-
+default[:squid][:version] = "2"
default[:squid][:cache_mem] = "256 MB"
default[:squid][:cache_dir] = "ufs /var/spool/squid 256 16 256"
default[:squid][:access_log] = "/var/log/squid/access.log openstreetmap"
# limitations under the License.
#
+if node[:squid][:version] == "3"
+ package "squid" do
+ action :remove
+ only_if "dpkg-query -W squid | fgrep -q 2."
+ end
+
+ package "squid-common" do
+ action :remove
+ only_if "dpkg-query -W squid-common | fgrep -q 2."
+ end
+
+ apt_package "squid" do
+ action :unlock
+ end
+
+ apt_package "squid-common" do
+ action :unlock
+ end
+
+ file "/store/squid/coss-01" do
+ action :delete
+ end
+end
+
package "squid"
package "squidclient"
mode 0o755
end
+if node[:squid][:cache_dir] =~ /^coss (\S+) /
+ cache_dir = File.dirname(Regexp.last_match(1))
+elsif node[:squid][:cache_dir] =~ /^\S+ (\S+) /
+ cache_dir = Regexp.last_match(1)
+end
+
+directory cache_dir do
+ owner "proxy"
+ group "proxy"
+ mode 0o750
+ recursive true
+end
+
+systemd_tmpfile "/var/run/squid" do
+ type "d"
+ owner "proxy"
+ group "proxy"
+ mode "0755"
+end
+
systemd_service "squid" do
description "Squid caching proxy"
after ["network.target", "nss-lookup.target"]
+ type "forking"
limit_nofile 65536
- environment "SQUID_ARGS" => "-D"
- environment_file "/etc/default/squid"
- exec_start_pre "/usr/sbin/squid $SQUID_ARGS -z"
- exec_start "/usr/sbin/squid -N $SQUID_ARGS"
+ exec_start_pre "/usr/sbin/squid -z"
+ exec_start "/usr/sbin/squid"
exec_reload "/usr/sbin/squid -k reconfigure"
exec_stop "/usr/sbin/squid -k shutdown"
private_tmp true
private_devices true
protect_system "full"
protect_home true
- no_new_privileges true
restart "on-failure"
timeout_sec 0
end
log_icp_queries off
#FIXME - configurable
+<% if node[:squid][:version] == "2" -%>
http_port 80 accel defaultsite=tile.openstreetmap.org tcpkeepalive=60,10,6 http11
+<% else -%>
+http_port 80 accel defaultsite=tile.openstreetmap.org tcpkeepalive=60,10,6
+
+#prefer IPv4 until everything is upgraded
+dns_v4_first on
+<% end -%>
cache_effective_user proxy
cache_effective_group proxy
#FIXME - configurable
cache_dir <%= node[:squid][:cache_dir] %>
+<% if node[:squid][:version] == "2" -%>
cache_swap_log /var/spool/squid/%s
+<% end -%>
cache_mgr webmaster@openstreetmap.org
negative_ttl 15 seconds
half_closed_clients off
+<% if node[:squid][:version] == "2" -%>
pipeline_prefetch on
+<% else -%>
+pipeline_prefetch 1
+<% end -%>
read_timeout 90 seconds
request_timeout 90 seconds
forwarded_for on
follow_x_forwarded_for allow localhost
+<% if node[:squid][:version] == "2" -%>
logformat openstreetmap %ts.%03tu %tr %>a %Ss/%03Hs %<st %rm %rp %Sh/%<A %mt "%{Referer}>h" "%{User-Agent}>h"
access_log <%= node[:squid][:access_log] %>
+<% else -%>
+logformat openstreetmap %ts.%03tu %tr %>a %Ss/%03>Hs %<st %rm %>rp %Sh/%<A %mt "%{Referer}>h" "%{User-Agent}>h"
+access_log daemon:<%= node[:squid][:access_log] %>
+<% end -%>
cache_log /var/log/squid/cache.log
cache_store_log none
buffered_logs on
projects / chef.git / commitdiff