders[:hostname] %> login=PASS connect-timeout=60 no-digest weight=10 tls tlsdomain=render.openstreetmap.org <% else -%> cache_peer <%= renders[:hostname] %>.render.openstreetmap.org parent 443 0 no-query originserver name=osmtileAccelBackup<%= renders[:hostname] %> login=PASS connect-timeout=60 no-digest weight=10 tls tlsdomain=render.openstreetmap.org tls-options=NORMAL:-VERS-TLS1.3 <% end -%> cache_peer_access osmtileAccelBackup<%= renders[:hostname] %> allow osmtile_sites <% end -%> # ---------------------------------- <% if node[:squid][:version] < 4 -%> #Allow tile_caches HTCP access htcp_access allow tile_caches #Allow tile_caches ICP access icp_access allow tile_caches <% end %> #----------------------------------