]> git.openstreetmap.org Git - chef.git/commitdiff
projects / chef.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 900dc06)
Don't forward requests from siblings to other siblings
authorTom Hughes <tom@compton.nu>
Thu, 7 Jun 2018 20:45:12 +0000 (21:45 +0100)
committerTom Hughes <tom@compton.nu>
Thu, 7 Jun 2018 20:45:12 +0000 (21:45 +0100)
cookbooks/tilecache/templates/default/squid.conf.erb patch | blob | history

diff --git a/cookbooks/tilecache/templates/default/squid.conf.erb b/cookbooks/tilecache/templates/default/squid.conf.erb
index c38e4b28541215165c058fd61264d3ef8e467639..bb62e8537c3a11624b3193d31ebe2b45fe4b27c6 100644 (file)
--- a/cookbooks/tilecache/templates/default/squid.conf.erb
+++ b/cookbooks/tilecache/templates/default/squid.conf.erb
@@ -98,9 +98,18 @@ http_access allow osmtile_sites requestMethodGet
 acl osmtile_nocache_url urlpath_regex \.png/(status|dirty)$
 cache deny osmtile_sites osmtile_nocache_url
 
 acl osmtile_nocache_url urlpath_regex \.png/(status|dirty)$
 cache deny osmtile_sites osmtile_nocache_url
 
+<% @caches.each do |cache| -%>
+<% cache.ipaddresses(:family => :inet, :role => :external).sort.each do |address| -%>
+acl tile_caches src <%= address %>
+<% end -%>
+<% end -%>
+
+#Siblings
 <% node[:tilecache][:tile_siblings].each do |sibling| -%>
 cache_peer <%= sibling %> sibling 3128 3130 weight=1500
 <% node[:tilecache][:tile_siblings].each do |sibling| -%>
 cache_peer <%= sibling %> sibling 3128 3130 weight=1500
+cache_peer_access <%= sibling %> deny tile_caches
 <% end -%>
 <% end -%>
+
 #Primary Parent
 cache_peer <%= node[:tilecache][:tile_parent] %> parent 443 0 no-query originserver name=osmtileAccel login=PASS connect-timeout=120 no-digest weight=1000 ssl ssldomain=render.openstreetmap.org
 cache_peer_access osmtileAccel allow osmtile_sites
 #Primary Parent
 cache_peer <%= node[:tilecache][:tile_parent] %> parent 443 0 no-query originserver name=osmtileAccel login=PASS connect-timeout=120 no-digest weight=1000 ssl ssldomain=render.openstreetmap.org
 cache_peer_access osmtileAccel allow osmtile_sites
@@ -117,7 +126,6 @@ acl pool_unlimited src 127.0.0.1
 <% @caches.each do |cache| -%>
 <% cache.ipaddresses(:family => :inet, :role => :external).sort.each do |address| -%>
 acl pool_unlimited src <%= address %>
 <% @caches.each do |cache| -%>
 <% cache.ipaddresses(:family => :inet, :role => :external).sort.each do |address| -%>
 acl pool_unlimited src <%= address %>
-acl tile_caches src <%= address %>
 <% end -%>
 <% end -%>
 
 <% end -%>
 <% end -%>
 
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.