Add example usage

2016-03-26 21:38:21 +11:00 · 2016-03-26 21:38:21 +11:00 · b262d98827
parent 3a8b53db48
commit b262d98827
2 changed files with 19 additions and 51 deletions
--- a/51
+++ b/51
@ -1,51 +0,0 @@
-FROM debian:jessie
-
-RUN sed s:deb:deb-src: /etc/apt/sources.list >> /etc/apt/sources.list
-
-RUN apt-get update && apt-get build-dep -y squid3 && apt-get install -y wget tar xz-utils libssl-dev
-
-RUN mkdir /src \
-    && cd /src \
-    && wget http://www.squid-cache.org/Versions/v4/squid-4.0.7.tar.xz \
-    && tar -xvvf squid-4.0.7.tar.xz
-    
-RUN cd /src/squid-4.0.7 && \
-    ./configure \
-        --datadir=/usr/share/squid3 \
-		--sysconfdir=/etc/squid3 \
-		--mandir=/usr/share/man \
-		--enable-inline \
-		--enable-async-io=8 \
-		--enable-storeio="ufs,aufs,diskd,rock" \
-		--enable-removal-policies="lru,heap" \
-		--enable-delay-pools \
-		--enable-cache-digests \
-		--enable-underscores \
-		--enable-icap-client \
-		--enable-follow-x-forwarded-for \
-		--enable-auth-basic="DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB" \
-		--enable-auth-digest="file,LDAP" \
-		--enable-auth-negotiate="kerberos,wrapper" \
-		--enable-auth-ntlm="fake" \
-		--enable-external-acl-helpers="file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,unix_group,wbinfo_group" \
-		--enable-url-rewrite-helpers="fake" \
-		--enable-eui \
-		--enable-esi \
-		--enable-icmp \
-		--enable-zph-qos \
-		--with-openssl \
-		--enable-ssl \
-		--enable-ssl-crtd \ 
-		--disable-translation \
-		--with-swapdir=/var/spool/squid3 \
-		--with-logdir=/var/log/squid3 \
-		--with-pidfile=/var/run/squid3.pid \
-		--with-filedescriptors=65536 \
-		--with-large-files \
-		--with-default-user=proxy
-		
-ARG cores=1
-
-RUN cd /src/squid-4.0.7 && \
-    make -j$cores && \
-    make install
--- a/README.md
+++ b/README.md
@ -42,3 +42,22 @@ variables:
    Default memory cache size. I've no real clue what this should be, but RAM
    is plentiful so I like to keep it fairly large.
    
+# Example Usage
+The following command line will get you up and running quickly. It presumes
+you've generated a suitable CA certificate and are intending to use the proxy
+as a local MITM on your machine:
+```
+sudo mkdir -p /srv/squid/cache
+docker run -it -p 3128:127.0.0.1:3128 --rm \
+    -v /srv/squid/cache:/var/cache/squid4 \
+    -v /etc/ssl/certs:/etc/ssl/certs:ro \ 
+    -v /etc/ssl/private/local_mitm.pem:/local-mitm.pem:ro \
+    -v /etc/ssl/certs/local_mitm.pem:/local-mitm.crt:ro \
+    -e MITM_CERT=/local-mitm.crt \
+    -e MITM_KEY=/local-mitm.pem \
+    -e MITM_PROXY=yes \
+    squid
+```
+
+Note that it doesn't really matter where we mount the certificate - the image
+launch script makes a copy as root to avoid messing with permissions anyway.