Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

include /etc/squid/conf.d/*.conf #8779

Merged
merged 3 commits into from
May 23, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
- add apache and squid tuning
6 changes: 6 additions & 0 deletions containers/proxy-helm/templates/config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,12 @@ data:
log_level: {{ .Values.log_level | default 1 }}
ca_crt: |
{{ .Values.ca_crt | indent 6 }}
squid_tuning: |
# Add your Squid tuning configuration here
{{ .Values.squid_tuning | indent 4 }}
apache_tuning: |
# Add your Apache tuning configuration here
{{ .Values.apache_tuning | indent 4 }}
---
apiVersion: v1
kind: Secret
Expand Down
12 changes: 12 additions & 0 deletions containers/proxy-helm/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ spec:
mountPath: /var/cache/rhn
- name: tftp-boot
mountPath: /srv/tftpboot
- name: config-volume
mountPath: /etc/apache2/conf.d/apache_tuning.conf
subPath: apache_tuning
readOnly: true
ports:
- containerPort: 80
- containerPort: 443
Expand All @@ -56,6 +60,10 @@ spec:
readOnly: true
- name: squid-cache
mountPath: /var/cache/squid
- name: config-volume
mountPath: /etc/squid/conf.d/squid_tuning.conf
subPath: squid_tuning
readOnly: true
ports:
- containerPort: 8088
- name: ssh
Expand Down Expand Up @@ -93,6 +101,10 @@ spec:
items:
- key: config.yaml
path: config.yaml
- key: squid_tuning
path: squid_tuning
- key: apache_tuning
path: apache_tuning
- name: httpd-secret-volume
secret:
secretName: proxy-secret
Expand Down
3 changes: 3 additions & 0 deletions containers/proxy-helm/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -61,3 +61,6 @@ services:
nodeport_saltb: 32506
nodeport_ssh: 30020
nodeport_tfpt: 30069

squid_tuning: ""
apache_tuning: ""
3 changes: 3 additions & 0 deletions containers/proxy-squid-image/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@ COPY squid.conf /etc/squid/squid.conf
RUN chown squid:squid /etc/squid/squid.conf
RUN mkdir -p /run/squid && chown squid:squid /run/squid

RUN mkdir -p /etc/squid/conf.d
COPY squid_example.conf /etc/squid/conf.d/squid_example.conf

# Ensure the cache is owned by squid user
RUN chown squid:squid /var/cache/squid
RUN chmod a+x /var/log
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
- include /etc/squid/conf.d/*.conf
7 changes: 7 additions & 0 deletions containers/proxy-squid-image/squid_example.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# Do not change this file in your environment, since
# it's not persisted and changes would be lost on restart.
# Custom squid configuration file can be added using
# --tuning-squid flag on mgrpxy install or mgrpxy upgrade.
# e.g.
# mgrpxy install [podman/kubernetes] --tuning-squid my_local_squid_configuration.conf config.tar.gz
# mgrpxy upgrade [podman/kubernetes] --tuning-squid my_local_squid_configuration.conf
1 change: 1 addition & 0 deletions containers/proxy-squid-image/uyuni-configure.py
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
file_content = re.sub(
r"access_log .*", "access_log stdio:/proc/self/fd/1 squid", file_content
)
file_content += "\n" + "include /etc/squid/conf.d/*" + "\n"
mbussolotto marked this conversation as resolved.
Show resolved Hide resolved
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we are always adding this line, why not to add it to the squid configuration directly?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It has sense, but I guess the same is valid also for access_log param, am I right ?
cc @cbosdo

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The access_log would mess up the non-container install, so it has to stay here until we completely remove this installation method for Uyuni.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right, so the same is valid also for this include. I'll keep the change here

# writing back the content
config_file.seek(0, 0)
config_file.write(file_content)
Expand Down