Add squid configuration recipe.

ac24d00b · Romain Courteaud · 9b4d8743 · ac24d00b · ac24d00b · ac24d00b
Commit ac24d00b authored Oct 04, 2012 by Romain Courteaud
Showing with 144 additions and 0 deletions

setup.py setup.py +1 -0

slapos/recipe/squid/__init__.py slapos/recipe/squid/__init__.py +94 -0

slapos/recipe/squid/template/squid.conf.in slapos/recipe/squid/template/squid.conf.in +49 -0

No files found.
--- a/setup.py
+++ b/setup.py
@@ -75,6 +75,7 @@ setup(name=name,
          'kvm.frontend = slapos.recipe.kvm_frontend:Recipe',
          'generic.kumofs = slapos.recipe.generic_kumofs:Recipe',
          'haproxy = slapos.recipe.haproxy:Recipe',
+          'squid = slapos.recipe.squid:Recipe',
          'libcloud = slapos.recipe.libcloud:Recipe',
          'libcloudrequest = slapos.recipe.libcloudrequest:Recipe',
          'lockfile = slapos.recipe.lockfile:Recipe',

--- a/slapos/recipe/squid/__init__.py
+++ b/slapos/recipe/squid/__init__.py
+##############################################################################
+#
+# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
+#
+# WARNING: This program as such is intended to be used by professional
+# programmers who take the whole responsibility of assessing all potential
+# consequences resulting from its eventual inadequacies and bugs
+# End users who are looking for a ready-to-use solution with commercial
+# guarantees and support are strongly adviced to contract a Free Software
+# Service Company
+#
+# This program is Free Software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 3
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+##############################################################################
+from slapos.recipe.librecipe import GenericBaseRecipe
+
+class Recipe(GenericBaseRecipe):
+  """
+  squid instance configuration.
+
+  wrapper-path -- location of the init script to generate
+
+  prepare-path -- location of the directory creation script to generate
+
+  binary-path -- location of the squid command
+
+  conf-path -- location of the configuration file
+
+  cache-path -- location of the cache directory
+
+  ip -- ip of the squid server
+
+  port -- port of the squid server
+
+  backend-ip -- ip of the service to cache
+
+  backend-port -- port of the service to cache
+
+  access-log-path -- location of the access log
+
+  cache-log-path -- location of the cache log
+
+  pid-filename-path -- location of the pid filename
+
+  """
+
+  def install(self):
+    config = dict(
+      ip=self.options['ip'], 
+      port=self.options['port'],
+      backend_ip=self.options['backend-ip'], 
+      backend_port=self.options['backend-port'],
+      cache_path=self.options['cache-path'],
+      access_log_path=self.options['access-log-path'],
+      cache_log_path=self.options['cache-log-path'],
+      pid_filename_path=self.options['pid-filename-path'],
+      )
+
+    template_filename = self.getTemplateFilename('squid.conf.in')
+    configuration_path = self.createFile(
+      self.options['conf-path'],
+      self.substituteTemplate(template_filename, config))
+
+    # Prepare directories
+    prepare_path = self.createPythonScript(
+      self.options['prepare-path'],
+      'slapos.recipe.librecipe.execute.execute',
+      arguments=[self.options['binary-path'].strip(), 
+                 '-z',
+                 '-f', configuration_path,
+                 ],)
+
+    # Create running wrapper
+    wrapper_path = self.createPythonScript(
+      self.options['wrapper-path'],
+      'slapos.recipe.librecipe.execute.execute',
+      arguments=[self.options['binary-path'].strip(), 
+                 '-N',
+                 '-f', configuration_path,
+                 ],)
+
+    return [configuration_path, wrapper_path, prepare_path]
--- a/slapos/recipe/squid/template/squid.conf.in
+++ b/slapos/recipe/squid/template/squid.conf.in
+# Dissallow cachemgr access
+http_access deny manager
+
+# Squid service configuration
+http_port %(ip)s:%(port)s accel vhost defaultsite=%(ip)s
+acl dest_domain dstdomain %(ip)s
+acl dest_addr dst %(ip)s
+acl dest_port port %(port)s
+http_access allow dest_addr dest_port dest_domain
+# Finally deny all other access to this proxy
+http_access deny all
+
+# Service to cache
+cache_peer %(backend_ip)s parent %(backend_port)s 0 no-query originserver name=backend
+cache_peer_access backend allow dest_addr dest_port
+cache_peer_access backend deny all
+
+# # Drop squid headers
+# via off
+# reply_header_access X-Cache-Lookup deny all
+# reply_header_access X-Squid-Error deny all
+# reply_header_access X-Cache deny all
+
+header_replace X-Forwarded-For
+follow_x_forwarded_for allow all
+forwarded_for on
+
+# Admin email
+# cache_mgr admin@example.org
+
+# Use 1Go of RAM
+cache_mem 1024 MB
+# But do not keep big object in RAM
+maximum_object_size_in_memory 2048 KB
+# Use the disk cache instead
+cache_dir ufs %(cache_path)s 2048 16 256
+coredump_dir %(cache_path)s
+
+# Everything is cacheable...
+minimum_object_size 0 KB
+# Except big ones!
+maximum_object_size 64096 KB
+
+cache_replacement_policy lru
+
+# Log
+access_log %(access_log_path)s
+cache_log %(cache_log_path)s
+pid_filename %(pid_filename_path)s