[debian-edu-commits] [Git][debian-edu/debian-edu-config][master] 6 commits: share/debian-edu-config/squid.conf: Ship only Debian Edu specific options.
WolfgangSchweer
gitlab at salsa.debian.org
Tue Nov 6 11:10:32 GMT 2018
WolfgangSchweer pushed to branch master at Debian Edu / debian-edu-config
Commits:
6040c862 by Wolfgang Schweer at 2018-11-06T10:09:33Z
share/debian-edu-config/squid.conf: Ship only Debian Edu specific options.
- - - - -
788c97a4 by Wolfgang Schweer at 2018-11-06T10:14:08Z
Adjust cf3/cf.squid
Link the Debian Edu specific squid.conf as additional configuration snippet
/etc/squid/conf.d/debian-edu.conf now that add-ons can be included.
- - - - -
3041f9f1 by Wolfgang Schweer at 2018-11-06T10:22:18Z
Adjust share/debian-edu-config/tools/run-at-firstboot
- - - - -
a78deca1 by Wolfgang Schweer at 2018-11-06T10:42:01Z
Adjust share/debian-edu-config/tools/squid-update-cachedir
Use Debian Edu specific add-on configuration file.
Add additional logging statement.
- - - - -
edf3141b by Wolfgang Schweer at 2018-11-06T10:48:00Z
Add script-not-executable entries to debian/debian-edu-config.lintian-overrides
etc/network/if-up.d/hostname
etc/network/if-up.d/wpad-proxy-update
- - - - -
89da2ed6 by Wolfgang Schweer at 2018-11-06T11:07:30Z
Add changelog entries for last commits.
- - - - -
6 changed files:
- cf3/cf.squid
- debian/changelog
- debian/debian-edu-config.lintian-overrides
- share/debian-edu-config/squid.conf
- share/debian-edu-config/tools/run-at-firstboot
- share/debian-edu-config/tools/squid-update-cachedir
Changes:
=====================================
cf3/cf.squid
=====================================
@@ -6,11 +6,11 @@ bundle agent squid
files:
- debian.server.installation::
+ debian.squidcache.installation::
- # Use Debian Edu configuration file.
+ # Add link to additional Debian Edu configuration file.
- "/etc/squid/squid.conf"
+ "/etc/squid/conf.d/debian-edu.conf"
link_from => ln_s("/usr/share/debian-edu-config/squid.conf"),
move_obstructions => "true";
@@ -24,19 +24,18 @@ files:
commands:
- # Reconfigure squid. This is needed if squid has already been started
- # using the default configuration; a cache dir isn't used in this case,
- # storage uses memory. The reconfiguration initializes the cache dir.
+ # Remove /etc/default/squid. This is needed in case of upgrades from Stretch.
- debian.server.!squidcache.installation::
+ debian.squidcache.installation::
- "/usr/sbin/dpkg-reconfigure squid"
+ "/bin/rm -f /etc/default/squid"
contain => in_shell;
# Update Squid to use all the available space (aka 80% of the partition)
- debian.server.installation::
- "/usr/share/debian-edu-config/tools/squid-update-cachedir /etc/squid/squid.conf"
+ debian.squidcache.installation::
+
+ "/usr/share/debian-edu-config/tools/squid-update-cachedir"
contain => in_shell;
}
=====================================
debian/changelog
=====================================
@@ -1,3 +1,23 @@
+debian-edu-config (2.10.44) UNRELEASED; urgency=medium
+
+ * Rework squid configuration now that custom configuration files can be put
+ into the /etc/squid/conf.d/ directory.
+ - share/debian-edu-config/squid.conf:
+ + Ship only Debian Edu specific options.
+ - cf3/cf.squid:
+ + Link the Debian Edu specific squid.conf file as additional
+ configuration /etc/squid/conf.d/debian-edu.conf.
+ - share/debian-edu-config/tools/squid-update-cachedir:
+ + Use Debian Edu specific add-on configuration file.
+ + Add additional logging statement.
+ - share/debian-edu-config/tools/run-at-firstboot:
+ + Adjust to use the new file location.
+ * d/debian-edu-config.lintian-overrides:
+ - Add script-not-executable entries for etc/network/if-up.d/hostname and
+ etc/network/if-up.d/wpad-proxy-update
+
+ -- Wolfgang Schweer <wschweer at arcor.de> Tue, 06 Nov 2018 11:51:50 +0100
+
debian-edu-config (2.10.43) unstable; urgency=medium
[ Wolfgang Schweer ]
=====================================
debian/debian-edu-config.lintian-overrides
=====================================
@@ -2,6 +2,8 @@ debian-edu-config binary: script-not-executable etc/dhcp/dhclient-exit-hooks.d/a
debian-edu-config binary: script-not-executable etc/dhcp/dhclient-exit-hooks.d/fetch-ldap-cert
debian-edu-config binary: script-not-executable etc/dhcp/dhclient-exit-hooks.d/hostname
debian-edu-config binary: script-not-executable etc/dhcp/dhclient-exit-hooks.d/wpad-proxy-update
+debian-edu-config binary: script-not-executable etc/network/if-up.d/hostname
+debian-edu-config binary: script-not-executable etc/network/if-up.d/wpad-proxy-update
debian-edu-config binary: non-standard-apache2-configuration-name debian-edu-config-doc.conf != debian-edu-config.conf
debian-edu-config binary: debconf-is-not-a-registry usr/bin/ldap-debian-edu-install
debian-edu-config binary: debconf-is-not-a-registry usr/share/debian-edu-config/d-i/finish-install
=====================================
share/debian-edu-config/squid.conf
=====================================
@@ -1,57 +1,4 @@
-# Squid version 3 configuration file
-#
-# Created using the default configuration and doing
-# grep -v '^#' /etc/squid/squid.conf |grep -v '^$'
-# and finally adding http and htcp allow statements for localnet,
-# an apt related refresh_pattern and maximum_object_size,
-# append_domain and cache_dir settings.
-
-acl SSL_ports port 443
-
-acl Safe_ports port 80 # http
-acl Safe_ports port 21 # ftp
-acl Safe_ports port 443 # https
-acl Safe_ports port 70 # gopher
-acl Safe_ports port 210 # wais
-acl Safe_ports port 1025-65535 # unregistered ports
-acl Safe_ports port 280 # http-mgmt
-acl Safe_ports port 488 # gss-http
-acl Safe_ports port 591 # filemaker
-acl Safe_ports port 777 # multiling http
-
-acl CONNECT method CONNECT
-
-# Grant access to the local networks
-acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
-acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
-acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
-acl localnet src fc00::/7 # RFC 4193 local private network range
-acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
-
-http_access deny !Safe_ports
-http_access deny CONNECT !SSL_ports
-http_access allow localhost manager
-http_access deny manager
http_access allow localnet
-http_access allow localhost
-http_access deny all
-htcp_access allow localnet
-htcp_access deny all
-
-http_port 3128
-
-coredump_dir /var/spool/squid
-
-
-
-refresh_pattern ^ftp: 1440 20% 10080
-refresh_pattern ^gopher: 1440 0% 1440
-refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
-
-# See bug #591839
-refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
-
-refresh_pattern . 0 20% 4320
# Cache larger files to cache more debian packages
maximum_object_size 153600 KB
@@ -59,7 +6,7 @@ maximum_object_size 153600 KB
# - Appends .intern to hostnames without any dots in them.
append_domain .intern
-# Adjust cache size to fit size of /var/spool/squid, the capasity is
-# dynamically updated using
+# Adjust cache size to fit size of /var/spool/squid, the initial capacity value
+# is dynamically updated using
# /usr/share/debian-edu-config/tools/squid-update-cachedir
cache_dir ufs /var/spool/squid 100 16 256
=====================================
share/debian-edu-config/tools/run-at-firstboot
=====================================
@@ -56,7 +56,7 @@ fi
# Update Squid to use all the available space (aka 80% of the partition)
if echo "$PROFILE" | grep -q Main-Server ; then
- /usr/share/debian-edu-config/tools/squid-update-cachedir /etc/squid/squid.conf
+ /usr/share/debian-edu-config/tools/squid-update-cachedir
fi
# Update PXE setup on Main-server with proxy values set in environment
=====================================
share/debian-edu-config/tools/squid-update-cachedir
=====================================
@@ -5,7 +5,7 @@
LC_ALL=C
export LC_ALL
-CONFIG=/etc/squid/squid.conf
+CONFIG=/etc/squid/conf.d/debian-edu.conf
if [ "$1" ] ; then
squidconf="$1"
@@ -49,6 +49,7 @@ if $newconf ; then
else
systemctl reload squid.service
fi
+ echo "info: Squid reloaded with changed configuration"
else
echo "info: Squid configuration not changed"
fi
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/compare/03f2476edf27749df4df7ac87ec9e294a6eec6c1...89da2ed64e3963047e9fb0ec39d7b4b54a75a087
--
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/compare/03f2476edf27749df4df7ac87ec9e294a6eec6c1...89da2ed64e3963047e9fb0ec39d7b4b54a75a087
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20181106/4a31191c/attachment-0001.html>
More information about the debian-edu-commits
mailing list