Commit 82aac1bf authored by Cédric Le Ninivin's avatar Cédric Le Ninivin

squid: Squid use entrance port for acl

parent ecd0a327
...@@ -41,7 +41,7 @@ class Recipe(GenericBaseRecipe): ...@@ -41,7 +41,7 @@ class Recipe(GenericBaseRecipe):
cache-path -- location of the cache directory cache-path -- location of the cache directory
XXXX No good, specific... XXXX No good, specific...
public_ipv4 -- public ipv4 of the server open_port -- entrance port to the host and allowed to use cache
ip -- ip of the squid server ip -- ip of the squid server
...@@ -69,7 +69,7 @@ class Recipe(GenericBaseRecipe): ...@@ -69,7 +69,7 @@ class Recipe(GenericBaseRecipe):
access_log_path=self.options['access-log-path'], access_log_path=self.options['access-log-path'],
cache_log_path=self.options['cache-log-path'], cache_log_path=self.options['cache-log-path'],
pid_filename_path=self.options['pid-filename-path'], pid_filename_path=self.options['pid-filename-path'],
public_ipv4=self.options['public-ipv4'], open_port=self.options['open-port'],
) )
template_filename = self.getTemplateFilename('squid.conf.in') template_filename = self.getTemplateFilename('squid.conf.in')
......
...@@ -8,7 +8,7 @@ http_port %(ip)s:%(port)s accel defaultsite=%(ip)s ...@@ -8,7 +8,7 @@ http_port %(ip)s:%(port)s accel defaultsite=%(ip)s
cache_peer %(backend_ip)s parent %(backend_port)s 0 no-query originserver name=backend cache_peer %(backend_ip)s parent %(backend_port)s 0 no-query originserver name=backend
acl our_sites dst %(public_ipv4)s acl our_sites port %(open_port)s
http_access allow our_sites http_access allow our_sites
cache_peer_access backend allow our_sites cache_peer_access backend allow our_sites
cache_peer_access backend deny all cache_peer_access backend deny all
......
...@@ -82,6 +82,7 @@ configuration.plain_http_port = 8080 ...@@ -82,6 +82,7 @@ configuration.plain_http_port = 8080
configuration.server-admin = admin@example.com configuration.server-admin = admin@example.com
configuration.apache_custom_https = "" configuration.apache_custom_https = ""
configuration.apache_custom_http = "" configuration.apache_custom_http = ""
configuration.open-port = 80 443
[jinja2-template-base] [jinja2-template-base]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -398,7 +399,7 @@ ip = $${instance-parameter:ipv4-random} ...@@ -398,7 +399,7 @@ ip = $${instance-parameter:ipv4-random}
port = $${apache-configuration:cache-port} port = $${apache-configuration:cache-port}
backend-ip = $${instance-parameter:ipv4-random} backend-ip = $${instance-parameter:ipv4-random}
backend-port = $${apache-configuration:cache-through-port} backend-port = $${apache-configuration:cache-through-port}
public-ipv4 = $${instance-parameter:configuration.public-ipv4} open-port = $${instance-parameter:configuration.open-port}
access-log-path = $${directory:log}/squid-access.log access-log-path = $${directory:log}/squid-access.log
cache-log-path = $${directory:log}/squid-cache.log cache-log-path = $${directory:log}/squid-cache.log
pid-filename-path = $${directory:run}/squid.pid pid-filename-path = $${directory:run}/squid.pid
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment