containers
/
package-cache
2
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Implement merge strategy
ci/woodpecker/push/lint Pipeline was successful Details
ci/woodpecker/push/docker Pipeline was successful Details
ci/woodpecker/tag/lint Pipeline was successful Details
ci/woodpecker/tag/docker Pipeline was successful Details

This commit is contained in:
Maurizio Porrato 2022-09-22 09:13:38 +01:00
parent abd1cb94fc
commit 131bdc50fc
5 changed files with 53 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Dockerfile
View File

@ -1,11 +1,20 @@
FROM alpine:3.16
FROM docker.io/library/golang:1.19-alpine3.16 as builder
# hadolint ignore=DL3018
RUN apk add --no-cache build-base && \
go install -ldflags "-s -w" -trimpath git.worn.eu/guru/squid-rewriter@latest
#############################################################################
FROM docker.io/library/alpine:3.16
# hadolint ignore=DL3018
RUN apk add --no-cache squid openssl darkhttpd
COPY run.sh rewrite.awk /
COPY run.sh /
COPY install-ca.sh /static/
COPY squid.conf /etc/squid/squid.conf
RUN chmod 0755 /run.sh /rewrite.awk ; mkdir /ca
COPY squid.conf rewrites.yaml /etc/squid/
COPY --from=builder /go/bin/squid-rewriter /usr/local/bin/
RUN chmod 0755 /run.sh /usr/local/bin/squid-rewriter ; mkdir /ca
VOLUME /var/cache/squid
EXPOSE 3128

21
rewrite.awk
View File

@ -1,21 +0,0 @@
#!/usr/bin/awk -f
function handle_request(url, ip_fqdn, ident, method, kwargs)
{
if (index(url, "http://proxy/") == 1) {
sub(/http:\/\/proxy\//, "http://127.0.0.1:9999/", url)
return "OK rewrite-url=" url
}
return "OK"
}
$1 ~ /^[0-9]+$/ {request_id=$1 " "; request_url=$2; request_ip_fqdn=$3; request_ident=$4; request_method=$5; first_pair=6}
$1 !~ /^[0-9]+$/ {request_id=""; request_url=$1; request_ip_fqdn=$2; request_ident=$3; request_method=$4; first_pair=5}
{
split("", kv);
for (i=first_pair; i<=NF; i++) {
split($i, parts, sep="=")
kv[parts[1]]=parts[2]
}
print request_id handle_request(request_url, request_ip_fqdn, request_ident, request_method, kv)
}

31
rewrites.yaml Normal file
View File

@ -0,0 +1,31 @@
---
# This is an example rewrite rules file
rewrites:
- name: static
urls:
- http://proxy/
destination: http://127.0.0.1:9999/
- name: alpine
distro: alpine
destination: https://dl-cdn.alpinelinux.org/alpine/
- name: debian
distro: debian
destination: http://deb.debian.org/debian/
- name: arch
distro: arch
destination: https://geo.mirror.pkgbuild.com/
- name: fedora
distro: fedora
destination: https://fedora.mirrorservice.org/fedora/linux/
- name: fedora
distro: fedora:epel
destination: https://fedora.mirrorservice.org/epel/
- name: ubuntu
distro: ubuntu
destination: http://archive.ubuntu.com/ubuntu/
- name: mint
distro: mint
destination: https://mirrors.layeronline.com/linuxmint/
- name: slackware
distro: slackware
destination: https://www.mirrorservice.org/sites/ftp.slackware.com/pub/slackware/

7
run.sh
View File

@ -33,4 +33,11 @@ done
squid -s
) &
(
sleep 3
# Force the spawning of the rewrite process to avoid slowing down the first
# client request
http_proxy=http://127.0.0.1:3128 wget -qO /dev/null http://proxy/ca.crt
) &
syslogd -n -O -

4
squid.conf
View File

@ -48,8 +48,8 @@ refresh_pattern \.apk$ 129600 100% 129600
refresh_pattern \.(tar|iso)(\.[zZ]|\.gz|\.bz2?|\.xz|\.zstd?)?(\.sig)?$ 129600 100% 129600
refresh_pattern . 0 20% 4320
url_rewrite_children 4
url_rewrite_program /rewrite.awk
url_rewrite_children 1
url_rewrite_program /usr/local/bin/squid-rewriter
sslcrtd_program /usr/lib/squid/security_file_certgen -s /certs/ssl_db -M 4MB
acl step1 at_step SslBump1