vhaudiquet/homeprod
1
0
Fork 0
mirror of https://github.com/vhaudiquet/homeprod.git synced 2025-12-19 12:36:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

squid: deployed squid

Browse Source
This commit is contained in:
Valentin Haudiquet
2025-10-16 22:31:53 +02:00
parent 9d7cfd8cb8
commit 137f0fd863
4 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/dependabot.yml vendored
View File

@@ -16,6 +16,7 @@ updates:
- "/docker/infrastructure/mail/roundcube" - "/docker/infrastructure/mail/roundcube"
- "/docker/infrastructure/mail/stalwart" - "/docker/infrastructure/mail/stalwart"
- "/docker/infrastructure/network/traefik" - "/docker/infrastructure/network/traefik"
- "/docker/infrastructure/squid"
- "/docker/infrastructure/sshportal" - "/docker/infrastructure/sshportal"
- "/docker/personal/gramps" - "/docker/personal/gramps"
- "/docker/personal/media/films-series/jackett" - "/docker/personal/media/films-series/jackett"

5
.swarmcd/stacks.yaml
View File

@@ -57,6 +57,11 @@ traefik:
branch: main branch: main
compose_file: docker/infrastructure/network/traefik/docker-compose.yml compose_file: docker/infrastructure/network/traefik/docker-compose.yml
squid:
repo: homeprod
branch: main
compose_file: docker/infrastructure/squid/docker-compose.yml
sshportal: sshportal:
repo: homeprod repo: homeprod
branch: main branch: main

24
docker/infrastructure/squid/docker-compose.yml Normal file
View File

@@ -0,0 +1,24 @@
services:
squid:
image: ubuntu/squid:6.13-25.04_edge
ports:
- target: 3128
published: 3128
mode: host
environment:
- TZ=Europe/Paris
volumes:
- log:/var/log/squid
- cache:/var/spool/squid
- type: bind
source: /root/homeprod/docker/infrastructure/squid/squid.conf
target: /etc/squid/squid.conf
volumes:
log:
cache:
driver: local
driver_opts:
type: 'none'
o: 'bind'
device: '/app/squid/cache'

45
docker/infrastructure/squid/squid.conf Normal file
View File

@@ -0,0 +1,45 @@
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
# Caching
cache_dir aufs /var/spool/squid 40000 16 256
maximum_object_size 4 GB
## In-memory caching
cache_mem 256 MB
maximum_object_size_in_memory 5 MB
## Always refresh Packages and Release files
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
## Handle meta-release and changelogs.ubuntu.com special
refresh_pattern changelogs.ubuntu.com\/.* 0 1% 1
## Archive files: cache them for 90 days
refresh_pattern deb$ 129600 100% 129600
refresh_pattern udeb$ 129600 100% 129600
refresh_pattern tar.gz$ 129600 100% 129600
refresh_pattern tar.xz$ 129600 100% 129600
refresh_pattern tar.bz2$ 129600 100% 129600
## Docker: cache for 24h (min) to 7 days (max)
refresh_pattern -i (/blobs/sha256) 1440 99% 10080 ignore-no-store ignore-private override-expire store-stale reload-into-ims
refresh_pattern -i (/images/sha256) 1440 99% 10080 ignore-no-store ignore-private override-expire store-stale reload-into-ims
refresh_pattern -i (/manifests/) 1440 99% 10080 ignore-no-store ignore-private override-expire store-stale reload-into-ims
## Default: cache everything for 0h (min) to 72h (max)
refresh_pattern . 0 20% 4320
http_port 3128
http_access allow localhost
http_access allow localnet