summaryrefslogtreecommitdiff
path: root/squid/squid.cf
blob: 4a5fa7c7a8aae6b21338e1e25e3b850f1048f97c (plain)
  1. #! /usr/bin/cfengine -qf
  2. control:
  3. OutputPrefix = ("${cf_prefix}")
  4. actionsequence = ( editfiles )
  5. AddInstallable = ( squid_reload )
  6. EditfileSize = ( 150000 )
  7. editfiles:
  8. any::
  9. { /etc/squid/squid.conf
  10. DefineClasses "squid_reload"
  11. #
  12. # maximum_object_size 64 MB
  13. #
  14. WarnIfNoLineMatching "^#? ?maximum_object_size[[:blank:]].*"
  15. BeginGroupIfNoLineMatching "^#? ?maximum_object_size[[:blank:]].*"
  16. Append "maximum_object_size 64 MB # Added by CFengine $(date)"
  17. EndGroup
  18. LocateLineMatching "^#? ?maximum_object_size[[:blank:]].*"
  19. BeginGroupIfNoLineMatching "^[[:blank:]]*maximum_object_size[[:blank:]]+64 MB[[:blank:]]*(#.*)$"
  20. ReplaceLineWith "maximum_object_size 64 MB # Tweaked by CFengine $(date)"
  21. EndGroup
  22. #
  23. # cache_dir ufs /var/spool/squid 1000 16 256
  24. #
  25. ResetSearch "1"
  26. WarnIfNoLineMatching "^#? ?cache_dir[[:blank:]].*"
  27. BeginGroupIfNoLineMatching "^#? ?cache_dir[[:blank:]].*"
  28. Append "cache_dir ufs /var/spool/squid 1000 16 256 # Added by CFengine $(date)"
  29. EndGroup
  30. LocateLineMatching "^#? ?cache_dir[[:blank:]].*"
  31. BeginGroupIfNoLineMatching "^[[:blank:]]*cache_dir[[:blank:]]+ufs /var/spool/squid 1000 16 256[[:blank:]]*(#.*)$"
  32. ReplaceLineWith "cache_dir ufs /var/spool/squid 1000 16 256 # Tweaked by CFengine $(date)"
  33. EndGroup
  34. #
  35. # acl our_networks src 80.208.177.0/24 192.168.101.0/24 192.168.102.0/24 192.168.103.0/24
  36. # http_access allow our_networks
  37. #
  38. ResetSearch "1"
  39. WarnIfNoLineMatching "^#? ?acl[[:blank:]]+our_networks[[:blank:]]+src[[:blank:]].*"
  40. BeginGroupIfNoLineMatching "^#? ?acl[[:blank:]]+our_networks[[:blank:]]+src[[:blank:]].*"
  41. Append "acl our_networks src 80.208.177.0/24 192.168.101.0/24 192.168.102.0/24 192.168.103.0/24 # Added by CFengine $(date)"
  42. EndGroup
  43. LocateLineMatching "^#? ?acl[[:blank:]]+our_networks[[:blank:]]+src[[:blank:]].*"
  44. BeginGroupIfNoLineMatching "^[[:blank:]]*acl[[:blank:]]+our_networks[[:blank:]]+src[[:blank:]]80.208.177.0/24 192.168.101.0/24 192.168.102.0/24 192.168.103.0/24[[:blank:]]*(#.*)$"
  45. ReplaceLineWith "acl our_networks src 80.208.177.0/24 192.168.101.0/24 192.168.102.0/24 192.168.103.0/24 # Tweaked by CFengine $(date)"
  46. EndGroup
  47. WarnIfNoLineMatching "^#? ?http_access[[:blank:]]+allow[[:blank:]]+our_networks[[:blank:]]*(#.*)?$"
  48. BeginGroupIfNoLineMatching "^#? ?http_access[[:blank:]]+allow[[:blank:]]+our_networks[[:blank:]]*(#.*)?$"
  49. Append "http_access allow our_networks # Added by CFengine $(date)"
  50. EndGroup
  51. LocateLineMatching "^#? ?http_access[[:blank:]]+allow[[:blank:]]+our_networks[[:blank:]]*(#.*)?$"
  52. BeginGroupIfNoLineMatching "^http_access[[:blank:]]+allow[[:blank:]]+our_networks[[:blank:]]*(#.*)?$"
  53. ReplaceLineWith "acl our_networks src 192.168.0.0/16 # Tweaked by CFengine $(date)"
  54. EndGroup
  55. }
  56. processes:
  57. "squid" restart "/etc/init.d/squid restart"
  58. shellcommands:
  59. squid_reload::
  60. "/etc/init.d/squid force-reload"